MBN Administrator's Guide MS Synkronisering - Telenor

More documents

Recommendations

Info

5. Installation of pre-requisitesThese pre-requisite software packages need to be installed before MBN Microsoft Synchronization Client canrun. .NET Framework 3.5 Service Pack 1 SQL Server (Express) 2008The SQL server may be placed on a different server, and you can use an existing SQL server in yourorganization. The MBN Microsoft Synchronization Client configuration program will attempt to create thenecessary database and tables.You can download SQL Server Express 2008 from www.microsoft.com/downloads.5.1 Other pre-requisitesTo be able to change specific parts of the MBN Microsoft Synchronization Client configuration, the userrunning the configuration program must have the proper permissions in the Active Directory.Also, the user account used for retrieving calendar appointments from the Exchange Server must haveaccess to all the mailboxes it should retrieve calendar appointments for.5.1.1 Access rights for the configuration processThe user running the MBN Microsoft Synchronization Client configuration should be a member of the“Domain Admins” group in the Active Directory. In permission limited configurations, the user should have atleast these group memberships:Lync Server trusted application provisioningo The user must be a member of the “RTCUniversalServerAdmins” group.5.1.2 Access rights for calendar importIf you configure the MBN Microsoft Synchronization Client software to synchronize Exchange calendars withthe Telenor Mobilt Bedriftsnett directory, the MBN Microsoft Synchronization Client will use the ExchangeServer’s Outlook Web Access facility or Exchange Web Services. Whether MBN Microsoft SynchronizationClient can use Outlook Web Access or Exchange Web Services depends on your company’s Exchange Serverversion.Either way, the MBN Microsoft Synchronization Client must be configured with a valid Exchange serverusername and password. This account must be mail-enabled (i.e. have an Exchange Server mailbox), andthere must be some specific permissions configured, so the MBN Microsoft Synchronization Client can usethis account to retrieve calendar appointments for the synchronized users from the Exchange Server.For all Exchange server versions, the user should be configured as such:The user account must be a member of the Domain Users groupThe account should have the option “Password never expires” setThe account must have an Exchange mailbox, and the mailbox must not be hidden from theExchange Global Address listThe account must have the permissions in the Exchange mailbox database(s) as described below5.1.2.1 Exchange 2007 SP1 and up and Exchange 2010MBN Microsoft Synchronization will use Exchange Web Services to retrieve calendar information formMicrosoft Exchange Server 2007 Service Pack 1 and up, and from Exchange Server 2010.MBN Administrator’s Guide MS Synchronization Side 8 av 39
The permission checks performed by the Exchange Server when using Exchange Web services are differentfrom previous versions, and the permissions which the MBN Microsoft Synchronization client require aredifferent.To read calendar information from these Exchange Server versions, the account used by the MBN MicrosoftSynchronization client requires Exchange Impersonation permissions. To grant these permissions run thefollowing commands from the Exchange Management Shell.Exchange 2007 SP1 and upGranting impersonation permissions involves granting the right to impersonate on Exchange Server level,and to grant the “may-impersonate” right on mailbox databases. This can be done by running these twocommands:Get-ExchangeServer | Where {$_.IsClientAccessServer -eq $TRUE} | Add-ADPermission-User "cccpuser" -extendedRight ms-Exch-EPI-ImpersonationGet-MailboxDatabase | Add-ADPermission -User "cccpuser"-extendedRight ms-Exch-EPI-May-ImpersonateExchange 2010Microsoft Exchange Server 2010 uses Role Based Access control. Granting the necessary impersonationpermissions only involves assigning the correct management role to the user account used by the MBNMicrosoft Synchronization Client: (i.e. cccpuser: cccpuser@mydomain.no)New-ManagementRoleAssignment –Name:TelenorMicrosoft Synchronization–Role:ApplicationImpersonation –User:cccpuser@mydomain.no5.1.3 Firewall configurationBefore MBN Microsoft Synchronization Client can successfully synchronize contacts, presence, andappointments with the Telenor Mobilt Bedriftsnett directory, the following firewall configurations must bemade.Host namesDirection from TCP Port NotesMBN MicrosoftSynchronizationClient servermb.telenor.no Outgoing 443 Used to synchronize with TelenorExchange server Outgoing 80 or443Used to access Outlook Web Access URL, portnumber depends on Exchange serverconfigurationExchange server Incoming 45872 Used for Exchange Web Services Push updates(only Exchange 2007 SP1, SP2, and Exchange2010). Port can be configured.Any Incoming 45771 Used for Telenor Outlook Synchronization Plugincommunication. Port cannot be configured.Lync server front-endservers or directorLync server front-endservers or directorOutgoing 5061 Used to log on to Lync Server infrastructure andcommunications from MBN MicrosoftSynchronization Client to Lync Server.Incoming 45871 Used for Lync Server communications to MBNMicrosoft Synchronization Client. Port can beconfigured.SMTP server Outgoing 25 For sending alerts and synchronization resultsvia e-mail.MBN Administrator’s Guide MS Synchronization Side 9 av 39
Page 1 and 2: MBN Administrator’s GuideMS Synch
Page 3 and 4: 9.4 Installation ..................
Page 5 and 6: 2. How it worksThe following descri
Page 7: 4. Deploying MBN Microsoft Synchron
Page 11 and 12: 7. MBN Microsoft Synchronization Co
Page 13 and 14: Place the mouse over the exclamatio
Page 15 and 16: Country codeThe prefix to set on ph
Page 17 and 18: A conflict for a phone number mappi
Page 19 and 20: 7.6.2 Calendar tabCalendar synchron
Page 21 and 22: Push portThe push port is used for
Page 23: 7.6.6 Plugin settingsThe calendar s
Page 26 and 27: Replace the identity, front end ser
Page 28 and 29: 9. MS Synchronization Outlook Plugi
Page 30 and 31: 10. Appendix - SettingsThe settings
Page 32 and 33: hexadecimal serial number of thecer
Page 34 and 35: time stamp is always in UTC (Coordi
Page 36 and 37: Screenshots of any error messages r
Page 38 and 39: 12.2.2.3 Verify which users are syn

MBN Administrator's Guide MS Synkronisering - Telenor

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?