StealthMail Officer Tool is an application that allows managing StealthMail users, in particular: changing user passwords, setting phone numbers for external user, setting limits on user’s devices and preview the latest user events.

To let your company’s administrators and security officers use it, first you should export secret keys binaries. They will be used by administrators and security officers during login process. Along with access keys will be exported service keys. These keys are used to additionally protect stored encrypted users and company data.

Please note: Please save all of them in your protected storage. If something happens with Azure vault you may re-upload them from your backup.

Get rights to export keys

In Azure portal go to the resource group which you created during StealthMail deployment.

Click on Resource groups list item, then in the appeared frame click on the StealthMail’s resource group.

Step-1

Scroll down the list to Key vault item and click on it. It should be named like StealthMail####### where # - is a random character or a digit.

Step-2

In the list find and click on the Access policies item.

Then in the appeared frame click + Add Access Policy button.

Step-3

In the opened frame fill the form this way:

In the field Configure from template - pick Secret Management;

In the field Secret permission - pick Get;

Click Select principal and select in the right frame a user account which will be used to export secret keys then click Select button.

The rest of the frame leave fields with the default values.

At the very bottom of the main form click Add button.

Step-4

You will be navigated to previous frame (Access Policies).

Click Save button.

Now you are ready to extract secret keys.

Step-5

Extracting keys

Get a powershell script to extract keys using one of the links below.

Get_SM_Keys_From_KeyVault.ps1 - for the latest Windows 10, Windows Server 2016/2019 versions.

Get_SM_Keys_From_KeyVault_AzureRMbased.ps1 - for early Windows operating systems.

Start PowerShell with Administrator permissions.

Then run script with the following command:

powershell -ExecutionPolicy ByPass -File Get_SM_Keys_From_KeyVault.ps1, where -File parameter should contain path to the powershell.

Step-6

When prompted enter destination path and KeyVault name StealthMail####### from the StealthMail resource group.

Step-7

It is possible that your system has not required modules and you will be asked to allow download them from Microsoft repositories.

Step-8

Use your account credentials that you provided as principal during access rights granting at the previous step. It is required to access StealthMail KeyVault and extract secret keys.

Step-9

As a result, you get admin and security officer secret access keys for officer tool:

- officer-tool-officer.bin

- officer-tool-admin.bin

These keys will be used in officer tool to login and manage StealthMail users.

And service keys pair:

- service-keys-manager-officer.bin

- service-keys-manager-admin.bin

These keys are used to additionally protect stored encrypted users and company data.

Please note: Please save all of them in your protected storage. If something happens with Azure vault you may re-upload them from your backup.

Now you are ready to download Officer tool and configure it for the first run.

Step-10

Starting Officer tool

Download Officer tool application .

Open officer_api.set with any text editor

Step-11

You need set officer_api_webProxyIp with an IP address of the VM where StealthMail is deployed.

Step-12

To get VM IP address go back to StealthMail resource group and scroll to SM-Service VM list item then click on it.

Step-13

Copy Public IP address from the Overview information and paste it to recently opened officer_api.set.

Save changes and close the file.

Step-14

Run officer_tool.exe

To log in - pick a folder where you saved extracted access keys.

Enter Administrator or Security officer credentials (were created during StealthMail deployment).

Click Login button.

Step-15

Congratulations! You logged in to the StealthMail management tool.

To know more about tool’s abilities please refer to the user manual .

Step-16
Info

Мы используем файлы cookie, чтобы улучшить Ваше взаимодействие с сайтом.