From ef0784c877569d0c78899b4d315e96536b09828a Mon Sep 17 00:00:00 2001 From: Ken Schaefer Date: Thu, 30 Apr 2026 15:13:50 -0500 Subject: [PATCH] updated documentation --- .../Admin_Guide.md | 0 .../Implementation Runbook.md | 239 +++++++++++++++++- .../Client Provisioning Workflow.md | 0 ...oyee - Contractor Provisioning Workflow.md | 0 Training Guides/How to use Fastmail email.md | 0 .../How to use Nextcloud webapp.md | 0 6 files changed, 238 insertions(+), 1 deletion(-) rename Admin_Guide.md => Infrastructure/Admin_Guide.md (100%) rename Implementation Runbook.md => Infrastructure/Implementation Runbook.md (78%) create mode 100644 Provisioning Instructions/Client Provisioning Workflow.md create mode 100644 Provisioning Instructions/Employee - Contractor Provisioning Workflow.md create mode 100644 Training Guides/How to use Fastmail email.md create mode 100644 Training Guides/How to use Nextcloud webapp.md diff --git a/Admin_Guide.md b/Infrastructure/Admin_Guide.md similarity index 100% rename from Admin_Guide.md rename to Infrastructure/Admin_Guide.md diff --git a/Implementation Runbook.md b/Infrastructure/Implementation Runbook.md similarity index 78% rename from Implementation Runbook.md rename to Infrastructure/Implementation Runbook.md index fc1cdf9..983bc66 100644 --- a/Implementation Runbook.md +++ b/Infrastructure/Implementation Runbook.md @@ -1036,4 +1036,241 @@ Up to 24 hours - [✔] DNS resolves correctly - [✔] Email received externally - [✔] Email sent externally -- [✔] Deliverability validated \ No newline at end of file +- [✔] Deliverability validated + +### 3.18 Create Email Accounts + +**Objective** + +Provision internal user mailboxes in Fastmail so that: + +- Each employee has a company email (user@company.com) +- Accounts align with Nextcloud users (identity consistency) +- System ready for communication + notifications + +**Architectural Context** + +User identity is now split across: +- Fastmail → Email identity (user@company.com) +- Nextcloud → Application access (files, shares) + +**Step 1 - Define User List** + +Before creating accounts, confirm: +| Name | Email Address | +|-------|-----| +| John Smith | jsmith@company.com | +| Jane Doe | jdoe@company.com | +| Operations | ops@company.com | + +Best Practices +- Use simple, consistent naming (first initial + last name) +- Avoid special characters +- Reserve generic aliases (admin, info, support) + +**Step 2 - Access User Management** + +In Fastmail: +``` +Settings → Users → Add User +``` + +**Step 3 - Create Individual User Accounts + +3.1 Enter user details + +For each user: +``` +Username: jsmith +Email: jsmith@company.com +Full Name: John Smith +Password: (temporary strong password) +``` + +3.2 Set password policy +- Use strong temporary password +- Require user to change on first login (recommended) + +3.3 Save user +Repeat for all internal users. + +**Step 4 - Assign Roles & Permissions** + +Default (Recommended for Pilot) +- Standard User (no admin privileges) + +Admin Accounts + +Only assign admin rights to: +- System owner +- IT/consultant (if required) + +**Step 5 - Create Aliases (Optional but Recommended)** +Common aliases +``` +admin@company.com +info@company.com +support@company.com +``` + +How to create + +In Fastmail: +``` +Settings → Domains → company.com → Aliases +``` +Example +support@company.com → jsmith@company.com + +**Step 6 - Validate Each Account** +6.1 Login test +``` +https://app.fastmail.com +``` + +6.2 Send test email +- Send to another internal user +- Send to external address (e.g., Gmail) + +6.3 Receive test email +- Receive from external sender +- Confirm inbox delivery + +**Step 7 - Distribute Credentials** + +For each user, provide: +- Email address +- Temporary password +- Login URL: https://app.fastmail.com +- Instructions to change password + +**Validation Checklist** +- [✔] All internal users created +- [✔] Email addresses correct +- [✔] Login verified for each user +- [✔] Send/receive tested +- [✔] Aliases created (if needed) +- [✔] Credentials distributed securely +- [✔] Usernames aligned with Nextcloud + +### 3.19 Create Nextcloud Users + +Objective + +Provision user accounts in Nextcloud aligned with your email identities so that: + +✔ Each internal user has access to the platform +✔ Identity is consistent across email and Nextcloud +✔ Permissions can be assigned cleanly in later steps +Architectural Context + +You now have: + +Fastmail → user@company.com (email identity) +Nextcloud → username (application identity) + +For this pilot: + +✔ Keep usernames identical (jsmith ↔ jsmith@company.com) +Prerequisites +[✔] Nextcloud deployed and accessible (Task 3.15) +[✔] HTTPS working: https://drive.company.com +[✔] Admin account available +[✔] Email accounts created (Task 3.18) +🌐 Step 1 — Log into Nextcloud as Admin + +Open: + +https://drive.company.com + +Login: + +Username: admin +Password: (from .env) +⚙️ Step 2 — Navigate to User Management + +In Nextcloud UI: + +Top-right avatar → Users +➕ Step 3 — Create Users +3.1 Enter user details + +For each user: + +Username: jsmith +Display Name: John Smith +Email: jsmith@company.com +Password: (temporary strong password) +3.2 Assign groups (recommended) + +Create group: + +internal + +Assign all internal users to this group. + +3.3 Save user + +Repeat for all internal users. + +🔐 Step 4 — Set Password Policy +Recommended +✔ Strong temporary passwords +✔ Users change password on first login +🧪 Step 5 — Validate User Access +5.1 Login test (per user) + +Open new browser/private window: + +https://drive.company.com + +Login as user: + +✔ Successful login +✔ Dashboard loads +5.2 Basic file test + +As user: + +✔ Upload file +✔ Create folder +✔ Delete file +🔄 Step 6 — Verify Admin Visibility + +Return to admin account: + +✔ All users listed +✔ Group assignments correct +✔ No duplicate usernames +📧 Step 7 — (Optional) Configure Email Field + +Ensure each user has email set: + +jsmith → jsmith@company.com +Why this matters +✔ Enables sharing notifications +✔ Required for password reset +✔ Supports future SMTP integration +🧠 Step 8 — Naming Consistency Check + +Ensure alignment: + +Email: jsmith@company.com +Nextcloud: jsmith +Avoid +✖ john.smith in one system and jsmith in another +🔒 Step 9 — Security Considerations +Enforce +✔ Unique user accounts (no sharing) +✔ Strong passwords +✔ Minimal admin users +Optional (future) +✔ Enable 2FA in Nextcloud +✔ Integrate SSO (future phase) +✅ Validation Checklist +[✔] All users created in Nextcloud +[✔] Usernames match email identities +[✔] Users can log in successfully +[✔] File operations work for each user +[✔] Groups assigned correctly +[✔] Emails populated in profiles \ No newline at end of file diff --git a/Provisioning Instructions/Client Provisioning Workflow.md b/Provisioning Instructions/Client Provisioning Workflow.md new file mode 100644 index 0000000..e69de29 diff --git a/Provisioning Instructions/Employee - Contractor Provisioning Workflow.md b/Provisioning Instructions/Employee - Contractor Provisioning Workflow.md new file mode 100644 index 0000000..e69de29 diff --git a/Training Guides/How to use Fastmail email.md b/Training Guides/How to use Fastmail email.md new file mode 100644 index 0000000..e69de29 diff --git a/Training Guides/How to use Nextcloud webapp.md b/Training Guides/How to use Nextcloud webapp.md new file mode 100644 index 0000000..e69de29