Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Exchange On-Premise - Target - Permissions

NotificationsYou must be signed in to change notification settings

Tools4everBV/HelloID-Conn-Prov-Target-ExchangeOn-Premise

Repository files navigation

Important

This repository contains the connector and configuration code only. The implementer is responsible to acquire the connection details such as username, password, certificate, etc. You might even need to sign a contract or agreement with the supplier before implementing this connector. Please contact the client's application manager to coordinate the connector requirements.

Table of Contents

Introduction

HelloID-Conn-Prov-Target-Exchange Server On Premises is atarget connector.Exchange Server On Premises provides the option to correlate to existing Exchange On-Premise users and provision groupmemberships and sharedmailbox permissions.

Only Exchange groups are supported, if the group can be managed via AD, we advise to do so

If you want to create Exchange On-Premise users, please use thebuilt-in Microsoft Active Directory target system and make use of theExchange Integration.

The following lifecycle actions are available:

ActionDescription
create.ps1PowerShellcreate lifecycle action
enable.ps1PowerShellenable lifecycle action
disable.ps1PowerShelldisable lifecycle action
permissions/groups/grantPermission.ps1PowerShellgrant lifecycle action for groups
permissions/groups/revokePermission.ps1PowerShellrevoke lifecycle action for groups
permissions/groups/permissions.ps1PowerShellpermissions lifecycle action for groups
permissions/sharedMailboxes/grantPermission.ps1PowerShellgrant lifecycle action for shared mailboxes
permissions/sharedMailboxes/revokePermission.ps1PowerShellrevoke lifecycle action for shared mailboxes
permissions/sharedMailboxes/permissions.ps1PowerShellpermissions lifecycle action for shared mailboxes
permissions/sharedMailboxesDynamic/subPermissions.ps1PowerShellgrant,update &revoke lifecycle action for shared mailboxes
permissions/sharedMailboxesDynamic/permissions.ps1PowerShellpermissions lifecycle action for shared mailboxes
resources/groups/resources.ps1PowerShellresources lifecycle action for groups
resources/sharedMailboxes/resources.ps1PowerShellresources lifecycle action for shared mailboxes
configuration.jsonDefaultconfiguration.json
fieldMapping.jsonDefaultfieldMapping.json
correlateOnly/create.ps1PowerShellcreate lifecycle action for only correlating
correlateOnly/configuration.jsonDefaultconfiguration.json for only correlating
correlateOnly/fieldMapping.jsonDefaultfieldMapping.json for only correlating
postAdAction/postAdAction.create.DisableExchangeActiveSync_OWA.ps1Post-AD-action used in builtin AD-connectorcreate lifecycle action

Requirements

  • Execute the cmdletEnable-PsRemoting on theExchange server to which you want to connect.
  • WithinIIS, under theExchange Back End site for thePowershell sub-site, check that the authentication methodWindows Authentication isenabled.
  • Permissions to manage the Exchange objects, the default AD groupOrganization Management should suffice, but please change this accordingly.
  • Required to runOn-Premises.
  • Concurrent sessions in HelloID set to amaximum of 1! If this is any higher than 1, this may cause errors, since Exchange only support a maximum of 3 sessions per minute.

Getting started

Provisioning PowerShell V2 connector

Correlation configuration

The correlation configuration is used to specify which properties will be used to match an existing account withinExchange Server On Premises to a person inHelloID.

To properly setup the correlation:

  1. Open theCorrelation tab.

  2. Specify the following configuration:

    SettingValue
    Enable correlationTrue
    Person correlation field``
    Account correlation fieldAccount.UserPrincipalName

Tip

For more information on correlation, please refer to our correlationdocumentation pages.

Field mapping

The field mapping can be imported by using thefieldMapping.json file.

Configuring Exchange Management Shell

By using this connector you will have the ability to manage groupmemberships.Since we use the cmdlets from the Exchange Management Shell, it is required to Enable-PsRemoting on the Exchange Server, allow Windows Authentication for the IIS site and assign permissions to the service account.For more information, please check out theMicrosoft docs.

Connection settings

The following settings are required to connect.

SettingDescription
Connection UriThe connection uri of the on-prem Exchange
UsernameThe username of the service account in Exchange
PasswordThe password of the service account in Exchange
Authentication MethodThe authentication method that is used to authenticate the user's credentials

Getting help

For more information on how to configure a HelloID PowerShell connector, please refer to ourdocumentation pages

If you need help, feel free to ask questions on ourforum

HelloID Docs

The official HelloID documentation can be found at:https://docs.helloid.com/

[8]ページ先頭
©2009-2025 Movatter.jp