Managing Accounts

Note

Accounts can be managed via the API as well.

Adding an Account

Accounts can be added by either importing them using a YAML file, via the API or by adding them using the Add Account form.

To add an Account by import refer to Importing Accounts. To add a Account using the Add Account form:

  1. Mouse over or Click Accounts
  2. Click Add Account
  3. Enter the Account details
  4. Click the Create Account button

Updating an Account

  1. Click Accounts
  2. Select the account > Click Edit under actions
  3. Update the details you want to change
  4. Click the Update account button

Deleting an Account

  1. Click Accounts
  2. Select the Account > Click the Account name
  3. Click Delete account
  4. Click the Delete Account button

Exporting Accounts

Accounts can be exported to YAML, To export accounts.

  1. Click Accounts
  2. Click Export Accounts
  3. Click Download the yaml file
  4. Save the YAML file to your computer

Search for Accounts

If you have a large number of accounts you can search for an account or accounts by name.

  1. Click Accounts
  2. Enter the Accounts name in the search box
  3. Click the Search Button

Add alias address

Alias addresses enable a user to view emails addressed to other addresses that belong to them apart from their primary email address.

Address tags are supported. The + and - separators are supported. It is possible to add addresses such as username-*@domain.com and username+*@domain.com. That will match username-work@domain.com and username+work@domain.com.

To add an Alias address.

  1. Click Accounts
  2. Select the Account > Click the Username
  3. Click then Add alias address menu option
  4. Enter Email Address
  5. Check the Enabled checkbox
  6. Click the Create button

Update alias address

  1. Click Accounts
  2. Select the Account > Click the Username
  3. Find the alias address under Alias Addresses
  4. Click the Edit icon
  5. Update the Email Address
  6. Check or uncheck the Enabled checkbox
  7. Click the Update button

Delete alias address

  1. Click Accounts
  2. Select the Account > Click the Username
  3. Find the alias address under Alias Addresses
  4. Click the Delete icon
  5. Click the Delete button

Add account signatures

Baruwa can manage email signatures / disclaimers that are added to messages that are sent outbound through it. Both HTML and Text signatures are supported. HTML signatures support a single embedded image.

Account specific signatures/disclaimers can be setup.

  1. Click Accounts
  2. Select the Account > Click the Username
  3. Click Add signature
  4. Select Signature type from the drop down
  5. Enter signature content
  6. Ensure the Enabled checkbox is checked
  7. Click the Add signature button

Assign User Delivery Servers

Baruwa supports delivering of clean mail on a user specific basis. This means that email for some users in a domain can be delivered to a server different from the default delivery server.

To deliver a users mail to a specific server different from the default servers, you need to add User Delivery Servers to the users domain. The servers are then available for assignment to users.

To assign User Delivery Servers to a user:

  1. Click Accounts
  2. Select the Account > Click the Username
  3. Click Assign User Delivery Servers
  4. Select the User Delivery Servers
  5. Click the Assign button

Two Factor Authentication

TOTP based Two Factor Authentication is supported. Any device or App that can generate TOTP tokens as well as scan QRcodes can be used. We recommend FreeOTP which is open source and developed by Redhat and available for Andriod and IOS.

Mandatory Two Factor Authentication

It is possible to require/enforce mandatory Two Factor Authentication on user accounts. This allows adminstrative users to require two factor auth on user accounts.

The system administrator can set the require two factor authentication option on any account, while domain administrators can only set the option on normal user accounts within the domains they manage.

When the require two factor authentication option is set on an account the user will not be able to access the system until they successfully enroll a TOTP app.

Domain administrators are not able to disable this option on their own accounts if set by the administrator. Normal users are also not able to disable this option when set by their domain administrator.

Require mandatory Two Factor Authentication

To enable the require two factor authentication option on an account:

  1. Click Accounts
  2. Select the account > Click Edit under actions
  3. Check the Require Two/Multi Factor Authentication option
  4. Click the Update account button

Disable mandatory Two Factor Authentication

To disable the require two factor authentication option on an account:

  1. Click Accounts
  2. Select the account > Click Edit under actions
  3. Uncheck the Require Two/Multi Factor Authentication option
  4. Click the Update account button

Enable Admin User Two Factor Authentication

This section describes enabling Two Factor Authentication for your account as an admin user. Normal users should follow the process at Enable User Account Two Factor Authentication

To enable Two Factor Authentication for your admin account:

  1. Click your Account page by clicking your username at the top of the screen.
  2. Click Enable Two Factor Authentication
  3. Download a TOTP app to your device then, Check the Confirm you have a Two/Multi Factor Authentication app checkbox to confirm.
  4. Click the Confirm button
  5. Click the Show QRCode button
  6. Scan the QRCode on your device app
  7. Use the device to obtain an OTP and enter that in the One Time Password (OTP) field
  8. Click the Submit button
  9. If the supplied One Time Password (OTP) is correct Two Factor Authentication will be enabled on the account
  10. The next time you login, the One Time Password (OTP) will be requested

Disable Two Factor Authentication

Disabling of Two Factor Authentication can only be performed by adminstrative users.

To disable Two Factor Authentication for a user:

  1. Click Accounts
  2. Select the Account > Click the Username
  3. Click Reset Two Factor Authentication
  4. Check the Reset OTP Secret checkbox
  5. Click the Submit button

Reset Two Factor Authentication

If the device used to generate TOTP tokens is lost or destroyed, the TOTP secret can be reset. This allows the user to enroll a new device. Resetting the TOTP secret can only be performed by adminstrative users.

To reset Two Factor Authentication for a user:

  1. Click Accounts
  2. Select the Account > Click the Username
  3. Click Reset Two Factor Authentication
  4. Check the Reset OTP Secret checkbox
  5. Click the Submit button

Changing an Account password

Domain administrator and normal user account passwords can be changed using the web interface, administrator accounts can only be changed using the command line.

To change an account password:

  1. Click Accounts
  2. Select the Account > Click the Username
  3. Click Change password
  4. Enter the password in the New Password field
  5. Reenter the password in the Retype Password field
  6. Click the Change password button

Bulk account management

To enable, disable or delete multiple accounts:

  1. Click Accounts
  2. Use the checkbox to select the accounts
  3. Select enable or disable or delete at the top
  4. Click the Submit button