Before installing d.ecs content crawler, you need to carry out some preparatory steps. You must complete the following tasks before installing d.ecs content crawler:
Install and configure the d.3one application server with the appropriate groupware app components.
Install the d.velop infrastructure components. Information on installing the central infrastructure apps can be found in the configuration guide for d.velop infrastructure components. If you want to use Kerberos, you must install and configure the d.ecs identity provider before installing Kerberos.
Make sure that the rights for Status transfer processing and Status transfer release are granted in the d.3 administration.
Create a test environment for e-mail archiving projects. Configure the test environment so that you can simulate errors in the production system. A test environment can help you to test new functions before installing a new version for the production system.
If you are using d.ecs content crawler with HCL Domino, we recommend that you do not install the d.ecs domino service on the productive mail server or on a highly frequented HCL Domino server. Create a separate server or use an underutilized server to ensure productive operation.
Using the d.ecs domino service can have a negative impact on the functionality of the HCL Domino Server. We therefore strongly advise against using the d.ecs domino service for a company-critical HCL Domino system. Deploy the HCL Domino server as a stand-alone server to process e-mails with the d.ecs domino service. You can also use the d.ecs domino service with the d.3one application server, for example.
To ensure the connectivity of Microsoft Exchange Server, you must specify a user account that has access permission for all Microsoft Exchange Server mailboxes in your organization. Ensure that the certificate for the URL is valid.
The user account for the EWS (Exchange Web Services) connector should be the same user account that you used to install d.3one.
You must ensure that the user account has the necessary permissions for Microsoft Exchange Server, particularly the right Exchange Impersonation (role Exchange Impersonation). This right can be used to perform actions on all the mailboxes on behalf of the relevant owner.
You only require a Microsoft Exchange mailbox for the user account for the impersonation if you are using d.ecs content crawler. For d.3one in Microsoft Outlook, a Microsoft Exchange mailbox for the impersonation is not required.
You can change the permissions with the following PowerShell command:
New-ManagementRoleAssignment –Name:impersonationAssignmentName –Role:ApplicationImpersonation
If you only want to grant rights for specific mailboxes to the user account, you can restrict the permissions using a filter for a regular, filtered recipient scope (RecipientRestrictionFilter).
For example, you can enter a PowerShell command to grant an Exchange impersonation for the service account to mailboxes 1 and 2.
Example
New-ManagementScope -Name d3oneImpersonationScope -RecipientRestrictionFilter { (Name -eq "Mailbox1") -or (Name -eq "Mailbox2") }
New-ManagementRoleAssignment -Name d3oneImpersonation -Role ApplicationImpersonation -User "serviceAccount" -CustomRecipientWriteScope d3oneImpersonationScopeAlternatively, you can configure the Exchange impersonation in Office 365 or Microsoft Exchange Online under Exchange Admin Center > Permissions.
You can find more information about filtering under “Understanding management role scope filters” in the Exchange Server 2013 documentation on the Microsoft Docs website.
To ensure that d.3one in Microsoft Outlook works in combination with Microsoft Exchange Server, you must create and assign a special throttling policy for the service user with the role ApplicationImpersonation on the server with Microsoft Exchange Server.
For Microsoft Exchange version 2010
Create the following policy in the Microsoft Exchange management console.
New-ThrottlingPolicy d3onepolicy Set-ThrottlingPolicy d3onepolicy -RCAMaxConcurrency $null -RCAPercentTimeInAD $null -RCAPercentTimeInCAS $null -RCAPercentTimeInMailboxRPC $null -EWSMaxConcurrency $null -EWSPercentTimeInAD $null -EWSPercentTimeInCAS $null -EWSPercentTimeInMailboxRPC $null -EWSMaxSubscriptions $null -EWSFastSearchTimeoutInSeconds $null -EWSFindCountLimit $null -CPAMaxConcurrency $null -CPAPercentTimeInCAS $null -CPAPercentTimeInMailboxRPC $null -CPUStartPercent $null
Assign the policy to the service user.
Set-Mailbox "user name" -ThrottlingPolicy d3onepolicy"
Microsoft Exchange Version 2013 or higher
Create the following policy in the Microsoft Exchange management console.
New-ThrottlingPolicy -Name d3onepolicy -ThrottlingPolicyScope Regular -IsServiceAccount -MessageRateLimit unlimited -RcaCutoffBalance Unlimited -RcaMaxBurst unlimited -RcaRechargeRate unlimited -RcaMaxConcurrency unlimited -RecipientRateLimit unlimited -EwsMaxConcurrency unlimited -CpaMaxConcurrency unlimited -EwsCutoffBalance unlimited -EwsMaxSubscriptions unlimited
Assign the policy to the service user.
Set-ThrottlingPolicyAssociation -Identity "user name" -ThrottlingPolicy d3onepolicy