07b. Synctool Exchange sources

Introduction

Exchange sources are commonly used to create Zivver functional accounts based on Exchange shared mailboxes.

The synchronization is executed in one way: from Exchange to Zivver, not the other way around. You can determine which shared mailboxes are synchronized from Exchange to Zivver with filters. Filters can currently only be email addresses.

It is not possible to create Zivver user accounts for Exchange user mailboxes. Please see configure LDAP sources to learn how to synchronize Exchange user accounts to Zivver.

Source details

  1. Enter a Source name.
    For example “Microsoft Exchange Online” or “Microsoft Exchange on-premise 2019”.
  2. Enter a Source description.
    For example the name of administrator who configured this Exchange source.

Connection

These settings allow the Synctool to connect to your Exchange server.

Check the Synctool prerequisites to find out what is needed, to connect to your Exchange server.

Exchange type
Choose the Exchange type you want to use as a source to synchronise functional accounts to Zivver.

Set up a connection to Exchange Online manually

Select Exchange Online with MFA login.

Admin user name
Fill in the username for the account that can be used to log into Exchange Online. The account must meet the criteria in the Synctool prerequisites. The username for Exchange Online is always an email address.

Set up a connection to Exchange Online automatically with certificate

PowerShell module ExchangeOnlineManagement V2.0.3, 2.0.4 or 2.0.5 required
Install-Module -Name ExchangeOnlineManagement -RequiredVersion 2.0.5
Version 2.0.3, 2.0.4 or 2.0.5 of the PowerShell module ExchangeOnlineManagement is required.

Additionally, make sure app-only authentication for unattended scripts is already configured before attempting to connect.

Select Exchange Online with Certificate login.

  • Certificate location
    Fill in the location of the .pfx file created at step 3: Generate a self-signed certificate including the name. For example C:\mycert.pfx.

    Pay attention to the run path in PowerShell
    The directory from which you run the PowerShell cmdlet needed to create a certificate is also where the .pfx file will be stored. For example if you run the cmdlet from C:\Windows\System32, then the file location will be C:\Windows\System32\mycert.pfx
  • Certificate password
    Fill in the password that you used to secure the .pfx file at step 3: Generate a self-signed certificate. Make sure the password is at least 12 characters long and store the password somewhere safe.

  • Application ID
    Fill in the application ID of the App registration created at step 1: Application registration in Azure AD.

    1. Go to portal.azure.com.
    2. Select Azure Active Directory.
    3. Select the tab App registrations.
    4. Select the App registration created for the Synctool from the list.
    5. Copy the Application (client) ID.
  • Exchange Organization name
    Fill in the Microsoft domain of you Azure AD tenant. It usually looks like yourcompany.onmicrosoft.com.

    1. Go to portal.azure.com.
    2. Select Azure Active Directory.
    3. Select the tab Overview.
    4. Look for the Primary domain on the tenant information tile.

Set up a connection to Exchange on-premise

Select Exchange on premise.

  • Exchange address
    Fill in the Exchange address. The Synctool will use this address to set up a remote connection.

    What should the Exchange address look like?
    The address should look like http://ServerFQDN/PowerShell/. Replace ServerFQDN with the fully qualified domain name of your Exchange server.
    For example exchange01.example.com.
  • Use Kerberos
    Select Yes. Using Kerberos is the default way to authenticate for Exchange on-premise.

  • Admin user Name
    Fill in the username for the account that can be used to log into Exchange. The account must meet the criteria in the Synctool prerequisites. The username often is preceded by the domain.
    For example company\name_exchange_account.

  • Password
    Enter the password for the Exchange on-premise account.

Groups

Group Field Mapping (Exchange) allow you to synchronize different types of Exchange mailboxes to Zivver as functional accounts.

By default only SharedMailbox type is enabled. Other mailbox types are often not used to send or receive sensitive data, and therefore a Zivver functional account is not required.

Organizational Units

Organizational Units Mapping maps functional accounts from your Exchange source to an organizational units (OU) in Zivver.

If your organization does not use organizational units in Zivver, leave the default None or Excel selected.

How do I find out if my organization uses organizational units in Zivver?
If your organization uses organizational units in Zivver, you should have access to the Organization Units tab in Zivver. If you don’t have access, either your organization doesn’t use organizational units in Zivver, or you don’t have administrator rights.

If your organization uses organizational units in Zivver, then select an option based on your configuration of OU’s in the Zivver admin panel.

How do I find out if Domain or Custom OU Identifier should be used?
You can check the Organizational Unit Identifier by browsing to the Organization Units tab in Zivver, clicking on one of the OU’s present and edit edit the Organizational Unit. You will see the identifier in a popup under Organization Unit Identifier.

Source Filter

Object Filter (Exchange) allows you to filter on email addresses.

Add all email addresses to be filtered on in a list, with each email address on a separate row. Add this list to the Filter Text to filter all email addresses in the list.

  1. Check Enable Exchange Source filtering.
  2. Enter the filter value(s) at Filter Text.
    If you want to enter more than one filter value, add each value on a separate line.
  3. Choose between a positive filter (include) or negative filter (exclude).
    You can’t include and exclude in the same filter.

View the results at Data Preview.

Merge Settings

Use Source Merge Settings to choose what Synctool should do if distinct sources (e.g. an Exchange source and Excel source) contain identical entries.

If this is the first source in the Source Overview then no merge settings are available.

  • Overwrite
    Objects found in the currently selected source overwrite duplicate objects from previous sources.
  • Ignore
    Objects found in the currently selected source are overwritten by duplicate objects from previous sources.
  • Conflict
    Prompt the admin to resolve duplicates before synchronizing.

Data Preview

Source Data Preview (Exchange) allows you to preview all functional accounts found in your Exchange source.

Click Load the data now to get a preview of all functional accounts found in your Exchange source.

Next steps

If the data preview is returned as you would expect, you can either configure another source, or go to Syncing.

Was this article helpful?

thumb_up thumb_down