|
|
| (19 intermediate revisions by 5 users not shown) |
| Line 1: |
Line 1: |
| − | {{Implementation Guide Preamble|Exchange Online / Microsoft 365}}
| + | #REDIRECT [[Archiving Emails from Microsoft 365 - Modern Authentication]] |
| − | <p class="msnote">'''Please note:''' For better readability, the terms ''Microsoft 365'' and ''Exchange Online'' are used interchangeably hereinafter instead of ''Exchange Online / Microsoft 365''.</p>
| |
| − | | |
| − | == App Registration & User Synchronization ==
| |
| − | Before archiving Microsoft 365 mailboxes, registering MailStore Server in your Microsoft 365 tenant is required. It is also highly recommended to synchronize users in MailStore Server directly with that tenant to fetch all information that is relevant for archiving such as email addresses. The registration and synchronization procedures are described in the chapter [[Synchronizing User Accounts with Microsoft 365 (Modern Authentication)]] of the MailStore Server manual.
| |
| − | | |
| − | <p class=msnote>'''Please note:''' MailStore Server runs as a [[MailStore Server Service Configuration|Windows service]] and thus must use ''Application Permissions'' to access user mailboxes in Microsoft 365. By design, on the Microsoft identity platform, which is at the heart of Microsoft 365 authentication and authorization, this permission scope encloses the full level of privileges implied by a permission. As a consequence, once registered as described above, MailStore Server has access to all mailboxes in your Microsoft 365 tenant. Therefore, with regard to security, access to the Microsoft 365 archiving profiles in MailStore Server is limited to MailStore Server administrators.</p>
| |
| − | | |
| − | === Including Microsoft 365 Shared Mailboxes ===
| |
| − | In Microsoft 365, shared mailboxes are special mailboxes that multiple users have access to. Unlike a normal mailbox, a shared mailbox is not associated to a licensed Microsoft 365 user. Therefore, for MailStore Server to create user entries for shared mailboxes, you have to deactivate the option ''Synchronize licensed Microsoft Exchange Online users only'' in the section [[Synchronizing User Accounts with Microsoft 365 (Modern Authentication)#User_Database_Synchronization|User Database Synchronization]].<br/>
| |
| − | After synchronization you can grant MailStore Server users access to the archive of the shared mailbox by [[Users,_Folders_and_Settings#Folder_Access_.28e.g._Access_to_the_Emails_of_Other_Users.29|assigning privileges]]. For archiving shared mailboxes, just proceed as for individual or multiple mailboxes as detailed below.
| |
| − | | |
| − | == Archiving Individual Microsoft 365 Mailboxes ==
| |
| − | {{Archiving Single Mailbox Preamble|Microsoft 365}}
| |
| − | For each mailbox, please proceed as follows:
| |
| − | | |
| − | * Log on to MailStore Client as MailStore Server administrator.
| |
| − | * Click on ''Archive Email''.
| |
| − | * From the ''Email Servers'' list in the ''Create Profile'' area of the ''Archive Email'' page, select ''Microsoft 365'' to create a new archiving profile.
| |
| − | * A wizard opens to assist in specifying the archiving settings.<br/><br/>
| |
| − | *; [[File:Microsoft 365 mailbox 01.png|center|347px]]
| |
| − | * Select ''Single Mailbox''.
| |
| − | *; [[File:Microsoft 365 mailbox 02.png|center|347px]]
| |
| − | * Select the Microsoft 365 credentials that you have created during the registration of MailStore Server with Microsoft 365 from the ''Credentials'' drop-down list. You can also use the button (…) to access the [[Synchronizing_User_Accounts_with_Microsoft_365_(Modern_Authentication)#Creating_Credentials_in_MailStore_Server|Credential Manager]].
| |
| − | * In the ''Mailbox'' field, enter the primary email address of the user whose mailbox you want to archive.
| |
| − | * Click on ''Test'' to verify that MailStore Server can access the mailbox.
| |
| − | * Click on ''Next''.
| |
| − | * If needed, adjust the settings for the [[Email_Archiving_with_MailStore_Basics#Archiving_Specific_Folders|List of Folders to be Archived]], the [[Email_Archiving_with_MailStore_Basics#Specifying_Filter_Criteria_for_Archiving|filter]] and the [[Email_Archiving_with_MailStore_Basics#Archiving_Specific_Folders|Deletion Rules]]. By default, no emails will be deleted from the mailbox. The ''Timeout'' value only has to be adjusted in specific cases (e.g. with very slow network connections).
| |
| − | *; [[File:Microsoft_365_mailbox_03.png|center|347px]]
| |
| − | * Click on ''Next'' to continue.
| |
| − | * Select the archive of the user for whom the selected mailbox is to be archived. If the user does not exist yet, click on ''Create a New User…''.
| |
| − | *; [[File:Microsoft_365_mailbox_04.png|center|347px]]
| |
| − | * Click on ''Next''.
| |
| − | * In the last step, a name for the archiving profile can be specified. After clicking ''Finish'', the archiving profile will be listed under ''Saved Profiles'' and, if desired, can be run immediately or automatically.
| |
| − | | |
| − | == Archiving Multiple Microsoft 365 Mailboxes Centrally ==
| |
| − | {{Archiving Multiple Mailboxes Preamble|Microsoft 365}}
| |
| − | Please proceed as follows:
| |
| − | | |
| − | * Log on to MailStore Client as MailStore Server administrator.
| |
| − | * Click on ''Archive Email''.
| |
| − | * From the ''Email Servers'' list in the ''Create Profile'' area of the ''Archive Email'' page, select ''Microsoft 365'' to create a new archiving profile.
| |
| − | * A wizard opens to assist in specifying the archiving settings.<br/><br/>
| |
| − | *; [[File:Microsoft 365 mailboxes 01.png|center|347px]]
| |
| − | * Select ''Multiple Mailboxes'' and click ''OK''.<br/><br/>
| |
| − | *; <p class=msnote>{{Archiving_Multiple_or_Multidrop_Note|multiple mailboxes|[[#App_Registration_.26_User_Synchronization|directory synchronization]]}}</p>
| |
| − | *; [[File:Microsoft 365 mailboxes 02.png|center|347px]]
| |
| − | * Select the Microsoft 365 credentials that you have created during the registration of MailStore Server with Microsoft 365 from the ''Credentials'' drop-down list. You can also use the button (…) to access the [[Synchronizing_User_Accounts_with_Microsoft_365_(Modern_Authentication)#Creating_Credentials_in_MailStore_Server|Credential Manager]].
| |
| − | * Click on ''Next'' to continue.
| |
| − | *; [[File:Microsoft 365 mailboxes 03.png|center|347px]]
| |
| − | * If needed, adjust the settings for the [[Email_Archiving_with_MailStore_Basics#Archiving_Specific_Folders|List of Folders to be Archived]], the [[Email_Archiving_with_MailStore_Basics#Specifying_Filter_Criteria_for_Archiving|filter]] and the [[Email_Archiving_with_MailStore_Basics#Archiving_Specific_Folders|Deletion Rules]]. By default, no emails will be deleted from the mailbox. The ''Timeout'' value only has to be adjusted in specific cases (e.g. with very slow network connections). Please keep in mind that these settings apply to all mailboxes to be archived, as specified in the next step.
| |
| − | *; {{Archiving_Multiple_Mailboxes_Centrally_Options|Microsoft_365_mailboxes_04.png|Microsoft 365}}
| |
| − | | |
| − | == Archiving Incoming and Outgoing Emails Directly ==
| |
| − | {{Archiving Exchange Journal Mailbox Preamble|Exchange Online}}
| |
| − | | |
| − | === Step 1: Setup and Configure MailStore Gateway ===
| |
| − | Please refer to the [https://help.mailstore.com/en/gateway/ MailStore Gateway Manual] for detailed instructions about:
| |
| − |
| |
| − | * Installation and Setup of MailStore Gateway
| |
| − | * Logging on to MailStore Gateway's Management Console
| |
| − | * Creating MailStore Gateway mailboxes
| |
| − | | |
| − | After these steps, a mailbox with an individual email address (e.g. [email protected]) should exist. | |
| − | | |
| − | === Step 2: Configure MailStore Server ===
| |
| − | {{Archiving MailStore Gateway Mailbox|''In- and Outbound E-Mail Automatically''|Microsoft 365 journal 01.png|Arch_MailStore_Gateway_Office365_02.png|''Microsoft 365''|TargetFolderHint=DontShow|POP3Hint=DontShow|DSLink=[[#App_Registration_.26_User_Synchronization|directory synchronization]]}}
| |
| − | | |
| − | === Step 3: Creating a Journal Rule ===
| |
| − | The following steps describe how to set up journaling for your Microsoft 365 account.
| |
| − | | |
| − | * Sign in to the [https://admin.microsoft.com/ Microsoft 365 admin center] as an Exchange or Global Administrator for your Microsoft 365 tenant.
| |
| − | * Expand the left navigation menu by clicking ''Show all''.
| |
| − | * In the ''Admin centers'' section, choose ''Exchange''.
| |
| − | * In the ''Exchange admin center'', navigate to ''compliance management''.
| |
| − | * Select ''journal rules''.
| |
| − | * Under ''Send undeliverable journal reports to'' select an alternate journaling mailbox that receives None Delivery Reports (NDRs) for undeliverable journal reports in case the primary journal mailbox is unreachable. This mailbox must be a dedicated mailbox, any mail sent directly to this mailbox won't be journaled.
| |
| − | * Click on ''+ (New)''.
| |
| − | *:The dialog window ''new journal rule'' opens:
| |
| − | *:[[File:Arch_office365_journal_01.png|center|550px]]
| |
| − | * Enter a name for the journal rule, e.g. ''Journalling''.
| |
| − | * In the ''If the message is sent to or received from…'' section select whether the rule should apply to all messages or to specific users or groups.
| |
| − | * Under ''Journal the following messages…'', choose whether to capture all messages, internally sent messages only, or only those messages with an external sender or recipient.
| |
| − | * Enter the email address of the previously created MailStore Gateway mailbox in the ''Send journal reports to:'' box.
| |
| − | * Click on ''Save'' to activate the rule.
| |
| − | | |
| − | == Public Folders ==
| |
| − | {{Archiving Exchange Public Folders Preamble|Exchange Online|Microsoft 365}}
| |
| − | * Sign in to the [https://admin.microsoft.com/ Microsoft 365 admin center] as an Exchange or Global Administrator for your Microsoft 365 tenant.
| |
| − | * Expand the left navigation menu by clicking ''Show all''.
| |
| − | * In the ''Admin centers'' section, choose ''Exchange''.
| |
| − | * In the ''Exchange admin center'', navigate to ''public folders''.
| |
| − | * Click on the ''Ellipsis (…)'' and select ''Root permissions''.
| |
| − | *: [[File:Microsoft_365_pf_01.png|center|480px]]
| |
| − | * A new browser window opens. Click on ''+ (Add)''.
| |
| − | * Use ''Browse'' to choose the Microsoft 365 user you want to grant permissions.
| |
| − | * Choose ''Custom'' as ''Permission level'' and grant ''Read items'' and ''Delete all'' permissions.
| |
| − | *: [[File:Arch_office365_pf_02.png|center|347px]]
| |
| − | * Click on ''Save''.
| |
| − | * Enable the option ''Apply changes to this public folder and all its subfolders.''
| |
| − | * Click on ''Save''.
| |
| − | * Click on ''Close'' after saving has been completed successfully.
| |
| − | | |
| − | === Step 3: Setting up the Archiving Process ===
| |
| − | * Log on to MailStore Client as MailStore Server administrator.
| |
| − | * Click on ''Archive Email''.
| |
| − | * From the ''Email Servers'' list in the ''Create Profile'' area of the ''Archive Email'' page, select ''Microsoft 365'' to create a new archiving profile.
| |
| − | * A wizard opens to assist in specifying the archiving settings.<br/><br/>
| |
| − | *; [[File:Microsoft 365 pf 03.png|center|347px]]
| |
| − | * Select ''Public Folders''.
| |
| − | *; [[File:Microsoft 365 pf 04.png|center|347px]]
| |
| − | * Select the Microsoft 365 credentials that you have created during the registration of MailStore Server with Microsoft 365 from the ''Credentials'' drop-down list. You can also use the button (…) to access the [[Synchronizing_User_Accounts_with_Microsoft_365_(Modern_Authentication)#Creating_Credentials_in_MailStore_Server|Credential Manager]].
| |
| − | * In the ''Mailbox'' field, enter the primary email address of the user that has access to the public folders as described above.
| |
| − | * Click on ''Test'' to verify that MailStore can access the public folders.
| |
| − | * Click on ''Next'' to continue.
| |
| − | *:[[File:Microsoft 365 pf 05.png|center|347px]]
| |
| − | * Adjust the settings for the [[Email_Archiving_with_MailStore_Basics#Archiving_Specific_Folders|List of Folders to be Archived]]. By default, all public folders that contain emails will be archived.
| |
| − | * If needed, adjust [[Email_Archiving_with_MailStore_Basics#Specifying_Filter_Criteria_for_Archiving|the filter]] and the [[Email_Archiving_with_MailStore_Basics#Deleting_Emails_after_Archiving|Deletion Rules]]. By default, no emails will be deleted from the public folders. The ''Timeout'' value only has to be adjusted in specific cases (e.g. with very slow network connections).
| |
| − | * Click on ''Next'' to continue.
| |
| − | *:[[File:Microsoft 365 pf 06.png|center|347px]]
| |
| − | * In the next step, select the archive of the user you have prepared in step 1.
| |
| − | * In the last step, specify a name for the archiving profile. After clicking ''Finish'' the archiving profile will be listed under ''Saved Profiles'' and can be run immediately or automatically if desired.
| |
| − | | |
| − | [[de:E-Mail-Archivierung_von_Microsoft_365_(Modern_Authentication)]]
| |
| − | [[en:Archiving_Emails_from_Microsoft_365_(Modern_Authentication)]]
| |
