Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

A custom application cannot pull information from Exchange Server


View products that this article applies to.

Symptoms

Note This article is applicable in a dedicated deployment of the Microsoft Business Productivity Online Suite.

You may have a custom application whose purpose is to pull information from Microsoft Exchange Server. This includes information such as Out of Office and Free/Busy data. However, the custom application�cannot perform�functions of this kind.

↑ Back to the top


Cause

This issue occurs because the custom application has not been provisioned yet or is provisioned incorrectly.�To perform functions of this kind, the custom application has to have Exchange Web Services (EWS) impersonation rights.

↑ Back to the top


Resolution

When your dedicated environment of the Microsoft Business Productivity Online Suite was deployed, a specific role group was set up to let you implement EWS impersonation rights. In the Self-Service Guide for Exchange Online, this role group is defined as follows.
Collapse this tableExpand this table
Impersonation Rights for Exchange Web Service ApplicationsE2010-MSO Self Service - EWS Application ImpersonationSG members (Service Accounts) will be granted impersonation rights to all mailboxes in the Exchange organization for use with Exchange Web Service applications.

If this role group was not provisioned for you, you have to file a new Change Request to have the role group provisioned.

This is how the role group will look on the Microsoft provisioning side:

get-rolegroup "XF-CUS-EWS App Imp" | fl name,*linked*
Name: XF-CUS-EWS App Imp
LinkedGroup: DOMAIN\E2010-MSO Self Service - EWS Application Impersonation
The role group corresponds to a security group that you provision on your side. That group is the�E2010-MSO Self Service - EWS Application Impersonation security group. After the role group is provisioned on the Microsoft side, you must make sure that the service account that the application is using is a member of the�E2010-MSO Self Service - EWS Application Impersonation�security group in your environment.

↑ Back to the top


More information

For more information about how to configure Exchange Server 2010 impersonation rights, visit the following Microsoft TechNet website:

↑ Back to the top


Keywords: KB2568094, vkbportal226

↑ Back to the top

Article Info
Article ID : 2568094
Revision : 3
Created on : 7/7/2011
Published on : 7/7/2011
Exists online : False
Views : 473