Support for Office 365
- Added a new page Azure AD Connector to Configuration Console
- Enhanced Active Directory Connector (ADC) to synchronize users, groups, and mailboxes from Office 365
- Enhanced Active Directory Connector (ADC) to grant/remove full-access permission to/from exported Office 365 mailboxes for Office 365
proxy credentials automatically
- Enhanced Exchange Store Manager (ESM) to archive messages from Office 365. All the existing message policies are supported.
Outlook versions supported
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Prerequisites for servers running the Exchange Store Manager service (Archive Manager versions 5.6 and above):
- supported Exchange versions
- MAPI Support for Exchange 2016 (Archive Manager 5.6 also MAPI support for Exchange 2019):
Microsoft Outlook 2013 SP1 (32-bit, requires KB 3114941 and KB 4022169)
Microsoft Outlook 2013 (32-bit)
- MAPI Support for Exchange 2013 or 2010:
Microsoft Outlook 2013 SP1 (32-bit, requires KB 3114941 and KB 4022169)
Microsoft Outlook 2013 (32-bit)
Microsoft Exchange Server MAPI/CDO 1.2.1: 6.5.8320.0
IMPORTANT: The update KB 3114816 for Office and later versions (except KB 3114941 and KB 4022169) must NOT be installed for Outlook 2013 SP1 because they may crash the ESM service due to a bug from Microsoft.
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Stubbed message reconstruction using the Outlook Form requires the following:
- Microsoft Office 365 ProPlus, or
- Microsoft Outlook 2019 (Archive Manager 5.6 or later), or
- Microsoft Outlook 2016, 64-bit or 32-bit, running on Windows 10, 8.1, 8, or 7 SP1, or
- Microsoft Outlook 2013, 64-bit or 32-bit, running on Windows 10, 8.1, 8, or 7 SP1, or
- Microsoft Outlook 2010, 64-bit or 32-bit, running on Windows 10, 8.1, 8, or 7 SP1, or Vista SP1
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
The Offline Client requires the following:
- Microsoft Office 365 ProPlus, or
- Microsoft Outlook 2019 (Archive Manager 5.6 or later), or
- Microsoft Outlook 2016, 64-bit or 32-bit, running on Windows 10, 8.1, 8, or 7 SP1, or
- Microsoft Outlook 2013, 64-bit or 32-bit, running on Windows 10, 8.1, 8, or 7 SP1, or
- Microsoft Outlook 2010, 64-bit or 32-bit, running on Windows 10, 8.1, 8, or 7 SP1, or Vista SP1
- and -
- Windows Installer 3.1 or later (only for installation)
- Microsoft .Net Framework 4.5.2 and 3.5 SP1
- Microsoft SQL Server Compact 4.0
- Visual Studio 2010 Tools for Office Runtime
- MSXML 6.0 SP1
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------The Search Exporter requires the following:
- Microsoft Office 365 ProPlus, 32-bit, or
- Microsoft Outlook 2019, 32-bit, (Archive Manager 5.6 only), or
- Microsoft Outlook 2016, 32-bit, running on Windows 10, 8.1, 8, or 7 SP1, or
- Microsoft Outlook 2013, 32-bit, running on Windows 10, 8.1, 8, or 7 SP1, or
- Microsoft Outlook 2010, 32-bit, running on Windows 10, 8.1, 8, or 7 SP1, or Vista SP1,
- and -
- Windows Installer 3.1 or later (only for installation)
- Microsoft .Net Framework 4.5.2 and 3.5 SP1
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Technical Details
Active Directory Connector and Website Login
- Azure AD module Powershell scripts:
Connect-AzureAD validate Office 365 credential, login to Tenant
Get-AzureADTenantDetail
Get-AzureADDomain
Get-AzureADUser
Get-AzureADGroup
Get-AzureADGroupMember
Disconnect-AzureAD
Active Directory Connector
- Exchange Online Powershell scripts:
Get-Mailbox
Get-MailboxPermission
Add-MailboxPermission Grant proxy credential full-access permission to exported mailboxes
Remove-MailboxPermission Remove proxy credential full-access permission from exported mailboxes
Exchange Store Manager
- MAPI Over HTTP
Exchange Store Manager connects Office 365 mailboxes by using Outlook 2013 SP1 through MAPI Over HTTP protocol.
- Office 365 Proxy Credentials
MAPI Over HTTP protocol requires delegators with full-access permissions to access the exported mailboxes.
Mailbox database and mail server in Office 365 are dynamic, we must assign delegator permissions to the mailboxes one by one.
Things to Remember
Active Directory Connector
- Credentials configured in the Azure AD Connector page must have Exchange Online licenses and be members of "Recipient Management" group. We strongly recommend customers not to use the credentials for other purposes as of the limitations from Office 365 throttling policy.
- Hybrid environment customer must configure On-Premises Active Directory for Hybrid in Azure AD Connector page.
- The configuration setting "Max Enable Store Manager MailBox Count Per O365 MailServer" must be configured before Active Directory Connector starts to sync the Office 365 mailboxes.
- Active Directory Connector for Office 365 cannot get the deleted objects yet. So a deleted Office 365 user / mailbox cannot be updated.
Exchange Store Manager
- Proxy credentials for Office 365 mailboxes must be assigned with Exchange Online licenses.
- To support Office 365 mailboxes, MAPI over HTTP cannot be disabled in client side.
- We strongly suggest customers not to upgrade the Office in Archive Manager server as there is an Outlook bug in later versions.
- The setting"Autodiscover Prefer MAPI Over Http" must be configured if the Exchange Store Manager service needs to run in on-premises environment. Full-Access permission must be granted to the service account (Archivemgr_ESM by default)
Diagnostics & Troubleshooting
Active Directory Connector
- Make sure your environment meets the requirements:
Powershell must be 3.0 or later versions
The type initializer for 'System.Management.Automation.Runspaces.InitielSession.State' threw an exception
AzureAD module must be installed by Administrator or service (Web Application Pool identity)
The term 'Connect-AzureAD' will not recognized as the name of cmdlet, function and script file
The PowerShell ExecutionPolicy must be RemoteSigned at least.
Files cannot be loaded because running scripts are disabled on the system. Provide a valid certificate with which to sign the files
Active Directory Connector
- Execute the Cmdlet manually
Customer can open the 'VERBOSE' log in Active Directory Connector service, then copy the cmdlet from ADC log to PowerShell command prompt and execute the cmdlet manually.
- Wait some time and rerun
The PowerShell is not stable enough, even we make much effort in code. Also, Office 365 has it's own throttling policy. So sometimes the only solution is to just wait.
Exchange Store Manager
- Autodiscover
Check the auto-discover URL cache value under the registry key: HKCU\Software\Quest\Archive Manager\Autodiscover Url.
The URL's for Office 365 are:
https://autodiscover-s.outlook.com/autodiscover/autodiscover.xml
https://autodiscover-s.partner.outlook.com/autodiscover/autodiscover.xml
- Exchange Store Manager
Query table MailServerProxyCredential
Query table MailBoxProxyCredential, FailedMailBoxProxyCredential
Demo
Active Directory Connector
- Configure Azure AD Connector page in Configuration Console
Configure an Office 365 tenant
Configure On-Premises Active Directory for Hybrid
Note option 'Directory Connector Scan O365 Mailbox From On Premises' available
Adding Azure AD Connector:
Configure Azure Active Directory, enter credentials to access Tenant:
Advanced Configuration – usually choose here ‘Office 365 Worldwide’ and select either from Users, Mailboxes, Groups
Pressing ‘Next’ will validate if successful
When Hybrid Configuration is used, enter here NetBIOS Name, Server Address and Credentials if needed
Hybrid Configuration, once successful entered
Summary – note option to ‘Archive from on-premises…’ available, if needed
Website
- Log in with Office 365 credential
- Configure the Tenants & Proxy Credentials page
- Assign proxy credentials to mail servers and watch out the status
Tenant Administration, Proxy Credential Administration, Mail Server Administration with Proxy Credentials assigned:
- Tenant Administration and Proxy Credential Administration -
- Mail Server Administration with Proxy Credentials assigned -
© ALL RIGHTS RESERVED. Feedback 利用規約 プライバシー Cookie Preference Center