Configuring Office 365 for scheduling using a service account

The VMR Scheduling for Exchange feature allows you to create an add-in that enables Microsoft Outlook desktop and Web App users in Office 365 or Exchange environments to quickly and easily add a Pexip VMR to their meeting invitations, enabling any meeting to be held over video.

This method uses a service account with the Application Impersonation role. However, Application Impersonation role assignment to service accounts is being deprecated by Microsoft. As of May 2024, Microsoft will prevent new Application Impersonation role assignments. From February 2025, this role will be removed completely (for more information, see Microsoft's announcement). We therefore strongly recommend that for Office 365, all new VMR Scheduling for Exchange deployments use the alternative option using application permissions, and all existing deployments are updated to enable this option as soon as possible. This topic is intended as a reference for existing deployments only.

To enable users to schedule meetings in single-use VMRs in an Office 365 environment using a service account, you must first configure Office 365 appropriately. The steps are as follows, described in more detail in the sections that follow:

  1. Creating a service account. The Pexip Infinity VMR Scheduling for Exchange feature uses a unique service account to log into Exchange.

    This should be a different service account to any used for One-Touch Join, because the configuration will be different.

  2. Configuring Application Impersonation on the service account. This allows the service account to impersonate all users and resources in Exchange.

    As an alternative, you can allow the service account to impersonate the VMR Scheduling for Exchange equipment resource only, but this will limit the functionality of the feature. For more information, see Using application impersonation.

  3. Create an equipment resource. This resource will be added as an attendee to all meetings scheduled using the Pexip add-in.

  4. Configure the equipment resource.
  5. Enable OAuth authentication for the service account.

PowerShell commands are provided for all steps; parameters to be replaced with your own relevant information are shown in the format <your info here>.

Prerequisites

Before you start, ensure you can access your Office 365 Admin Center: https://portal.office.com/adminportal/home#/homepage.

You will also need to have a remote PowerShell session to your Exchange server. See these Microsoft articles about connecting to Exchange online and Microsoft 365 with PowerShell for more information.

Note that for Office 365, the service account must have a mailbox license and appropriate licenses to allow it to connect to Exchange and use EWS.

Viewing the equipment resource's mailbox

There may be occasions, such as when troubleshooting, that you want to view the equipment resource's mailbox or calendar. To do this, you first need to assign full access to the equipment resource's mailbox to a delegate account, and then view the mailbox or calendar using the delegate account. (The delegate account could be, for example, an administrator's account.)

Next steps

  1. Configuring Pexip Infinity to integrate with your Microsoft Exchange deployment and create the VMR Scheduling for Exchange add-in.
  2. Making the add-in available to users within your Microsoft Exchange deployment.