Exchange Integration now supports the Exchange Web Services (EWS) protocol for connecting to Exchange Online. With recent changes from Microsoft, using EWS ensures that Exchange Integration will continue to work with Exchange Online. In addition, the switch to EWS simplifies the Exchange Integration configuration by eliminating the need to use a service account and the accompanying requirement to update the service account's permissions after creating new users with mailboxes.
Requirements
- You must have a Microsoft 365 account with administrator privileges.
- An Application Id and secret from Microsoft 365. See How to Create an Application ID and Application Secret for Barracuda Message Archiver in Microsoft 365.
- Your Tenant Name and Primary domain name from Microsoft 365. See How to Find Your Tenant and Primary Domain.
Ensure outbound connections to port 443 are open and use the MAS hostname
mas.barracudanetworks.com
to allow the Barracuda Message Archiver outbound connection to the Barracuda Cloud Archiving Service (BCAS). This is required to authorize a new source and to run each action.
Note that you will no longer need a service account to set up an Exchange Online source.
Add a New Exchange Online Source
- Log into the Barracuda Message Archiver as the admin, and go to MAIL SOURCE > Exchange Integration.
Click Start New Action. In the Select Action page, click Email Import.
- In the Select Source page, click Add New Source.
- Select Exchange Online to configure using EWS.
- Enter a Configuration Name, App Id, Secret Key, Tenant Name, and O365 Domain Name.
- For more information on how to create an App Id and Secret, see How to Create an Application ID and Application Secret for Barracuda Message Archiver in Microsoft 365.
- For more information on where to find your Tenant Name and O365 Domain Name, see How to Find Your Tenant and Primary Domain.
- Click Authorize.
If you are not already logged in, a new tab or pop-up window prompts you to enter your Microsoft 365 administrator account login information from which Exchange Integration will process mail.
- Click Accept to authorize the Barracuda Cloud Archiving Service application to access your details.
- After the authorization tab or window closes, switch back to the Select Source page. You should now see the new source in the list. Select the new source and click Continue.
In the Configure Action page, select All Users from the drop-down menu, and specify the desired Date and Schedule settings. Click Continue.
- Verify the configuration settings in the View Summary page, and then click Submit to add the Email Import to the Scheduled Actions table.
How to Find your Tenant and Primary Domain
Log into the Microsoft 365 Admin center as a global admin https://admin.microsoft.com/.
On the left-hand menu, select Overview and copy down the Name and Primary domain.
The Name and Primary domain you copied down can now be used to authorize the Barracuda Message Archiver permissions to import data from Exchange Online.
Edit an Exchange Online Source
You can revoke access to the Barracuda Cloud Archiving Service application by removing it from your organization's Enterprise Applications in Microsoft's Admin interface. To restore access, you can add a new source and authorize the application again. If you have not removed the Exchange Online source on the Exchange Integration page, you can edit the source and click Re-authorize. This takes you back to Microsoft's site to log in and consent to the required application permissions again.
- Log into the Barracuda Message Archiver as the admin, and go to MAIL SOURCE > Exchange Integration.
- Click Start New Action. In the Select Action page, click Email Import.
- In the Select Source page, click Edit next to the source you want to change.
- If needed, change the configuration name and click Save. Click Re-authorize to re-authorize consent to the Barracuda Cloud Archiving Service application.