Table of Contents
Systems - Exchange: accounts management
Microsoft Exchange Server is a mail server and calendaring server running exclusively on Windows Server operating systems. Thanks to WinRM + AD connector we can manage Exchange.
Connector supports these operations in Exchange:
- Create - Create mailbox and mail aliases
- Search - Search mailbox
- Update - Update mailbox or mail alias
- Delete - Delete mailbox
Cooperations from Customer
For managing Exchange we need these cooperations from customer:
- Running WinRM on windows server - Installed Windows Remote Management on the server with Active Directory
- Installed Exchange Management Shell on the server - Client for Exchange
- Information about server - IP, Endpoint, Ports, OS, etc.
- Information about Exchange server - IP, Endpoint, Ports, etc.
- HTTPS listener - Provide the Secure Socket configuration to the server to expose an HTTPS connection
- CredSSP authentication - CredSSP lets an application delegate the user's credentials from the client to the target server for remote authentication.
- Certificate for connection to WinRM
- User to connect to WinRM and Exchange - User which will manage Exchange
- Port for HTTP 5985 and for HTTPS 5986
Deployment
To connect IdM to Exchange server, we will use remote connector server.
At first, we must install connector server on the server where IdM is running. For that, we will follow this tutorial
After finishing installation of connector-server we want to test if we can connect to WinRM. For test we will follow this tutorial
After connection test, we must insert scripts to connector server to folder /scripts. Example scripts can be found in: https://github.com/bcvsolutions/winrm-ad-connector (copy both the winrm_wrapper.py and the whole folder exchange).
Next, we must configure new system in IdM. Configuration is very similar to configuration of Active Directory. We will follow this tutorial for configuration
Creating of mailbox
First, we set create via PowerShell to true in system configuration. Then we assign role to user. When assigning is approved, creating account for user in Active Directory will start. After creating account in Active Directory, creating mailbox will start. Result is a new mail-box for user.
