Experience your
30 day trial
now!
GET STARTED
Update Rollup 8 for Microsoft Dynamics CRM E-mail Router (On-Premise) includes support for Microsoft Exchange Server 2010. In continuation to the blog titled “Configure Microsoft Dynamics CRM Online E-mail Router with Exchange Online”, this one explains the detailed steps required to setup Microsoft Dynamics CRM 4.0 E-mail Router (On-Premise) with Microsoft Dynamics CRM 4.0 On-Premise users and queues having mailboxes in Microsoft Exchange Server 2010.
Microsoft Exchange Server 2010 replaces the WebDAV functionality with Exchange Web Services (EWS). Microsoft Dynamics CRM 4.0 E-mail Router (On-Premise) with Update Rollup 8 has been enhanced to integrate EWS support and hence function with Microsoft Exchange Server 2010. The E-mail Router maintains compatibility with Exchange 2003 (only WebDAV) and Exchange 2007 (both WebDAV and EWS).
Prerequisites
Configuration Steps
Microsoft Exchange Server 2010
Granting Exchange Impersonation permissions.
Microsoft Exchange Server 2010 makes do with the permissions model used in Microsoft Exchange Server 2007 and adopts the new Role Based Access Control (RBAC) allowing users to define extremely broad or extremely precise permissions models based on the roles of administrators and users. New commands are available to allow User/Mailbox Impersonation with varying scopes. Exchange Impersonation permission is required for a given Exchange 2010 account if it needs to cater to multiple Exchange 2010 accounts. The profile created with a user account having Exchange Impersonation permission can access the mailboxes of the users who are in the scope of this Exchange Impersonation permission.
In the Microsoft Exchange Server 2010 system, launch Exchange Management Shell from Start-> All Programs-> Microsoft Exchange Server 2010 -> Exchange Management Shell. The shell will connect to the Microsoft Exchange Server 2010 and display the prompt.
[PS] C:\Windows\System32>.
Example: impersonation scenarios
1. A single user is configured to connect to mailboxes of all other CRM users and queues that have their mailboxes on Microsoft Exchange Server 2010. This configuration hence makes do with the need to create profile for each CRM user and queue individually.
To achieve this you need to run the following command in Exchange Management Shell–
New-ManagementRoleAssignment –Name: "ImpersonationName”
-User: "RouterAdministrator@YourOrganization.com" –Role:"ApplicationImpersonation”
In the above command, the Name parameter specifies a name for the new management role assignment. User is the username of the user who is given Exchange Impersonation permission and therefore can now access Exchange 2010 mailboxes of all other users in the Exchange organization.
[Details on New-ManagementRoleAssignment can be found here]
2. A single user is configured to connect to mailboxes of select set of CRM users and queues that have their mailboxes on Microsoft Exchange Server 2010. This configuration is preferable as the impersonation rights are given selectively on the desired mailboxes only.
To enable this scenario, you need to define the set of users as a Management Scope in Microsoft Exchange Server 2010. To do so, run the following command in Exchange Management Shell–
New-ManagementScope –Name: "ManagementScopeName"
–RecipientRestrictionFilter { Name -eq ‘ crmuser1 ’ }
In the above command, The Name parameter specifies the name of the management scope. The RecipientRestrictionFilter parameter specifies the filter to apply to recipient objects.
[Details on New-ManagementScope can be found here]
The new Management Scope created can now be used in the Role Assignment command to restrict the scope of Exchange Impersonation.
-CustomRecipientWriteScope: ”ManagementScopeName”
Removing Exchange Impersonation permission.
Exchange Impersonation permission can be removed using the
Remove-ManagemntRoleAssignment command.
[Details on Remove-ManagemntRoleAssignment can be found here]
Microsoft Dynamics CRM
Configure users and queues to use Microsoft Dynamics CRM E-mail Router.
Users and Queues in CRM can be configured to use the E-mail Router for processing the incoming Exchange and outgoing CRM e-mails. To utilize this functionality, Users and Queues must have a valid email address and select E-mail Router as the incoming and outgoing E-mail access types. This can be setup by an administrator or users having relevant permissions.
CRM Users
1. Navigate to Settings->Administration->Users and configure the user record as displayed.
CRM Queues
Microsoft Dynamics CRM 4.0 E-mail Router (On-Premise)
After the Router has been installed, launch the E-mail Router Configuration Manager from Start-> All Programs-> Microsoft Dynamics CRM E-mail Router. There are three main tabs in the Configuration Manager as shown below.
Configuration Profiles. To configure the E-mail Router, you first create one or more incoming and one or more outgoing configuration profiles. These configuration profiles contain information about the e-mail server and authentication methods that the E-mail Router will use to connect to the e-mail server and transfer e-mail messages to and from the Microsoft Dynamics CRM organization. You create configuration profiles on the Configuration Profiles tab in the E-mail Router Configuration Manager.
Deployments. After you create the configuration profiles that you want, you must define at least one deployment. The information that you enter into the Deployment area will be used by the E-mail Router to connect to your Microsoft Dynamics CRM deployment.
Users, Queues and Forward Mailboxes. After you have the configuration profiles and deployment established, then you manage the users, queues, and forward mailboxes that will be used by the E-mail Router to route Microsoft Dynamics CRM e-mail messages. You manage these items on the Users, Queues, and Forward Mailboxes tab in the E-mail Router Configuration Manager.
Creating Exchange Server 2010 incoming profile.
Default Location https://<Exchange-2010-Server-Name>/EWS/Exchange.asmx
8. Select how the e-mail Router will gain access to the Microsoft Exchange Server 2010 in the Access Credentials list.
Note: The above steps can also be used to create an incoming profile for a CRM user having Microsoft Exchange Server 2007 mailbox by choosing Exchange 2007 as the Email Server Type in step 5.
Creating Exchange Server 2010 outgoing profile.
Microsoft Dynamics CRM 4.0 Email Router (On-Premise) with Update Rollup 8 supports SMTP as the default and only protocol for outgoing e-mail messages as in the case of previous versions.
Configure the Microsoft Dynamics CRM On-Premise deployment.
After you have created the outgoing and incoming e-mail profiles, click the Deployments tab in the E-mail Router Configuration Manager tool.
5. In the Incoming configuration profile, select the incoming profile you created.
Forward Mailbox
Forward Mailbox is one of the options available for processing the incoming e-mails in Microsoft CRM. This option is helpful in scaling the system where all the Forward Mailbox users and queues have all their e-mails forwarded to the Forward Mailbox using Exchange forwarding rules. Emails for multiple users and queues are present in this single E-mail box as an attachment and hence Router can promote them to Microsoft Dynamics CRM using the single polling location. Users and Queues can have this options set for incoming e-mails processing as follows.
Set up the Forward Mailbox.
Deploy Exchange rules manually through Microsoft Exchange Server 2010.
In order to use the forward mailbox feature Microsoft Exchange Server 2010 users need to manually create rules on their own mailboxes from OWA or using Outlook client. This can be done by using the Rule Deployment Wizard for Microsoft Exchange Server 2007 and earlier systems. In Microsoft Exchange Server 2010 they will need to manually setup a rule with the following logic:
Forward All e-mails as An Attachment to <a mailbox you defined in your system>
This rule will forward all incoming e-mail to the Microsoft Dynamics CRM forwarding mailbox. After the rules have been deployed, any e-mail that is received in a user’s mailbox will be forwarded as an attachment to the forwarding mailbox. The Microsoft Dynamics CRM E-mail Router Service monitors the forward mailbox. The service will route Microsoft Dynamics CRM e-mail to Microsoft Dynamics CRM as an e-mail activity. If the e-mail is not related to Microsoft Dynamics CRM, the service will delete the e-mail message from the forwarding mailbox.
Test and publish the new incoming /outgoing profiles and deployment.
The final step is to publish new incoming profiles, the deployment and forward mailbox settings. Before publishing, connectivity to all mailboxes using the specified profiles must be tested. To do this, complete the following steps:
Note: If you receive an error loading the data, verify the correct organization unique name is listed in the Select a CRM Deployment to view users and mailboxes list. Also, verify the organization unique name is entered with the correct case. The organization unique name is case sensitive. If no users are listed after you click Load Data, or if you are missing users, check the user’s settings. Also Forward Mailbox users and queues do not have the option of assigning the incoming profiles because the forward mailbox is directly used for the incoming E-mail processing.
On publishing the Router will start catering the Microsoft CRM Users and Queues having the Microsoft Exchange Server 2010 mailboxes.
Cheers,
Ravindra R Upadhya
We have been playing around with your setup here and have had some success but failed too. I wonder if we can get some suggestions.
We have two mail server, 2003 and 2010 and have migrated some users to 2010 for testing.
We just cannot get a successful test for incoming against the 2010 server.
The Exchange Web Services URL we are using is this: https://servername.externaldomain.com/EWS/Exchange.asmx
When we hit that URL from the server with the CRM Router on it, we can enter a users Windows Authentication data and access the "Services.wsdl". We assume that this is a test of the access to the Exchange Web Services?
However once we publish the Inbound Configuration Profile and Test. We get nothing. The test hangs on the first account.
Access Credentials have been tested with both user specified (was working before migration to 2010) and with Other Specified, where we set the details of the first users that is tested in the test access process (assuming that it would at least prove test one account), but nothing.
Any suggestions would be appreciated here.
It seems that exchange web services are not configured correctly. Can you look into the windows eventlog for the error details after publishing the profile. Also try EWS url with just http.
You can check exchange web services working using the console app from the steps given at
http://msdn.microsoft.com/en-us/library/bb408521.aspx
Can you try with just http in the url, seems that the web serivices are not setup properly. To verify the exchange web services configuration you can use the console app from the steps given at http://msdn.microsoft.com/en-us/library/bb408521.aspx.
Note that the router does not work with self signed certs (http://support.microsoft.com/kb/954584).
To Disable https from the web service for testing.
Replace all "httpsTransport" with "httpTransport" in $Exchange Server\V14\ClientAccess\exchweb\ews\app.config
Replace in EWSServiceBehavior -> httpsGetEnabled="false" instead of “true” in $Exchange Server\V14\ClientAccess\exchweb\ews\app.config
Hi Ravindra,
Nice article ! When is the RDW support for Exchange 2010 coming out ?
Thanks,
Rajpreet
With the update of the email router is the installation now supported on Server 2008 and or Server 2008 R2?
We have same problem as David Finley above. We have a new install of Exchange 2010 using https with a 3rd party cert. Webmail works correctly. If we use the InternalNLBBypassUrl in the CRM incoming profile we get a cert error exactly as expected.
We are not prepared to change the config file as suggested for testing as this is a live production environment
The resolution pointed above was for the test exchange environments where the https default is not backed up by the signed certs. Router should work fine if the https is correctly setup with the valid certs. I think there might be the issue with the EWS endpoint which is used in the profile. Please use the following link having the pointer to the sample application to determine the correct end point. http://msdn.microsoft.com/en-us/library/bb204057.aspx
Dean,
From the Microsoft Download page for Email Router UR8 -
http://www.microsoft.com/downloads/details.aspx?familyid=C53B2916-6B93-4092-BDD3-A394C96CA000&displaylang=en
Windows Server 2008 is supported.
Are there any special considerations to be taken when using Exchange 2010 clustered servers? Should the cluster DNS name be used or one of the servers name/address?
Hey Joakim, you should use the MBX server's name/address in the incoming/outgoing profiles.
Joakim, CAS/MBX server name is what you need to provide in Email router in the Incoming/Outgoing profile.
by following your instruction . i am still facing below error:
"Incoming Status: Failure - The request failed with HTTP status 403: Forbidden."
I'm sure the access credential I provided for incoming profile have enough permission to access the mail account i specified. any other setting i need to config ?
BTW. one more question, if an account could access to certain mail address. does it mean this account have the impersonation permission?
Feifei, the particular error you are seeing is not due to access credentials. Rather, it is due to incorrect binding used in URL. It looks like the URL you have provided is HTTP while the server expects HTTPS.
For the second question : Not necessarily. You may have access to the mailbox and yet not have rights to send emails as that user. This may well be sufficient for receiving emails though.
Although, we recommend that you verify the permissions using Exchange Management Shell with the help of commands mentioned here : technet.microsoft.com/.../dd351024.aspx