Loading

Microsoft Exchange Server Configuration for the Outlook Integration

Veröffentlichungsdatum: Aug 18, 2023
Beschreibung
This is in reference to Microsoft's documented requirements for Office Add-Ins, such as the Outlook Integration; posted at Outlook add-in requirements.

To assess the connectivity of the Exchange server and confirm that it is properly configured to communicate with the Outlook Integration add-in, Salesforce has put a Debug Tool together here: Outlook Integration Debug Tool overview.
Lösung

A summary of Microsoft's document is that there are three main requirements on the Exchange server side that influence the success of a working connection with the Outlook Integration add-in:
 
  1. The Exchange server must accept incoming Exchange Web Services (EWS) calls from Salesforce IPs. An Exchange metadata endpoint that allows unauthenticated HTTP access must be available and AutoDiscovery may possibly have to be set up, but not always depending on how the Exchange server is set up at your company. Read this Microsoft article for more details: Configure Exchange Services for the Autodiscover Service. Enabling an EWS end point is a common practice, including with Exchange on-premises servers. Contact your Microsoft Support team if you'd like to review considerations with that setting. The optional configuration includes allowlisting incoming EWS calls on that Exchange server to originate from Salesforce's IP addresses and domains, which are documented there: Salesforce IP Addresses and Domains to Allow This is not a required configuration step. Another optional configuration is to validate incoming EWS calls by checking they contain a valid JSON Web Token (JWT). Details about JWT are available at: Inside the Exchange identity token. This is not a required configuration step either and really depends on your internal company policies around the Exchange server management.

 

  1. The Exchange server must be able to reach the Office Store that is to authorize pings to and from 'Business Apps' on the Microsoft AppSource site. Log a ticket with Microsoft for more details about that Exchange configuration. While Outlook end users do not necessarily need access to the Store and do not have to add the Salesforce add-in to their Outlook themselves, the Exchange admin can provide the experience on their behalf. Find details about deployment options at Access the Outlook Integration

 

  1. The Exchange server is configured to generate JWTs properly so they indicate the URL that Salesforce uses to connect with the Exchange server. That URL may be the same as the AutoDiscover URL and is referred to as the MetaData URL in the JWT. Make sure all outputs of the Debug Tool are green and valid, including EWS call tests.


When EWS calls using the Debug Tool are still generating 500 internal server error responses, a common check to conduct is to review certificates on the Exchange server and ensure their validity. To confirm which certificates are included, you may refer to Outbound Messaging SSL CA Certificates.

For all Exchange configuration questions, please have the Exchange admin team initiate a ticket with Microsoft Support. Salesforce is able to assist if Microsoft requires input to resolve the ticket, but cannot engage with Microsoft on behalf of a customer unless there is a ticket logged with them.


Additional information and resources:
Salesforce Email Integration Security Guide 
Set Up Your Microsoft Exchange Server for the Outlook Integration

 

Nummer des Knowledge-Artikels

000383974

 
Laden
Salesforce Help | Article