Microsoft Exchange on-premises – Configurations

enaio® mail-archive-service 12.0 »

Specific configurations of Microsoft Exchange on-premises are required for the collaboration of enaio® mail-archive-service and Microsoft Exchange on-premises.

  • EWS API: Exchange Web Services API must be enabled for Microsoft Exchange on-premises. This is typically the default setting.

  • Configuration of mailbox access: An impersonation user and a dedicated security group must be defined in Active Directory. All mailboxes designated for processing should be added as members.

  • SMTP journaling: For SMTP-based journaling, appropriate journaling rules and a send connector must be configured on the Exchange server.

Mailbox Access

In order to access local mailboxes, a connection to Microsoft Exchange on-premises via Exchange Web Services (EWS) must be established for the configuration. The configuration parameters include the EWS endpoint URI and the login data of an impersonation user.

  • In the Active Directory, navigate to Administration > Technical users and create a new technical user with a mailbox.

  • Create an Active Directory group that contains all mailboxes that are intended for journaling or archiving.

  • Use the following PowerShell command to grant impersonation rights to the previously created technical account:
    New-ManagementRoleAssignment -Name "ImpersonationRole" -Role ApplicationImpersonation -User "YourImpersonationUser"

    This step is necessary for accessing mailboxes via the EWS. Detailed information can be found at Microsoft.

  • You can find the EWS URI in the Exchange Admin Center under: Servers > servername > EWS.

SMTP Journaling

E-mails can be forwarded from Microsoft Exchange on-premises to the 'mas-smtp' service as SMTP recipients.

To do so, journal rules must be configured and a send connector set up.

  • Journal rules: In the Exchange Admin Center, navigate to Compliance Management > Journal rules.

  • Create a new journal rule: Enter an address as the recipient to which the journal reports are sent and specify the scope as required.

  • Send connector: Create a send connector in the Exchange Admin Center. To do so, use the domain part of the journaling address of the journal rule as the address space for the send connector.