In this guide, we guide you through how to configure Exchange Calendar connector for Setera OneCloud with O365 and OAuth2 authentication.
What do you need when configuring setup?
- You will need to have a technical user with mailbox license in your O365 environment that has rights to read other users calendar
- User account with Admin rights for O365 Tenant
- Access to Microsoft PowerShell with EXO V2 Module
- Access to Setera OneCloud admin portal https://onecloud.setera.com (Or you Setera contact person can do this)
How does it work?
Your organization Microsoft Admin user will need to allow this technical user to monitor your organization user calendars. Setera OneCloud will use this user credentials with OAuth 2.0 to read users calendar status and sync this status to OneCloud presence state accordingly.
TABLE OF CONTENTS
Steps on customer O365 Tenant
Step 1: Create a monitor user for O365 with mailbox
- Create a monitor user eg. "exchangemonitoruser@company.com" with a mailbox license example "Exchange Plan 1" from your O365 admin center.
Step 2: Give monitor user rights to see users calendars from PowerShell
- https://docs.microsoft.com/en-us/powershell/exchange/connect-to-exchange-online-powershell?view=exchange-ps
The example below assumes that the monitor user is called "Monitor":
Get the mailbox of your monitor-user:
$User = Get-Mailbox Monitor
Create a variable with the mailboxes to be administered by using:
$Mailboxes = Get-Mailbox -ResultSize Unlimited
Set rights on every mailbox in the variable by using the following. Please keep in mind that the Calendar folder will be named differently in translated editions of Microsoft Exchange Server:
$Mailboxes | ForEach-Object { Add-MailboxFolderPermission $_
":\Calendar"
-User $User.identity -AccessRights Reviewer }
Step 3: Configure Calendar Synchronization for Microsoft Exchange in Office365 using OAuth2 Authentication
To configure the calendar synchronization to use OAuth2-based authentication, you need to give permission to the exchange synchronization application for it to be able to read the users' calendars:
Go to Microsoft Entra https://entra.microsoft.com/
Login as Microsoft Admin user.
Navigate to App registrations.
Choose New registration and name the new application, for example, Exchange calendar synchronization and then select Register.
Note the Application (client) ID and the Directory (tenant) ID.
Navigate to Certificates & Secrets.
Choose New client secret and name the secret, for example, Exchange calendar synchronization secret and select expires Never.
Copy the generated secret (Value, not the Secret ID) to a safe place. The secret together with the Application (client) ID and Directory (tenant) ID will need to be entered in the Calendar Connector setting page when configuring the connector
Navigate to API permissions.
Choose Add a permission and then select Microsoft Graph.
Select Application permissions and then choose Calendars.Read.
Select Grant admin consent for {your company}.
Follow the instruction on the new window.
Wait for Status in the Configured Permissions window to turn green.
8. Copy Secret value
Steps on Setera OneCloud
Step 1: Configure Calendar connectors on Organization -> Calendar Connectors
- Add Name
- Choose connector type: Exchange Office 365
- Select authentication method: OAuth2.0
- Add Sync user ID ("exchangemonitoruser@company.com")
- Add Password, generated in Azure "Certification and Secrets", step 8 in previous chapter
- Add Client Secret, generated in Azure "Certification and Secrets", step 8 in previous chapter
- Add Application (client) ID, generated in step 5 in previous chapter
- Add Directory (tenant) ID, generated in step 5 in previous chapter
Step 2: Configure Presence Mapping in Services -> Presence synchronization policies
To set up a presence mapping rule:
Click the Add rule icon to create a new presence mapping rule.
The Type drop-down list is displayed. You can select one among the following types:
Availability - When Availability is selected, a drop-down list is displayed under the Match field, where you can pick one of the basic Microsoft Exchange activity states to map against a MiCloud Telepo for Service Providers presence activity. The states are Free, Tentative, Busy,Out Of Office, Working Elsewhere.
Subject - When Subject is selected, a text box is displayed under Match field, which allows you to match an activity title to a presence activity. You can match against a specific text string or a partial match by using wildcards (*). Wildcards can be placed before, after or on both sides of the string.
Location - When Location is selected, a text box is displayed under Match field, which allows you to match a location to a presence activity. You can match against a specific text string or a partial match by using wildcards (*). Wildcards can be placed before, after or on both sides of the string.
Private - When Private is selected, a checkbox is displayed under Match field. Selecting it indicates that you wish to match the Private activity to a presence activity in Setera OneCloud
Once you've set the Type and Match, you can set a presence state to match it to under Activity fields.
Click Set Activity, a drop-down list displays the following options:
Custom activity - one or several custom activities added in the Organization/Presence states view.
Office
Available
Busy
Lunch
Meeting
Out of office
Vacation
Set the Role from the drop-down list. You can select Private, Business, or Do Not Change.
Step 3: Enable Exchange calendar synchronization from User management
- Enable license
- Add user e-mail as identifier for synchronization