TO CONFIGURE CALENDAR SYNCHRONIZATION FOR MICROSOFT EXCHANGE IN OFFICE365 USING OAUTH2 AUTHENTICATION
Make sure that you have Administrator access rights and can access the Azure Active
Directory admin centre.
Configure a Monitor user:
To configure the calendar synchronization for Microsoft Exchange Server in Office 365, you need to use the Windows
PowerShell on your local computer to create a remote session:
1. Start Windows PowerShell, run as administrator.
2. Make sure that the Execution policy is set to RemoteSigned. Use the following:
Get-ExecutionPolicy
Set-ExecutionPolicy RemoteSigned
3. Create a credential object with Administrator rights credentials in Office 365. Use the following:
$UserCredential = Get-Credential
4. Create a session to Office 365 by connecting to https://outlook.office365.com/power- shell-liveid/ with the previously
mentioned credentials. Use the following:
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential
$UserCredential -Authentication Basic -AllowRedirection
5. Import the session into your present Windows PowerShell-session, by using the following:
Import-PSSession $Session
After creating the session in this way, all steps are the same as with earlier versions of Microsoft Exchange Server, with two exceptions.
Firstly, when you configure the Calendar connector, make sure to use the following server URL: https://outlook.office365.com/EWS/Exchange.asmx . You don't need to tick the Autodiscover checkbox.
Also, calendar rights of the monitor user has to be configured on a per-user basis. A script will be created to iterate through all users and avoid a lot of tedious and repetitive rights management. The example below assumes that the monitor user is called "Monitor":
1. Get the mailbox of your monitor-user:
$User = Get-Mailbox Monitor
2. Create a variable with the mailboxes to be administered by using:
$Mailboxes = Get-Mailbox -ResultSize Unlimited
3. Set rights on every mailbox in the variable by using. Please keep in mind that the Calendar folder will be named differently in translated editions of Microsoft Exchange Server:
$Mailboxes | ForEach-Object { Add-MailboxFolderPermission $_":\Calendar" -User $User.identity -AccessRights Reviewer }
To configure the calendar synchronization to use OAuth2-based authentication,
you need to give permission to the exchange synchronization application for it to
be able to read the users' calendars:
1. Sign in to https://aad.portal.azure.com/
2. Go to the Azure Active Directory
3. Navigate to App registrations
4. Choose New registration and name the new application, for example, Exchange
calendar synchronization and then select Register
5. Note the Application (client) ID and the Directory (tenant) ID.
6. Navigate to Certificates & Secrets
7. Choose New client secret and name the secret, for example, Exchange calendar
synchronization secret and select expires 36 months.
8. Copy the generated secret to a safe place. The secret together with the Application
(client) ID and Directory (tenant) ID will need to be entered in the Calendar
Connector setting page when configuring the connector
9. Navigate to API permissions
10. Choose Add a permission and then select Microsoft Graph.
11. Select Application permissions and then choose Calendars. Read
12. Select Grant admin consent for {your company}
13.Follow the instruction on the new window
14.Wait for Status in the Configured Permissions window to turn green