Lalita Jat is a Premier Field Engineer from India who works on Exchange Server technologies. In this post she talks about Site Mailboxes, an exciting new collaboration feature. This is the concluding post in the series on Site Mailboxes in Exchange 2013.
Hello again! In my previous post, we discussed how to install SharePoint Server for later leveraging Site Mailboxes. As promised, we will now discuss the details of the SharePoint and Exchange configuration and also learn how to use Site Mailboxes.
SharePoint Server Configuration
Launch the SharePoint Administration console
1) Select the configuration wizards and click on Launch the Farm Configuration Wizard
2) Select the option to accept the customer experience program.
3) Click on Start the Wizard, select Use Existing Managed Account (Leave the rest of the options to default settings).
4) You will see a screen which says “Working on it”, wait for the screen to close. Warning: this can take up to 20 minutes to complete!
5) Once the wizard is finished it will ask you to create a Site Collection. We will skip creating Site Collection at this point and create it later in this section.
Creating the SSL Web Application
1) Launch the central administration and click on Application Management and now select “Manage Web Applications”.
2) Select New button on the top left page, leave the option selected “Create a New IIS Site” and just change the port to 443 and make sure you select Use Secure Sockets Layer (SSL).
3) Wait for the “Create New Web Application” screen to disappear (In case the screen appears to be hanging, you can manually verify that you have a “SharePoint-443”site created from IIS console). Once the site is created you can safely close the Create a New IIS Site wizard and refresh your browser.
4) From the Central Administration console under Application Management select “Create Site Collection” from the create site collections wizard (At the top left ) click the drop down beside “Web Application”.
5) Now select Change Web Application and select the SharePoint-443 application we created in our previous step.
Type in a title (say SPS Secure), scroll down and put in admin password for the Primary Site Collection and wait for the confirmation page.
Install EWS Managed API
As discussed in the previous post, the Exchange Web Services (EWS) Managed API must be installed on all SharePoint 2013 servers. It is the same API used in Exchange 2010 extended to support Exchange 2013. You can download it from here.
Profile Sync Configuration with SharePoint
On Central Administration console
1) Select System Settings on the left hand side and select the Manage services on server option.
2) Under User Profile Synchronization Service click Start. If it prompts for the Admin account password, type in the password and click OK. The service may take a while to start.
3) Verify that the service is started.
On Application Management console
1) Select “Manage Service Application”, scroll down and select “User Profile Service Application” and now select “Configure Synchronization Connection”.
2) Create a new Synchronization by selecting “Create New Connection”, type in the name of the connection as per your choice, type in the name of the Forest, enter the credentials, click on Populate Containers and select All and Click OK .
3) Wait for Working on it screen to complete.
4) Once the above step is complete, start the synchronization select ‘Manage Services Application’, scroll down and select User Profile Service Application. From here, click on Start Profile Synchronization and make sure to select Start Full Synchronization
Configure Self Signed Certificate for SharePoint
1) We will now create a self-signed certificate on the SharePoint Server and assign it to the SharePoint Site which we created above.
2) We also need to make sure that SharePoint Server trusts the certificates from the Exchange Server. Verify by browsing the OWA/ECP URL for Exchange from SharePoint Server and ensure that we do not get any certificate warning.
3) We will use the Self SSL tool to generate a self-signed certificate. SelfSSL (SelfSSL.exe) can help you generate and install a self-signed SSL certificate. SelfSSL tool generates a self-signed certificate that does not originate from a trusted source. More detail about the tool and a download link are here .
Next, open Internet Information Services (IIS) Manager and expand SPSServer and select Sites and note the ID for the SharePoint – 443 site (Which we created previously in the “Creating SSL Web Application” section.)
- Launch a command Prompt
- Change to the C:\tools\selfssl directory
- Run the command shown below:
selfssl /T /S:<site id>
- When prompted type Y for Yes and press Enter
OATrust and Service Permission on SharePoint
OAuth is an open standard for authorization. It provides a method for clients to access server resources on behalf of a resource owner (such as a different client or an end-user). It also provides a process for end-users to authorize third-party access to their server resources without sharing their credentials (typically, a username and password pair), using user-agent redirections.
Execute the steps below in the SharePoint Management Shell:
1) To get and install Exchange Metadata:
New-SPTrustedSecurityTokenIssuer -Name Exchange -MetadataEndPoint https://ExchangeCasServerName/autodiscover/metadata/json/1
2) To assign Exchange Service Principal ‘Full Control’ permissions to SharePoint site subscription, open SharePoint 2013 Management Shell on SPS box and run the following commands:
$app=Get-SPAppPrincipal -Site https://SPSServername -NameIdentifier $exchange.NameId $site=Get-SPSite https://SPSServername
Set-SPAppPrincipalPermission -AppPrincipal $app -Site $site.RootWeb -Scope sitesubscription -Right fullcontrol -EnableAppOnlyPolicy
Enable Site Mailbox feature on the SharePoint Server 2013 Preview farm.
In SharePoint Management Shell execute the following:
Set Exchange Server Site Mailbox target domain for the SharePoint Farm
In SharePoint Management Shell, execute the following PowerShell commands:
$webApp.Properties["ExchangeTeamMailboxDomain"] = $exchangeDomain
$webApp.Properties["ExchangeAutodiscoverDomain"] = $exchangeServerName
OAuth Trust and Service Permission on Exchange
In Exchange Management Shell (Scripts Folder), execute the following command:
.\Configure-EnterprisePartnerApplication.ps1 -ApplicationType SharePoint -AuthMetadataUrl https://SPSServername/_layouts/15/metadata/json/1
Open IE on the Exchange CAS server and try to browse https://SPSServername , if you get a certificate warning, click to continue to this website (this is not recommended and we get a cert error, so make sure we trust the SharePoint certs on Exchange as well)
Exchange and SharePoint Integration in action!
Creating a sub-site
- Open Internet Explorer on SPSServer
- Browse to the root site https://SPSServer
- On the left hand site click Site Contents
- Scroll down and click new subsite
- Put in the title
- Put in the URL name
- Click Create
- After clicking create it will take you to the Site Main page.
Add the Site Mailbox App
Follow the steps below to add a site mailbox:
1) Click Add lists, libraries, and other apps.
2) Click Site Mailbox to add the site mailbox app to the site
3) Click Mailboxes on the left hand site to logon and create the site mailbox on Exchange.
4) After a few moments you will be prompted with an OWA logon
5) Login using the Administrator Credentials, You will now have access to the Site Mailbox.
Managing Site Mailbox Using ECP
To add users/members to Site you need to add it from SharePoint server:
Outlook and Site Mailboxes
Here is how a site mailbox looks from within Outlook 2013:
That’s it! We trust that this post gives you a complete picture of how to get Site Mailboxes up and running. You can also refer the Exchange team blog post for some more information on Site Mailboxes.
See you later!