Pricing

Articles in this section

See more

How to enable communication between HelloID and Exchange

  • Updated:

Introduction

The HelloID Agent can perform actions on your local Exchange server, such as creating and updating user mailboxes. To allow this, you must grant the appropriate permissions on the server and account which are running Agent.

This configuration is a necessary prerequisite for using local Exchange integration in an on-premises target Active Directory system.

Note: In addition to the configuration steps in this article, you must configure the Exchange tab of your target AD system, including a security protocol and your username/password.

Set HelloID Agent permissions

Identify the service account

Make note of the service account under which your HelloID Agent services are running. This is shown under the Log On As column in the Windows Services Manager.

mceclip0.png

If your Agent services are not running in the context of a domain account (e.g., Local System), reassign them so that they are.

Add the Organizational Management group

Using the Active Directory Users and Computers console, find the HelloID Agent's service account and add it to the Organizational Management group.

mceclip1.png

Configure the Exchange server

Perform the following steps on your Exchange server.

Enable WinRM

From the Start menu, open the Exchange Management Shell as an administrator and type the following command:

winrm quickconfig

When prompted, type "Y" to confirm changes.

Enable remotely signed scripts

Next, also in the Exchange Management Shell, run the following command:

Set-ExecutionPolicy -ExecutionPolicy RemoteSigned

When prompted, type "Y" to confirm changes.

Allow Remote PowerShell

Next, also in the Exchange Management Shell, run the following command:

Set-User -Identity {service account name} –RemotePowerShellEnabled $true

Replace {service account name} with the logon name of the HelloID Agent's service account.

Configure the HelloID Agent Server(s)

On each server where a HelloID Agent is installed, perform the following steps:

  1. Open the PowerShell console as an administrator.
  2. Run the following command, and type "Y" afterward to confirm changes: 
    Set-ExecutionPolicy -ExecutionPolicy RemoteSigned

 

Was this article helpful?
0 out of 0 found this helpful
Please visit our website for more information about HelloID (identity as a service).
Return to top