Creating an Office 365 Association for Server Connections

Document created by user.oxriBaJeN4 Employee on Jan 17, 2017Last modified by user.oxriBaJeN4 Employee on Sep 11, 2017
Version 13Show Document
  • View in full screen mode

This guide describes the steps required to create an association between your Mimecast and Office 365 for cloud synchronization server tasks.

We recommend using an alternative browser to Microsoft Edge, as some encoding issues may occur.

Walkthrough

 

The process of creating an Office 365 association for server connections involves:

  1. Creating an application registration
  2. Editing the application's manifest.
  3. Setting permissions.
  4. Testing the configuration.

 

Creating an Application Registration

 

See the "Adding an Application" section of the Integrating Applications with Azure Active Directory page in the Microsoft Azure Active Directory documentation for further information. 

App Registrations

 

To create an application registration:

  1. Log on to the Azure Active Directory Management Portal.
  2. Click on the Azure Active Directory menu item.
  3. Click on the App Registrations menu item.
  4. Click on the New Application Registration button.
  5. Complete the dialog as follows:

    Field / OptionDescription
    NameSpecify a name of the application (e.g. Mimecast O365 Server Connection).
    Application TypeSelect the "Web App / API" option from the drop down list.
    Sign-On URLSpecify a sign-on URL (e.g. https://localhost).
  6. Click on the Create button.

 

Editing the Application's Manifest

 

O365 ManifestSee the "Using the Application Manifest to Update an Application's Identity Configuration" section of the Understanding the Azure Active Directory Application Manifest page in the Microsoft Azure Active Directory documentation for further information.

 

To edit the application's manifest

  1. Click on the Manifest button. The Edit Manifest window is displayed.
  2. Replace the text in the keyCredentials section with the text below. This contains the public key corresponding to the private key used by the Mimecast application:
    When editing the manifest, we recommend editing directly inside the Edit Manifest window. If you download the manifest, ensure you edit it in Notepad (not Notepad++ or other text editors). Similarly if copying the example below, ensure it is pasted into Notepad before pasting into the Edit Manifest window. Failure to follow the above results in an error when saving the manifest.
    "keyCredentials": [        {          "customKeyIdentifier": "1N9EZLBeqS9JkNwLr4JQX9VhrdI=",
              "keyId": "a2d4c31d-cca7-4262-9418-e1a9c1ee0492",
              "type": "AsymmetricX509Cert",
              "usage": "Verify",
              "value":                 "MIIDtTCCAp2gAwIBAgIEbvdztDANBgkqhkiG9w0BAQsFADCBijELMAkGA1UEBhMCR0IxEDAOBgNVBAgTB0VuZ2xhbmQxDzANBgNVBAcTBkxvbmRvbjEiMCAGA1UEChMZTWltZWNhc3QgU2VydmljZXMgTGltaXRlZDEQMA4GA1UECxMHVW5rbm93bjEiMCAGA1UEAxMZTWltZWNhc3QgU2VydmljZXMgTGltaXRlZDAeFw0xNTA4MDcxNTA3MDBaFw0yNTA4MDQxNTA3MDBaMIGKMQswCQYDVQQGEwJHQjEQMA4GA1UECBMHRW5nbGFuZDEPMA0GA1UEBxMGTG9uZG9uMSIwIAYDVQQKExlNaW1lY2FzdCBTZXJ2aWNlcyBMaW1pdGVkMRAwDgYDVQQLEwdVbmtub3duMSIwIAYDVQQDExlNaW1lY2FzdCBTZXJ2aWNlcyBMaW1pdGVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtx+o812952m2gYkMxZ5e/j56IGPyaw62pZMJbkZ54K6ljARHg6bFWvW56ceY2UyYwA4G+tAI1eSRUSIRWAYLRe30TxuB4eUoxPG/4yDtmSRJXNoqzRfX1x2O+VWQRy9KLVh2FEUcWIYiBUn05lM7ku/xgJcKTPYkami4TaHZ1z07IjqStRGYYbGPa9udWJTQd8wRlrdP44GdJXCUa3P2jGeXG3LBkrdv1HH7PDAg/k0TJbCm4ObBJOMwR5wg2jkLWPd13wIG0oZy7qiCCz449Z2NqIh91NB+TaMROEhWTuf1hnAPPi3H7sVydYLFkG/QZT+z7YeDKukaPGpXlQ639QIDAQABoyEwHzAdBgNVHQ4EFgQUmm0e0xgGpZDapiW5Tb2C3PZnDvwwDQYJKoZIhvcNAQELBQADggEBAJ4OrFe770VLdzUf+cs3khWYb54vXNdjNqaL/mgnZ6fUqsyMGe6Yt8IBa1HoTnXgVhod7i+ikXvU0SA6LxqtyAw3zVDz82dUqkhU6ufLDwicYnZ5vqh22SYGkoQa9aVYFq9cq8vdKaJ1APfHxYrWsamnvXkAtipvYG2nnvGf7Sr/Xctr5Vtmrs3n0ZATVOh/zf1mAY0JwLPbMiQs/fIVgBsBbE73E1HcG1s8G8NiyLhMYy+l7FTUlfdZtRVdoBQKTvgwe2kMFdPq58XkJUqvQCkmlDkjw4N19PPi2+ok+eWZNjzkyoielhpjEi97GVnFPeQi5TeOdmyqOlhXrH36Jmo="
            }
         ],

 

Once the manifest is saved, should you click back inside it, you'll see that a "Null" value. This is a Microsoft security measure to hide the plain text. This can be safely ignored.

 

Setting Permissions

 

Add PermissionSee the "Using the Application Manifest to Update an Application's Identity Configuration" section of the Understanding the Azure Active Directory Application Manifest page in the Microsoft Azure Active Directory documentation for further information.

 

To set the required permissions:

  1. Click on the Required Permissions menu item.
  2. Click on the Add button. The Enable Access window is displayed.
  3. Click on the Office 365 Exchange Online (Microsoft Exchange) entry.
  4. Ensure the Use Exchange Web Services With Full Access To All Mailboxes permission is selected.
    Add Permission
  5. Click on the Select button. The Required Permissions window is displayed.
  6. Click on the Grant Permissions button. This allows the Mimecast application to impersonate any user via the Exchange Web Services.
    Failure to complete this step results in a failed server connection.
  7. Copy the Applications ID displayed. This must be used in the "Client Id" field when creating a server connection in Mimecast.

 

Testing the Configuration

 

To test your configuration:

  1. Check your Tenant Domain by clicking on the Azure Active Directory | Domain Names menu item.
  2. Test the connection.
  3. Click on the Save button.

 

See Also...

 

Attachments

    Outcomes