Server error 403 roadsync

server error 403 roadsync

Specify the correct server in ActiveSync options. Verify that the object exists, and then try again. If this error occurs again. Activesync security policies are industry standards for Exchange servers and mobile devices. Completely disabling Mobile Security is not working either. Spam is often sent by special applications that connect to SMTP servers and ignore its error reports. If this option is enabled, Kerio Connect will close. server error 403 roadsync

Server error 403 roadsync - sorry, not


RoadSync for Android User Manual 10/12/

Secure, Wireless and Direct Push Synchronization with Microsoft Exchange.

Table of Contents General Product Information 3 What is RoadSync®? 3 System Requirements 3 Advantages for Mobile Workers & IT Administrators 4 Installation and Getting Started Guide 5 Registering & Activating Your Trial 5 Installing RoadSync 5 First-Use Wizard & Initial Setup: 5 Detailed Functionality 8 RoadSync Application 8 E-mail 8 Attachments 8 Subfolders 9 Calendar 10 Contacts 11 Synchronization 12 Settings 12 Menu Options 14 Widgets 15 Notifications 15 IT Policies (FroYo only) 16 RoadSync Exchange , & 18 Administrator’s Guide 18 Network Configurations 18 Enabling Mobile Access for Exchange Server 19 Remote Wipe for Exchange SP2 20 Remote Wipe for Exchange 20 Help 23 Frequently Asked Questions 23 Troubleshooting Tips 25 Error messages and fixes 26 About DataViz, Inc 27 Further Information and Support 27

Copyright © DataViz, Inc.

Page 2 of 27

General Product Information What is RoadSync®? Using Microsoft® Exchange ActiveSync®, RoadSync provides secure, wireless and direct push synchronization of corporate e-mail, calendar, contacts & attachments - all in one affordable, scalable and easy to manage package. In addition to significantly enhancing end-user productivity, RoadSync simultaneously lowers IT costs by providing an easy to implement mobility strategy which eliminates the need for middleware servers and subscription fees. With RoadSync, you can now delete spam, reply to urgent messages, accept meeting requests, update contacts and tasks and conveniently access your critical data anytime, anywhere! Better yet, all changes made on the mobile handset will automatically sync with the Microsoft® Exchange Server and be up-to-date when you open Microsoft® Office Outlook® on your desktop. As the first independent software vendor to license the Exchange ActiveSync protocol, DataViz is committed to extending this technology to reach the world’s most popular smartphones and mobile handsets. Install a free trial today at

Why Choose RoadSync? • Direct Connection to Exchange Server , & • No Middleware Server • No Service or Subscription Fees • No Desktop Sync Software or Cradle

System Requirements Device Requirements

• Supported Android mobile device • Wireless data plan through mobile operator • Exchange user name, password, and server information Office Environment Requirements • Exchange Server , or • Mobile access enabled (on by default) ***An up-to-date complete list of supported devices is available online at ***Your Exchange Server user name and server settings are typically the same as the ones you use to log-on to your computer, use for Outlook Web Access (OWA) or on a Windows Mobile device. If you do not know these, please ask your IT administrator.

Copyright © DataViz, Inc.

Page 3 of 27

Advantages for Mobile Workers & IT Administrators Lowest Total Cost of Ownership on the Market A one-time software licensing purchase of RoadSync provides a mobile Exchange ActiveSync client that directly communicates with Exchange Server , & , thus eliminating the need for a middleware server, a desktop redirector or typical set up and service fees commonly associated with today’s alternatives. Not only does RoadSync help to enable new devices, but it offers a standardized way to extend and maximize existing device and Exchange Server investments. Simple Installation & Deployment With over-the-air distribution, end-users and IT departments can install RoadSync without any desktop interaction by entering a few settings on the mobile handset. For IT administrators, there is no additional software to install on the server and enabling mobile access is simply a matter of checking a few boxes on the Exchange Server. For corporate wide deployments, a Mass Configuration Tool is available to configure multiple handsets simultaneously. Secure Transmission of Sensitive Data RoadSync supports industry-standard SSL (Secure Socket Layer) connections over port , so all sensitive data will be kept safe when transmitted over-the-air using the same level of encryption trusted for online banking. In addition, IT managers can enforce device passwords and wipe all Exchange data from the mobile handset in the event it is lost or stolen. Works with the World’s Most Popular Mobile Devices With support for today’s most popular mobile device platforms and hundreds of devices, RoadSync provides a choice when it comes to hardware as well as the flexibility to mobilize employees who may already own a personal device. Storing data locally in the phone’s built-in applications helps to increase online and offline productivity while maintaining a familiar user experience with a low learning curve. Support for the Latest Exchange Server Enhancements As Microsoft continues to improve the built-in mobile functionality of the Exchange Server, the RoadSync client is also optimized to take advantage of these new enhancements. With the introduction of Exchange SP2, key features like Direct Push and Remote Wipe were introduced, while Exchange is now adding options like HTML email, and e-mail flags. Our latest update includes support for Exchange ensuring compatibility across multiple Exchange servers.

Copyright © DataViz, Inc.

Page 4 of 27

Installation and Getting Started Guide Registering & Activating Your Trial RoadSync when downloaded from the Android Market will install as a day fully functional trial which can be activated permanently at any time. To do so, please visit After purchasing the software, you will be provided with a Key to install. After having done this, RoadSync should be activated and ready to use. If RoadSync came bundled with your device or if your obtained a registration number and activation key through one of our worldwide resellers, please register with DataViz at to take advantage of product update notifications, special offers on other DataViz and partner products, access to support resources and more

Installing RoadSync RoadSync for Android is available exclusively from the Android Market. To install RoadSync, simply follow the steps below to download the application on your Android device:

Step 1.

Step 2.

Step 3.

Step 4.

Launch the Market app on your Android phone.

Select the Search menu.

Search for "RoadSync".

Try the free Demo, or purchase the Full Version.

First-Use Wizard & Initial Setup: 1. Locate the RoadSync application typically located in the “Installations,” “Applications” or “My Own” folder. Click on the RoadSync application icon (displayed on the right) and complete the first-use wizard and setup. Click Next. 2. You will see an option to view new features, if you’d like to review Copyright © DataViz, Inc.

Page 5 of 27

3. 4. 5.


them select yes, if not, select no and continue to the next screen. An explanation of what phone features RoadSync utilizes is displayed. Click Next. The License Agreement will appear. Please Accept to continue. You will be prompted to register the software, enter in the requested information and continue to the next step. a) Auto-Discovery (requires Exchange or higher, pictured right): You have the option of entering just your email address and password, and having RoadSync detect the rest of the settings automatically. b) Choose Manual Settings (pictured to the left) to skip over this and enter setting manually. Enter the following information: (Please consult your IT staff if you are uncertain about the settings below) User name - This is the user name you use to connect to your Exchange account. It is typically the same as your Windows login user name. Password - This is the password you use to connect to your Exchange account. It is typically the same as your Windows login password. Server Name - This is the publicly accessible server name (this name should not include http:// or /, but be in the form of Domain - This is the domain you belong to in your corporate network. SSL is enabled by default. To disable this feature, uncheck the box.

7. Once your settings are entered click Verify Settings to ensure that you can successfully connect to the Exchange Server. 8. You will be asked to connect to the network. Click OK. 9. You will then be prompted to select an Access Point to establish an appropriate network connection. Click Select. ***If you receive an error when trying to verify your settings or establish a network connection please check the following: • Verify your settings with your IT staff. • Your password may be case sensitive. • A data connection is available and you can access the internet on your phone. • The appropriate SSL certificate is installed on the device and trusted. For additional steps, please review the Troubleshooting Tips at the end of this manual

Copyright © DataViz, Inc.

Page 6 of 27

You can now adjust your synchronization settings or you can select “Back” and complete your first synchronization. If you would like further information about adjusting the default synchronization settings, please see the “Settings” section further in this manual. After adjusting your synchronization settings or to continue, select the button, and begin your first sync. An icon will appear in your notification bar as RoadSync connects to the server, checks for new data, downloads new data, and updates the data on your wireless device. When the sync is complete, the RoadSync icon in the notification bar will stop spinning and you can access all your synchronized data.

Copyright © DataViz, Inc.

Page 7 of 27

Detailed Functionality RoadSync Application The RoadSync settings application (pictured below to the left) is the ‘brains’ or engine that powers the wireless synchronization of your e-mail, calendar, contacts and attachments. All of your synchronization settings, preferences, status information and options are contained within the main application. • Access the E-mail, Calendar, Contacts and Tasks applications • Configure application with user name, password and server information • Enable Direct Push (requires Exchange Server SP2 or higher) • Set scheduled sync intervals or manually initiate a sync • Control Peak, Off-Peak and Roaming options • Define e-mail settings, date ranges, message sizes and signatures • Define calendar date range settings • Connect securely via SSL (over port ) • Assign and reset access points for GPRS or WLAN data connections • Access advanced logging tools and info for troubleshooting

E-mail A RoadSync mailbox application will be created on your device. Features include: • Home screen mailbox widget for easy access • Read, reply, reply to all, smart-reply, forward, smart-forward, create and delete messages • Accept & decline meeting requests • Mark messages for follow-up action with e-mail flags • Cut, copy, paste, select all and undo • View and set e-mail priority (high, normal, low) • Automatically assign signatures to outgoing messages • Quickly download the remainder of large messages


Copyright © DataViz, Inc.

Page 8 of 27

RoadSync supports the ability to download and use native attachments on-demand utilizing programs on the device to open, edit and view the respective file types, such as DataViz’s Documents To Go • View attachment type and size before download • Download attachment over GPRS or WLAN connection • Save attachments to the phone’s internal or expansion card memory • Insert and send new and updated attachments • Download only selected file or download all at once • Save your attached e-mail messages • Delete attachments locally to free up space while keeping the message in the inbox

Subfolders RoadSync supports the ability to synchronize subfolders from your Exchange mailbox. By default, the Inbox is set to synchronize (and cannot be disabled). Folders that are disabled are denoted by a greyed-out sync icon. Folders that are currently enabled for synchronization are bright and contain an orange outline. Tapping on a greyed-out sync icon will enable that folder for synchronization. Folders that are expandable and contain children will have a plus symbol (+) embedded in the folder icon. If you tap on the folder with the plus symbol, the folder structure will expand and display said folder’s children. Conversely, folders that are collapsible (as displayed in the screenshot) will have a minus symbol (-) embedded in the folder icon. If you tap on the folder, the folder structure will collapse and hide the folder’s children. The number in brackets on the right (for example [7]) alerts the user as to the number of unread messages in that folder. The asterisk symbol located at the top right corner of a folder indicates that a new message has been delivered to that folder which the user has not yet seen. To access the subfolders dialog, tap on the “Inbox” button at the top of the RoadSync Mail application.

Copyright © DataViz, Inc.

Page 9 of 27

There are also several ways to move messages between one folder to another folder. Moving messages on the phone will move the messages on the server during the next synchronization. To move a message from the Message List, you can mark the radio button(s) (as shown above), then choose the bottom-leftmost icon in the toolbar to bring up a move dialog. Note: You can move a message to a folder that you do not have set to synchronize on the handheld; the move will still take place on the server after the next successful synchronization. You can also move several marked messages at once. You can also move messages while viewing a message. While viewing a message, if you press the menu button, a Move option will appear in the toolbar at the bottom of the screen. Lastly, you can move a message by using the Contextual Menu option. If you tap and hold on a message in the email message list, a Move option appears, allowing you to move the selected message to a subfolder.

Calendar RoadSync will synchronize your calendar data stored on the Exchange Server with the RoadSync Calendar application. Basic ‘month’ view including available menu options can be seen in the screenshot to the right . Features include: • Home screen calendar widget for easy access • Multiple calendar viewing options and zoom levels • Synchronize, update and create new calendar appointments and events • Accept and decline meeting requests (through the RoadSync messaging application) • View and set description, location, date, time and meeting notes • Set alarms, flags and recurrences • Set a date range for syncing calendar items (through the RoadSync settings application)

Copyright © DataViz, Inc.

Page 10 of 27

Contacts RoadSync will synchronize your Contact data stored on the Exchange Server with the phone’s built-in Contact application; therefore, the features and functionality are mostly provided by the device. An “Exchange Contacts” group will be created. Here are some features: • Multiple contact viewing, search and look-up options • Synchronize, update and add new contacts and notes • Support for multiple e-mail addresses • Support for multiple home, business and mobile phone & fax numbers and addresses • Support for speed dial and caller-id • Integrates with Google Maps ***When EDITING or CREATING an Exchange contact on the device, be sure to choose the “RoadSync contact” option rather than the plain “contact” option (pictured to the right). This is important. Exchange contacts that have not been created with the “Create contact” option will NOT sync back to the server. Likewise changes made to contacts via the “Edit contact” option will not sync back to the server.

Tasks The Tasks component of RoadSync allows you to quickly jot down your important action items and cross them off as you go using the Tasks application and widget. Sync your task data originally created on your desktop to this handy new component. Features include: • Filter your tasks priority, past due, due today, all and completed tasks • Select your note to be marked private • Easily add tasks through your main screen widget/main application or synchronize your tasks already created in your Exchange account • Check off your task when completed and your task is seen as crossed out

Copyright © DataViz, Inc.

Page 11 of 27

Synchronization RoadSync allows you to manually start and stop the synchronization of your data.

Settings RoadSync is capable of various settings that will enhance your wireless synchronization experience (available through the preferences screen pictured to the right). Server Settings This is the same set of options encountered during the initial setup (screenshot on previous page). Data Sync Settings This option allows you to determine which data types you would like RoadSync to synchronize between your device and Exchange server. Sync Schedule You can have RoadSync automatically push information to and from your phone or synchronize at a defined time interval. By default, push is enabled. To take advantage of push or sync scheduling, please complete these steps on your wireless phone: 1. Open RoadSync 2. Choose Settings 3. Select Sync Schedule 4. Set your Peak and Off-Peak schedule types and scheduled sync times 5. If you are using Scheduled Sync, select a time interval and data from the list provided 6. Define your peak days, starting and ending times 7. Enable or Disable Sync while Roaming ***Push and Scheduled Sync will continue as long as the phone is turned on. It will remain enabled after turning the phone off and then turning it on again. If the phone is in use during a push or scheduled sync, the sync will be skipped and attempted again at a later time. *** Push will be enabled by default if you are using Exchange Server Service Pack 2 (SP2) or higher. For further information about Direct Push and Exchange SP2, please refer to FAQ section at the end of this manual.

Copyright © DataViz, Inc.

Page 12 of 27

*** The “Sync While Roaming” option is available in an effort to prevent unexpected or excessive data charges. The roaming information is provided by system data on the phone but may not always be an accurate reflection of your service plan or operator agreement.

E-mail Options You can adjust RoadSync to filter the e-mail synchronized to your device. Adjustments can be made by date range, download size, storage of sent items, auto-download, signatures and e-mail storage. Other settings includes status bar, selection of ringtone, vibrate and a LED indicator. Complete these steps to adjust e-mail filtering: 1. Open RoadSync 2. Choose Settings 3. Select E-mail Options 4. Select a date range from the list provided 5. Select an e-mail download size limit from the list provided 6. Select to enable or disable the auto-download feature 7. Select to enable or disable the reply with history 8. Edit your signature 9. Select your e-mail storage location *** By default, e-mail is limited to the inbox, the past three (3) days, one (1) kilobyte in size, and sent items are stored for 2 weeks.

Calendar Options RoadSync allows you to synchronize your calendar on the Exchange Server with your wireless device. This feature allows for viewing, editing, and creating calendar events on your device. 1. Open RoadSync. 2. Choose Settings. 3. Select Calendar Options. 4. Select a date range from the list provided. 5. Set preferences for alerts & notifications 6. Select a ringtone 7. Enable or disable vibrate 8. Set time for default reminders

Copyright © DataViz, Inc.

Page 13 of 27

Menu Options There are also settings and operations accessible by pressing the Menu button in the RoadSync Settings application (pictured to the right).  Check For Updates: Check the DataViz website for updates to the RoadSync software  Give us feedback: Submit your feedback, comments and recommendations to the DataViz!  Reset Data: Remove all the applicable Exchange data from the handset. On the next sync, it will be redownloaded and restored from the Exchange Server.  View log: View sync log (see next section for more on this)  Help: View help documentation  About RoadSync: This screen will show you your registration number, version number, and other information regarding the products’ make.  Press the Back button to exit the menu

Log Files The RoadSync Log (pictured right) provides useful information regarding your synchronization history and current status. When troubleshooting sync issues, the log often offers hints as to whether it is a server, data service or a handset related issue. To access the log, please complete the following steps: 2. Open the RoadSync application 3. Select your Menu button 4. Select “View Log” from the menu. 5. Scroll up and down to review the sync history and status. If you need to forward the log to an IT administrator or support representative, there are a few different options. 1. In the log, press the Menu button and select "Save". This will save a log file named "" in a folder called "roadsync" on the SD card. 2. Connect the device to a computer using its USB cable. 3. On the phone, slide down the Status Bar from the top of the screen. 4. Select the "USB connected" notification, then select the Mount button. 5. On the computer, if you are asked about what to do, select "Open folder to view files".

Copyright © DataViz, Inc.

Page 14 of 27

6. If the SD card folder does not appear, go to My Computer and find it under Removable Storage. 7. Open the "roadsync" folder and copy the file to your computer. *** In most cases the verbose log is more helpful than the standard log. For more efficient troubleshooting, it is recommended to “Enable Verbose Logging,” (accessible via the menu while viewing the log) then manually initiating a full synchronization, and then send the file in for review.

Widgets RoadSync allows users to add two different widgets to your home screen. The calendar widget allows the user to see the current or next appointment in your calendar. Tapping on the widget will also launch RoadSync Calendar application. The Tasks widget allows the user to view their tasks in a small to-do window. Tapping on the widget will launch the RoadSync Tasks application, and tapping on the plus symbol will create a new task.

Notifications You will also notice in the screenshots two icons in the notification area at the top of the screen. The envelope icon will appear if you have unread messages. The calendar icon will appear if you have new meeting notifications. The RoadSync symbol will appear whenever Direct Push is active. If the sync fails, this icon will disappear. While a sync is taking place, the arrows on the RoadSync symbol will be animated. Please note: some of the features listed above, for all the RoadSync applications, may require Exchange SP2 or All changes made on the mobile device will sync with the Exchange Server and be up-to-date when you open Microsoft® Office Outlook® on your desktop.

Copyright © DataViz, Inc.

Page 15 of 27

IT Policies (FroYo only) If you are using an Android device that has FroYo (OS ) or newer installed, and your IT Administrator has IT Policies enforced on the server, you will be required to meet the conditions of the minimum password policy provisioned by the server. During your first synchronization with RoadSync, you will notice a dialog that looks similar to the screenshots shown here.

If you cancel policy enforcement, you will not be able to synchronize. If you activate policies, you might see a dialog similar to the one shown on the left. Depending on the level of password strength required by your administrator, some options may or may not be available to you. For example, if the administrator requires an alphanumeric password, you will not be able to select the pattern or PIN options.

To disable RoadSync as a device administrator, you will need to option the system Settings application > Location & Security > Select Device Administrators. Unchecking the RoadSync option will disable RoadSync and remove all the data from the phone (this does not have an effect on your server data).

Copyright © DataViz, Inc.

Page 16 of 27

Please note: You will NOT be able to uninstall RoadSync without first disabling RoadSync as a device administrator. An error message similar to the one on the left will appear if you try to uninstall RoadSync without first disabling RoadSync as a device administrator. The steps to disable RoadSync as a device administrator can be found in the screenshot and text above.

Copyright © DataViz, Inc.

Page 17 of 27

RoadSync Exchange , & Administrator’s Guide Network Configurations SSL (Secure Socket Layer) connection to Exchange account This type of connection secures the mobile client via SSL over port The connection must be passed through the external firewall on this port, however it can be routed through the rest of the backend using any port-forwarding that is currently in place. In this diagram, several of the servers are not necessary, but recommended for security and connecting to more than one backend Exchange mailbox. • The proxy server refers to any intermediate server such as an ISA or loadbalancing server. • The front-end server may not be necessary if there is only one Exchange server in the network. • The SMTP server may not be necessary if the Exchange server is configured for outgoing mail. Optional - VPN (Virtual Private Networking) connection to Exchange account This type of connection secures the mobile client via VPN. Once connected to the VPN server, traffic can be passed over port (SSL) or port 80, depending on the configuration of the internal network. In a VPN configuration, a separate VPN software package is required for the mobile device. The VPN connection must be established before RoadSync begins synchronization. *** RoadSync supports both SSL (recommended) and non-SSL connections. This can be direct to the Exchange Server, through a front-end server or through a proxy server. VPN connections are also supported but may require an additional client application on the handset. For additional information regarding server configurations, user settings and all supported devices, please visit Enabling Mobile Access for Exchange Server (SP2) Users with Direct Push Please verify the settings in the diagrams to ensure Exchange Server SP2 is configured for mobile access and direct push via RoadSync. • Settings are applied at the user level. • These features are enabled by default. • Please refer to Microsoft’s Exchange Server support for further details: How to access Mobile Services Properties: 1. On the server go to Start/ Programs/ MS Exchange/System Manager. 2. Go to the exchange server/ Global Settings/ Mobile Services. 3. Right-click on Mobile Services and choose Properties. How to access User Properties:

Copyright © DataViz, Inc.

Page 18 of 27

1. 2. 3. 4.

On the server go to Start/ Programs/ MS Exchange/Active Directory. Go to the domain/ Users folder. Double-click on the user. Go to the Exchange Features tab.

Enabling Mobile Access for Exchange Server Microsoft Exchange ActiveSync should be enabled by default, when you install the Client Access server role on the computer that is running Exchange Server Please verify the settings in the diagrams to ensure Exchange Server is configured for mobile access and direct push via RoadSync. To use IIS Manager to enable Exchange ActiveSync 1. Login to the Client Access server as the Administrator 2. Click Start, click Administrative Tools, and then click Internet Information Services (IIS) Manager. 3. Double-click to expand the server name, and then double-click to expand the Application Pools folder. 4. Right-click MSExchangeSyncAppPool, and then click Start to enable Exchange ActiveSync. *** If the Start command is unavailable, Exchange ActiveSync is already enabled on this server. How to enable a User for Exchange ActiveSync using the Exchange Management Console: 1. Launch the Exchange Management Console. 2. Go to Recipient Configuration Mailbox 3. Right-click on the user’s mailbox and select Properties 4. Click the Client Access tab. 5. Select User Initiated Sync, and then click enable. 6. Click OK. *** Please refer to Microsoft’s Exchange Server support for further details: Enabling Mobile Access for Exchange Server You can enable Microsoft ActiveSync. By default, ActiveSync is enabled when you install the Client Access server role on the computer that's running Microsoft Exchange Server To use IIS Manager to enable Exchange Active Sync: 1. The Internet Information Services (IIS) component is installed. 2. The Web service extension status is Allowed, not Prohibited. 3. You can verify the status of the Web service extension in IIS Manager by expanding the server name and then clicking Web Service Extensions. 4. If the Web service extension isn't set to Allowed, right-click the Web service extension to change the status. Copyright © DataViz, Inc.

Page 19 of 27

Remote Wipe for Exchange SP2 Remote Wipe is an Exchange Server Service Pack 2 feature that allows IT administrators to remotely erase sensitive data from mobile devices that may have been stolen or lost. To utilize this feature please follow the steps below: 1. Make sure Exchange Server SP2 is installed. 2. Download and Install “Microsoft Exchange Server ActiveSync Web Administration Tool” on your exchange server. 3. Once everything is installed and setup, go to the website: a. From server - https://localhost/mobileadmin b. From remote machine - 4. Enter username and password. 5. Choose Remote Wipe. 6. Enter the mailbox name you would like to initiate wipe. 7. The devices that this mailbox has synced to will be listed. 8. Match the Device ID with the Type “RoadSyncClient” that you would like to wipe. 9. Choose Wipe by clicking the link for that device. The Status for the device will change to “Wipe Initiated”. The wipe will occur the next time a sync takes place on the device. This depends on how RoadSync is setup: a. Push enabled: as long as the data connection is available on the device this will occur immediately. b. Scheduled Sync Time Interval: the next interval when a data connection is available. c. Scheduled Sync Manual: the wipe will only occur when the sync is forced manually on the device. Once the device is wiped it will be confirmed on the screen. *** When installing Microsoft Exchange Server ActiveSync Web Administration Tool please follow requirements on Microsoft’s website. For further information about Exchange Service Pack 2 please refer to the FAQ at the end of this manual.

Remote Wipe for Exchange Remote Wipe is a feature that remotely erases sensitive data from mobile devices that may have been stolen or lost. In Exchange , this feature has now been incorporated directly in the Exchange Management Console for administrators as well as in Outlook Web Access for users. To utilize this feature, please follow the steps below: Remote Wipe via the Exchange Management Console: 1. Launch the Exchange Management Console. 2. Go to Recipient Configuration ‡ Mailbox 3. Right-click on the user’s mailbox and select Manage Mobile Devices Copyright © DataViz, Inc.

Page 20 of 27

4. Select the action “Perform a remote wipe to clear mobile device data.” 5. Follow the prompts to send the wipe command to the device. 6. Wait to receive the confirmation status. Remote Wipe via Outlook Web Access (OWA): 1. Login to OWA by entering the appropriate username and password. 2. Click on “Options” in the top right-hand corner of the browser. 3. On the following screen, select “Mobile Devices” on the left-hand column. 4. Highlight the mobile device that has been lost or stolen. 5. Click “Wipe all data from the device” 6. Wait to receive the confirmation status. *** The wipe will occur the next time a sync takes place on the device. This depends on how RoadSync is setup and that the data connection is available:  Push enabled: wipe will occur immediately  Scheduled Sync: wipe will occur during the next scheduled interval.  Manual: wipe will occur once a manual sync is initiated. *** After a wipe has been completed, it is recommended to remove the mobile device partnership.

Remote Wipe for Exchange Microsoft Exchange Server enables you to send a command to a mobile phone that will perform a wipe of that phone. This process, known as a remote device wipe, clears all Exchange information that's stored on the mobile phone. You can use the EMC or the Shell to perform a remote wipe on a mobile phone. To use Exchange Management Console to perform a remote wipe on a mobile phone: You need to be assigned permissions before you can perform this procedure. 1. In the console tree, navigate to Recipient Configuration > Mailbox. 2. Select the user from the Mailbox window. 3. In the action pane, click Manage mobile device, or right-click the user's mailbox, and then click Manage mobile device. 4. Select the mobile phone you want to clear all data from. 5. In the Actions section, click Clear. 6. Click Clear again. To use Outlook Web App to perform a remote wipe on a mobile phone: You need to be assigned permissions before you can perform this procedure. To see what permissions you need, see the "Exchange ActiveSync device settings" entry in the Client Access Permissions topic.

Copyright © DataViz, Inc.

Page 21 of 27

1. 2. 3. 4. 5. 6. 7. 8. 9.

Open Outlook Web App. Sign in to the device owner's mailbox. Click Options. In the Navigation Pane, select Phone. Click the Mobile Phones tab. Select the ID of the mobile phone that you want to wipe and remove from the list. Click Wipe device. Click OK. Click Remove Device.

Copyright © DataViz, Inc.

Page 22 of 27

Help Frequently Asked Questions Does RoadSync require the installation of a server or additional software on the Microsoft Exchange Server? No. RoadSync is not middleware and does not require the installation of additional servers or software on the Microsoft Exchange Server. RoadSync is a client application that installs on the handset and directly communicates with the Exchange Server via the Exchange ActiveSync protocol over a secure HTTP/S connection. Some specific features may require the latest service packs or versions of Exchange to be installed, but these are provided by Microsoft and not DataViz. What is Exchange ActiveSync? Microsoft Exchange ActiveSync is a protocol developed by Microsoft and licensed by DataViz. It allows the RoadSync client application to securely, wirelessly and directly talk to the Exchange Server without any additional middleware server or desktop redirector. How can I take advantage of Direct Push and Remote Wipe? Direct Push and Remote Wipe are part of Service Pack 2 for Exchange Server , which has been announced by Microsoft and is now available. To download Service Pack 2 for Exchange Server , please visit: Where can I find more info about the latest Exchange Server enhancements? For more information about the latest service packs, features and functionality provided by Exchange, please visit What’s new in RoadSync? A complete list of the latest features and fixes can be found at: What devices are supported by RoadSync? A complete list of supported devices can be found at Why should I choose RoadSync over other solutions? There are many reasons to choose RoadSync over similar products, but here are three of the most important: 1. RoadSync requires no middleware servers or subscription fees. 2. RoadSync is a standardized client application that supports the world’s most popular mobile devices and platforms including Symbian S60, S80, UIQ, Windows Mobile , Palm OS and Java. One client to support, one company to contact.

Copyright © DataViz, Inc.

Page 23 of 27

3. RoadSync for S60 is a premium client offering key productivity features such as Global Address List Lookup, Meeting Accept/Decline, Subfolders and Exchange enhancements. How does RoadSync deal with SSL/Root Certificates? The device includes a series of Certificate Authority (CA) root certificates issued by various companies. A CA root certificate provides a trusted “third-party” to verify the ownership of SSL certificates issued to companies and websites. When syncing RoadSync via SSL, the root certificate on the server must match a trusted root certificate on the phone in order to synchronize without asking for user permission to make a connection. It is not recommended to enable Direct Push synchronization without having a matching set of root certificates on the server and phone. When using a root certificate on the server that does not exist in the list of trusted root certificates on the phone, the certificate should be installed on the phone manually. *** RoadSync supports Basic Server Authentication. RoadSync will be unable to synchronize if your server requires Client Based Authentication. *** RoadSync can synchronize with invalid, self-signed, or expired server certificates. Please check with your IT Administrator before enabling this option during your first synchronization (a dialog box will pop up if you are attempting to sync using such a certificate). For more detailed information regarding certificates, please visit Does RoadSync support syncing over WLAN (WiFi) connections? Yes. Users can quickly toggle between cellular data connections and WLAN network connections by simply clicking the reset access point button in the Advanced Options of the RoadSync main application. During the next sync, you will be prompted to select the new access point.

Copyright © DataViz, Inc.

Page 24 of 27

Troubleshooting Tips Tip 1 - If you receive an error when trying to verify your settings during the installation: • Verify that you have correctly entered your password (case-sensitive.) • Verify that a data connection is available and that you can access the internet on your phone. • Verify that you have the appropriate SSL certificate installed and trusted on the handset. • Verify your settings with your IT staff. Tip 2 - If you are experiencing a problem with the RoadSync application you may find that turning your phone off and then back on. We know, this is basic, but often effective. Consider it the smartphone equivalent for restarting your computer. In some cases, you may need to remove and then reinsert the battery. Tip 3 - If turning your phone on and off does not resolve the issue, it is usually helpful to try resetting your data and start fresh. You can start by resetting specific portions of your data (a.k.a. inbox only) or reset all (a.k.a. inbox, calendar, and contacts.) To reset your data, go to the RoadSync Settings application and click settings. Scroll down to the corresponding reset data type option or select “reset all data” from the menu in the RoadSync Settings application. Tip 4 - If the phone is in use during a push or scheduled sync, the sync will be skipped and attempted again at a later time. RoadSync displays: “Lost connection” try the sync again. These errors may be more common than you think as data service availability varies depending on your location and signal strength, but be patient and RoadSync will automatically try again in a few minutes. If you are growing restless and you can see that service is available, feel free to manually initiate a new sync to get things back up and running. Tip 5 - If you are receiving an error during the sync, we first recommend checking the log file, which provides useful information regarding your synchronization history and current status. The log typically lists a specific error message and troubleshooting steps. To learn how to access these log files and enable verbose logging, please see the “Log Files” section on page XX of this manual.

Copyright © DataViz, Inc.

Page 25 of 27

Error messages and fixes. Error - Internal Server Error: This error is caused by an incorrect setting on the Exchange server. Unfortunately, this is a generic error response that only indicates a request failure within the server. Please refer to the Microsoft documentation to correct this error: Error - Forbidden: This error can be caused by an incorrect setting in the Exchange Server. Please contact your IT staff to confirm the following Exchange Server settings: 1. First, contact your IT staff to confirm the Exchange server uses “Integrated Windows Login” 1. (see Microsoft documentation: 2. Also, please confirm with your IT staff that your account is enabled for ActiveSync. 3. Next, contact your IT staff to confirm that device security settings on the server allow access to devices that do not fully support password settings. ***This option is available in: Exchange System Manager > Global Settings > Mobile Services > Device Security. If this checkbox was unchecked, you will get a error with RoadSync, although a Win Mobile device would still sync properly. Important: In the Device Security Settings, if the first option “Enforce password on device” is unchecked, the settings below it are not applicable and won’t affect RoadSync. If the “Allow access to devices” box is unchecked and then checked, it will take approximately 15 minutes for the system to update and for RoadSync to begin to sync properly. ***A complete and up-to-date list of known issues can be found at the following URL: (This guide is intended as an overview to begin the troubleshooting process. Should you need more details or have further questions, please contact your IT staff.)

Copyright © DataViz, Inc.

Page 26 of 27

About DataViz, Inc DataViz is an industry leader in developing and marketing Office compatibility and productivity solutions across a variety of platforms including Palm OS, Symbian OS, Windows Mobile, BlackBerry, Java, Windows and Macintosh. Founded in , DataViz began its business developing file conversion software and has since expanded its expertise to providing solutions that meet the increasing demands of the handheld and mobile markets. With solutions that include its award-winning mobile Office suite, Documents To Go, and Exchange ActiveSync client, RoadSync, DataViz is committed to providing premium solutions that mobilize ‘Microsoft Office’ for today’s knowledge workers and provide instant access to critical files and business data. DataViz is a member of the BlackBerry ISV Alliance Program, MOTODEV, Nokia Forum Pro, Palm’s Developer Network, Sony Ericsson Core+ developer’s program and is a Microsoft Gold Certified Partner, a UIQ Alliance member, Symbian Platinum Partner and Orange Partner Premium member. In addition, the company has developed strategic partnerships with Microsoft, Palm, Motorola, Sony, Apple, Sony Ericsson, Nokia and other industry leaders both domestically and abroad. For information on pricing, site licensing and pilot programs, please contact the DataViz Enterprise Sales team at: + Further Information and Support You can find out more about RoadSync on our web site at: For RoadSync support, please visit: DataViz, Inc. Merritt Corporate Woods Wheelers Farms Rd Milford, CT USA +

Copyright © DataViz, Inc.

Page 27 of 27

Similar documents

CA Performance Center

CA Performance Center CA Performance Center Single Sign-On User Guide This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the Documentation ) is

More information

Clearswift Information Governance

Clearswift Information Governance Clearswift Information Governance Implementing the CLEARSWIFT SECURE Encryption Portal on the CLEARSWIFT SECURE Email Gateway Version 02/09/13 Contents 1 Introduction 3 2 How it Works 4 3 Configuration

More information

Administrator Operations Guide

Administrator Operations Guide Administrator Operations Guide 1 What You Can Do with Remote Communication Gate S 2 Login and Logout 3 Settings 4 Printer Management 5 Log Management 6 Firmware Management 7 Installation Support 8 Maintenance

More information

Setup Guide Access Manager SP3


More information

How to configure your email client

How to configure your email client How to configure your email client This guide will teach you how to set up your email client. In this guide we will cover both Outlook and Windows Live mail, which are two of the major email clients used

More information

Steps for Basic Configuration

Steps for Basic Configuration 1. This guide describes how to use the Unified Threat Management appliance (UTM) Basic Setup Wizard to configure the UTM for connection to your network. It also describes how to register the UTM with NETGEAR.

More information

All Colleagues Landing Page

All Colleagues Landing Page INTERNAL USE ONLY All Colleagues Landing Page User's Manual Version 5 Table of Contents Login 2 Password Features 4 Expired password Password reset Region Selection 8 Changing Your Region

More information

OnCommand Performance Manager

OnCommand Performance Manager OnCommand Performance Manager Installation and Setup Guide For Red Hat Enterprise Linux NetApp, Inc. East Java Drive Sunnyvale, CA U.S. Telephone: +1 () Fax: +1 ()

More information

Introduction to the EIS Guide

Introduction to the EIS Guide Introduction to the EIS Guide The AirWatch Enterprise Integration Service (EIS) provides organizations the ability to securely integrate with back-end enterprise systems from either the AirWatch SaaS environment

More information


F-SECURE MESSAGING SECURITY GATEWAY F-SECURE MESSAGING SECURITY GATEWAY DEFAULT SETUP GUIDE This guide describes how to set up and configure the F-Secure Messaging Security Gateway appliance in a basic e-mail server environment. AN EXAMPLE

More information

Server Software Installation Guide

Server Software Installation Guide Server Software Installation Guide This guide provides information on The architecture model for GO!Enterprise MDM system setup Hardware and supporting software requirements for GO!Enterprise

More information

Quick Start Guide Sendio Hosted

Quick Start Guide Sendio Hosted Sendio Email System Protection Appliance Quick Start Guide Sendio Hosted Sendio 6.x and 7.x Sendio, Inc. Birch St, Suite Newport Beach, CA USA + QUICK START

More information

Client Error Messages

Client Error Messages Junos Pulse Client Error Messages Release Juniper Networks, Inc. North Mathilda Avenue Sunnyvale, CA USA or JUNIPER December Juniper Networks, Junos,

More information

Datasharp Optimum Connect Toolbar

Datasharp Optimum Connect Toolbar Datasharp Optimum Connect Toolbar User Guide Release 17 Document Version 1 Table of Contents 1 About This Guide Open Datasharp Optimum Connect Toolbar 6 First Time Login

More information

Virtual Data Centre. User Guide

Virtual Data Centre. User Guide Virtual Data Centre User Guide 2 P age Table of Contents Getting Started with vcloud Director 8 1. Understanding vcloud Director 8 2. Log In to the Web Console 9 3. Using vcloud Director 10

More information

Two Factor Authentication in SonicOS

Two Factor Authentication in SonicOS Two Factor Authentication in SonicOS 1 Notes, Cautions, and Warnings NOTE: A NOTE indicates important information that helps you make better use of your system. CAUTION: A CAUTION indicates potential damage

More information

SSL VPN Portal Options

SSL VPN Portal Options 1. ProSecure UTM Quick Start Guide This quick start guide describes how to use the SSL VPN Wizard to configure SSL VPN portals on the ProSecure Unified Threat Management (UTM) Appliance. The Secure Sockets

More information

HTTP Reverse Proxy Scenarios

HTTP Reverse Proxy Scenarios Sterling Secure Proxy HTTP Reverse Proxy Scenarios Version Sterling Secure Proxy HTTP Reverse Proxy Scenarios Version Note Before using this information and the product it supports, read the information

More information

MPI Frequently Asked Questions

MPI Frequently Asked Questions MPI Frequently Asked Questions 1 Table of contents 1. General 4 I want to use the Europabank MPI to handle the payments for my webshop 4 Where do I start? 4 Should my shop be hosted

More information

A D M I N I S T R A T O R V 1. 0

A D M I N I S T R A T O R V 1. 0 A D M I N I S T R A T O R F A Q V 1. 0 Fastnet SA, St-Sulpice, Switzerland. All rights reserved. Reproduction in whole or in part in any form of this manual without written permission of Fastnet SA

More information

Pre-Installation Instructions

Pre-Installation Instructions Agile Product Lifecycle Management PLM Mobile Release Notes Release E October These Release Notes provide technical information about Oracle Product Lifecycle Management (PLM) Mobile

More information

SSL VPN Technology White Paper

SSL VPN Technology White Paper SSL VPN Technology White Paper Keywords: SSL VPN, HTTPS, Web access, TCP access, IP access Abstract: SSL VPN is an emerging VPN technology based on HTTPS. This document describes its implementation and

More information


BASIC ANALYSIS OF TCP/IP NETWORKS BASIC ANALYSIS OF TCP/IP NETWORKS INTRODUCTION Communication analysis provides powerful tool for maintenance, performance monitoring, attack detection, and problems fixing in computer networks. Today networks

More information

Clientless SSL VPN End User Set-up

Clientless SSL VPN End User Set-up 37 CHAPTER This ections is for the system administrator who sets up Clientless (browser-based) SSL VPN for end users. It summarizes configuration requirements and tasks for the user remote system. It also

More information

CA Nimsoft Monitor Snap

CA Nimsoft Monitor Snap CA Nimsoft Monitor Snap Quick Start Guide Legal Notices Copyright , CA. All rights reserved. Warranty The material contained in this document is provided "as is," and is subject to being changed,

More information
a2)whered1, d2 — daily rangesw1, w2 — weekly rangesa1, a2 — absolute rangesDefining Time IntervalsYou can create, edit or delete time intervals in the Configuration → Definitions → Time sprers.eung on the Add button will display the following dialog window

Setting Remote AdministrationFigure Defining Time IntervalNameName (identification) of the time interval. You can enter a new name (create a new interval)or select an existing one and add a new item to sprers.euptionA text description (for informative purposes only).Time Interval TypeThe type of interval: Daily, Weekly or, ToThe beginning and the end of the time range. Here you can enter the start and end time,a day of the week or a date (depending on the interval type).Valid at daysThe day of the week on which the interval will be valid. You can select certain days(Selected days) or use one of the pre-set items (Everyday, Weekday, Weekend).Time intervals cannot be cascaded Setting Remote AdministrationIf you wish to administer Kerio MailServer from a different computer than the one on which itis installed, you need to enable remote administration. You can set remote administration inthe Configuration → Remote Administration administration can be enabled for Kerio Administration Console and/or for KMS WebAdministration

Chapter 12 ToolsFigure Remote AdministrationRemote administration of Kerio MailServerThe port used for communication between Kerio Administration Console and Kerio MailServerEngine is (both TCP and UDP protocols are used).Enable remote administration from networkEnables remote administration (if this option is not selected, you can only administerKerio MailServer from the computer it is installed on).Only from this IP address groupThe traffic between Kerio MailServer and the Kerio Administration Console is protectedby SSL encryption. As a result, remote administration is secure and the data transmittedcannot be tapped and misused. Access to the administration should be always allowedagainst a valid password only (it is not recommended to use blank passwords for administrationaccounts).Here you can choose the IP address group from which remote administration will beallowed. Click Edit to modify the group or to create a new one (the same dialog is used inConfiguration → Definition → IP Groups — see chapter ).Web administration of users, groups and aliasesEnable web administration from networkThis option enables administration via the Web interface. If this option is disabled, it isnot possible to access the interface. For detailed description on administration via theweb interface, see chapter Only from this IP address groupTo even increase security, remote administration can be enabled only for exclusive IPaddresses. In the menu, select the group of IP addresses, from which web administrationwill be enabled. Click Edit to modify the group or to create a new one (the same dialog isused in Configuration → Definition → IP Groups — see chapter )

Setting Remote Administration

Chapter 13User accountsUser accounts in Kerio MailServer represent physical email boxes. Users access mailboxesthrough user name and password authentication. Since Kerio MailServer can serve severalindependent domains, the user accounts are not valid globally but are only valid for a particulardomain. This implies that domains must be defined before user accounts are created (fordetails, see chapter 7).User accounts can be located as follows locally — user mailboxes are located in Kerio MailServer and any management of useraccounts is performed in Kerio MailServer (see chapter ),2. in the LDAP database — accounts are just mapped to Kerio MailServer. Mapping of useraccounts is available from the Active Directory and/or from the Apple Open Directory(refer to chapter ).User accounts can be simply imported to Kerio MailServer from another user database, asfollows:• import from the Novell eDirectory (more information in chapter ),• import from the NT domain (see chapter ),• import from the Active Directory domain (refer to chapter ),• imported from a text file Administrator accountApart from mailbox access, a user account can also be used for access to Kerio MailServeradministration, provided that the user has such rights. The basic administrator account iscreated during the installation process. It has the same properties as other user accounts andcan be deleted by any user with read/write access default administration account can create and manage public default administrator account also manages archive folders (if archiving is enabled —see chapter ). Any message which passed through Kerio MailServer can be found in sprers.eustrator can make archive folders shared with other users. However, since messagesof all users are archived, only a confidential administrator (or a tiny group of confidentialpersons) should be allowed to access these folders

Creating a user accountWarning: Passwords for those user accounts that have full administration rights should bekept close so that they cannot be misused by an unauthorized user Creating a user accountNew user accounts can be defined in the Domain Settings → Users User accountsFirst, choose a local domain in the Domain field, in which the accounts will be defined. Eachdomain may include local accounts as well as accounts saved in a directory service (e.g. MicrosoftActive Directory). The list of users of the particular domain includes both types ofaccounts. However, only local accounts can be added (accounts for directory services must becreated with the respective administration tools, e.g. Active Directory Users and Computers).Some of the features of accounts within a directory service can be sprers.eug: If an account mapped from the directory service is deleted in the administrationconsole, the account is disabled in Kerio The roles of each column of this window will be better understood through the followingdescriptions. The only exception — the Data source column — displays account types:• Internal — the account is stored in the internal user database.• LDAP — the account is saved in a directory service (Active Directory, Apple Open Directory).Click on the Add button to open a guide to create a new user account. If the domain isconfigured to be used with directory services (see chapter ), a dialog where you can definewhether you would like to activate users from a directory service or create a new local accountwill be a user is activated, a user account is saved into the directory service. Since the activation itcan be used by Kerio MailServer. All events and information will be saved into the directoryservice

Chapter 13 User accountsFigure Activate user in directory serviceIf the Activate user in directory service option is selected, a dialog with user list of the LDAPdatabase used by Kerio MailServer will be opened. Select appropriate users and confirm theselection. The buttons bottom left make user selection more comfortable. Select all — thisbutton selects all users. The Unselect all option clears any following guide shows how local user accounts can be 1 — TemplateThe first step is shown only in case at least one template for creating of new accounts is create new user account templates, select Definition → User templates. The templateis useful especially for creating multiple user accounts at once that have some parametersin common (e.g. authentication type, quotas, etc.). When all these common parameters areentered in a template, it can save a lot of New user addition — a templateFor information about creation of a new template, refer to chapter Step 2 — Basic dataLogin nameUser login name (note: the domain must be the local primary domain; otherwise enterthe full email address, e.g. [email protected], not only user).The username is not case-sensitive

Creating a user accountFigure New user addition — basic dataWarning: The login name must not contain national characters and some of the specialcharacters (see the Allowed and prohibited characters in the user name)SymbolsConditionsa-zthese characters are allowed, no restrictions are applied these characters are allowed, no restrictions are appliedA-Zthese characters are allowed, no restrictions are applied. allowed unless at the beginning and/or the end of the string and unless there aretwo dots next to each other- this symbol is allowed, no restrictions are applied_this symbol is allowed, no restrictions are appliedTable Characters and symbols allowed in user login nameExamples of correct names:wayne,,, john_wayne, wayne, johnwayne,john_paul-wayne, john_-_wayne-_Examples of incorrect, johnwayne,, .wayne, NameA full name of the user (usually first name and surname). This option is required, if theuser data from this account are to be exported to a public contacts folder

Chapter 13 User accountsDescriptionUser description (e.g. a position in a company). The Description entry is for informativepurposes only. They can contain any type of information or they can be left sprers.euticationPossible authentication methods:• Internal user databaseUsers are only authenticated within Kerio MailServer. In this case a password mustbe entered in the Password and Confirm Password fields (the user can then changehis/her password in the Kerio WebMail interface).Warning: Passwords may contain printable symbols only (letters, numbers, punctuationmarks). Password is case-sensitive.• Windows NT domainUsers are authenticated in a Windows NT domain. The NT domain name must be enteredin the email domain properties (Windows NT domain in the Advanced tab). Thisauthentication method can be used only if Kerio MailServer is running on Windows/XP/ For details, see chapter • Kerberos 5Users are authenticated in the Kerberos 5 authentication system.• PAM serviceAuthentication using the PAM service (Pluggable Authentication Module), availableonly in the Linux operating system.• Apple Open DirectoryAuthentication against Apple Open Directory database (only for mailservers installedon a Macintosh). The option can be selected only if the user is mapped from AppleOpen sprers.eurd / Confirm PasswordOnly the local user password can be entered or changed. We strongly recommend tochange the password immediately after the account is the password contains special (national) characters, users of some mail clients willnot be able to log in to Kerio MailServer. It is therefore recommend to use only ASCIIcharacters for a default spam filter Upon creating a new user account, check this option to set the antispam rule. All incomingemails marked as spam will be automatically moved to the Junk mail folder. The rulecan be set up only during the process of user account creation. Filtering and rules forincoming email is addressed in Kerio MailServer, User’s Guide.Warning: It is not recommended to create this rule when the user accesses emails viaPOP3. In such case, only the INBOX folder is downloaded to the local client and the useris not able to check if the emails moved to the Spam folder are really spam emails

Creating a user accountStore password in high secure SHA format (recommended)By default, user passwords are encrypted by DES. The Store password in highly secureSHA format allows for a more secure encryption (SHA string). This option has one disadvantage— some methods of Kerio MailServer access authentication (APOP, CRAM-MD5and Digest-MD5) cannot be applied. The only methods available for this option are LOGINand PLAIN (it is highly recommended to use only SSL connection for authentication).If this option is enabled, it is necessary to change the user password. This can be doneeither by administrator or the user (e.g. by Kerio WebMail).Warning: Passwords saved in SHA are supported by Kerio MailServer and later. Ifa configuration with SHA passwords is applied to an older version of Kerio MailServer,the authentication will not sprers.eut is disabledTemporary blocking of the account so that you do not have to remove sprers.eug: This feature is not identical with account blocking set under Configuration →Advanced Options, on the Security Policy tab (see section ). If the user enters aninvalid password too many times in row and the limit set on the Security Policy tab isreached, the account is blocked automatically. To unblock the accounts, use the Unlockall accounts now button on the Security Policy 3 — Mail addressesIn this step, all required email addresses of the user can be defined. The other addresses arecalled aliases. The other addresses are called aliases. These can be defined either during theuser definition or in Domain Settings/Aliases. We recommend to use the first alternative — itis easier and the aliases are available through Active If user accounts are maintained in Active Directory (see chapter ), their aliases can bedefined in Active Directory Users and Computers. Global aliases (in Domain Settings → Aliases)cannot be defined this way

Chapter 13 User accountsFigure New user addition — email addressesStep 4 — Forwarding messages to other addressesMessages for a user can be forwarded to other email accounts if defined. If the Deliver messagesto button is activated, messages will be saved in the local account and forwarded tothe addresses defined by user (if not, messages will be forwarded only, not saved).Figure New user addition — forwarding messages to other addresses

Creating a user accountNote: The same functionality can be accomplished through the Domain Settings → Aliasesdialog; however, aliases created within the user definition dialog is smoother and easier 5 — GroupsIn this dialog window, you can add or remove groups of which the user is a member. Groupsmust be created first in the Domain Settings → Groups section. You can add users to groupsduring definition of groups. Therefore, it is not important which is created first — users New user addition — groupsStep 6 — Access rightsEach user must be assigned one of the following three levels of access access to administrationThese users do not have any access to Kerio MailServer administration. Most users willhave this setting so they will only be able to access their own only accessThese users can connect to Kerio MailServer administration but they can only view thelogs and settings; they cannot make any accessThese users have full rights to administration and are equal to the Admin account. Ifthere is at least one user with such rights, the Admin account can be can administer aliases and users/groups A special access right for KMS Web Administration (for more information, see chapter 31).This setting is independent on the access rights settings for Kerio Administration user has the administrator rightsBy default, only Admin of the primary domain is allowed to administer the public there are multiple local domains with user accounts in Kerio MailServer, this optionmust be selected at least for one user in each domain. Each domain in Kerio MailServer

Chapter 13 User accountsFigure Creating a user — user rightshas its own public folders and users of a different local domain are not allowed to accessit (you can change this setting so that all public folders are accessible from all domainsand from all users — for detailed information about this setting, see chapter ).By default, all users from one domain have read only rights for the public folders. Therights for public folders can be assigned by any user that has the administrator rights can be also assigned using the Kerio WebMail interface and MS Outlook withKerio Outlook types of public services (email, calendars, contacts, tasks, notes) in Kerio MailServercan be viewed only in MS Outlook extended by the Kerio Outlook Connector and in KerioWebMail. Other email clients usually display only email folders (for detailed informationabout all supported email clients, see Kerio MailServer, User’s Guide).Step 7 — QuotaYou can set limits for each user’s spaceThe maximum space for a mailbox. For greater ease in entering values you can choosebetween kilobytes (KB), megabytes (MB) or gigabytes (GB).Number of messagesThe maximum number of messages in the mailbox

Creating a user accountFigure New user addition — quotaThe value of either of these items can be set to 0 (zero), which means that there is no limit setfor the user quota prevents cluttering of the server disk. If either of the limits is reached, anynew messages will be refused by the the quota is reached, the user will receive a warning message including recommendationon deleting some messages. It is also not important if the quota was exceeded by number ofmessages or by the reserved disk space capacity. The quota is reached at the moment whenan incoming message (or an event, a contact or a task) exceeds one of these treshold of 90 per cent of the quota value is set (90 per cent of the limit set for thenumber of messages or 90 per cent of the disk space reserved). When this treshold is reached,an informative message is send to the particular user. This value can be edited manually inthe Kerio MailServer’s configuration file, as follows Stop the Kerio MailServer Engine In the directory where Kerio MailServer is installed, search the fileIf the file is being edited on Mac OS X or Linux operating systems, login to the system asthe root user (a special user with full access rights to the system) Open the file and look up the QuotaWarningThreshold value. The lineis as follows Change the value as needed and save the file Run Kerio