Versions Compared

Old Version 5

changes.mady.by.user Patrick Parker

Saved on

compared with

New Version 6

changes.mady.by.user Phillip Hanegan

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Provider options

By default, EmpowerID is configured to use SMTP as the provider for email delivery. However, SMTP is not the only provider option. You can elect to use Exchange Web Services (on-premise or Office 365) or both SMTP and Exchange Web Services (EWS). If you choose to use both providers, you order the precedence by setting the priority for each. The provider with the lowest priority has the higher precedence. By default, SMTP has precedence over EWS. You can change this at any time in the EmpowerID Web interface.

You can configure EmpowerID to process emails differently, depending on your scenario. These scenarios include the following:

  • Configuring EmpowerID for simple Simple SMTP relay — In this scenario, you specify the SMTP server that EmpowerID uses to send automated emails on behalf of the system and the default from address for all EmpoweID EmpowerID notifications. Examples of these types of emails include welcoming emails sent to new employees, emails sent to users when their passwords are reset by the help desk, and pending password expiration notifications, etc.
  • Configuring EmpowerID for authenticated Authenticated SMTP Delivery — In this scenario, you specify an account that EmpowerID should use to connect to the SMTP server. This account must have password that is vaulted in EmpowerID and becomes the default From address used for any automated emails sent on behalf of the system. When configuring for authenticated SMTP delivery, you have the option to specify whether to use SSL, TLS and the port used for TLS.
  • Configuring EmpowerID for Exchange Web Services (EWS) — In this scenario, you specify the account that EmpowerID should use to connect to EWS, as well as the URL to the EWS server. As with configuring EmpowerID for authenticated SMTP delivery, you need to vault the password for the user account.
  • Configuring EmpowerID for email Email approvals — In this scenario, you set EmpowerID up to give resource owners and other delegated approvers the ability to respond to Access Requests from their email clients, apart from interacting directly with the request in the EmpowerID Web interface. This allows users to respond to requests when away from their desks. To do so, they simply reply to the email with "Approved" or "Rejected." EmpowerID reads the response and submits the decision.


Rw ui expands macro

Rw expand
titleConfigure EmpowerID for Simple SMTP Relay

To configure EmpowerID for simple SMTP relay, do the following:

From
  1. On the
navigation sidebar
  1. navbar, expand Infrastructure Admin
, then 
  1. > EmpowerID Servers and Settings navigate to the Email Settings page by expanding Infrastructure Admin > EmpowerID Servers and Settings and then click Email Settings.
You should see all SMTP email configuration settings in the grid. Of these settings, the following are relevant when using EmpowerID for SMTP relay only
  1. Select SMTP from the Email Delivery Mode drop-down.
  2. In the SMTP Mail Delivery Settings pane, enter the following information:
    • SMTP From Address — This specifies the default From address the system should use when sending automated emails to your user.
    • SMTP Server DNS — This specifies the DNS or IP address of the SMTP server in your environment.

Image Removed
When EmpowerID is first installed, part of the configuration involves specifying the SMTP server and the default From address. You can edit these values from this page.
  2. Save your changes.

Rw expand
titleConfigure EmpowerID for Authenticated SMTP Delivery

To configure EmpowerID for authenticated SMTP

DeliveryOn the email settings page:
  • Send SMTP Using SSL — This specifies whether to use SSL for SMTP. 
    • Send SMTP Using TLS — This specifies whether EmpowerID should use TLS to connect to the SMTP server. Send SMTP Using SSL must be set to true for this setting to have effect. If Send SMTP Using TLS is set to false and Send SMTP Using SSL is set to true, EmpowerID uses SSL to connect to the SMTP server.

    delivery, do the following:

    1. On the navbar, expand Infrastructure Admin > EmpowerID Servers and Settings navigate to the Email Settings page by expanding Infrastructure Admin > EmpowerID Servers and Settings and then click Email Settings.
    2. Select SMTP from the Email Delivery Mode drop-down.
    3. In the SMTP Mail Delivery Settings pane, enter the following information:
      • Account with Vaulted Password for Authenticated
    SMTP — This specifies
      • SMTP — Select the user account to be used by EmpowerID
    uses
      • to authenticate to the SMTP server
    , as well as
      • and to send automated responses on behalf of the system. This account
    needs to
      • must have
    its
      • a password that is vaulted in EmpowerID.
    You should see all SMTP email configuration settings in the page. Beyond the EmailSmtpEmailProviderMailServersetting mentioned above, the following settings are relevant when configuring EmpowerID for authenticated SMTP delivery:
    Image Removed
      • If the account does not have a password that is vaulted, please see How to Vault Account Passwords below and then return to complete the setup.
      • SMTP From Address — This specifies the default From address the system should use when sending automated emails to your user.
      • SMTP Server DNS — This specifies the DNS or IP address of the SMTP server in your environment.
    2. Save your changes.
    Info

    When configuring EmpowerID for authenticated SMTP, the mailbox selected for reading and processing emails takes precedence over the setting entered in the SMTP From Address setting.


    Info

    If you are using a mail delivery system other than Exchange that supports SMTP, then you need to create a tracking-only account store and add an account with the appropriate credentials, as well as a user principal name, for that system to that account store. You then vault the password for that user account. For information on creating tracking-only account stores, see Creating Tracking-Only Account Stores.


    To vault a password for the Account selected for authenticated email using SMTP, do the following:Vault the password for the user account by doing the following:



    Expand
    titleHow to Vault Account Passwords
    1. From the navigation sidebar, expand Identity Administration and click User Accounts.
    2. Search for the user account and then click the Logon Name link for it.

    Image Removed
    2. From the View One page for the account, expand the Actions accordion and then click the Edit Vaulted Account Password button.

      Image Modified

    3. On the Service Account Credentials page that appears, do the following:
      1. Click Encryption Certificate and select a certificate for encrypting the password.
      2. Enter the password in the Password and Confirm Password fields
      3. Click Submit.
    Image Removed

      1. Image Added

      2. Click OK to close the Operation Execution Summary.
      3. Return to the EmpowerID System Settings page and edit any of the other SMTP settings as needed.
    To configure

    Rw expand
    titleConfigure EmpowerID for Office 365 / Exchange EWS

    From
    1. On the
    navigation sidebarTo configure EmpowerID for email approvals
    1. navbar, expand Infrastructure Admin, then EmpowerID Servers and Settings, and click Email Settings.
    2. Select Exchange EWS from the Email Delivery Mode drop-down.
    3. On the Email Settings page, edit the following settings:
      • — This specifies the user account EmpowerID uses to authenticate to the EWS server as well as to send automated emails on behalf of the system. This account needs to have its password vaulted in EmpowerID.
      • — This specifies the URL to the EWS server. If you are using Office 365, the value of the URL should be https://outlook.office365.com/EWS/Exchange.asmx.
    Image Removed

    Rw expand
    titleConfigure Email Approvals

    Warning

    For EmpowerID to process email approvals, the task or operation being approved or rejected must have the EnableBulkApproval set to trueThis is set in Workflow Studio.


    Info

    If you are using SMTP, follow the procedure outlined in the Configuring EmpowerID for authenticated SMTP Delivery section, including vaulting a user account; otherwise, following the procedure outlined in the Configuring EmpowerID for EWS section. After completing those steps, do the below steps.

    1. On the
    email
    1. navbar, expand Infrastructure Admin, then EmpowerID Servers and Settings, and click Email Settings.
    2. On the Email settings page,
    check the checkbox for Enable
    1. select Enable Approve by Email Reply.
    Image Removed

    Insert excerpt
    IL:External Stylesheet
    IL:External Stylesheet
    nopaneltrue


    page
    Div
    stylefloat: left; position: fixed; top: 105px; padding: 5px;
    idtoc
    classtopicTOC
    Div
    stylemargin-left: 40px; margin-bottom: 40px;
    Live Search
    spaceKey@self
    placeholderSearch the documentation
    type


    Div
    stylefont-size: 1rem; margin-bottom: -65px; margin-left: 40px;text-transform: uppercase

    In this article


    Table of Contents
    stylenone