Advanced and Federated Accounts - Managing Internal Domains

Updated

This article provides information on internal domains in Mimecast, including prerequisites, assigning domains to mail processing accounts, outbound address learning, user address creation, user location, duplicate address notifications, and unlinking or deleting domains.

Prerequisites

  • You'll require a role with the appropriate permissions (e.g Master Administrator) on your master account to make changes.

  • With Advanced Account Administration, internal domains can only be added to the master account. Before this can be done:

    • An internal domain must be registered.
    • The token must be:
      • Published as a TXT record.
      • Validated.

Viewing Internal Domains

You can view your internal domains, by using the following steps:

  1. Log in to the Administration Console.
  2. Navigate to Directory | Internal Directories.

If a domain has been added but hasn't been linked to a mail processing account, you can find it by clicking on View | Show Unlinked Domains.

The Archive Start Date field allows you to limit the date of the earliest item you can view in the Online Inbox folder, Online Sent Items folder, and search results in client applications. On Hold queues or items under a user's Archive folders are not included.

The only domain that shouldn't be assigned (and should remain unlinked) is the domain you use to logon to the Master account.

Assigning Domains to Mail Processing Accounts

You can assign domains to mail processing accounts by one of the following methods:

  • Assign a single domain to multiple mail processing accounts.
  • Assign multiple domains to a single mail processing account.

You assign a single domain to multiple mail processing accounts, by using the following steps:

  1. Log in to the Administration Console.
  2. Navigate to Directory | Internal Directories.
  3. Click on View | Switch to Domain View.
  4. Select the Domain from the left side panel.
  5. Click on Assign Accounts.
  6. Select the Mail Processing Accounts that it should be assigned to, using the checkboxes on the left.
  7. Click on the Link button.

You can  assign multiple domains to a single mail processing account, by using the following steps:

  1. Log in to the Administration Console.
  2. Navigate to Directory | Internal Directories.
  3. Select a Mail Processing Account from the left side panel.
  4. Click on Assign Domain.
  5. Select the Domains that should be assigned to the account using the checkboxes on the left.
  6. Click the Link button.

Outbound Address Learning

Typically on Mimecast accounts, addresses are learned when emails are sent outbound. With Advanced Account Administration, this is not enabled. This is because the address may be learned by the wrong mail processing account, if the domain has been shared with more than one account. Learning the addresses based on outbound mail flow can be enabled for the domain by Mimecast Support.

You can view which domains are configured for outbound address learning, by using the following steps::

  1. Log in to the Administration Console.
  2. Navigate to Directory | Internal Directories.
  3. Click on View | Outbound Address Learning Domains.

Any address learned from a mail processing account is also associated with the master account code. This way, when inbound emails are processed by the master, it delivers the email to the correct mail processing account.

Creating User Addresses

Removing a Directory Connector from a mail processing account causes the User Home Location(SMTP address location). value to be removed for any users (who were previously synced by this connector). The mail flow is likely to be interrupted for users. Therefore, it is vital to ensure users are either synced to Mimecast via an alternative directory connector, or the Remote Account Code field is populated for them (if no directory connector is to be used). This ensures the users are still associated with a mail processing account.

With Advanced Account Administration, each SMTP address / user must be unique to a mail processing account.

User addresses can be created via:

  • Directory Synchronization: Directory connectors configured on mail processing accounts are automatically copied to the master account.
    Nested accounts can run directory synchronization independently of the master account.
    A user address may have been added to the nested account, but might not yet be visible on the master, therefore mail for this user address will not be processed. This will be corrected when the master account directory synchronization takes place.

If you have newly created mail-enabled objects and cannot wait for automatic synchronization, you can run a manual directory synchronization from the master account.

  • Imports via the Directories | Imports menu item. See the "Imports" section of the Advanced Account Administration Differences page for more detail.
  • Manually on a mail processing account as follows:
    • Click on the Directories | Internal Directories menu item.
    • Select a Domain.
    • Click on the New Address button.

User Location

Advanced Account Administration mail flow is based on User Home Location (SMTP address location). A user / address must be assigned to a mail processing account to be able to send and receive emails, and to use end user applications.

You can view which mail processing account a user has been associated with, by using the following steps:

  1. Log in to the Administration Console.
  2. Navigate to Directory | Internal Directories.
  3. Select a Domain in the right hand panel.
  4. Right click on a User (SMTP address).
  5. Click on the Show User Location menu item. The following fields are displayed:
Field / Option Description
Email Address The user's (STMP) address.
Remote Account Code If the user was created manually or was imported, this displays the account code of the mail processing account. If this field is populated, the "Remove Remote Account Code" button is unavailable.
User Home Location The account code of the mail processing account regarded as the owner of the user (SMTP) address.
Find LDAP Connection Details This displays information about the user if they've been synchronized via a directory connector.

Removing a Directory Connector from a mail processing account causes the User Home Location (SMTP address location) value to be removed for any users (who were previously synced by this connector). The mail flow is likely to be interrupted for users. Therefore, it is vital to ensure users are either synced to Mimecast via an alternative directory connector, or the Remote Account Code field is populated for them (if no directory connector is to be used). This ensures the users are still associated with a mail processing account.

Duplicate Address Notification

With Advanced Account Administration each SMTP address / user must be unique to a mail processing account, but duplicate addresses can occur through Directory Synchronization. You can enable notifications to be sent to users if directory synchronization detects a duplicate user. The notification include up to 100 duplicated addresses. Until this is corrected, we will associate the items of the user to the account listed as the for the address found on the master account via the Show User Location option.

You can enable duplicate address notification to users, by using the following steps:

  1. Log in to the Administration Console.
  2. Navigate to Account | Account Settings.
  3. Expand the Directory Options section.
  4. Click on the Add Subscriber button. A list of internal and external addresses is displayed.

External addresses are only available if they've been imported into the master account.

  1. Select the required Users.
  2. Click on the Save button.

Unlinking an Internal Domain

You can unlink a domain from a mail processing account. Once unlinked:

  • All alias addresses are unlinked.
  • Administrator roles are removed.
  • The domain is displayed as an external domain.
  • Email sent to the domain is no longer processed by the mail processing account.

You can unlink a domain, by using the following steps:

  1. Log in to the Administration Console.
  2. Navigate to Directories | Internal Directories.
  3. Select the Mail Processing Account you want to unlink in the navigator.
  4. Right-click on the Domain to be unlinked. A popup menu is displayed.
  5. Select the Unlink Domain menu item. A confirmation dialog is displayed.
  6. Click on the Confirm button. The domain remains on the master account, and any other associated accounts.

Deleting an Internal Domain

  • All alias addresses are unlinked.
  • Administrator roles are removed.
  • Domain is unlinked from all associated Mail Processing account.
  • The domain is displayed as an external domain.

You can delete a domain, by using the following steps:

  1. Log in to the Administration Console.
  2. Navigate to Directories | Internal Directories.
  3. Select the Master Account in the navigator.
  4. Right click on the Domain you want to delete. A pop-up menu is displayed.
  5. Select the Move to External menu item. A confirmation dialog is displayed.
  6. Click on the Confirm button.

The domain used for the Master Administrator role cannot be moved to external.

See Also...

Related to

Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.