hMailServer’s email account can be linked with active directory user or local user created on the machine where hMailServer is installed (even in WORKGROUP environment). By using this feature the authentication task can be handed over to active directory. The main benefit is that no passwords are stored in hMailServer database. User must supply his active directory password for the active directory user name when logging into POP3/SMTP account.
Linking hMailServer email account with Active Directory user
- Edit the email account which you want to link with active directory
- Login to hMailServer Administrator
- Expand Domains
- Expand the domain name under which the email account is, then expand Accounts
- Click on the email account which you want to edit.
- Click on Active Directory tab.
- Active Directory account : Select to enable active directory authentication for this email account.
- Domain : Enter Domain name of active directory. If you have WORKGROUP environment then you can enter workgroup name here.
- User name : Enter the active directory user name or local user account (in case of WORKGROUP environment) that will be used to validate this account with active directory. Password will be supplied by email client.
hMailServer Active Directory Authentication Process Explained
- Email client initiates Send/Receive task. Email client must provide it’s username and password. In this case username will be hMailServer email account and password will be of the active directory user to which hMailServer email account is linked to. In below example firstname.lastname@example.org is linked to active directory user email@example.com. In email client the username must be firstname.lastname@example.org, but the password must be that of email@example.com.
- hMailServer will connect to the active directory server and will ask it to validate firstname.lastname@example.org and password supplied by the email client.
- If active directory validates the credentials then email client will be allowed for further communication otherwise access will be denied.