Chat now with support
Chat with Support

Metalogix Archive Manager for Exchange 8.1.1 - OWA Guide

Archived emails

In case the selected message is already archived, the Preview, Search and Restore buttons are displayed under Metalogix Archive Manager app section (see the screenshot below).

n-OWA3

The archived email can look basically the same as non-archived email: in the OWA preview user can usually see all attachments, email body and other information. However, it can be customized in Archive Manager Enterprise Manager / Manager view / Settings tab / Shortcut templates.

The Restore button in the Metalogix Archive Manager section restores the email with all its attachments back to mailbox.

The Preview button opens the archived email in a new dialog – Metalogix preview – offering all standard email features as reply, reply all, forward and open attachments.

The Search button opens search dialog allowing searching in archived emails as described in the next section.

 

Reply, Reply All and Forward buttons in the standard OWA message preview are still visible, but through them user can only reply, reply all and forward the archived shortcut. The addressee outside the sender’s domain will not be able to open such email.

These functions - reply, reply all and forward - are available from the Metalogix Preview. Also attachments should be opened from the Metalogix Preview (see the next screenshot).

o-OWA4

Fulltext search

To use full-text search, click the Search button. Full-text search is used for searching through archived emails, attachments and OCR search (this technology has some limitations, e.g. too small text may not be correctly recognized). Full-text search works for any email that has been archived even if it was subsequently restored.

m-OWA21

 

IMPORTANT NOTE: To use this full-text search, our Archive Manager Search must be installed and configured. For detailed information see the “Archive Manager Search” guide.

In the pop-up window enter the keyword which is subsequently looked for in the:

subject

bodytext

attachments

 

The entered words can be used in combination with the logical operators AND, OR. The operator AND is not mandatory. If no logical operator is included, the full-text search query engine searches for documents containing all the given words.

Search allows also utilizing advanced search features in search text-box. The following operators can be used:

from:

to:

subject:

received:

More items have to be divided by a semicolon (e.g. from: peter; david)

 

NOTE: Except in operators mentioned above, colon (:) cannot be used in search terms.

NOTE: Full-text search is not case sensitive. The same applies to logical operators: AND, OR.

 

OWA Search supports also other operators: NOT, “+” and “-“ etc. Single and multiple character wildcard searches are supported as well:

Character

Description

Example

?

single character wildcard; replaces any single character

te?t matches text, test etc.

 

*

multiple character wildcard; replaces 0 or more characters

 

test* matches test, tests, tester etc.

NOT

excludes documents that contain the term after NOT. This is equivalent to a difference using sets.

Note: The NOT operator cannot be used with just one term. For example, the following search will return no results: NOT "test server".

"test data" NOT "test server"

searches for documents that contain "test data" but not "test server"

-

same as NOT

"test data" -"test server"

searches for documents that contain "test data" but not "test server"

+

includes documents that contain the term after the "+" symbol; basically the same function as AND operator

"test data" +"test server"

searches for documents that contain "test data" and also "test server"

NOTE: The above mentioned wildcard specification characters, i.e. ? or * etc., cannot occur as first 2 characters of the search phrase.

 

The result of the search is then displayed in the Search result grid (see screenshot below). You can preview a message by simply selecting it. Message is then displayed in a preview pane just below the grid. User can further handle the previewed message by clicking the More Actions button on the right bottom below the list. The following actions are available on the previewed message:

Download as MSG file – downloads the email in specified format

Download as EML file – download the email in specified format

Restore - restores the selected email

Restore to... - restores the selected email to a desired location

Reply – opens Reply dialog

Reply All – opens Reply all dialog

Forward – opens Forward dialog

Print – email can be printed

 

When selecting more than one item in Search result grid, a multi-item operation context menu appears with the following actions:

Export to ZIP – allows export

Restore – restores the selected emails

Restore to... – restores the selected emails to a desired location

 

NOTE: Actions Restore and Restore to... are available depending on the user permissions as configured in the Archive Manager console in Manager view / Settings / Outlook Addin permissions.

OWA5

Troubleshooting

 

OWA with Forefront Threat Management Gateway 2010 (TMG) server

Issue: Forefront Threat Management Gateway 2010 (TMG) server (in previous versions known as ISA server) in the environment may cause OWA application not to load.

Solution: Two paths have to be added under OWA Properties/Paths in the TMG settings:

·exchangePamOWANetWeb

·exchangePamOWANetMvc

OWA6

Office 365 configuration

Archive Manager requires specific connection configuration details to import your o365 users. This section will guide you through the steps to be completed in your o365 in order to collect the necessary data:

Organization Name in Office 365 – your organization in Office 365

Client ID – get this ID by following the process described below

Client Secret (or Key) – get this key by following the process described below

Autodiscovery Url – to get this URL, go to https://testconnectivity.microsoft.com/, select the Outlook Autodiscover option; click Next and perform the test with your details; As a result you should get the URL

Username & Password – the respective user must be Office 365 administrator

VERY IMPORTANT: In case of Office 365, run the EM with the super-user under which Archive Manager has been installed (i.e. the user under which MAM services run).

NOTE: This sample will not work with a Microsoft account, so if you signed in to the Azure portal with a Microsoft account and have never created a user account in your directory before, you need to do that now. If you create an account and want to use it to sign-in to the Azure portal, don't forget to add the user account as a co-administrator of your Azure subscription.

1.Sign in to the Azure Management Portal.

2.Click on Active Directory in the left hand nav.
Snap 01-a-o365

3.Click on the App registrations.
Snap 02-a-o365

4.Click on New application registration.

Snap 03-a-o365

 

5.Enter friendly name for the application (e.g. Archive Manager).

6.Select Web app / API as application type.

7.For the Sign-on URL, enter the base URL, which is by default

 https://localhost:44322/WebAppGraphAPI

 

 
Snap 04-a-o365

 

8.Click on Create button.

9.Find your application in the list and click on it.

10.In the Settings tab click on Keys and generate a secret key.

 
Snap 05-a-o365

                 Snap 06-a-o365

11. Copy and save the key value. You won’t be able to retrieve after you leave this blade.

Snap 07-a-o365

12.Click on Properties and define App ID URI.

For the App ID URI enter https://<your_tenant_name>/WebAppGraphAPI , replacing <your_tenant_name> with the domain name of your Azure AD tenant.
(e.g. https://metalogix.com/WebAppGraphAPI).

 

Snap 08-a-o365

 

13.Copy and save the Application ID value.

14.Click on Reply URLs and define Reply URL. This URLs are used to return the authorization code returned during Authorization code flow.
 
Note:  Both URLs (https://localhost:44322/WebAppGraphAPI & http://localhost:44322/Response ) are needed.

 

Snap 09-a-o365

 

15.Click on Required permissions.

 

Snap10-a-o365

16.Click on Windows Azure Active Directory.

 

Snap11-a-o365

 

17.Configure and Save permissions according the screenshots below.

 

Snap12-a-o365

 

Snap13-a-o365

 

18.Click on Grant permissions.

 

 

 Snap14-a-o365

 

 

 

Advanced Authentication

Archive Manager for Exchange supports also access to Azure AD in case when user account name and password are needed (advanced authentication) for retrieval of user accounts and groups in Azure AD. Advanced authentication is normally not required and must be configured on both Azure AD and Archive Manager for Exchange.

Advanced authentication is implemented in Archive Manager in two components:

 

1.Back-end is in MAM Exchange Direct Archive Error Monitoring service which contains a web application waiting for responses on location specified in registry key. It needs to match reply URL in Azure AD web application and it needs to end with character /. The URL from example above is then: http://localhost:44322/

 

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Metalogix\exchangePAM

 

Value name:

OwinAuthWebAppLocation

Value data:

http://localhost:44322/
(The first part of REPLY URL from Azure AD, the slash at the end is needed)

Value type:

string

 

2.Front-end is located in Enterprise Manager which authenticates a user on Azure AD server and waits for security token which is send from Azure AD server to Archive Manager back-end.

Tips & Tricks:  If there is a problem with retrieval of security token it is recommended to restart Enterprise Manager. Also check the registry keys.

 

 

Configuration in Office365 Exchange Admin Center

It is necessary to assign Full Access permissions on behalf of Archive Manager User against all recipients you plan to archive.

 

This can be done in Exchange Admin Center or with Azure PowerShell.

 

1.Exchange Admin Center

a.Go to https://outlook.office365.com/ecp/

b.Click on Recipients > Mailboxes

c.Select Mailbox > Edit User Mailbox > Mailbox delegation > Full Access

d.Delegate Full Access permissions on behalf of Archive Manager User against all recipients you plan to archive.

 

Snap15-a-o365

2.Azure PowerShell

Set full access for all members of a distribution group to Archive Manager user:

 

Get-DistributionGroupMember <%NameOfDistributionGroup%> | Get-Mailbox |
Add-MailboxPermission –User <%SuMailAddress%> -AccessRights FullAccess  -InheritanceType all

 

 

Authentication with native application

1.Sign in to the Azure management portal.

2.Click on Azure Active Directory in the left hand nav.

3.Click on App registrations.

4.Click on New application registration.

z1-o365

 

5.Enter friendly name for the application.

6.Select Native as application type.

z2-o365

 

7.Redirect URI of the Native Application must be added to registry: create registry key “NativeAppRedirectUri” in path HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Metalogix\exchangePAM. The value of this key must be the Redirect URI defined in the Native Application.

8.Properties of newly created application contains the Application ID, and under Keys tab you can generate the Client secret (Key).  These values are needed in Server Wizard in Archive Manager.  If Keys tab is not available in Azure AD, then you can leave empty the Client Secret field.

z3-o365

 

9.In owners tab add new owner (super-user) for the Application.

z4-o365

 

10.In Required permissions tab grant Windows Azure Active Directory permissions for the application.

z5-o365

 

11.When permissions are selected, do not forget to push Grant Permissions button.

z6-o365

Related Documents