Microsoft Exchange#

Overview#

This feature allows you to manage Microsoft Exchange Online mailboxes and calendars from within VOSS Automate, including assigning access and calendar permissions to users and team members licensed for Microsoft Office.

Using automation, it is possible to model the end-state of a user’s mailbox configuration during their on-boarding or offboarding workflow. For example, it is possible to have the correct retention policy or archiving status set when a user’s mailbox is being on-boarded. Or automatically have email forwarding and automated replies set when the user’s mailbox is being offboarded.

Note

Any admin role (Provider, Customer, Site) can access and work with Microsoft Exchange mailboxes, provided that Microsoft is enabled at the hierarchy.

Related Topics

Microsoft Exchange Integration#

The diagram displays the workflow steps for integrating VOSS Automate with Microsoft Exchange:

@startuml 'Microsoft Exchange Integration Flowchart !include style.iuml start :[[../src/user/ms-shared-central-app-registration.html Configure shared central app registration]]; note right * Generate or import a certificate * Assign the Exchange role to the app registration end note :[[../src/user/microsoft/voss-msft-conn-params.html Configure Microsoft tenant]]; note right * Select the certificate * Enable Microsoft Exchange * Specify Microsoft Exchange admin domain for authentication end note :[[../src/user/best-practices/best-prac-ms-sync.html Sync]]; :[[../src/user/concepts-network-device-list.html Configure Network Device Lists (NDLs)]]; :[[../src/user/concepts-overbuild-msft-management.html Run Overbuild]]; :[[../src/user/concepts-overbuild-msft-management.html#manage-microsoft-exchange-mailboxes-in-voss-4-uc Manage MS Exchange Mailboxes]]; @enduml

The table describes the steps in the Microsoft Exchange integration workflow diagram:

Integrate Microsoft Exchange

Description

  1. Generate/import certificate in Automate, & enable Exchange

When adding the new Microsoft tenant and you’re using Microsoft Exchange, you must either generate a certificate or import an existing certificate and have Automate manage it. Automate pushes the certificate to the PowerShell proxy.

  1. Perform a sync

Once the Microsoft tenant is configured, perform a sync from the tenant configuration screen. This syncs in all Microsoft entities configured on the tenant, including Microsoft Exchange components.

  1. Configure NDLs

To prepare for the overbuild that will move synced in Microsoft entities to the sites (including Microsoft Exchange components), add the Microsoft Exchange authentication credentials to the network device lists (NDLs) for sites with subscribers requiring mailbox management in VOSS Automate.

  1. Run overbuild

Microsoft users must be included in the overbuild settings. An overbuild moves Microsoft Office 365 users to the sites, based on the model filter criteria defined in the overbuild settings. Microsoft 365 users includes users enabled for Microsoft Teams and Microsoft Exchange on the Microsoft Cloud portal.

  1. Manage mailboxes

Once you’ve set up VOSS Automate for integration with Microsoft Exchange Online, synced in mailboxes, and run the overbuild to move users and mailboxes to the sites, you can manage these mailboxes and calendars for users and users and teams from within VOSS Automate:

  • Assign access and calendar permissions for user mailboxes

  • Add, update, or delete shared mailboxes, including assigning or removing mailbox access and calendar permissions

  • Add or update the Owners field for Distribution Group mailboxes

Supported Microsoft Exchange Mailboxes in VOSS Automate#

Four types of Microsoft Exchange mailboxes are supported in VOSS Automate:

  • User mailboxes

  • Shared mailboxes

  • Room mailboxes

  • Distribution Groups

User mailboxes are created for individual Microsoft Office 365 users on the Microsoft Cloud portal, while shared mailboxes, room mailboxes, and distribution groups can be created on the Microsoft Office portal or in VOSS Automate.

Any changes made to the mailboxes and their associated calendars are synced between the Microsoft Cloud portal and VOSS Automate. This allows a VOSS Automate admin user to manage mailboxes from within VOSS Automate, and have these changes seamlessly update on the Microsoft Cloud.

The table describes the Microsoft Exchange mailboxes supported in VOSS Automate, and the ways in which you can work with these mailboxes:

Mailbox type

Description

User

User mailboxes are assigned to a single, licensed, Microsoft Office user. These mailboxes are created on Microsoft Exchange Online and synced in to VOSS Automate.

The ability to manage access permissions on user mailboxes and calendars is useful where you need to allow other users to view, send, or receive emails on behalf of the mailbox owner. For example, to grant access to an executive assistant, or to monitor the mailbox of a user who is unable to attend to their emails or calendar items while out of office.

Shared

Shared mailboxes can be created on Microsoft Exchange and synced in to VOSS Automate, or they can be added, updated, or deleted on VOSS Automate, and any changes are then synced back to the Microsoft Cloud portal.

Shared mailboxes are useful for groups of individual users or for teams. For example, a shared mailbox might be used for a support or sales team, with different members having the same or custom access and calender permissions on the shared mailbox.

The owner, or user principal, of a shared mailbox is a ‘dummy’, unlicensed user on the Microsoft Cloud, and does not add to the VOSS Automate subscriber count. The user principal name of a shared mailbox is auto-generated based on the display name you define.

Room

Room mailboxes can be created on Microsoft Exchange and synced in to VOSS Automate, or they can be added, updated, or deleted on VOSS Automate, and any changes are then synced back to the Microsoft Cloud portal.

Rooms are entities, typically an actual room at a physical location, that become a user for the purpose of creating the Microsoft Exchange mailbox. The entity name is the user principal name of the room mailbox.

Distribution Group

Distribution Groups can be created on Microsoft Exchange and synced to VOSS Automate, or they can be added, updated, or deleted on VOSS Automate, and any changes are then synced back to the Microsoft Cloud portal.

A distribution group is typically used to send emails to a group of recipients. You can add owners (one or more), for a distribution group in VOSS Automate, as well as modify owners.

Mailbox Access Permissions and Calendar Permissions#

Access permissions on Microsoft Exchange mailboxes define the ownership rights and mailbox access permissions of one or more users for the mailbox. When configuring access permissions on a mailbox, you select a user from a list of users at the same hierarchy level as the mailbox, and select their access role permissions, for example, Read and Manage, Send As or Send on Behalf.

Calendar permissions allow you to assign a combination of role access permissions, such as Owner, and individual permissions, such as Delete All Items, to one or more users, on the calendar associated with the mailbox.

You can assign or remove access permissions and calendar permissions on all mailbox types, for users that exist at the same site as the mailbox.

Manage Microsoft Exchange Mailboxes in VOSS Automate#

This procedure updates Microsoft Exchange user mailboxes, and adds, modifies, and deletes Microsoft Exchange shared mailboxes, room mailboxes, and distribution groups.

Note

You can only add or delete shared mailboxes, room mailboxes, and distribution groups in VOSS Automate. User mailboxes may be updated in VOSS Automate, but they can be added or deleted only on the Microsoft Cloud portal.

  1. Log in to the Automate Admin Portal.

  2. Go to (default menus) Microsoft Subscriber Management > Exchange

  3. Choose the menu for the relevant mailbox type, either User Mailboxes, Shared Mailboxes, Room Mailboxes, or Distribution Groups.

  4. View the summary list view of the mailbox type you selected.

    Note

    • The Located At column in the list view displays the hierarchy level of mailboxes. Some may be at the customer level, and some may have been moved to a site.

      Microsoft Exchange mailboxes are initially synced in at the customer level, and must be moved to the sites, either manually (via the list view or the mailbox management screens), or when running the overbuild.

    • Separate menu items are available for recipient types of mailboxes: User Mailboxes and Shared Mailboxes. If required when a user if off-boarded, the User Mailboxes entry can be converted to a Shared Mailboxes entry. Refer to the additional API operations available for the subscriber’s mailbox ArchiveStatus at Microsoft Subscribers.

  5. Do you want to

    • Move one or more mailboxes to a different level of the hierarchy? Select the relevant checkboxes, then click Move.

    • Export the data of one or more mailboxes? Select the relevant checkboxes, then click Export. Choose an export format, and click Export.

    • Delete one or more mailboxes (shared or room mailboxes, or distribution groups only)? Select the relevant checkboxes, then click Delete.

    • Add a new mailbox (shared or room mailboxes, or distribution groups only)?

      • Click the toolbar Plus icon.

      • Define a Display Name for the new mailbox. The Mail Name field automatically updates with an allowed string value of the Display Name (for example, no spaces).

      • Select a Mail Domain. The Primary Email Address using the specified domain is assigned to the new mailbox.

      • Save your changes. Go to step 6 to update mailbox permissions and settings.

    • View or update a mailbox?

      • Click in the relevant row to open the mailbox management screen.

      • Go to step 6 to update mailbox permissions and settings.

  6. Update mailbox settings:

    For all mailbox types

    You can:

    • Move the mailbox to another level in the hierarchy.

    • Update the mailbox display name.

    On the Delegation tab you can set permissions and calendar permissions. To do this, select a mailbox user and assign access rights.

    For user mailboxes

    • On the User mailbox tab you can modify the retention policy and the archive status.

    • On the Email forwarding tab you can choose an option for forwarding all emails to this mailbox. Options are: None, Internal, or External

      You can then add an internal or external email address, and choose whether to send email to this mailbox and forward to another mailbox (if you’ve chosen Internal or External).

    Configuration templates associated with the Quick Add Group allows you to set default values when adding or removing the subscriber. See the following settings in Quick Add Subscriber Groups:

    • MS Exchange Online User Mailbox Template

    • MS Exchange Online Convert Mailbox Template

    Available fields:

    • DisplayName: mailbox display name

    • Permissions

    • CalendarPermissions: users and their access rights can be managed.

    • ForwardingAddress: for the Internal forwarding mailbox address.

    • ForwardingSmtpAddress: for the External forwarding mailbox address.

    • DeliverToMailboxAndForward: additional setting for the Internal forwarding to deliver to both the user mailbox and the forwarding mailbox.

    • AutoReplyState: automatic replies are enabled or disabled.

    • InternalMessage: set internal autoreply message.

    • ExternalAudience: choose None, contact list, all senders

    • ExternalMessage: set external autoreply message.

    • RetentionPolicy: selected policy for mailboxes

    • ArchiveStatus - for enabling and disabling archiving (Automate contains API operations for mailbox conversion and archiving)

    • Custom attributes (1 to 15) - you can’t update these values in Automate; MS Exchange updates will reflect on the user display form.

    For shared mailboxes

    • The Email forwarding tab offers similar settings to the User mailbox, but applied to the shared mailbox.

    • The Automatic replies tab allows you to enable or disable this feature (scheduling not available yet), with options to specify reply messages and audience.

    For room mailboxes

    • Add or update the Location field to define the physical location of the room associated with this mailbox.

    • Add or update the Room Capacity field to define the number of people the room associated with this mailbox holds.

    For a distribution group

    You can:

    • Add or update owners

    • Add or update members (users with access permissions for sending emails as a selected user, or on behalf of a selected user).

    Note

    Delete is allowed only for shared mailboxes, room mailboxes, or distribution groups.

  7. Assign or remove permissions:

    • To assign access or calendar permissions to a user:

      • Click the Plus icon at either Permissions or Calendar Permissions (as applicable).

      • Select the user, and select the relevant permissions.

      • Repeat this step to assign permissions to additional users.

    • To remove access or calendar permissions from a user:

      • Either uncheck permissions assigned to the user, or remove the user entry from the relevant permissions field (Permissions or Calendar Permissions).

      • Repeat this step to remove permissions from additional users.

    Note

    Calendar permissions are only relevant for user, shared, and room mailboxes. For distribution groups, only mailbox access permissions are relevant.

    When deleting (removing) permissions, the Microsoft cloud portal may take a few minutes to process the update, which may cause a delay for the refreshed data to reflect in the Automate GUI.

  8. Save your changes.

Related Topics