Exchange Server

Overview

The Veza integration for Exchange Server enables email account creation for users during onboarding workflows. This integration requires the VezaProvisioner service to be installed on your Exchange Server before enabling in Veza.

See Supported Actions for details.

Enabling Lifecycle Management for Exchange Server

Prerequisites

1. Administrative access in Veza to configure the integration

2. A service account with permissions to create and manage email accounts in Exchange Server

3. The VezaProvisioner service must be installed and configured on your Exchange Server — see Infrastructure Setup below

Configuration Steps

To enable the integration:

1. In Veza, go to the Integrations overview

2. Search for your Exchange Server integration

3. Complete the following configuration fields if not already set:

   Field

   Description

   Insight Point

   Select if using an Insight Point to access Exchange Server

   Name

   Friendly name for the integration

   Instance URL

   https://<exchange_server_host>/VezaProvisioner

   Username

   Domain username with required Exchange permissions

   Password

   Password for the account

   PowerShell Path

   Path to PowerShell.exe (from Infrastructure Setup step 1)

   Remote Exchange Path

   Path to RemoteExchange.ps1 (from Infrastructure Setup step 1)

4. Check the box to Enable usage for Lifecycle Management

5. Save the configuration

To verify the configuration:

1. Open Lifecycle Management > Integrations

2. Search for the integration and click to view details

3. In the Properties panel, verify Lifecycle Management Enabled is active

Infrastructure Setup

The VezaProvisioner service must be installed on your Exchange Server before the integration can create email accounts. Complete the following steps on the Exchange Server host.

1. Locate Exchange Management Shell Paths

1. Find the Exchange Management Shell shortcut in the Start Menu

2. Right-click > More > Open File Location

   
3. Right-click the shortcut icon > Properties

   
4. Copy the Target field value

   
5. Note the two important paths from the target:

   • PowerShell Path: (e.g., C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe)

   • Remote Exchange Path: (e.g., C:\Program Files\Microsoft\Exchange Server\V15\bin\RemoteExchange.ps1)

2. Create Application Pool in IIS

1. Open IIS Manager and create a new application pool

   
2. Name the application pool

   
3. Configure the application pool:

   • Right-click > Advanced Settings

   

   • Under Process Model, set the Identity

   

3. Configure IIS Application

1. Add the application to "Default Web Site"

   
2. Configure the application:

   • Set alias to VezaProvisioner

   • Select the application pool created above

   
3. Configure authentication:

   

   • Disable Anonymous Authentication

   • Enable Basic Authentication

   

4. Install Veza Provisioner

Install the VezaProvisioner.msi installer provided by Veza support on the Exchange Server. This component handles email address creation for users provisioned in Active Directory.

Supported Actions

Create Email

Creates an email account for a user in Exchange Server:

• Entity Type: Exchange Server User

• User must exist in Active Directory before an email account can be created

Use cases:

• Create email accounts for new employees during onboarding

• Assign email aliases to users