All Collections
Installing Laurel
Step 2: Configuring Laurel for activity collection
Exchange Server (on-premises) Configuration for Laurel
Exchange Server (on-premises) Configuration for Laurel

Collection of Email and Calendar Event activities for Laurel

Nick Bazley avatar
Written by Nick Bazley
Updated over a week ago

ℹ️ Laurel is tightly integrated with Microsoft O365 for email and calendar collection on behalf of timekeepers, our recommended collection solution.

As a Microsoft administrator, please collect and provide the following information to the Laurel team for setup:

  • EWS Public URL

  • EWS Public URL Username

  • EWS Public URL Password

  • User Exchange IDs (Optional)

We will confirm with testing prior to making the application available generally to your users. The steps below help you setup our application and get these values.

Security Considerations

Most integrations such as MS Teams (for phone call and video conference collection) have shifted to standard accessible APIs with the latest web security features, often comparable or better than fire-walled equivalents.

If a customer firm is unable to offer access to their on premise installations, Laurel will be blocked in its automation capabilities and benefits.


Onboarding Steps

**Note: Click dropdown arrows below to expand header steps.

Configure Laurel Access to EWS (Click)

1. Access your Exchange Admin Center as a domain administrator.

2. Click Servers in the left pane and select Virtual Directories tab.

3. Select EWS and click Edit (Pencil Icon)

4. In General, set External URL

ℹ️ Ensure the External URL value has Public Access Granted. Note: The URL can be the same as Internal URL if both are publicly accessible.

Save the value of External URL to provide to Laurel as the EWS Public URL

5. Click Authentication in the left panel, tick Basic Authentication and Save.

Note: If you have multiple Exchange servers (EWS) values in this list please ensure that Basic Authentication is turned on for all of them.

Create User for Laurel EWS Access (Click)

  1. Access your Exchange Admin Center as a domain administrator.

  2. Create a new User Mailbox ("Plus" Icon)

  3. Set Display Name field to Laurel MSX Assistant

  4. Set Name to Laurel MSX Assistant

  5. Set User Logon Name to laurelmsxassistant

  6. Set a Password

  7. Click Save

Save the values email address as EWS Public URL Username and the password as EWS Public URL Password for use later.

⚠️ Do not set "Require Password Change on Next Logon"

Configure User for Laurel EWS Access (Click)

  1. Once a user has been created for Laurel, select from the list and click Edit

  2. Select Hide From Address Lists

  3. Select Mailbox Features and click Disable for the following options:

    1. Disable Exchange Active Sync

    2. Disable OWA for Devices

    3. Disable Email Connectivity

    4. Disable IMAP

    5. Disable POP3

    6. Disable MAPI

  4. Click Mailbox Delegation and Delete all Full Access Options and Save

Restrict Laurel EWS Access (Click)

  1. Access Active Directory Users and Computers on your Windows Server

    1. You can install this application from Microsoft

  2. Create a new Active Directory Group

  3. Set Group Name and Group Name (Pre-Windows 2000) to Laurel MSX Assistant and click OK (the picture shows Laurel Assisted but please make sure you use Laurel MSX Assistant)

  4. Add all Users and/or Groups that will receive Laurel MSX Assistant collection

  5. Launch Exchange Management Shell and run the following commands in order (please run each one by itself):

    $group = (Get-Group "Laurel MSX Assistant").Identity.DistinguishedName

    New-ManagementScope -Name "Laurel Assisted Scope" -RecipientRestrictionFilter "(MemberofGroup -eq '$group') -and (RecipientType -eq 'UserMailbox')" 

    New-ManagementRoleAssignment -Name "Laurel Assistant Impersonation" -Role:ApplicationImpersonation -User "[email protected]" -CustomRecipientWriteScope "Laurel Assisted Scope"

Test Laurel EWS Access (Click)

Test the Laurel EWS Access configuration using Microsoft Remote Connectivity Analyzer.

  1. Click on Exchange Server

  2. Click Service Account Access (Developers)

  3. Enter the Laurel MSX Assistant application values (from above)

  4. Click Perform Test

Get User Exchange IDs (Optional) (Click)

  1. If your exchange users have multiple email aliases, please define an exchangeId to provide to Laurel.

  2. The exchangeId can be either the main email address or Exchange SID.

  3. To retrieve these values, run the following script on the server:

    Get-User | ForEach-Object -Process {Write-Host $_.DisplayName $_.UserPrincipalName, $_.Sid}

  4. Save the values from this script as User Exchange IDs

Provide EWS Access Information to Laurel

Once each step has been completed, please provide the following information to your Laurel onboarding team:

  • EWS Public URL

  • EWS Public URL Username

  • EWS Public URL Password

  • User Exchange IDs (Optional)

Related Articles
Zoom Configuration for Laurel
ADFS (SSO) Configuration for Laurel
Microsoft O365 Configuration for Laurel
Laurel Assistants: Permissions, Security, and Infrastructure Requirements
Laurel Technical Implementation FAQs
Did this answer your question?