Exchange Server

This guide describes how to enable and configure Exchange Server for Lifecycle Management in Veza, including supported capabilities and configuration steps.

Supported Capabilities

Lifecycle Actions Supported

Create Email

Supports the creation of email accounts for users within Exchange Server.

• Entity Type: Exchange Server Users

• Attributes Available for Configuration:

  • Identity (Required)

  • Alias (Optional)

Example Use Cases:

• Create email accounts for new employees joining the organization

• Assign email aliases to users to facilitate communication

Configuration Steps

1. Locate Exchange Management Shell Paths

1. Find the Exchange Management Shell shortcut in the Start Menu

2. Right-click > More > Open File Location
3. Right-click the shortcut icon > Properties
4. Copy the Target field value
5. Note the two important paths from the target:

   • PowerShell Path: (e.g., C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe)

   • Remote Exchange Path: (e.g., C:\Program Files\Microsoft\Exchange Server\V15\bin\RemoteExchange.ps1)

2. Create Application Pool in IIS

1. Open IIS Manager and create a new application pool
2. Name the application pool
3. Configure the application pool:

   • Right-click > Advanced Settings

   • Under Process Model, set the Identity

3. Configure IIS Application

1. Add the application to "Default Web Site"
2. Configure the application:

   • Set alias to "VezaProvisioner"

   • Select the application pool created above
3. Configure authentication:

   • Disable Anonymous Authentication

   • Enable Basic Authentication

4. Install Veza Provisioner

Install the VezaProvisioner.msi installer provided by Veza support on the Exchange Server. This component handles email address creation for users provisioned in Active Directory.

5. Configure Exchange Server Integration in Veza

1. Go to Configurations > Integrations

2. Click Add New and select Exchange Server

3. Complete the following fields:

   Field

   Description

   Insight Point

   Select if using an Insight Point to access Exchange Server

   Name

   Friendly name for the integration

   Instance URL

   https://<exchange_server_host>/VezaProvisioner

   Username

   Domain username with required Exchange permissions

   Password

   Password for the account

   PowerShell Path

   Path to PowerShell.exe noted in step 1

   Remote Exchange Path

   Path to RemoteExchange.ps1 noted in step 1

4. Enable Lifecycle Management by checking Enable Lifecycle Management

5. Save the configuration

6. Verify Configuration

After configuration, the Exchange Server integration will be available for use in Lifecycle Management policies, specifically for the Create Email action. This action can be used in workflows for new employee onboarding or other scenarios requiring email account creation.