Working with Accounts

 

 

 

Accounts are logins used to authenticate a pasUnity Payload Web Service or are POP3 mailboxes which are monitored by the pasUnity Collector Agent.

 

Accounts with POP3 values configured may be used by the pasUnity Collector Agent to read email messages.  When the pasUnity Collector Agent detects new mail messages it extracts them from the POP3 account and stores them in the pasUnity database where the message headers from these messages are used to trigger the execution of jobs on the systems.

 

Accounts with SMTP values configured may be used by the pasUnity Processor Agent to send email messages during job execution.

 

When the Accounts node in the tree view navigation pane is selected the context pane displays the Email Address, Collector Agent, Retention Days, SMTP Server, POP3 Server, Message Count, various work queue statistics, and whether or not the Account is enabled.

 

Creating Accounts

 

Accounts are created by selecting and then right-clicking the Accounts node in the tree view navigation pane and choosing Add New Account from the context menu.  You need to supply the email address of the account to monitor when creating the account.

 

Editing Accounts

 

To edit an account, select the account node in the tree view navigation pane to open the account editor in the context pane. 

 

Accounts have the below attributes which can be modified through the editor.

 

Information area:

Email: Primary email address of the account.  Serves as the account name for the SMTP and POP3 services unless overridden.

Enabled for Collection: By default, an account is not enabled for collection and may only have message contents manually migrated to the pasUnity database.  It is recommended that this box be checked once it is confirmed that the account configuration is correct.  If an account is not enabled for collection the pasUnity Collector Agent will not copy messages to the pasUnity database at regular polling intervals.

Delete Messages After Collection: When selected pasUnity will remove a message from the POP3 server after it has been successfully copied to the pasUnity database.  This is the recommended setting.  If this setting is not enabled pasUnity may experience periods of high CPU usage as it will have to check each email on the POP3 server to see if it has already been collected.  On large mailboxes this may negatively impact the performance of the pasUnity Collector Agent.

Retention Period (Days): The number of days to retain processed messages within the pasUnity database before they are automatically purged to reclaim space.

Collection Agent: The pasUnity Agent which is designated as being responsible for polling for new messages and moving them to the pasUnity database store where they trigger job execution.  If not set to a valid agent, the account must be collected manually.  A value of <none> will prevent the account from being automatically collected.

SMTP tab:

SMTP Authentication Method: The method of authentication required by the SMTP server.  The default value is User Name/Password.

A value of User Name/Password indicates that the SMTP server will authenticate using both a user name (the email address) and a password.

A value of OAuth 2.0 indicates that the SMTP server will authenticate using a SASL XOAUTH2 formatted string that consists of both a user name (the email address) and an access token.

SMTP User Name: The user name on the SMTP server if it differs from the email address.

SMTP Password: The password for the corresponding SMTP user name on the SMTP server.  Only applicable if the SMTP Authentication Method is User Name/Password.

SMTP Access Token: The token for the corresponding SMTP user name on the SMTP server.  Only applicable if the SMTP Authentication Method is OAuth 2.0.

SMTP Access Token Grant Type:  The OAuth2 Grant Type flow that will be utilized for obtaining an access token automatically.  This is ignored if an SMTP Access Token has been manually specified.  See OAuth2 Grant Type Authentication below for more information.  Only applicable if the SMTP Authentication Method is OAuth 2.0.

SMTP Server: The DNS name or IP address of a server that hosts an SMTP service.

SMTP Port: The TCP port on which the SMTP server is running.  The default is 25 but many new email systems are moving to 587.

SMTP Require SSL Encryption: Determines if a secure connection is made to the SMTP server.  The default is to not use encryption.

POP3 tab:

POP3 Authentication Method: The method of authentication required by the POP3 server.  The default value is User Name/Password.

A value of User Name/Password indicates that the POP3 server will authenticate using both a user name (the email address) and a password.

A value of OAuth 2.0 indicates that the POP3 server will authenticate using a SASL XOAUTH2 formatted string that consists of both a user name (the email address) and an access token.

POP3 Account: The user name on the POP3 server if it differs from the email address.

POP3 Password: The password for the corresponding POP3 user name on the POP3 server.  Only applicable if the POP3 Authentication Method is User Name/Password.

POP3 Access Token: The token for the corresponding POP3 user name on the POP3 server.  Only applicable if the POP3 Authentication Method is OAuth 2.0.

POP3 Access Token Grant Type:  The OAuth2 Grant Type flow that will be utilized for obtaining an access token automatically.  This is ignored if a POP3 Access Token has been manually specified.  See OAuth2 Grant Type Authentication below for more information.  Only applicable if the POP3 Authentication Method is OAuth 2.0.

POP3 Server: The DNS name or IP address of a server that hosts a POP3 service.

POP3 Port: The TCP port on which the POP3 server is running.  The default is 110 and should not be changed unless advised by a system administrator.

POP3 Require SSL Encryption: Determines if a secure connection is made to the POP3 server.  The default is to not use encryption.

Permissions tab:

The Permissions tab will only be visible if pasPortal Integrated Security is enabled during System Configuration.  For a detailed list of the available permission types available at this level refer to the Permissions topic.

Key Value Pairs tab:

The Key Value Pairs tab is storage for values associates with key names unique at the object and level where they are defined and allow for value persistence between job executions.

Key: The unique key name used to locate and/or manipulate values on the object scope where they are defined.  For example, a job can only have one key/value pair with the name Counter but the same name could be used on other jobs or on impeller of the same job for instance.  Key names are not case sensitive.  Key names are limited to 256 characters in length.  Key names cannot be changed once created without adding a new key/value pair and deleting the old value.

Value: The value associated with the unique Key.  The value has no maximum length.  You can store macro expressions in the key/value pairs but you will still need to parse them.

Refresh:  Will refresh the display with the latest values from the database (also F5 can be used).

Add: Allows you to provide the Key portion of a new key/value pair which will be added to the database with a blank value.

Delete: Allows you to remove a key/value pair from the database.

Monitors tab:

The Monitors tab displays all the impellers throughout the entire system that are configured to monitor the selected account.  This allows you to asses the impact of changes to the selected account.

 

OAuth2 Grant Type Authentication

 

OAuth2 is an open specification for how to authenticate and grant access for protected resources (such as email) to a client (such as an application) on behalf of the resource owner (such as the user).  When using OAuth2 authentication an access token is utilized to authenticate instead of user credentials, and a refresh token is used to refresh the access token once it expires.  The access token and refresh token are both revocable in the event the client should no longer be able to access the protected resource without the resource owner having to change the password.  The access token is short lived, typically expiring within hours of being obtained.  The method for obtaining an access token and a refresh token is dependent upon the Grant Type, which defines a process for how the access token is obtained.

 

Authorization Code Grant Type:  The authorization code grant type allows you to grant access to a client by first authenticating with an authorization server through a web browser on the current device.  Once the resource owner is authenticated and the client is authorized the authorization server returns an authorization code that can be used to acquire both access tokens and refresh tokens from a token server.  The Authorization Code Grant Type has the following settings:

Authorization URI:  The endpoint of the authorization server that must be contacted to authorize the client.

Access Token URI:  The endpoint of the access token server that grants access tokens from an authorization code or a refresh token.

Redirection URI:  The endpoint to which the OAuth server can send responses.

Client ID:  The unique identification for the client as configured in the authorization server.

Client Secret (optional):  The credential used to authenticate the client.

Scope:  The scope of access for the access token against the protected resource.  Multiple scopes may be specified and must be separated by an empty space.  The scope is defined by the authorization server.

Device Authorization Grant Type:  The device authorization grant type allows you to grant access to a client by authenticating with a device authorization server from any web browser and entering a user code specified by the device authorization server.  Once the user code is accepted, the user is authenticated, and access is granted to the client application, a device code specified by the device authorization server is used to obtain an access token and a refresh token from a token server.  The Device Authorization Grant Type has the following settings:

Device Authorization URI:  The endpoint of the device authorization server that must be contacted to authorize the client.

Access Token URI:  The endpoint of the access token server that grants access tokens from an authorization code or a refresh token.

Client ID:  The unique identification for the client as configured in the authorization server.

Scope:  The scope of access for the access token against the protected resource.  Multiple scopes may be specified and must be separated by an empty space.  The scope is defined by the authorization server.

 

Deleting Accounts

 

To remove an account, select and then right-click the Account Name node in the tree view navigation pane and choose Delete... to remove the account permanently from the database and the user interface. 

 

Deleting an account will also delete all messages that have been collected from that account and stored in the database and will also delete all work that has queued for processing of those messages and associated history that has been stored.  It is not advised that accounts be deleted if this information needs to be maintained.  In such cases it is recommended that the account is disabled for collection in the user interface and/or has the collection agent set to <none>.

 

Message Management

 

Clicking on either the Database Messages or POP3 Messages nodes in the tree will allow you to view POP3 messages stored in the database or on a remote POP3 mailbox server respectively.

 

Forcing Collection

 

To force all enabled POP3 accounts to have their contents collected immediately, select and then right-click the Accounts node in the tree view navigation pane and choose Collect Enabled POP3 Accounts.

 

To force an individual account to have its contents collected immediately you may select and then right-click the Account Name node in the tree view navigation pane and choose Force POP3 Collection... to perform this process manually. 

 

NOTE: If the account is also configured to be collected at regular intervals by a collection agent manually collecting could coincide with automatic collection and this COULD result in collecting messages multiple times.

 

Purging Old Messages

 

To force all accounts to purge messages immediately, select and right-click the Accounts node in the tree view navigation pane and choose Purge Old Messages....

 

To manually force an individual account to purge messages immediately, select and then right-click the Account Name node in the tree view navigation pane and choose Purge Old Messages

 

When purging messages, it is important to note that no messages that are queued for job processing will be removed nor will messages that have not yet met the account retention policy.

 

Composing SMTP Messages

 

To compose a new SMTP email message right-click an Account node and select Compose SMTP Message... from the context menu.  You will be presented with an email authoring form that will ultimately be used to send a message from the selected account.  You will optionally be able to modify recipient, attachment, and content details.  For more details on this feature see the SMTP Composer topic.

 

POP3 Diagnostics

 

This is an advanced troubleshooting tool and should only be used under the instruction of support.  To access this feature, select and then right-click on an Account Name node and select POP3 Diagnostics... from the context menu.

 

Deleting Messages

 

To forcibly delete messages (regardless of whether they are within the retention period or have queued work) use the navigation tree view to expand the Account Name node and then select Database Messages, right-click the node and choose Delete... to delete all messages.  To delete only a single message drill down one level further and selected the specific message you wish to delete. From the right-click menu choose the Delete Message... option.  Messages cannot be deleted directly from the POP3 server - only from the Database Messages container.

 

Import Messages

 

This is a troubleshooting tool and will typically only be used under the instruction of support.  To import a .EML file into Database Messages select and then right-click on Database Messages and select Import... from the context menu.

 


Copyright © 2024 pasUNITY, Inc.

 

Send comments on this topic.



Created with an evaluation copy of HelpSmith.
To remove this notice, you should purchase the full version of the product.