Configuring Mail Server
MDM requires the Mail server to be configured, to enable sending notifications and enrollment invitations to users via email. Setting up mail server is also beneficial to notify admins about Inventory related events, mail reports generated, etc. It is mandatory to setup mail server.
Ensure relay access has been given for the sender mail address configured on the MDM server. Relay access is required to allow the server to send an e-mail to another mail server.
You can setup mail server either using Basic Authentication, or OAuth Authentication. Follow the steps given below to specify mail server details.
Configure Mail Server using Basic Authentication
- On the web console, click om the Admin tab. This will render the Admin page.
- Click on the Mail Server Configuration link. This is where all the settings for the Mail Server can be configured or modified.
- Specify the name and port of the mail server.
- The Email Type indicates the type of mail email despatching (For example: SMTP, SMTPS).
- TLS Enabled is an option to enable Transport Layer Security (TLS).
- If it requires authentication, select the 'Requires Authentication' check box and specify the username and password.
- Click Save to save the configuration.
Configure Mail Server using OAuth Authentication
OAuth is a standard authorization protocol that uses web tokens instead of passwords to allow delegated access to a protected resource. Setting up mail server using OAuth will ensure limited access to users' data. Meaning, too much personal information will not be disclosed to users. Thus, for better security, you can choose to set up Mail Server using OAuth Authentication.
To configure OAuth Authentication,
- Navigate to the Admin tab and select Mail Server Settings.
- Choose OAuth under authentication type.
- Specify the Name and Port of the mail server.
- Provide the name of the sender, along with the sender's mail address and a test mail address.
- Choose the email type. (Note: SMPTS is recommended since the connection to the mail server is encrypted.)
- Enable TLS, if required.
- Obtain the Client ID, Client Secret, Authorize URL, Access Token URL and Scope from the authorization server using the Redirect URL.
- You may choose to connect to the authorization server using a proxy if required.
- Click Save. The user consent window of the mail server will be displayed.
- Enter your login credentials and consent to the permissions requested.
Once the permissions have been saved, OAuth authentication is successfully configured for mail server.
Frequently Asked Questions about OAuth Authentication
- Why should I move to OAuth2.0?
- What are the supported mail servers in OAuth?
- Can I configure OAuth for an existing mail account?
- What is Redirect URL and where should I configure it?
- On clicking Save, I am getting an error stating "Redirect URL or reply URL invalid/mismatch". What should I do?
- What will happen if my access token expires?
Google and Microsoft will soon withdraw basic authentication support for mail servers by 30 May 2022 and 1 October 2022, respectively. Therefore, it is advisable for users to switch to OAuth authentication.
Microsoft Outlook (Office 365) and Gmail (GSuite) are the mail servers supported in OAuth. We have tested OAuth authentication with both Microsoft Outlook(office365) and Gmail(Gsuite).
Yes. You can configure OAuth for an existing account.
Redirect URL or Reply URL is the URL to which the Authorization Server sends confidential response data. Copy-paste the Redirect URL to the application details in the Authorization Server and save it.
Check if you have added the application server's redirect URL to your authorization server's list of redirect URLs. Ensure that you have saved the settings.
When your access token gets expired, a new access token will be automatically generated using the refresh token.
Note: Refer to these documents, to learn how to configure mail server settings using Office 365 and Gmail.