elmau
/
iredmail-doc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
iredmail-doc/en_US/iredmail-easy/0-iredmail-easy.create.ad.a...

3.5 KiB
Raw Blame History

iRedMail Easy: Create AD account for iRedMail

[TOC]

Summary

With iRedMail (ad backend), we need two accounts, admin account with all privileges, low-privileged account with read-only privilege. In this tutorial, we will show you how to create account in AD, with strong and complex password.

  • low-privileged account vmail.
  • admin account vmailadmin.

This tutorial has been tested on:

  • Windows Server 2012

If it works for you on different Windows Server version, please let us know.

Create low-privileged account.

  • Click Start on bottom-left corner of your Windows OS, click Server Manager.

  • Click Tools on top-right corner, click Active Directory Domains and Trusts.

  • Right click your AD domain, here is iredmail.org, then click Manage.

  • At the new windows, right click Users --> New --> User.

  • Input vmail account info, click Next.

  • Input vmail account passowrd, and select Password never expires, click Next.

  • Click Finish to confirm.

  • Now account vmail has created, we will set read-only permission for vmail, right click your AD domian here is iredmail.org, and select Delegate Control....

  • Click Next.

  • Click Add.

  • Input read-only account vmail, and click Ok.

  • Click Next.

  • Select "Read all user information", click Next.

  • Click Finish to confirm.

  • Low-privileged account vmail created.

Create admin account.

  • Click Start on bottom-left corner of your Windows OS, click Server Manager.

  • Click Tools on top-right corner, click Active Directory Domains and Trusts.

  • Right click your AD domain, here is iredmail.org, then click Manage.

  • At the new windows, right click Users --> New --> User.

  • Input vmailadmin account info, click Next.

  • Input vmailadmin account passowrd, and select Password never expires, click Next.

  • Click Finish to confirm.

  • Now account vmailadmin has created, we will set read-only permission for vmail, right click your AD domian here is iredmail.org, and select Delegate Control....

  • Click Next.

  • Click Add.

  • Input admin account vmailadmin, and click Ok.

  • Click Next.

  • Select "Createdelete, and manage user accounts", "Reset user passowords and force password change at next logon", "Read all user information", click Next.

  • Click Finish to confirm.

  • Low-privileged account vmailadmin created.