After you have completed the procedures in Step 1 - Set Up Essentials for Office 365 and Step 2 - Configure Office 365 for Inbound and Outbound Mail, continue below to set up your Barracuda Cloud Archiving Service.
Barracuda Cloud Archiving Service
- Configure Directory Services
- Launch the Initial Setup Wizard
- Configure Journaling from Office 365 Mail Service
- Create and Configure an Office 365 Exchange Online Service Account
Step 1. Configure Directory Services
You must configure LDAP or Azure AD for group expansion and user attributes in the Barracuda Cloud Archiving Service.
Use AD authentication to store and administer Barracuda Cloud Archiving Service user accounts via your organization's LDAP or Azure AD.
When you first set up the Barracuda Cloud Archiving Service, a warning notice displays across the top of the web interface notifying you that you must configure AD through Barracuda Cloud Control and enable groups. Before you continue, you are required to either set up AD and wait for a sync to complete, or select to proceed without AD. Barracuda Networks strongly recommends setting up local AD.
Create a Barracuda Cloud Control Directory
- Go to Home > Admin > Directories.
- Click the Add Directory button.
- Select one of the following sections to add a new LDAP or Azure active directory.
Add a New LDAP Active Directory
- Select LDAP Active Directory.
- On the INFO tab, specify a new Directory Name.
Activate the Authentication option to have users authenticate using their LDAP credentials. If you disable this option, users authenticate with Barracuda Cloud Control.
- Click SAVE AND CONTINUE.
- On the HOST tab, specify the following for the LDAP host:
- LDAP Host IP address
- LDAP Host Port – Use Port 389 for LDAP and LDAPTLS or Port 636 for LDAPS.
- Base Domain Name (DN) – Any user or group that exists with the search base that will sync to Barracuda Networks. For example,
DC=domain,DC=com
. - Bind DN – Enter the bind domain name for a service account with read permissions to the active directory.
- Password – Password associated with the service account.
- Connection Security – Select SSL, TLS, or None. For more information, see New Requirements for LDAP Authentication.
- (Optional) To add additional servers, click Add LDAP Host.
- If your LDAP server uses a self-signed certificate, toggle on the Allow Self-Signed Certificate setting.
- Click TEST CONNECTION to check connectivity to the host. If the connection fails, verify your settings are correct and that you have allowed the Barracuda Networks IP in your firewall. Contact Barracuda Networks Technical Support for additional troubleshooting.
- If the connection succeeds, it displays as Connected. Click SAVE AND CONTINUE.
- On the DOMAINS tab, add the domains associated with your users.
- For each domain that you add, click Verify and following the instructions to verify the domain.
- After each domain is verified, you can sync your users and groups to the Barracuda Cloud Control.
Add a New Azure Active Directory
- Select Azure Active Directory.
- On the INFO tab, specify a new Directory Name. For example, "Office 365".
- Click CONNECT TO MICROSOFT to sign into Microsoft and authorize Barracuda Cloud Control to connect to your Azure Active Directory account.
- Log in with your Office 365 administrator credentials.
- Accept the credentials for the application request.
Activate the Authentication option to have users authenticate using their Azure credentials. If you disable this option, users authenticate with Barracuda Cloud Control.
After you are redirected back to the Barracuda Cloud Control, click Save.
Step 2. Launch the Initial Setup Wizard
- Click Archiver in the left pane. The initial setup wizard will run.
Click Next.
Click Verify to verify the directory service configuration in your Barracuda Cloud Control account.
Click Next.
- Verify that all the email domains you plan to archive are listed here. If there are any missing, add them now.
- Click Next.
- (Optional) Specify a retention policy. Otherwise, click Next.
- Click Finish to apply your changes.
Step 3. Configure Journaling from Office 365 Mail Service
Option 1. Configure Journaling from the Web Interface
- Go to the Mail Sources > SMTP Journaling page.
- Go to Journaling Setup Scripts > Office 365 Setup Script, and click Run Script.
- Follow the onscreen prompts to configure Office 365 to journal mail to the Barracuda Cloud Archiving Service.
Option 2. Configure Journaling via Script
- Go to the Mail Sources > SMTP Journaling page.
- In the Journaling Setup Scripts > Office 365 Setup Script section, click Download to save the PowerShell script to your local system, or click Show Script to copy the script to your clipboard.
- Open Windows PowerShell, and run the script to configure Office 365 to journal mail to the Barracuda Cloud Archiving Service.
If you are unable to run the journaling script and need to manually configure journaling, see Manually Configure Journaling.
Step 4. Create and Configure an Office 365 Exchange Online Service Account
Requirements
Microsoft .NET Framework 4.5 or 4.5.1 and either the Windows Management Framework 3.0 or the Windows Management Framework 4.0.
An Office 365 global administrator account to apply permissions and scripts.
Verify the service account has the following:
A mailbox with Microsoft Exchange Online Plan 1 or higher.
A mailbox that is not hidden in the Global Address list.
A license that supports Outlook (i.e., not a kiosk license).
Enable RPC over HTTP (RoH) for the mailbox. See also How to Enable RPC over HTTP Connectivity.
To import from Exchange Online using EWS, see How to Configure Microsoft Exchange Online Email Import Using EWS. If you are not using EWS, use the following instructions to import from Exchange Online.
Step 1. Connect to Office 365 Exchange Online
- Install Exchange Online module.
- If you have already installed Exchange Online module, proceed to the next step.
- To install Exchange Online module, open Windows PowerShell as an administrator and enter the following command:
Install-Module -Name ExchangeOnlineManagement
Connect to Exchange Online Powershell and log in with your Office 365 administrator account using the following command:
Connect-ExchangeOnline
- After you connect to Exchange Online PowerShell, enter the following command:
Get-Mailbox -ResultSize unlimited | Add-MailboxPermission -User <ServiceAccount@domain.com> -AccessRights fullaccess -InheritanceType all -Automapping $false
Step 2. Import from Office 365 Exchange Online
To import from Exchange Online using EWS, see How to Configure Microsoft Exchange Online Email Import Using EWS. If you are not using EWS, use the following instructions to import from Exchange Online.
Log into the Barracuda Cloud Archiving Service as the admin, and go to Mail Sources > Exchange Integration.
- Click Start New Action. In the Select Action page, click Email Import.
- In the Select Server page, click Add New Server.
- In the Add New Server dialog box, enter a Configuration Name, the email address for the service account and the service account password.
- Click Autodiscover.
If autodiscover is unable to identify your settings, use the steps in the following section, Manually Configure Settings.
See Also
Click the component tabs above or click a link below to learn more: