- All
- Account balance (2)
- Adding (4)
- adjustment (1)
- administration (23)
- Allocating payments (2)
- appointment (9)
- appointment-feedback (1)
- assets (17)
- Authorisation (7)
- bar-code (1)
- Bonus (1)
- branding (2)
- Browser (1)
- business-units (1)
- calendar (2)
- Case Categories (7)
- Case wach list (2)
- Case Watcher (3)
- case-notes (2)
- Cases (24)
- case-sla (7)
- case-sweep (1)
- Chargeable Feature (1)
- Checklist (7)
- Commissions (2)
- company-logos (1)
- company-settings (5)
- cost_centre (1)
- custom (2)
- Custom Report Groups (1)
- Custom Reports (4)
- customer (39)
- customer-portal (1)
- custom-fields (2)
- custom-product (1)
- custom-service (2)
- Data (7)
- data-capture (2)
- data-migration (7)
- Delegated Access (2)
- delete (9)
- Digest Feeds (2)
- Digests (2)
- duplicates (2)
- Editing (2)
- Email (7)
- Email Signature (2)
- email-attachments (1)
- email-templates (6)
- environment-settings (1)
- exchange-server (4)
- Expiry (5)
- Export (3)
- files (1)
- finance (38)
- forms (3)
- Funds (10)
- gdpr (3)
- Groups (1)
- Hold Back (1)
- how-to (197)
- Images (2)
- integrations (11)
- internet-explorer (2)
- Invoice (10)
- knowledgebase (9)
- leads (21)
- lease (1)
- Liabilities (2)
- mail agent (6)
- mail-triage (2)
- marketing (5)
- merge (4)
- Mobile (2)
- Notification (2)
- office-365 (4)
- on-boarding (5)
- Opportunity (23)
- ordering (52)
- outlook-plugin (5)
- permissions (8)
- portal (3)
- presales (21)
- Pricebook (13)
- Product Stock (9)
- product-group (1)
- purchase-order (6)
- quotations (42)
- reconciliation (1)
- record (25)
- renewals (3)
- Reports (15)
- Sage (12)
- sales (86)
- Scheduled Email (1)
- search (3)
- Secure File (1)
- service (38)
- Services (9)
- settings (54)
- set-up (2)
- Signature (4)
- sites (1)
- sla-breach (1)
- sms (1)
- Stock (21)
- subscription (1)
- tags (1)
- tasks (12)
- terms (1)
- troubleshooting (5)
- unassigned (1)
- Updating (4)
- Upload images (2)
- user-roles (2)
- users (15)
- video (19)
- warehouse (1)
- widgets (12)
- work-stacks (21)
- Less
- More
- All
How to configure an Office 365 maintenance account
Creating an impersonation user on Office 365
Managing Exchange mailbox access centrally is recommended for businesses with 5+ users in order to avoid asking users to update their password on both Office 365 and The Layer.
In order to achieve this, a maintenance account can be created on Office 365 which has impersonation access.
Exchange Impersonation enables a caller to impersonate a given user account. This enables the caller to perform operations by using the permissions that are associated with the impersonated account, instead of the permissions that are associated with the caller's account.
Please note that the ApplicationImpersonation feature is available in Office 365 Enterprise, but not in Office 365 Small Business, since it is based on RBAC, and Small Business users cannot create new admin roles in Exchange admin center.
How to create a user account on Office 365
It is best practice to create a separate user account to handle impersonation and set a strong password. e.g. layeruser@yourdomain.com.
This account acts as the impersonating account and it is important to specify that the password for this account should not expire.
How to create an Exchange impersonation user via Powershell (Recommended)
PS C:\WINDOWS\system32> $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.of fice365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection
PS C:\WINDOWS\system32> Import-PSSession $Session
If signing isn't available...
PS C:\WINDOWS\system32> Set-ExecutionPolicy RemoteSigned
PS C:\WINDOWS\system32> Enable-OrganizationCustomization -Verbose
PS C:\WINDOWS\system32> New-RoleGroup -Name "Layer_Impersonation" -Roles "ApplicationImpersonation"
PS C:\WINDOWS\system32> Add-RoleGroupMember -Identity "Layer_Impersonation" -Member "layeruser@yourdomain.com"
How to create an Exchange impersonation user via Office 365
- Login to the Office 365 Exchange Admin Center
- Scroll down to "Admin" and expand
- Select "Exchange"
- Select "Permissions"
- Click on "Admin Roles"
- Click the "+" Icon to add a new role
- In the role group dialog box Provide a name for your Role Group (ie. "LAYER_Impersonation")
- Under Role click the "+" icon to add an RBAC Role.
- Select ApplicationImpersonation", click "add ->" and then click OK.
- Under Members click the "+" icon to add a new memeber to the RoleGroup
- Select your admin user account that will act as the maintenance account for The Layer (layeradmin), click "add ->", and then click OK.
- Click Save
Adding your secure Exchange Web Services (EWS) password in to The Layer
Log in to your account in The Layer and go to the company settings as below then go to the Mail tab and then add your Exchange Web Services Agent Password:
As a guide we would recommend not using the following in your password:
- Your company name
- your own name
- your address
You should choose a random yet secure password which contains the following:
- a minimum of 8 characters
- contains a mixture of both numbers and letters
- at least one capital letter
- at least 2 special characters
Author: Nick Kewney