This sub-menu is called up from Users.
Sections on this page:
Parameters |
Description |
||||
|---|---|---|---|---|---|
Displays the unique "User ID" of the respective user. For automatically created users, this always corresponds to the email address. The "User ID" cannot be changed for existing users as it is the user's unique identification characteristic.
|
|||||
Displays the name of the respective user. For automatically created users, this corresponds to the display name of the sender from the From header, if available. Otherwise, the email address is also used here.
|
|||||
Displays the email address of the user. This cannot be changed for existing users as it is the user's unique identification characteristic. |
|||||
Optionally, a password can be assigned to a user here. The password must meet the password rules (see submenu ).
|
|||||
|
(new in 13.0.16) |
If the user is in a group that requires MFA / 2-factor authorization (see Advanced Settings), this can be switched off here by checking Disable MFA requirement .
Clicking the Reset MFA Initialization button means that the user can perform the next login without an MFA token and then must go through the MFA initialisation process again. |
||||
During MFA initialisation: Scan the QR code with your favourite authenticator app. |
|||||
During MFA initialisation: Enter the confirmation code from the Authenticator app to complete the MFA setup. |
|||||
|
(new in 14.0.0) |
Here the LFT use for this user in the GINA domain can be specified. If not specified, the default values are inherited. |
||||
|
|
Allows specifying a user LFT quota. |
|||
|
Allows specifying if the user may use LFT. Possible values are "true", "false" and "reset to default values". |
||||
Specifies the permissions for cryptographic actions of the respective user.
|
|||||
|
By default, this option is inactive. Prohibits the user from encrypting emails. However, if "Encrypt" is requested due to the ruleset settings - irrespective of whether this is done automatically or via a trigger (see also Mail Processing Ruleset generator Encryption Outgoing e-mails and/or ), the email is bounced. |
Activating both options sets the user to inactive which releases the Signature And Encryption license. |
|||
By default, this option is inactive. Prohibits the user from signing emails. However, if "Signing" is requested due to the ruleset settings - irrespective of whether this is done automatically or via a trigger (see also Mail Processing Ruleset generator Signing Outgoing e-mails and/or ), the email is bounced. |
|||||
This field has the same syntax as the MPKI settings of the selected CA, if applicable. If an optional entry differs from the MPKI settings, the entry in the MPKI settings will be overwritten by it when generating a certificate.
|
|||||
Individual settings for issuing the GINA read confirmations. |
|||||
|
Send a notification when recipient reads GINA mail:
|
||||
Default setting. In the update, the setting from GINA Domains Domains Extended settings Sender receives notification when recipient reads GINA mails) is used. |
|||||
Enforces issuing a read confirmation for every GINA email. |
|||||
Suppresses the issue of a read confirmation for GINA emails. |
|||||
If an account is explicitly locked via this menu, this lock is to be removed manually again, if applicable. Automatic locks are removed via setting (). |
|||||
|
Shows whether the user is locked (for example, after multiple incorrect entries of the password) or whether the administrator can lock the user by activating the button.
|
||||
Shows whether the user is active or whether the administrator can return the user to the active status by activating the button "Active". |
|||||
|
(new in 12.1) |
Shows information on how a user was created. |
||||
|
Shows by whom the user was created. |
||||
Shows which process created the user.
|
|||||
Shows the time the user was created |
|||||
Displays the user's usage statistics. |
|||||
Time of the last outgoing email |
|||||
Number of emails sent that were encrypted using S/MIME technology. |
|||||
Number of emails received that were encrypted using S/MIME technology |
|||||
Number of emails sent that were encrypted using OpenPGP technology. |
|||||
Number of emails received that were encrypted using OpenPGP technology. |
|||||
Number of emails sent that were domain-encrypted using S/MIME technology. |
|||||
Number of emails received that were domain-encrypted using S/MIME technology. |
|||||
Number of emails sent that were domain-encrypted using OpenPGP technology. |
|||||
Number of emails received that were domain-encrypted using OpenPGP technology. |
|||||
Number of emails sent that were signed by means of the S/MIME technology |
|||||
Number of emails received that were signed using S/MIME technology. |
|||||
Number of emails that were encrypted using the GINA technology |
|||||
In this section, the group memberships of the user are displayed (see also Groups).
(new in 13.0.0)
See Mail Processing .
Active |
Name |
Value |
Type |
|---|---|---|---|
Displays whether the "Extended Field" is in status "Active" or "Inactive" and therefore ready to use or not. |
Displays the name of the respective "Extended Fields" as set up under Mail Processing Extended Fields Name. |
Displays the value of the respective "Extended Fields". If this corresponds to the one under Mail Processing Extended Fields Default value, then behind the entry field default value is displayed, otherwise domain specific value |
Displays the Type of the respective "Extended Fields" as entered under Mail Processing Extended Fields. |
Serial |
Certificate authority |
Issued on |
Expires on |
|---|---|---|---|
Displays the serial numbers of the certificates. |
Displays the issuing certification authority |
Date of issue of the key YYYY-MM-DD |
Expiration date of the key YYYY-MM-DD |
By clicking on the Serial number, the submenu is opened. This provides the option to download the public key (certificate) or to revoke or delete the key pair.
Click the Import S/MIME key and certificate... to import an already existing certificate, for example a purchased certificate of a trusted CA (see Mail System S/MIME domain encryption ).
By clicking the Generate S/MIME key and certificate... button, a new key pair is generated on the appliance by the integrated certification authority.
If a MPKI has been set up and the Managed domain to which the user belongs has been admitted for obtaining certificates (see MPKI Connectors MPKI managed domains), the button Generate key and <MPKI> certificate... appears in accordance with the corresponding available certification authority. Clicking this button generates a key pair. The public key is signed by the MPKI and is thus available as a trusted certificate.
If this option is activated, possibly expiring user certificates are automatically renewed as soon as their remaining validity period falls below the specified number of days.
|
If no MPKI is used and the certificates and keys are managed manually, it must be ensured that new certificates are always issued on the basis of a new private key. If the old private key is used, the existing, possibly expired certificates may be overwritten during import. Incoming mails encrypted with this old key can then no longer be decrypted. |
|
The validity period of the certificate with the longest validity can be found in the file user-stats.csv which comes with the Daily Report (see also Groups statisticsadmin). This is particularly helpful if no MPKI has been set up for the automatic renewal of certificates. |
In this section, the OpenPGP keys of the user are displayed, if available.
Key ID |
Subkey ID(s) (new in 12.1) |
User ID |
Issued on |
Expires on |
|---|---|---|---|---|
Displays the key IDs of the existing OpenPGP keys. |
Displays the key IDs of all existing subkeys. |
Displays the user ID associated with the key ID. This corresponds to the email address of the user. |
Date of issue of the key YYYY-MM-DD |
Expiration date of the key YYYY-MM-DD |
By clicking on the Key ID, a submenu with details on the key will be opened. This offers the option of downloading the public key and/or deleting the key pair.
By clicking the Import OpenPGP key pairs button an already existing key pair can be imported (see submenu Mail System OpenPGP Domain Encryption ).
Clicking the Generate new OpenPGP key pair... button offers the possibility to generate a new key pair on the appliance. The validity period as well as the automatic update of the generated key correspond to the value entered under CA Settings Validity in days.
By clicking on the Key ID, a submenu with details on the key will be opened. This offers the option of downloading the public key and/or deleting the key pair.
If under Mail System Managed Domains, the option Fetch e-mail from remote POP3 server has been selected, the POP3 and/or IMAP access data for the corresponding user can be entered here. The SEPPmail Secure E-Mail Gateway will pull emails according to the set time interval (see above). Here, IMAPS and/or STLS (POP3S) is preferred.
Parameters |
Description |
|
|---|---|---|
Input of the user ID for logging into the POP3/IMAP account and/or for SMTP-Auth. As a rule, the user ID corresponds to the email address. |
||
Password belonging to the user ID. |
||
POP3 or IMAP server from which emails are to be retrieved. |
||
|
By default, this option is inactive. If SSL is to be used instead of STARTTLS for establishing a secure connection (IMAPS/STLS), this option is to be activated. |
|
This section only appears for client-capable systems (see menu item Customer).
It enables the user to be assigned to a client.
|
The assignment of users to the respective clients is normally done automatically on the basis of the domain part of the email address. Therefore, manual changes should normally not be performed. |
All changes made are saved via the Save changes button.
A user can be deleted with Delete user.
