Following an upgrade to Kerio Connect version 10.0.2 or later, you may have noticed in the Security logs the presence of an unfamiliar .CloudAdmin account and you seek clarification in regards to it.
As indicated in the Kerio Connect 10.0.2 Release Notes, this version (along with subsequent ones) implement GFI AppManager support. The .Cloudadmin account is special local account that is used by the Kerio appliance to facilitate the communication with GFI AppManager.
If you do not wish to use GFI AppManager in your appliance, you can proceed with Disabling GFIAgent on Kerio Connect Server.
However, please note that if you already use MyKerio for managing your applications, you will need to proceed with Transitioning from MyKerio to GFI AppManager.
Is the .Cloudadmin account a valid one?
Yes, it is an integral part of Kerio Connect starting with the release of version 10.0.2.
What is the purpose of the .Cloudadmin account?
This is a special local account that is used in the integration with the new GFI AppManager service.
- Why can I not find this account listed in my user list?
The Kerio Connect user list only shows the users that are counting towards the license count or the manually created users that are disabled. Since this account is a special internal one (similar to the Kerio built-in admin account), you will not be able to see it in the user list to manage it.
Why am I seeing this account referenced in the Security logs with failed logins?
While generally not a concern, a big number of references towards the .Cloudadmin account in the Security logs may indicate a connectivity problem with the GFI AppManager service. If that is your case, please note that this issue is already under investigation by development.
Keeping this point hidden while dev investigation is ongoing. Please refer to: https://workstation-df.atlassian.net/browse/APPMANAGER-1571