Operations such as MS Exchange synchronization, import and message stubbing require full read access to all mailboxes residing in Microsoft Exchange. To accomplish this, it is necessary to create an account in Microsoft Exchange with read rights across all mailboxes.
The steps for configuring Exchange Impersonation are dependent on the particular version of Exchange used:
Microsoft Exchange 2003
Архива integrates with Microsoft Exchange 2003 using its WebDav API. It is thus necessary to ensure that WebDav is installed and configured as described in the below steps.
- Install and Enable WebDav IIS Component
From Add Remove Programs in the Control Panel, click Server -> Internet Information Services -> World Wide Web Service -> WebDAV Publishing, and ensure that WebDav Publishing is installed.
Once the Web Dav component is installed, ensure that it is allowed in the IIS Manager.
2. Grant A User Full Mailbox Rights
Архива requires an account with sufficient privileges to read from all mailboxes in Microsoft Exchange.
a) Create a new mailbox called “journal” in Microsoft Exchange or use an existing one that does not already have any Admin privileges assigned.
b) On the server running Microsoft Exchange 2003, Start 'Exchange System Manager'.
c) Open the server object within the appropriate Administrative Group. Expand the server object. Expand the appropriate 'Storage Group'. Locate the required mailbox store, right-click and choose the 'Properties' option.
d) On the 'Properties' window click the 'Security' tab.
e) Click 'Add' and then click on the Active Directory service account click 'OK'.
f) Ensure that the ‘journal’ account is selected in the 'Name' box.
g) On the 'Permissions' list, click 'Allow' next to 'Full Control' and then click 'OK'.
h) Click 'Ok' to finish
Microsoft Exchange 2007
Integration with Microsoft Exchange 2007 occurs by way of Exchange’s inbuilt web services API. This API is enabled and accessible by default. However, to perform a successful import, one needs to use an account with sufficient privileges to access all mailboxes.
To do this:
- Login to Exchange 2007 server as Administrator
- Either create a new mailbox called ‘journal’ in Microsoft Exchange or use an existing one that does not already have any Admin privileges assigned.
- Run the Exchange Management Shell
- Type the following into the Exchange Management shell:
Get-ClientAccessServer | Add-AdPermission -User journal -ExtendedRights ms-Exch-EPI-ImpersonationGet-MailboxDatabase | Add-AdPermission -User journal -ExtendedRights ms-Exch-EPI-May-Impersonate |
To prevent Microsoft Exchange from throttling Архива requests:
New-ThrottlingPolicy -Name mailmigration -EWSFindCountLimit $null -EWSFastSearchTimeoutInSeconds $null -EWSMaxConcurrency $null -EWSMaxSubscriptions $null -EWSPercentTimeInAD $null -EWSPercentTimeInCAS $null -EWSPercentTimeInMailboxRPC $null$b = Get-ThrottlingPolicy mailmigration;Set-Mailbox -Identity journal -ThrottlingPolicy $b; |
Microsoft Exchange 2010
To ensure that the Client Access Role is assigned to the Microsoft Exchange server:
- Click Start, click Control Panel, click Programs, and then click Programs and Features.
- Click Microsoft Exchange Server 2010, and then click Change.
- On the User Account Control page, click Continue.
- In the Exchange Maintenance Mode dialog box, click Next.
- In Server Role Selection, if the Client Access Role check box is shaded or selected, the role is installed. Otherwise, it is not installed.
- Click Cancel to close the wizard
To create the impersonation account:
- Login to Exchange 2010 server as Administrator
- Create a new mailbox called ‘journal’ in Microsoft Exchange or use an existing one that does not already have any Admin privileges assigned.
- Open the Exchange Management Shell
- Run the New-ManagementRoleAssignment cmdlet
To enable the ‘journal’ account to access all mailboxes, enter the following command:
New-ManagementRoleAssignment -Name:MailArchivaImpersonation -Role:ApplicationImpersonation -User:journal |
To prevent Microsoft Exchange from throttling Архива requests:
New-ThrottlingPolicy -Name mailmigration -EWSFindCountLimit $null -EWSFastSearchTimeoutInSeconds $null -EWSMaxConcurrency $null -EWSMaxSubscriptions $null -EWSPercentTimeInAD $null -EWSPercentTimeInCAS $null -EWSPercentTimeInMailboxRPC $null$b = Get-ThrottlingPolicy mailmigration;Set-ThrottlingPolicyAssociation -Identity journal -ThrottlingPolicy $b; |
Microsoft Exchange 2013
MailArchiva integrates with Microsoft Exchange 2013 via the web services API.
- Login to Exchange 2013 Control Panel as Administrator
- Create a new mailbox called ‘journal’ in Microsoft Exchange or use an existing one that does not already have any Admin privileges assigned.
- Open the Exchange Management Shell
- Run the New-ManagementRoleAssignment cmdlet
To enable the ‘journal’ account to access all mailboxes, enter the following command:
New-ManagementRoleAssignment -Name:MailArchivaImpersonation -Role:ApplicationImpersonation -User:journal |
To prevent Microsoft Exchange from throttling Архива requests:
New-ThrottlingPolicy -Name mailarchiva -RCAMaxConcurrency $null -EWSMaxConcurrency $null -EWSMaxSubscriptions $null -EwsCutoffBalance $null -EwsMaxBurst $null -EwsRechargeRate $null -CPAMaxConcurrency $null$b = Get-ThrottlingPolicy mailarchiva;Set-Mailbox -Identity journal -ThrottlingPolicy $b; |