If you are a large enterprise there is a high likelihood you are running Microsoft Exchange or have migrated to Microsoft’s Cloud Email offering Office 365. Many companies are still running Microsoft Exchange On Premise and haven’t moved to Azure or Office 365 yet.
This article covers Service Accounts for BOTH Hosted/On Premise Exchange AND Office 365 Service Accounts. Please Note: GReminders also supports individual access to Hosted/On Premise Exchange (Service account is generally for larger accounts).
GReminders now supports Microsoft Exchange On Premise 2007, 2010, 2013 2016, 2019 (any version above 2007) via the Exchange Web Services API. Of course we have supported Office 365 and GSuite for a while already.
Service Accounts are a single entry point for the GReminders app to access other people’s Calendars. This service account has “delegate” access to other users calendars (via impersonation) you specify when setting up the Service Account.
Since this article covers Microsoft Service Accounts, this Service Account method is also applicable to Office 365 (since Office 365 IS Microsoft Exchange just “in the cloud”)
In short, you setup an account on your Microsoft Exchange or Office 365 infrastructure such as [email protected], then grant permissions to those other users that GReminders needs access to. The scope of access is limited to the calendars of those users the service account has access to.
This setup will require a Microsoft Exchange Administrator. This can be done using the Exchange UI and/or Powershell commands.
Data flow diagram:
Below are the steps to complete the integration:
1. Setup a Service Account
Setup a Service Account on your Exchange or Office 365 Infrastructure and grant the GReminders user set impersonation access to that Service Account. Please see detailed instructions here. (You must be logged into GReminders to access these instructions)
2. Tell GReminders about this Service Account
Within the GReminders application go to:
https://app.greminders.com/admin/integrations/microsoft-exchange
For Office 365 Service Account users you will need to Authenticate via OAuth once with your Global Admin (to authorize the application to Azure Active Directory) and second with your Service Account you setup.
For Hosted Exchange (In your own Cloud, Intermedia, Smarsh, etc…) You will need to select “On Premise Exchange / Advanced Setup” and fill out the information below:
Enter your EWS or OWA URL Endpoint such as http://exchange.mycompany.com (this completely varies by company and who is hosting your Exchange Server). Note your endpoint must be publicly accessible and not behind a VPN.
IP Whitelisting is available if necessary, please contact [email protected] for more information.
Enter the service account email address you created along with the password and one of the impersonate users.
You will also need to specify which domains are hosted on your Exchange Server. If you host multiple domains enter them in one per line in the domains textbox above.
3. Set your desired Login Providers
By default, GReminders uses Microsoft or Google “single sign on” to make logins easier. If you are using Microsoft Exchange On Premise your users will not have a “Microsoft” Login, so you will need to use GReminder’s Username/Password mechanism. If you are using Office 365 you can skip this step.
Go to: https://app.greminders.com/admin/security
And select Username/Password for your new users like so:
4. Add your Users
Go to the Users screen in GReminders and add your users. If you have a bunch of users you can Import users via CSV.
If using CSV your CSV file should look something like this:
Once you add users the system will automatically attach Calendars to those users (as long as the domain of these users matches the Service Account Domains), and the calendars will start syncing.
5. Invite Your Users
Please note, since GReminders is a Background Service your users don’t even need to login to get value from the system. If you are managing reminder templates from the Org level, your users will automatically benefit from reminder notifications. Of course if you want them to leverage automated scheduling, teams and other reminder or scheduling features you should invite them to the system by clicking on the Send Invite link next to their names in the user list.
That’s It
Any questions? Please contact [email protected] for help or more information.