We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Message Archiver
Barracuda Message Archiver

Creating an Email Service Account for Microsoft Exchange Server 2007, 2010, 2013, and 2016

  • Last updated on

This article refers to Barracuda Message Archiver Legacy Release firmware or higher, and MicrosoftExchange Server 2007, 2010, 2013, and 2016.

See also: How to Enable RPC over HTTP Connectivity

An email service account provides Exchange Server directory permissions to grant the Barracuda Message Archiver unrestricted access to all mailboxes. Create an email service account for Exchange import integration and message attachment stubbing.

Recommended
Microsoft Exchange Server 2007, 2010, and 2013 set bandwidth limits and restrict the number of processed messages by default which can impact job performance. Barracuda recommends disabling throttling for the service account after following the steps in this article. For details, see:

Service Account Password Setting

When configuring the service account, you must set the password to never expire. To set this option in Active Directory (AD), go to the Properties dialog box for the service account, click the Account tab, and in the Account options section, select Password never expires. Click OK to save your settings.

To create an email service account, you will need to:

  • Verify the service account has a mailbox, and is not hidden in the Global Address list.
  • (Optional but highly recommended) Establish a user account through OWA or other source before setting up the email service account.

Microsoft Exchange 2007

Use the following steps to set the permissions on Exchange 2007:

  1. Log in to the Exchange Server as the administrator.
  2. From the Start menu, go to Start > Programs > Microsoft Exchange Server 2007 > Exchange Management Shell.
  3. At the command prompt, enter the following command where Exchange2007 is the name of the Microsoft Exchange 2007 Server and CUDASVC is the name of the Barracuda service account, and then press Enter:
    get-mailboxserver Exchange2007 | add-adpermission -user CUDASVC -accessrights GenericRead, GenericWrite -extendedrights Send-As, Receive-As, ms-Exch-Store-Admin
  4. In the Exchange Management Shell, enter the following command to add View-Only Administrator permissions, replacing CUDASVC with the name of the Barracuda service account: add-exchangeadministrator CUDASVC -role ViewOnlyAdmin

    Important:

    If inheritance to the individual mail stores is not enabled on a custom mailbox database, to set the Send As, Receive As, and Administer Information Store permissions at the store level, you must enter the following command in the Exchange Management Shell:
    Add-ADPermission -identity "custom database name" -user "CUDASVC" -accessrights GenericRead, GenericWrite -extendedrights Send-As, Receive-As, ms-Exch-Store-Admin
    To verify the Send As, Receive As, and Administer Information Store permissions, enter the following command in the Exchange Management Shell, where Exchange2007 is the name of the Microsoft Exchange 2007 Server, dbname is the name of the Exchange mail database, and  CUDASVC  is the name of the Barracuda service account:
    get-mailboxdatabase Exchange2007\dbname | get-ADpermission -user CUDASVC | Format-List

Continue with Microsoft Exchange Server 2007 Operations 

Microsoft Exchange 2010 and Newer

Use the following steps to set the permissions on Exchange where CUDASVC is the name of the Barracuda service account:

  1. Log in to the Exchange Server as the administrator.
  2. From the Start menu, go to Start > Programs > Microsoft Exchange Server > Exchange Management Shell.
  3. At the command prompt, enter the following command, and then press Enter:
    Get-MailboxDatabase | Add-ADPermission -User "CUDASVC" -AccessRights ExtendedRight -ExtendedRights Receive-As, ms-Exch-Store-Admin
  4. Next, enter the following command, and then press Enter:
    Add-RoleGroupMember "Organization Management" -Member "CUDASVC"

Use the following steps to apply permissions for the service account where database name is the name of the specific Mail Store database rather than all databases:

  1. Log in to the Exchange Server as the administrator.
  2. From the Start menu, go to Start > Programs > Microsoft Exchange Server > Exchange Management Shell.
  3. At the command prompt, enter the following command, and then press Enter:
    Get-MailboxDatabase -Identity database name | Add-ADPermission -User "CUDASVC" -AccessRights ExtendedRight -ExtendedRights Receive-As, ms-Exch-Store-Admin

 

Continue with Microsoft Exchange Server Operations based on your Exchange Server:

 

 

 

Last updated on