When you delete a mail user, the Do not display in address lists option is enabled and the mail user is no longer shown in address books.
As long as an account definition still applies to an identity, the identity retains the mail user that was created by it. If the account definition assignment is removed, the mail user created through this account definition, is deleted.
In the Manager, delete mail users that were not created using an account definition, via the result list or the menu bar. After you have confirmed the security prompt the mail user is marked for deletion in One Identity Manager.
To delete a mail user that is not managed using an account definition
-
In the Manager, select the Active Directory > Mail user category.
-
Select the mail user in the result list.
-
Click 
in the result list.
- Confirm the security prompt with Yes.
Deferred deletion is taken into account if a mail user is being deleted. You can use deferred deletion to specify how long the mail users remain in the database after deletion is triggered before they are finally removed. You can reenable the mail users up until deferred deletion runs.
If the QER | Person | User | DeleteOptions | ReapplyTemplatesOnRestore is set, the template is applied again when reenabling a mail user marked for deletion that is managed through an account definition. This means that properties dependent on the IT operating data are automatically recreated according to the current configuration.
To restore a mail user
-
In the Manager, select the Active Directory > Mail user category.
-
Select the mail user in the result list.
-
Click 
in the result list.
Configuring deferred deletion
By default, mail users are finally deleted from the database after 30 days. During this period you have the option to reactivate the mail users. A restore is not possible once deferred deletion has expired.
In the Designer, you can set an alternative delay on the EX0MailUser table. For more information about configuring deferred deletion, see the One Identity Manager Configuration Guide.
Enter mail contacts for Active Directory contacts.
NOTE: It is recommended to use account definitions to set up mail contacts for company identities.
-
In order to create mail contacts through account definitions, identities must have a default email address and obtain their company IT data through assignment to a primary department, primary location or a primary cost center.
-
Some of the main data of the mail contacts is mapped from identity main data using templates.
To create a mail contact
-
In the Manager, select the Active Directory > Mail contacts category.
-
Click 
in the result list.
-
On the main data form, enter the main data of the contact.
-
Save the changes.
To create a mail contact for an Active Directory contact manually
-
In the Manager, select the Active Directory > Contacts category.
-
In the result list, select the contact then select the Change main data task.
-
Select the Create mail contact task.
-
Enter the following information:
-
Active Directory contact: the contact is already selected.
-
Exchange organization: The Microsoft Exchange organization is already selected. Check the setting.
-
Destination address type: Target address type of the email address.
-
Destination address: Email address to which the messages should be forwarded.
-
Alias: Unique alias for further identification of the mail contact.
- Save the changes.
Enter the following general main data.
Table 37: General data of a mail contact
|
Identity |
Identity to use the mail contact.
-
An identity is already entered if the mail contact was generated by an account definition.
-
If you create the mail contact manually, you can select an identity from the drop-down.
The drop-down displays activated and deactivated identities by default. If you do not want to see any deactivated identities, set the QER | Person| HideDeactivatedIdentities configuration parameter.
NOTE: If you assign a deactivated identity to a mail contact, the mail contact might be locked or deleted depending on the configuration. |
|
No link to an identity required |
Specifies whether the contact is intentionally not assigned an identity. The option is automatically set if a contact is included in the exclusion list for automatic identity assignment or a corresponding attestation is carried out. You can set the option manually. Enable the option if the contact does not need to be linked with an identity (for example, if several identities use the contact).
If attestation approves these contacts, these contacts will not be submitted for attestation in the future. In the Web Portal, contact that are not linked to an identity can be filtered according to various criteria. |
|
Not linked to an identity |
Indicates why the No link to an identity required option is enabled for this contact. Possible values:
-
By administrator: The option was set manually by the administrator.
-
By attestation: The contact was attested.
-
By exclusion criterion: The contact is not associated with an identity due to an exclusion criterion. For example, the contact is included in the exclude list for automatic identity assignment (configuration parameter PersonExcludeList). |
|
Account definition |
Account definition through which the mail contact was created.
Use the account definition to automatically populate mail contact main data and to specify a manage level for the mail contact. One Identity Manager finds the IT operating data of the assigned identity and uses it to populate the corresponding fields in the mail contact.
NOTE: The account definition cannot be changed once the mail contact has been saved. |
|
Manage level |
Manage level with which the mail contact is created. Select a manage level from the drop-down. You can only specify the manage level can if you have also entered an account definition. All manage levels of the selected account definition are available in the drop-down. |
|
Active Directory contact |
Active Directory contact for whom the email is created. |
|
Exchange organization |
Name of the organization. |
|
Canonical name |
Canonical name of the mail contact. The canonical name is generated automatically. |
|
Destination address |
Email address for forwarding messages. |
|
Destination address type |
Target address type of the email address. You can also add other mail connectors (e.g. CCMail, MS) apart from the standard destination address type (SMTP, X400). |
|
Alias |
Unique alias for further identification of the mail contact. |
|
Automatically update based on recipient policy |
Specifies whether changes to recipient's email addresses are automatically updated based on recipient policies. |
|
Proxy addresses |
Other email addresses for the mail contact. You can also add other mail connectors (for example, CCMail, MS) in addition to the standard address type (SMTP, X400).
Use the following syntax to set up other proxy addresses:
Address type: new email address |
|
Max. send size [KB] |
Maximum size for message in KB that a mail contact can send. The Microsoft Exchange organization global settings in the Microsoft Exchange System Manager come into effect for message delivery if there are no limitations. |
|
Max. receiving size [KB] |
Maximum size for message in KB that a mail contact can receive. The Microsoft Exchange organization global settings in the Microsoft Exchange System Manager come into effect for message delivery if there are no limitations. |
|
Do not display in address list |
Specifies whether the mail contact is visible in address books. Set this option if you want to prevent the mail contact from being displayed in address books. This option applies to all address books. |
|
Use MAPI-RTF |
Specifies whether the mail contact can receive messages in MAPI format. Available options are Never, Always, and Use default settings. |
|
Sender authentication required |
Specifies whether authentication data is requested from senders. Set this option to prevent anonymous senders mailing the mail contact. |
|
Simple display |
Simple display name for systems that cannot interpret all the characters of normal display names. |
|
Phonetic display name |
Display name in phonetic letters. It is used if the pronunciation and spelling of the name do not match. For example, the display name is used to sort recipients in the hierarchical address book if no sort order is given. They are sorted in ascending order from A to Z.
If no phonetic name is given, they are sorted by the simple display name. |
|
Sort order |
Specifies the order in which to display recipients in the hierarchical address book. The larger the value, the higher the ranking in the sort order.
If no order is given or more than one entries have the same sort order, recipients are sorted by their phonetic display name. |
|
Distinguished name |
Mail contact's distinguished name. |
