While configuring a new connection for Folder Replication, after clicking the create connection button on connection details page administrator must provide the following fields.

• Server – Server’s URL hostname that would correspond to the Exchange server certificate, as you would use when using OWA. In this example, we would access our own mailboxes in OWA with this URL https://mail.cryoserver.com/owa. So, use the hostname from that URL.

• Domain – Enter the domain of mail server in case it is hosted on some other public URL.

• Port – Port number that will be used for making connection to mail server. It will be selected based on connection type.

• OAuth Connection – Select the available OAuth connection to access the mailbox. It will be visible in case of EWS (with OAuth) & MSGraph protocol only.

• Tenant-Id – Need to specify the tenant id used for selected OAuth connection. It will be visible in case of EWS (with OAuth) & MSGraph protocol only.

• Topic – Specifies the Kafka topic to be selected, by default it uses mbx_folderrep for Folder Replication.

• Enable this Connection – Specifies whether this connection is enabled or not.

• Separate log file per user account – Specifies whether each user account will have a

  separate log file.

• Use Auto discovery Mode – Checkbox to select whether to use auto discovery of server.

• Include Folders – Folders from which messages should be downloaded. Generally, this will be from ALL folders – so the * wildcard can be used. Otherwise, a comma separated set of folder names can be provided. For Sub Folders, you will need to enter the full path – each part separated by a forward slash. For example: inbox/archive mail/*, sent mail.

  Note: The * will mean that non-email folders will be accessed.

• Exclude Folders – Refers to the Folders from which messages should not be downloaded.

• Use Impersonation – Specifies impersonation account is being used for the connection.

• Username – Impersonation account username (with Use Impersonation checked).

• Password – Impersonation account password (with Use Impersonation checked).

• Check Every – Number of hours to wait for next cycle of synchronization.

• Folder Synchronization Retention Period – Number of days till which folder synchronization state must be retained.

• Message Access Security Level – This level determines the security level of messages synchronized. Two levels provided here are: Standard: All the messages under folder replica view would be accessible regardless of user identities being present among the sender/recipient addresses contained in the message. Strict: A message must contain one of the user identities (among the sender/recipient addresses) to be accessible in folder replica view.

• Mailbox Selection – Specifies selection method for mailboxes either by admin or all. It is only visible on saving the connection.

• Synchronize Public Folders – Specifies whether to include public folders in synchronization.

• Synchronize Archive Folders – Specifies whether to include archive folders in

  synchronization.

• Synchronization Chunk Size – Determines how many messages to synchronize concurrently from a mailbox.

Using EWS protocol for a connection

In this connection using EWS protocol, there are 2 ways.

1. Using OAuth connection: In this connection, administrator has to select an OAuth connection out of the configured connections. After selecting the OAuth connection, tenant ID must be provided to connect with the correct OAuth App on Azure AD.

2. Using Impersonation Account: In this connection, administrator must provide username and password for impersonation account to connect with Azure AD.

Below figures provide an example of connection details using the above methods.

After these configurations are added, administrator can perform certain actions like edit connection, delete connection, start/stop synchronization, or test connection. Here on clicking test connection, a small pop-up window appears where credentials of any user associated with the connection are required.

Using IMAP protocol for a connection

In this connection using IMAP protocol, server name and connection type fields are used along with Impersonation account (provided other fields have default values). Credentials for impersonation account must be provided after checking this option.

Please test the connection by providing credentials for any user associated once the connection is saved, as IMAP is not always supported with all mail servers.

Using MSGraph protocol for a connection

In this connection using MSGraph protocol, mostly server name, OAuth connection and tenant ID is mentioned (provided other fields have default values). Once connection is saved, admin can test the connection using test connection button.

Mailbox Selection

This section provides configuration to add mailboxes for the connection. There are 3 ways provided here for the import of mailboxes.

1. Select Users from Office 365: This option opens a pop-up window which has a search filter along with configured OAuth connections and fetches the mailboxes from OAuth connection that is selected above. After successful fetch operation, it displays a table of users found and admin can select & add from them.

2. Select Users from LDAP: This option opens a pop-up window which has a search filter along with configured LDAP connections and fetches the mailboxes from LDAP connection that is selected above.

3. Import Users from CSV: This option opens a pop-up window where a CSV file location must be provided. It uses that CSV file and fetches all the users mentioned in it. Specific formatting is required for uploaded CSV, an example CSV link is provided in the section.

Start/Stop Synchronization

This last step after adding the connection details and mailboxes is to start the synchronization process. On clicking the Start Synchronization button, the synchronization process will be started and mailboxes will be moved in waiting state and then eventually in running state.