Windows NT Security Account Integration
MDaemon supports Windows NT integration. This support consists of a Windows NT user database import engine, which can be reached through the MDaemon menu selection Accounts Importing… From NT SAM Database… Additionally, support for dynamic authentication of users has been embedded into the MDaemon user management code. It is possible to specify an NT domain in an account's password field and then MDaemon will dynamically authenticate such accounts in real-time, using the specified NT domain's security system. Under such a scheme, changing the account's password in the Windows NT User Manager will have the effect of automatically updating MDaemon. Therefore, your users will only have to remember one set of authentication credentials. This also makes for very easy account setup for new installations.
NT/2000 Server Properties
PDC/BDC Machine name
This field allows you to specify the machine name from which MDaemon will read NT account database information. You can specify \\ and MDaemon will read data from the local machine.
Refresh
Click this button to refresh the NT Accounts listing.
NT Domain Name
Type the NT domain name from which you wish to import accounts.
MDaemon Domain Name
Choose from the drop-down list box the MDaemon domain into which the accounts will be imported.
Accounts to Import
NT/2000 accounts
This window contains a list of all the account names collected from the NT account database.
Selected accounts
This window contains all the account names that you have selected and wish to import.
>>
Click this button to move the highlighted account names from the "NT Accounts" window into the "Selected Accounts" window.
<<
Click this button to remove the highlighted entries from the "Selected Accounts" window.
Importing Options
Make account mailboxes equal to the NT/2000 account name
Click this switch to force each imported user's NT account name to be used as their Mailbox value. With this method, you will not need to worry about setting up the correct New Account Template macros.
Use the account template to generate passwords
This switch causes MDaemon to generate passwords for imported accounts using the account template settings (see New Account Defaults).
Set account passwords equal to account names
This switch causes MDaemon to use the account name as the account password.
Make every password equal to…
This switch allows you to specify a static password value that will be used by all imported accounts.
Authenticate passwords dynamically using NT/2000 SAM
This switch enables dynamic authentication of imported accounts. Rather than specifying a password MDaemon will simply authenticate the mail client supplied USER and PASS values using the NT database in real-time.
Authenticate on this NT/2000 domain
Enter the name of the Windows NT domain that MDaemon will use when authenticating connections dynamically. This is not the machine name of the domain controller. It is the actual name of the NT Domain.
NT domain and that MDaemon should attempt to authenticate the USER and PASS values provided by the mail client using that domain's account database. It is an error for a password to start with two backslash characters unless it is configured for dynamic authentication as described above. In other words, you can't just have regular passwords that start with two backslashes. Passwords beginning with two backslashes are always assumed to be providing an NT domain name and not a password. It is perfectly acceptable to enter two backslashes and the NT domain name into an account's password field using the regular Account Editor if necessary. The administrator need not restrict himself to using the importer in order to setup accounts for dynamic authentication.
