Setting the Mail Server and Standard Messages

Email server settings and standard message templates can be configured on the Settings page:  In the Imprivata Admin Console, go to the gear icon > Settings.

The Imprivata appliance can send email messages for a variety of reasons:

  • Notify Administrators of system events

  • Notify users to self-install the Imprivata agent

  • Notify users to enroll in the password self-service reset feature

Configuring the Imprivata Mail Server Account

A SMTP server must be specified to send email notifications to administrators and end users.

You can configure a connection to an SMTP server using basic (password) authentication.

NOTE:

Microsoft has announced the deprecation of basic authentication in Exchange Online. While you can configure a connection using basic authentication, it is recommended that you configure the connection to your mail server over OAuth.

To configure the connection:

  1. In the Imprivata Admin Console, open the gear icon menu, and click Settings.

  2. In the Email configuration section, click Modify.

  3. Type the IP address or FQDN of the mail server in the SMTP Server field.

  4. (Optional) By default, the Imprivata appliance secures outgoing email using TLS.

    Uncheck Use TLS to disable this functionality. If you choose to leave TLS enabled, consider the following:

    • Imprivata supports TLS versions up to 1.2, but does not enforce any specific version. How your environment is configured determines the required version.

    • Your SMTP server must support TLS, and additional configuration may be required. For more information, see you vendor specific documentation.

  5. If required, type the credentials of an account that is authorized to send email through your server/mail relay in the SMTP Server Account Username and SMTP Server Account Password fields.

  6. Type the sender address in the Email messages are from field.

  7. Click OK.

NOTE: The Test button only confirms that the connection can be made to the SMTP server. To test that an email can be sent and received, open the Users page. Select a user, click Notify, and select the type of notification to send as a test.

You can configure a connection to an SMTP server over OAuth.

Prerequisites

Before you begin, make sure the follow prerequisites are met:

  • Exchange Online is enabled for SMTP AUTH.

  • You have a user account that can be used to send email. This is the account must be able to send email from the mailbox you specify.

  • You have registered an Entra ID application that let's Imprivata connect to Exchange Online over SMTP. Configuring the connection requires that you have its:

    • Client ID

    • Tenant ID

    • Client secret

  • You have registered the application's service principal in Exchange Online and granted the mailbox Send As permission.

Configure the Connection

To configure the connection:

  1. In the Imprivata Admin Console, open the gear icon menu, and click Settings.

  2. In the Email configuration section, click Modify.

  3. Select Exchange Mail Server with OAuth2.

  4. Enter the following required information:

    1. From Address: Enter the mailbox from which email notifications should be sent.

    2. Client ID: Enter the registered application’s client ID.

    3. Tenant ID: Enter the registered application's tenant ID.

    4. Username: Enter the user account that can send email from the mailbox you specified.

    5. Secret: Enter the registered application's client secret.

  5. Click Save.

Configuring User Messages

The following templates are available for sending messages to users. You can modify the templates as needed.

  • Installing the Imprivata AgentImprivata uses a standard message to notify new users that their Imprivata accounts are created. Click View/Edit to customize the text of the message.

  • Enrolling Security Questions — If you have the Self-Service Password Reset licensed feature, then Imprivata uses a standard message to notify users when they can enroll their identity verification questions for password self-service. When you assign users a user policy that allows self-service password reset, notify the affected users with the security questions enrollment message. Click View/Edit to customize the text of the message.