Hi all,
I am trying to find some information/documentation on how to add user to a shared mailbox using IntegrationHub with Microsoft Exchange Online spoke - Looking at the spokes documentation, it seems that there is no ootb action such as "Add user to mailbox" to give full access or send as kind of access.
I have found the information on how to do this via Orchestration activities where you add scripts to run Exchange online powershell commands - however, using the Exchange online spoke directly connected to the Exchange online > I was hoping to see an action that could be used to just "Add user to mailbox" with appropriate permissions.
If anyone has used the spoke for doing such things - Any information or documentation on this would be helpful.
Thanks.
Hi @Kevin Moore @Jennifer Doll @RobertR1 ,
Sorry i have not been looking at the emails recently thats why could not reply. Here is what you need to setup the add user to mailbox:
- You need EXO PS module installed on your mid server:
https://learn.microsoft.com/en-us/powershell/exchange/exchange-online-powershell-v2?view=exchange-ps
https://www.powershellgallery.com/packages/ExchangeOnlineManagement/3.0.0
- The OAuth 2.0 EOL connection is fine, you also need a credential to run PS scripts on your EOL environment - hence on the doco there is a step for Windows credential - however, i would suggest not to use basic outh username password method - Instead you need this credentials setup through a certificate - This below will help - This certificate thumbprint needs to be than added to the mid server so we can use it on the connect EXO cmd on mid server script file:
https://learn.microsoft.com/en-us/powershell/module/exchange/connect-exchangeonline?view=exchange-ps
https://office365itpros.com/2020/08/13/exchange-online-cba/
- Mid server script file attached - please add your certificate thumbprint, clientid, org domain - make sure your org domain is @mydomain.onmicrosoft.com.
- on the mid server script actual Add-MailboxPermission command - I have two cmd line - one for adding user to full access and second for adding user to send as access - update as per your requirement:
$mailboxname This is the variable you need to pass the mailbox email address
$user This is the variable you need to pass your user email address
Next the Flow custom action as below:
I only needed two input for this - add/update as you required, you can see the two variable above that i mentioned is in here and the name matches to the PS cmd in the mid server script file:
To your question @Mark that you could not change the mid server script is because you were trying to change on the OOTB action - it does not allow on OOTB (I am guessing you have already figured this out but fyi) Below is where you add the mid server file that i have attached here.
On this same page further down make sure you map those input variables:
The next error handling part i am just using the ootb by changing the variables to mine.
I hope this will get your setup running.
Regards.
Hi@Kevin Moore
Good day.
Reg: Level of access need to be provisioned to the Service account.
I've created a service account and granted it the required roles to read 'Distribution List' details from the Exchange server (On Prem). When I test run the custom flow action, I'm getting an access denied error.
However, if I run the script on the MID server (logged in to the mid server using my admin creds) using the same service account credential (in the powershell script Get-Credential cmdlet), I get the desired output.
Please note that the service account does not have admin access to the MID server. So my query is, should I provision the mid server admin role to that service account ?
Could you please let me know what level of accesses need to be provisioned to the service account?
Thanks,
Siva
