Follow

DAVTON ENTERPRISE SYNC SET-UP MS EXCHANGE 2007

DAVTON ENTERPRISE SYNC SET-UP
MS EXCHANGE 2007

CREATE A WINDOWS ACCOUNT THAT HAS A MICROSOFT EXCHANGE 2007 MAILBOX

You must create a Windows® account that has a Microsoft® Exchange 2007 mailbox so that the Windows account can authenticate with the Microsoft® Exchange Server. This account must be a domain user only- and not be given any additional administrator privileges except as described below. ( Additional privileges such as domain admin have 'deny' permissions which will stop the account working as required. )

  1. On the computer that hosts Microsoft Exchange, log in using an administrator account that has the correct permission to create accounts.
  2. Open the Microsoft Exchange Management Console.
  3. Create an account and mailbox with the name SyncService.
  4. Give the SyncService account Owner permissions on the Public Folders you will be accessing. (Owner is required to set up certain custom fields.)
  5. Whilst still on the server, configure the Domain Security Policy to allow this account to Log on as a Service.

CONFIGURE MICROSOFT EXCHANGE 2007 PERMISSIONS FOR THE WINDOWS ACCOUNT

You must create a Windows® account that has a Microsoft® Exchange 2007 mailbox so that the Windows account can authenticate with the Microsoft® Exchange Server. This account must be a domain user only- and not be given any additional administrator privileges except as described below. ( Additional privileges such as domain admin have 'deny' permissions which will stop the account working as required. )

    1. On a computer that hosts the Microsoft® Exchange Management Shell, open the Microsoft Exchange Management Shell.
    2. Perform one of the following actions:

 • If you log in to Microsoft® Exchange Server 2007, type: 

add-exchangeadministrator "SyncService" -role ViewOnlyAdmin.

• If you log in to another computer, type: 

get-mailboxserver "messaging_server_name" | addexchangeadministrator "SyncService" -role ViewOnlyAdmin.

    1. For each Microsoft Exchange Server 2007 instance that hosts user mailboxes, type the following command:

get-mailboxserver "messaging_server_name" | add-adpermission -user "SyncService" -accessrights ExtendedRight -extendedrights Receive-As, ms-Exch-Store-Admin

CONFIGURE SEND AS PERMISSIONS FOR THE WINDOWS® DOMAIN

    1. Log in to a computer in the Windows domain as an administrator that has permissions to change user objects in Microsoft Active Directory.
    2. On the taskbar, click Start - Administrative Tools - Active Directory Users and Computers.
    3. On the View menu, click Advanced Features.
    4. Right-click the domain root. Click Properties.
    5. On the Security tab, click Advanced.
    6. If the Sync Service account is not listed, click Add and then select the Sync Service account name.
    7. Type the name of the Windows account that you created (for example, SyncService).
    8. Click Check Names.
    9. Click OK.
    10. Perform one of the following actions: 
            • If you are running Windows Server® 2003, in the Apply drop-down list, click User Objects.

• If you are running Windows Server 2008, in the Apply drop-down list, click Descendant User Objects.

  1. In the Allow column, select the Send As check box.
  2. Click Apply.
  3. Click OK
  1. ALLOW SYNCSERVICE TO LOG ON AS A SERVICE 

  2. To give your admin and SyncService accounts the necessary permissions on Exchange 2007, configure the Local Security Policy permissions as follows:

Note: This procedure allows the Davton Enterprise Sync Service account to access the local computer and to run the Davton Enterprise software as a Windows® service. (NOTE: If the computer is a Domain Controller, click Start > Administrative Tools > Group Policy > Domain Controllers > Default Domain Controllers Policy > Security Settings > Local Policies > User Rights Assignment.)

a.         Click Start > Administrative Tools > Local Security Policy.

b.         In the Local Securities window, click Local Policies > User Rights Assignment.

c.         Perform one of the following steps:

For Windows Server 2000, double-click Log on Locally.

For Windows Server 2003 and 2008, double-click Allow Log on Locally.

d.         Click Add User or Group.

e.         Select the Davton Enterprise Sync Service account name, and then click Add.

f.          Click OK.

g.         Similarly (still in User Rights Assignment) , double-click Log On As a Service.

h.         Click Add User or Group and then select the Davton Enterprise Sync Service account.

i.          Click OK. 

LOG-OFF THE SERVER AND LOG BACK ON USING YOUR NEW SYNCSERVICE ACCOUNT

You should now log off the server and complete the rest of the installation and configuration using your newly set up SyncService account.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

0 Comments

Article is closed for comments.
Powered by Zendesk