Exchange connection

If you will be creating datasets that process Exchange data, you must complete additional tasks to enable processing by the processing agent.

Configure the O365 organization connection

The OpenText Core Data Discovery & Risk Insights processing agent uses basic authentication to connect to on-premises implementations of Exchange and an OAuth based model, referred to as modern authorization, to connect to O365 implementations

For more information about basic authentication for Exchange, see https://techcommunity.microsoft.com/t5/exchange-team-blog/basic-authentication-deprecation-in-exchange-online-september/ba-p/3609437.

  1. Open a browser and connect to the Microsoft Entra admin center for the organization as an account with appropriate privileges.

  2. In the left pane, expand Identity > Applications, and then click App registrations.

  3. Create a new app registration.

    1. Click New registration and complete the options as follows.

    2. Option Description
      Name Type FAS-DD_Exchange_Collection as the application name.
      Support account types Select Accounts in this organizational directory only.
      Redirect URI

      Select Public client (mobile & desktop) and then type urn:ietf:wg:oauth:2.0:oob for the redirect URI.

    3. Click Register. The overview page for the new application registration displays.

      Take note of the resulting Application (client) ID and Directory (tenant) ID values. These will be required when defining the source in the Connect UI.

  4. Set permissions for the new app registration.

    1. In the left pane of the new application registration page, expand Identity and then click API permissions.

    2. Click Add a permission.

    3. In the Request API permissions pane, click APIs my organization uses.

    4. Type office 365 exchange online in the search box and then click Office 365 Exchange Online in the resulting list.

    5. Click Application Permissions.

    6. Search for and select full_access_as_app.

    7. Click Add permissions.

    8. On the API permissions page, click Grant admin consent for organizationName.

      A confirmation message displays. Click Yes to confirm consent.

  5. Create the client secret.

    1. In the left pane of the new application registration page, under Manage, click Certificates & secrets.

    2. Click New client secret.

    3. Type the desired description for the secret and select the desired expiration period.

    4. Click Add.

    After the secret is created, make a copy and record the resulting value in a safe location. This will be required when defining the source in the Connect UI.

Configure special processing for Exchange folders (Optional)

You can configure the processing agent to process hidden folders and to exclude specific folders within Exchange. By default, OpenText Core Data Discovery & Risk Insights does not process hidden Exchange folders and excludes a pre-defined set of folders.

The following Exchange folders are excluded by default.

  • Calendar and all subfolders

  • Contacts and all subfolders

  • Suggested Contacts and all subfolders

  • Draft and all subfolders

  • Deleted Items and all subfolders

  • Conflict and all subfolders

  • Sync Issues and all subfolders

  • Versions and all subfolders

  • Purges and all subfolders

  • MigratedMessages and all subfolders

  • Conversation Action Settings and all subfolders

  • Files and all subfolders

  • Social Activity Notifications and all subfolders

  • PersonMetadata and all subfolders

  • Yammer Root and all subfolders

  • Quick Step Settings and folders that start with this name, such as Quick Step Settings01

  • ExternalContacts and all subfolders

  1. On the agent host server, open the Agent administration UI.

    From the Start menu, click OpenText Core Data Discovery & Risk Insights Agent > Agent Admin.

  2. In the primary navigation pane, click Advanced Settings.

  3. In the Category list, click Exchange.

  4. Locate the ProcessHiddenFolders option and set the value to True.

  5. Click Save.

  1. On the agent host server, open the Agent administration UI.

    From the Start menu, click OpenText Core Data Discovery & Risk Insights Agent > Agent Admin.

  2. In the navigation pane, click Advanced Settings.

  3. In the Category list, click Exchange.

  4. Locate the ExcludeFolderList option and modify as desired.

    NOTE: The following folders are defined to be excluded from processing by default: Calendar\, Contacts\, Suggested Contacts\, Drafts\, Deleted Items\, Conflict\, Sync Issues\, Versions\, Purges\, MigratedMessages\, Conversation Action Settings\, Files\, Social Activity Notifications\, PersonMetadata\, Yammer Root\, Quick Step Settings, ExternalContacts\

    • Separate each folder entry with a comma, with or without a trailing space.

      Example: Calendar\, Contacts\, Suggested Contacts\ or Calendar\,Contacts\,Suggested Contacts\

    • Include a backslash (\) after the folder name to process all items in this folder and all items in all subfolders.

      Example: Calendar\, Contacts\, Suggested Contacts\

    • Do not include a backslash (\) after the folder name to process items from folders starting with the defined folder name.

      Example: Quick Step Settings excludes folders Quick Step Settings and Quick Step Settings01 from processing.

  5. Click Save.

Configure web proxy settings (optional)

The Exchange processor service controlled by the processing agent requires connectivity to the OpenText Core Data Discovery & Risk Insights cloud components, often located away from the local network where the agent host servers are located. Although direct connectivity is ideal, use of a web proxy may be required in some environments for the agent systems to reach the OpenText Core Data Discovery & Risk Insights cloud.

NOTE: Authenticated proxies are supported for Exchange Online (O365) only.

  1. On the machine hosting the OpenText Core Data Discovery & Risk Insights processing agent, log on to the agent administration UI.

    From the Start menu, click OpenText Core Data Discovery & Risk Insights Agent > Agent Admin.

  2. In the navigation pane, click Advanced Settings.

  3. In the Category list, click Exchange.

  4. Complete the following options.

    Option Description
    Proxy address URL

    Type the URL of the web proxy.
    Proxy bypass list

    Type a comma separated list of addresses that do not use the proxy server..
    Proxy Bypass on Local

    Specify whether to bypass the proxy for local addresses.

    • Select True to bypass for local addresses.

    • Select False to not bypass for local addresses.
    Proxy Password

    If the proxy requires authentication, type the password for the user account that will access the proxy server.

    IMPORTANT: Authenticated proxies are only supported for Exchange Online (O365) resources. If not connecting to Exchange Online (O365), leave this field blank.
    Proxy Username

    If the proxy requires authentication, type the username for the user account that will access the proxy server.

    IMPORTANT: Authenticated proxies are only supported for Exchange Online (O365) resources. If not connecting to Exchange Online (O365), leave this field blank.

  5. Click Save. You can close the agent administration UI.

Configure users for Exchange datasets

Exchange processing is based on OpenText Core Data Discovery & Risk Insights datasets and their associated users. Before creating Exchange datasets, you must create a user for each Exchange mailbox to be processed.

When creating an Exchange dataset, you will define the individual user mailboxes associated with the dataset. All Exchange items for users associated with a specific dataset are processed in the same manner.