Sv translation

language	en

Introduction

Users are individuals who connect to BlueMind. Users have access to BlueMind features depending on their profile.

Two types of users with the following profiles can be created:

user: access to the Mail, Calendar, Contacts and Settings applications.
admin: access to user applications plus the admin console.

Administration roles:

Functional domain administrator (usually called domain administrator). Domain administrators are users who have been given admin privileges. Several users can act as functional administrators on a single domain. They manage users, groups and users from the BlueMind admin console as well as domain configuration and shared items (mailboxes, calendars, address books).They can delegate permissions by creating other administrators.
Platform administrator (also called global administrator). There is only one global administrator on any one BlueMind install. The global administrator logs in with the username admin0@global.virt and is responsible for the technical aspects of the platform. The global administrator does not have a user account and only has access to the admin console. The global administrator is responsible for installing and configuring domains: server addresses, disk space, specific scheduled jobs, etc. and has access to the same administration functionalities as domain administrators.

Volet

On this page:

Sommaire

maxLevel	2

Creating a user

From the homepage or the "Directories" page, click "Create user" and complete the new user information in the dialog box that opens:

Remarque
The display name is generated automatically when the First and Last names are entered and cannot be edited.

Info
Only fields marked with an asterisk (Last Name, Login and Password) are mandatory.

Accounts can be created with or without an email address:

Without an email address, the "Mail" section is disabled and the "Mail" tab is unavailable.
When you click "Mail address", the Mail account is activated and a default, non-editable email address based on the login username is created automatically.
To add aliases, click at the end of the row.
If the install has several domain aliases, each email address can be registered on a specific domain or on all aliases.
BlueMind allows you to create as many aliases as you like on as many domains aliases as you like.

Quick create

The "Create" button (<Enter> key) quickly creates a user with the information entered in the dialog box and the following default settings:

server localization (time zone, format, etc.)
default storage server, with no disk space quota
no auto-reply or auto-forward
no contact details
the calendar can be shared with the option "can invite me to a meeting". This means that other domain users cannot view this user's calendar but are able to invite them to an event
the mailbox is not shared
archiving is disabled

These settings can be modified changed later via in the admin console.

Create and edit

The "Create and edit" button (<Ctrl+Enter> key combination) creates a user with the information entered in the dialog box and the default settings, and automatically redirects you to the user settings editor.

Editing and managing users

From the homepage or the "Directories" page, go to "Directory Browser" and select the user from the list.

The user's information is shown in tabs:

General

General user information

The "General" tab shows the main user information: account details, profile, group(s), password, time format settings...

It also allows you to set the user as the member or administrator of a root delegation.

Astuce

title	Group memberships

The link "Edit group membership" opens a popup window showing the groups users belong to and can be edited.

To delete a group, click the corresponding "x". To add a group, simply type the group's name in the text box and validate it when suggested by autocomplete.

Ancre
user-roles
user-roles
Roles: administration rights and access to features

Administration rights have been expanded and you can now set which rights are granted to a user or a domain administrator. You can therefore specifically authorize them to manage:

users
groups
domain address books
domain calendars
shared mailboxes
resources
the domain (maximum quota max, number of users)
...

Remarque

title	Delegation Delegating rights

Administrators are only able to delegate a right they have, except for accessing access to applications: e.g. even if they do not don't have a mail account or access to the Calendar application, for example, they can enable "Mail and Contacts" or "Calendar and Tasks" to for users they administrate.

Rights administration is organised in several are organized into the following sections:

Administration: used to delegate administration rights on entities
Cloud: used to give access to the linked attachment and attachment storage features
General: used to give access to applications (webmail, calendar, etc.) and other key features (personal mail filters, identities, mail transfer, etc.)
Mail: used to give access to mail-specific features

Info

title	Inherited rights

The rights granted can only be added to the rights inherited from a group: the rights assigned to a group the user belongs to cannot be unchecked in the user's formpage.

Applications can therefore appear as unchecked but be accessible to a user regardless: the user belongs to a group for which the application is enabled. Make sure you check the groups the user may belong to (see above).

This is also what enables a newly-created user to have access to basic applications: : when users are created, they belong to the "user" group which, by default, on a classic blank install, has access rights to the "Calendar and Tasks" and "Mail and Contacts" applications.

For more details on roles, please go to the dedicated page Les roles : droits d acces et d administration as well as the page about L'administration déléguée. Delegated Administration

User information

The "User InformationsInformation" tab allows administrators is used to complete user contact details.

Administrators can enter information such as telephone numbers, postal addresses or assign pictures that will be used throughout the application (e.g. in Contacts or the dialler).

User contact information belongs to the internal BlueMind directory and can be seen by all users. Only administrators are allowed to edit this information. Users themselves are unable to access this form page or edit it.

Remarque
The role "Managing Change own information" role now allows users to manage their own information details. Currently, changes can only be made via by script with users' API key scriptkeys. A management interface in settings will be available soon in settings.

Mail settings

The "Mail settings" tab gives you access to mail-related settings:

Email addresses

Storage server: server that handles this user

Disk space quota: maximum storage space for a user's mailbox.
The quota used is now visible with the dedicated progress bar visible above

Info

About space quotas

When disk space quota is enabled, the disk usage percentage is displayed permanently in Mail at the bottom of the left-hand pane and hovering with the mouse shows usage details:

Disk space quota usage is color-coded – orange = 75% used, dark red = 85% used, and red 100% used:

When a quota is reached, incoming emails are blocked. These messages can be kept on the server for a few days.
This may also cause disruptions to send - and possibly delete - operations as the system needs to perform copies in a temporary and/or trash folder.

Remarque

title	Space quotas and deletion

To delete messages when the disk quota has been reached, use the delete permanently function (without sending them to the trash) by pressing <SHIFT+Del>.

When a space quota has been reached, you can increase it manually and decrease it back to its original size at any time.

Main email address andalias: users can have as many email aliases as desired, on any or all domain users available.
The email address created when a user is created cannot be edited or deleted.

My identities

Identities allow users to write messages as an alias or a shared mailbox or to set up different signatures.

To find out more, go to the user's guide page: Identities

Mailbox sharing

The sharing section allows you to make a user's mailbox public (shared with all directory members) or customize its sharing options (share mailbox with specific users or groups only).

By default, when a user is created, sharing is disabled.

A mailbox's sharing rights can be set:

by administrators through the UI described here
by users, through settings: Settings icon > Mail section > Sharing.

To find out more about sharing and privileges, go to the user's guide page: Mail preferences | §5 - Sharing

Forwarding emails

Since BlueMind 3.0.31, you can set up several addresses for email messages to be forwarded to.

Astuce
Autocomplete looks for addresses in all user address books (directory, personal address books, etc.).

You can also add external addresses manually. These will not be added to collected addresses when messages are forwarded.

Vacation

This section allows you to enable or disable a user's vacation responder.

To find out more about configuration and sending rules, go to the user's guide page: Mail preferences | §1 - General preferences

My filters

Filters allow you to apply sorting rules and actions to be performed automatically on a user's incoming messages.

To find out more about configuration and sending rules, go to the user's guide page: Message filters

Archiving

When archiving is enabled for the domain, it applies to all domain users. You can however customize archiving rules by group or by user, or enable individual archiving if no global domain policy has been set.

By default, domain settings are applied and can be seen in the user's section:

The Archive tab allows you to:

enable individual archiving if no global domain archiving policy has been set.
Remarque
The opposite is not possible: archiving cannot be disabled for a user if it enabled for a domain or a group the user belongs to.
customize the number of days after which messages are archived. All older messages will be archived.
customize the disk space quota allocated to this user.
Remarque
The quota cannot exceed the maximum domain quota: if you enter a number that exceeds it, it will be taken down to the maximum quota when you save.
check or uncheck the folders you want to exclude as needed
click "Save" to apply the changes.

The "Reset archive policy" box allows you to reset the user's default values: either those of the group it belongs to, or the domain's if no specific settings have been set for the group:

check the box, the form is grayed out
click "Save"
the information is saved, the form is enabled again and it contains the data set for the hierarchy level above it (group or domain)

Info
The MiB (Mebibyte) is a multiple of a byte, not to be confused with the MB (megabyte): it is equal to 1024 kebibytes, which itself is equal to 1024 bytes. Therefore, 9 MiB equals 9.43718 MB.

Address Books

This tab allows you to manage user subscriptions to the address books available to them (personal address books or address books shared with them) as well as manage how their address books are shared with other users or groups.

Administrators are not, however, able to create address books for users.

To find out more, go to the user's guide page: Contact preferences and Managing Shares

Calendar sharing

The "Calendar settings" tab contains all user-specific parameters (working hours and days, items displayed, etc.) as well as sharing options and subscriptions (users or domains) for calendars shared with them:

Info

As for address books, administrators Administrators cannot create additional calendars for users but they can manage how they are shared both for domain users and individuals outside BlueMind:

Todolists

This tab allows you is used to manage user to-do lists and user users' subscriptions to lists shared with them:

To find out more, go to the user's guide pages on: to-do lists and Managing shares

Maintenance

This tab gives administrators you access to maintenance features and user preferences:

As the user

The link in this section is available to the superuser "admin0" who is able to ascess a user's BlueMind, i.e. to connect to BlueMind in their name without being given their password.

Changing a user's password

Administrators can edit/reset a user's BlueMind log in password without knowing their old password.

Mailbox indexing

This section allows you to run indexing operations for a user's mailbox:

Mobile devices

This section allows you to reset mobile device synchronization and remove it from the list.

Removing a smartphone from the list blocks this device's synchronization on BlueMind - when unknown devices are not authorized by default. The "Authorize unknown devices" option is connected to a BlueMind instance. It can be modified by admin0, in the Central administration section > System Management > EAS server.

Deleting users

Suspend

Users can be suspended. This allows you to block access to a user without deleting the data associated with them. As a result, users can be reactivated later and their account returns to its previous state.

To suspend a user:

Go to Directories > Directory Browser and select the user.
in the first tab ("General") check the "Suspended" box on the right hand side of the page and click "Save to apply changes".

Delete

To delete one or several users completely and permanently, go to the page Directories > Directory Browser.

In the list of users, check the box at the beginning of the row for the user(s) you want to delete and click "Delete". You are then prompted to confirm deletion. Once you confirm, the user(s) and all their data will be deleted permanently.

Avertissement

title	Restoring a user

BlueMind allows you to restore a user by retrieving an earlier backup. Please refer to the "restore a backup" feature, which enables you to restore all or part of a user's data. Changes made to data since the last backup cannot be recovered.

Password security

To make user passwords more secure, you can install the "Password SizeStrength" plugin which lets you set strict password rules.

Installing the plugin

As root:

Bloc de code
aptitude install bm-plugin-core-password-sizestrength

To complete installation, you must restart BlueMind:

Bloc de code
bmctl restart

Configuration

Once the plugin is installed, it can be configured via file /etc/bm/password.ini, whose default installation values are:

Bloc de code
length=10 capital=1 digit=1 lower=1 special=1

length: the minimum number of characters the password must contain
capital: the minimum number of capital letters the password must contain
digit: the minimum number of digits the password must contain
lower: the minimum number of lowercase letters the password must contain
special: the minimum number of special characters the password must contain. Special characters are:
Bloc de code
!"#$%&'()*+,-./:;<=>?@[\]^_`{|}~

Remarque
These rules do not apply to administrators (global administrator admin0 or domain administrators) whose choice of password continues to be free.

If a user fails to comply with these rules when they attempt to modify their password, an alert will be displayed at the top of their page:

Arborescence des pages

Comparaison des versions

Ancienne version 65

Nouvelle version 66

Légende

Introduction

Creating a user

Quick create

Create and edit

Editing and managing users