In this article we will look at steps required for configuring your Pexip deployment with Office 365 mailboxes for scheduling meetings. The following process will be step by step using Powershell to complete the configuration of Office 365 with Pexip and at the end of this article will be a complete powershell which will allow quick provisioning with prompts for information.
Please note: The follow steps have been taken from the Pexip website, I have used their article to create an easy to use PowerShell for O365/Exchange Deployments.
Connecting to Office 365
$Credential = Get-Credential
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri <a href="https://outlook.office365.com/powershell-liveid/">https://outlook.office365.com/powershell-liveid/</a> -Credential $Cred -Authentication Basic -AllowRedirection
Connect-MsolService -Credential $Credential
Creating the service account
The first command lets the administrator type in a password for the service account as a secure string. This password variable is then used in the second command to create a mailbox for the service account. The third command ensures the password of the service account will not expire. The final command terminates the remote session.
New-Mailbox -Name "Service Account" -MicrosoftOnlineServicesID email@example.com -Password $password -Alias pexip -FirstName Service -LastName Account -DisplayName "Service Account"
Set-MsolUser -UserPrincipalName firstname.lastname@example.org -PasswordNeverExpires $true
Configuring Application Impersonation on the service account
The service account must be configured with a Role of Application Impersonation. This allows the service account to impersonate all users who will be using VMR Scheduling for Exchange, and to impersonate the equipment resource that is to be used for the scheduling service.
To check if your service account has Application Impersonation already configured, use the PowerShell command:
Get-ManagementRoleAssignment -RoleAssignee "<email_of_service_account>" -Role ApplicationImpersonation | Format-List
Below is an example of the output of the command when the service account already has Application Impersonation configured:
If the service account does not have Application Impersonation configured, then the above command will not return anything at all. If this is the case, enable Application Impersonation as follows:
New-ManagementRoleAssignment -name:"<role_name>" -Role:ApplicationImpersonation -User:"<email_of_service_account>"
New-ManagementRoleAssignment -name:PexipSchedulingService -Role:ApplicationImpersonation -User:email@example.com
This will enable the service account to impersonate all users in the organization.
Creating an equipment resource
The equipment resource will be added as a resource attendee to all VMR Scheduling for Exchange meetings. Users will see replies from this resource when it accepts or rejects a meeting request.
Each equipment resource can be used by only one Pexip Exchange Integration.
This command creates an equipment resource with the specified Name, Alias and Display Name. Name and Display Name should be the same, and will appear as the location of any meeting requests, and as a recipient. The Alias (also known as the mail nickname) will be used as the email address.
New-Mailbox -Equipment -Name "<Equipment Name>" -Alias "<Equipment Alias>" -DisplayName "<Equipment Name>"
New-Mailbox -Equipment -Name "Pexip Meeting" -Alias pexipmeeting -DisplayName "Pexip Meeting"
Configuring the equipment resource
You must configure the equipment resource to disable automatic processing for the equipment resource, so that the processing can be done by the scheduling service. You must also configure it to permit conflicts, because meetings may be scheduled at the same time by different users.
This configuration is done using the following PowerShell command:
Set-CalendarProcessing -Identity "<email_of_equipment_resource>" -AutomateProcessing None -AllowConflicts $true -BookingWindowInDays 1080 -MaximumDurationInMinutes 0 -AllowRecurringMeetings $true -EnforceSchedulingHorizon $false -ScheduleOnlyDuringWorkHours $false -ConflictPercentageAllowed 100 -MaximumConflictInstances 2147483647
To verify that the above command has configured everything correctly, use the PowerShell command:
Get-CalendarProcessing -Identity "<email_of_equipment_resource>" | Format-List
Viewing the equipment resource’s mailbox
There may be occasions, such as when troubleshooting, that you want to view the equipment resource’s mailbox or calendar. To do this, you first need to assign full access to the equipment resource’s mailbox to a delegate account, and then view the mailbox or calendar using the delegate account. (The delegate account could be the service account, or it could be, for example, an administrator’s account.)