Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Provisioning an Exchange Online Authorized Account from the Trend Micro Cloud App Security web console

    • Updated:
    • 13 Jan 2022
    • Product/Version:
    • Cloud App Security
    • Platform:
Summary

This article shows how to provision an Exchange Online Authorized Account in Cloud App Security (CAS).

Cloud App Security supports using OAuth 2.0 to provision a service account (Authorized Account) for Exchange Online. With the OAuth 2.0 framework, Cloud App Security obtains an access token to get limited access on the Global Administrator's behalf to run advanced threat protection and data loss prevention scanning on email messages in protected mailboxes.

During provisioning, Cloud App Security allows you to synchronize:

  • All Azure AD users and groups of your organization
  • Certain Azure AD users of your organization for testing purposes
 
You need to use the same option when provisioning a service account for Exchange Online, SharePoint Online, and OneDrive, that is, to either synchronize all targets or synchronize certain targets.
For service account provisioning with certain targets synchronized, Cloud App Security does not support manual synchronization and scheduled synchronization.
 
Details
Public

To provision an Authorized Account for Exchange Online from Cloud App Security web console:

  1. Log on to the Cloud App Security management console.
  2. Hover over Exchange Online and click Provision.

    Exchange Online Provision

    Click the image to enlarge.

  3. Click the Click here link under Step 1. This will open a Microsoft login screen.

    Service Account - Exchange Online

    Click the image to enlarge.

  4. Specify your Office 365 Global Administrator credentials, and click Sign in.
  5. Click Accept to grant Cloud App Security permissions to use the Exchange Web Service (EWS) managed API for quarantine management.

    Permissions

    Click the image to enlarge.

  6. Go back to the Cloud App Security management console, as instructed, then click the Click here link under Step 2. This will open the Exchange Online authorization screen.

    Service Account - Exchange Online

    Click the image to enlarge.

  7. Click Accept to grant Cloud App Security permissions to use the Graph API to access all mailboxes.

    Permissions

    Click the image to enlarge.

  8. Go back to the Cloud App Security management console as instructed.
  9. Select to synchronize all users and groups or selected users during provisioning.
    • Select Synchronize all users and groups, and then proceed to Step 10.

      Sync All Users

      Click the image to enlarge.

    • Select Synchronize selected users:

      Sync Selected Users and Groups

      Click the image to enlarge.

      1. In the Available Targets area that appears, specify individual users or select users from groups:
        • By User: specify the exact user principal name of a user and press Enter to verify and display the user name.
        • By Group: specify at least the first three characters of the group name and press Enter to search for and display the group(s).
      2. Select the user(s) and click the arrow button to add them to the Selected Targets area.
         
        You can synchronize a maximum of 100 users.
         
      3. (Optional) Select one or multiple users under the Selected Targets area and click the arrow button to remove them.
  10. Click Done.
  11. Hover over the ring icon in the upper-right corner of the management console. If the message "Exchange Online protected." appears on the Notifications screen, the provisioning is successful.

    Click the image to enlarge.

Premium
Internal
Partner
Rating:
Category:
Configure
Solution Id:
000290105
Feedback
Did this article help you?

Thank you for your feedback!


*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.