The Connector attached to this article is specifically designed to work with Microsoft Exchange on-premises, and to be configured with Modern Authentication (NTLM).
Please follow the connector installation guide to install this connector to allow your RW20 devices to talk to your Microsoft Exchange on-premises instance.
This connector utilizes Application Impersonation. Please reference these steps to configure Application Impersonation in your environment. If you are already running the 5.1.1 Connector it is likely that this step is already complete.
What is Impersonation and how does it work?
Exchange Impersonation is a mechanism that allows a single Windows Active Directory account (your RoomWizard Service account) to act on behalf of other users on a Microsoft Exchange mailbox (your RoomWizard Resource Mailboxes), as if they were performing the action themselves.
This greatly reduces the number of connections counted against the service account. Too many connections by any one account will result in Exchange throttling back access by that account through the EWS API.
Configure Application Impersonation
The Exchange Connector requires the service account to have the Impersonation Role for all Room Resources utilized by the RoomWizard devices. Further the Room Resources require extra configuration to enable certain features. Note: Impersonation configuration for service accounts is required for on-premise Exchange environments only. Office 365 environments do not use service accounts.
There are different ways that an administrator may configure impersonation on the service account.
Granting Application Impersonation Role Manually via Exchange Admin Center
Access with an Admin account. Open permissions and select Admin Role. Click New
Click a name and select Application Impersonation for the role. Add the service account as a member and Save
The Admin Role for Application Impersonation is now set.
Granting Application Impersonation Role Manually via PowerShell
This section provides the necessary commands to configure a service user that has the Application Impersonation role. To proceed, a working knowledge of PowerShell is recommended.
The following command is used to grant the Application Impersonation role:
New-ManagementRoleAssignment –Name:impersonationAssignmentName –Role:ApplicationImpersonation –User: <Service User>
For example: New-ManagementRoleAssignment –Name:impersonationAssignmentName – Role:ApplicationImpersonation –User: “firstname.lastname@example.org”
The following command checks if a user has the Application Impersonation role:
Get-ManagementRoleAssignment -RoleAssignee <Service User> -Role ApplicationImpersonation
For example: Get-ManagementRoleAssignment -RoleAssignee “email@example.com”
-Role ApplicationImpersonation -RoleAssigneeType user