Watch the User Management video:
There are two types of accounts on the Barracuda Cloud Archiving Service:
- Local Accounts – These accounts reside only on the Barracuda Cloud Archiving Service and are created from the Users > User Add/Update page in the administration interface.
- LDAP Accounts – These accounts reside in your LDAP directory. Once LDAP is configured on the Barracuda Cloud Archiving Service, users can log in using their regular network credentials to view and create flags for messages in their personal archive.
Local accounts are created with one of the following roles:
- User – Able only to view messages accessible to the account, either because the username for the account is also that of the sender or recipient of a message, or because it has been given explicit access to view an email address via Alias Linking.
- Auditor – Able to create and activate policies, and view, search, and export any messages to/from the domains to which they have access. Additionally, Auditors can save and name an Advanced search for re-execution at a later time from the Saved Searches tab. To create a "Domain Auditor" (an auditor with access to only a subset of the domains on your Barracuda Cloud Archiving Service), set the role to Auditor and specify at least one domain. If no domains are specified, then all messages in the entire Barracuda Cloud Archiving Service are accessible. No auditor account has access to any system or network configuration information on the Barracuda Cloud Archiving Service.
- Admin – Able to view all items from any user, not just those listed for the account. Also able to create and activate policies, and can make other system or network changes.
The assigned role can be changed at a later date from the Users > Accounts page, but only the last assigned role is active.
Access Control List (ACL)
Use the Access Control List to restrict all user access to Barracuda Cloud Archiving Service based on public source IP and user role (User, Auditor, Admin). This includes the web interface and Outlook add-in. Allowed IP Range entries must be in Classless Inter-Domain Routing (CIDR) format, for example
Note that if no IP ranges are specified here, then access is possible from all systems for all roles.
The IP ranges can be changed from the Basic > Administration page.
Add Local Users
Use the following steps to manually create or update a user account:
- Go to the Users > User Add/Update page.
- Enter the user's Email Address and enter the User Display Name.
- If you have configured LDAP users, click Populate to retrieve all aliases associated with the LDAP for the entered email address.
- Enter the account password and select the user role for the account.
- If you select the user role 'Auditor' enter the following additional details:
- Enter a domain for which the auditor can view messages and other Outlook items, and click Add. Any messages that includes an email address in the listed domains in either the From, To, or CC/Bcc areas, or any items that belong to a user in the specified domains, display in search results. To allow the auditor to view all items from all domains, leave this field blank.
- In the Saved Search drop-down menu, select a defined Saved-Search to automatically apply to all searches performed by this auditor. Note that the parameters in the Saved Search take precedence over any domain limitations that may be specified above, as well as over any attempts by the auditor to Search As any other account.
Add LDAP Users
For details on adding LDAP users, refer to the article Adding LDAP Users.
Use the following steps to modify user settings:
- Go to the Users > Accounts page:
- Click Delete to remove an account.
- Click Edit to modify the user; the Users > User Account Create/Update page displays.
- Update the user settings, and click Save Changes.