Creating an Office 365 Association for Server Connections

Document created by user.oxriBaJeN4 Employee on Jan 17, 2017Last modified by user.oxriBaJeN4 Employee on Aug 5, 2019
Version 23Show Document
  • View in full screen mode

This guide describes the steps required to create an association between your Mimecast and Office 365 for cloud synchronization server tasks.

We recommend using an alternative browser to Microsoft Edge, as some encoding issues may occur.

Walkthrough

 

The process of creating an Office 365 association for server connections involves:

  1. Creating an application registration.
  2. Setting permissions.
  3. Editing the application's manifest.

 

Creating an Application Registration

 

See the "Adding an Application" section of the Integrating Applications with Azure Active Directory page in the Microsoft Azure Active Directory documentation for further information. 

 

To create an application registration:

  1. Log on to the Azure Active Directory Management Portal.
  2. Click on the Azure Active Directory menu item.
  3. Select the App Registrations function.
  4. Click on the New Registration button.
  5. Complete the dialog as follows:
    Field / OptionDescription
    NameSpecify a name of the application (e.g. Mimecast O365 Server Connection).
    Supported Account TypeSelect the "Accounts in this organizational directory only" option.
    Sign-On URLSpecify "https://localhost" as the sign-on URL for all instances.
  6. Click on the Register button.
  7. Hover over the Application (Client) Id value.Copying an Application key
  8. Click on the Copy to Clipboard icon to copy the value, and paste the value into a text editor. It will be required when creating a Server Connection in the Mimecast Administration Console.

 

Setting Permissions

 

See the "Using the Application Manifest to Update an Application's Identity Configuration" section of the Understanding the Azure Active Directory Application Manifest page in the Microsoft Azure Active Directory documentation for further information.

 

To set the required permissions:

  1. Click on the View API Permissions button.
  2. Click on the Add a Permission button. The Request API Permissions popout panel is displayed.
  3. Click on the Exchange icon in the Supported Legacy API section.
  4. Click on the Application Permissions button.
  5. Select the full_access_as_app option.
  6. Click on the Add Permissions button.
  7. Click on the Grant Admin Consent button to allow the Mimecast application to impersonate any user via the Exchange Web Services.
  8. Click on the Yes button to confirm.
    Failure to complete this step results in a failed server connection.

Editing the Application's Manifest

 

See the "Using the Application Manifest to Update an Application's Identity Configuration" section of the Understanding the Azure Active Directory Application Manifest page in the Microsoft Azure Active Directory documentation for further information.

 

To edit the application's manifest:

  1. Open Notepad.
    We recommend not using other text editors (e.g. Notepad++) as these can result in an error when saving the manifest.
  2. Copy / paste in the following text:
    MIIDtTCCAp2gAwIBAgIEbvdztDANBgkqhkiG9w0BAQsFADCBijELMAkGA1UEBhMCR0IxEDAOBgNVBAgTB0VuZ2xhbmQxDzANBgNVBAcTBkxvbmRvbjEiMCAGA1UEChMZTWltZWNhc3QgU2VydmljZXMgTGltaXRlZDEQMA4GA1UECxMHVW5rbm93bjEiMCAGA1UEAxMZTWltZWNhc3QgU2VydmljZXMgTGltaXRlZDAeFw0xNTA4MDcxNTA3MDBaFw0yNTA4MDQxNTA3MDBaMIGKMQswCQYDVQQGEwJHQjEQMA4GA1UECBMHRW5nbGFuZDEPMA0GA1UEBxMGTG9uZG9uMSIwIAYDVQQKExlNaW1lY2FzdCBTZXJ2aWNlcyBMaW1pdGVkMRAwDgYDVQQLEwdVbmtub3duMSIwIAYDVQQDExlNaW1lY2FzdCBTZXJ2aWNlcyBMaW1pdGVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtx+o812952m2gYkMxZ5e/j56IGPyaw62pZMJbkZ54K6ljARHg6bFWvW56ceY2UyYwA4G+tAI1eSRUSIRWAYLRe30TxuB4eUoxPG/4yDtmSRJXNoqzRfX1x2O+VWQRy9KLVh2FEUcWIYiBUn05lM7ku/xgJcKTPYkami4TaHZ1z07IjqStRGYYbGPa9udWJTQd8wRlrdP44GdJXCUa3P2jGeXG3LBkrdv1HH7PDAg/k0TJbCm4ObBJOMwR5wg2jkLWPd13wIG0oZy7qiCCz449Z2NqIh91NB+TaMROEhWTuf1hnAPPi3H7sVydYLFkG/QZT+z7YeDKukaPGpXlQ639QIDAQABoyEwHzAdBgNVHQ4EFgQUmm0e0xgGpZDapiW5Tb2C3PZnDvwwDQYJKoZIhvcNAQELBQADggEBAJ4OrFe770VLdzUf+cs3khWYb54vXNdjNqaL/mgnZ6fUqsyMGe6Yt8IBa1HoTnXgVhod7i+ikXvU0SA6LxqtyAw3zVDz82dUqkhU6ufLDwicYnZ5vqh22SYGkoQa9aVYFq9cq8vdKaJ1APfHxYrWsamnvXkAtipvYG2nnvGf7Sr/Xctr5Vtmrs3n0ZATVOh/zf1mAY0JwLPbMiQs/fIVgBsBbE73E1HcG1s8G8NiyLhMYy+l7FTUlfdZtRVdoBQKTvgwe2kMFdPq58XkJUqvQCkmlDkjw4N19PPi2+ok+eWZNjzkyoielhpjEi97GVnFPeQi5TeOdmyqOlhXrH36Jmo=
  3. Save the file as Mimecast Certificate.crt in a location you can access.
  4. Click on the Certificates and Secrets menu item in the navigator panel.
  5. Click on the Upload Certificate button.
  6. Click on the Select File icon.
  7. Select the Mimecast Certificate.crt file created in step 3.
  8. Click on the Open button.
  9. Click on the Add button. The certificate is displayed in the Thumbprint section.

 

See Also...

 

2 people found this helpful

Attachments

    Outcomes