Chapter 16. Configuring Email-Enabled Content, Site Mailboxes, and Exchange Server Integration

One of the most impressive improvements to SharePoint 2013 is the ability of the platform to directly accept email messages and place their contents into SharePoint content, such as document libraries, discussions groups, and lists. This type of functionality has been highly sought by those looking for an alternative to Exchange public folders and those who want to use SharePoint as a messaging records platform.

In addition to serving as an ideal replacement for Exchange public folders, SharePoint 2013 was built with integration with Exchange in mind, particularly with the latest version of Exchange, Exchange Server 2013. This chapter focuses on a discussion of the integration points between SharePoint 2013 and Exchange 2013, discussing in step-by-step fashion how to take advantage of email-enabled content, how to configure Site Mailbox functionality, and how to use Exchange as an outbound relay for SharePoint alerts.

In addition, this chapter focuses on how to integrate SharePoint with a Lync Server 2013 environment to provide for presence information for users in the platform.

Integration with Exchange, however, has significant advantages for SharePoint. Most notably, new email-enabled content within SharePoint can be configured to have contacts within Exchange automatically created within a specific organizational unit (OU) in Active Directory (AD). This makes it so that email administrators don’t need to maintain the email addresses associated with each SharePoint list or document library in the farm.

1. Open Server Manager.

2. Under Configure This Local Server, click Add Roles and Features.

3. Click Next in the Before You Begin dialog box.

4. Choose Role-Based or Feature-Based Installation and click Next.

5. Select the server from the server pool and click Next.

6. Click Next at the Select Roles dialog box. (Do not select anything.)

7. At the Select Features dialog box, scroll down and select SMTP Server from the list of features.

8. From the dialog box shown in Figure 16.1, choose to add the required role services.

9. Click Next to continue.

10. In the Confirm Installation dialog box, shown in Figure 16.2, click Install to install the SMTP Server feature on the server.

11. Click Close when complete. Repeat for any remaining web front ends where the incoming email feature will be supported.

1. Open the SharePoint Central Administration tool from the server console.

2. Click the System Settings link in the navigation bar.

3. Under E-Mail and Text Messages (SMS), click the Configure Incoming E-Mail Settings link.

4. In the Configure Incoming E-Mail Settings dialog box, shown in Figure 16.3, click Yes to enable sites on the server to receive email.

5. Set the Settings mode to Automatic.

6. Select Yes to use the SharePoint Directory Management Service.

7. Enter an AD OU where the new distribution groups and contact objects for SharePoint will be created. This OU must be created in AD in advance, and the user account that runs as the application pool identity account for the SharePoint Central Administration web application needs to be granted the rights to create and modify user/group objects within this OU. The OU must be listed in Lightweight Directory Access Protocol (LDAP) format (for example, OU=SharePoint, OU=Contacts, OU=Resources, DC=companyabc, DC=com).

8. Enter the SMTP mail server for incoming mail, which will be the SharePoint server name in this example. This could also be an alias name, such as spsmtpin.companyabc.com that points to a load-balanced IP address that is shared by multiple SharePoint web role servers that run the SMTP service.

9. Under the setting for accepting messages from authenticated users only, click Yes, so that only authenticated domain users can send email to the server. This setting can be changed to No if you want to accept anonymous email from the Internet into the site content.

10. Scroll down in the page, and examine the settings listed in Figure 16.4. Check to allow the creation of distribution groups from SharePoint sites.

11. Enter a display address for the incoming email server; it should match the domain alias of the organization. An SMTP address policy must also be created in Exchange to match this domain name if it doesn’t already exist.

12. Finally, configure which email servers SharePoint will accept email from. Enter the IP address of any Exchange hub transport servers that will be relaying mail to SharePoint. In this example, 10.10.10.103 is the IP address of the Exchange hub transport server.

13. Click OK to save the changes.

For example, when a document library called Companyabc-doclib is created and selected to be email-enabled, the SharePoint Directory Management Service automatically creates a contact object in AD that has a primary SMTP address of [email protected], in this example. This contact then inherits a secondary SMTP address of [email protected] through Exchange policies. These policies need to be set up if they are not already in place.

After the contact is automatically created, users can send email to this address and have it flow through the Exchange server, which then forwards it to the SharePoint server (the primary SMTP address). It is then accepted into the SMTP virtual server on the SharePoint server, and then imported into SharePoint via a timer job that runs on the server. In this way, all emails sent to that address appear in the companyabc-doclib document library.

1. From the document library, click the Library tab; then select the Library Settings button from the ribbon.

2. Under the Communications category, click the Incoming E-Mail Settings link.

3. From the Incoming E-Mail Settings for the document library, check to allow the doc library to receive email, as shown in Figure 16.5.

4. Enter an email address. This email address will be added to the contact object that will be created in AD.

5. Select how to handle attachments, whether to save the original .eml file, and what type of security policy you will set on the document library. If messages can be received from any sender, this may open up the document library to spam.

6. Click OK. After the contact object is created, usually within a few minutes, the document library is ready to accept messages.

You can follow this same process for any document library or list within the SharePoint farm.

1. Open the SharePoint Central Administration tool from the server console.

2. Click the System Settings link in the navigation bar.

3. Under E-Mail and Text Messages (SMS), click the Configure Outgoing E-Mail Settings link.

4. From the page shown in Figure 16.6, enter the fully qualified domain name (FQDN) of the Outbound SMTP Server (the Exchange server). Enter a From Address and a Reply-to Address, and leave the Character Set left at the defaults. Click OK to save the settings.

From Outlook 2013, users can also simply drag and drop documents and emails directly into the shared project space, at which point they are transferred within the SharePoint content databases. New emails and documents also show up directly within Outlook 2013 as new items, just as a new email message would in a user’s Inbox.

Site mailboxes can be part of eDiscovery search scopes within Exchange, and their contents can also be put under legal hold. Retention policies set on the mailbox itself are enforced on the SharePoint site itself as well.

Essentially, site mailboxes become the preferred method for a group of people that are working together on a shared set of deliverables. It allows for all messages and documents related to that project to be stored in one managed location that is subject to Exchange policies and legal requirements. In a sense, it is a replacement for common public folder usage scenarios that involve documents, as public folders do not support multi-authoring or version management like a full-blown document management platform such as SharePoint does.

Both the Exchange and SharePoint servers must be part of the same domain.

The user running the commands must be a local administrator on the Exchange server and must also be a member of the Organization Management role in Exchange.

There must be a root site collection setup on the SharePoint farm.

Both the SharePoint and Exchange sites need to be using Secure Sockets Layer (SSL) certificates that are fully trusted by each other. In other words, the SharePoint servers need to trust the root certificate authority (CA) that issues the Exchange certificates, and vice versa.

The User Profile Service Application (UPA) in SharePoint needs to be configured and working properly.

Autodiscover in Exchange needs to be configured and working properly.

Clients must access site mailboxes through either Outlook 2013 or through the SharePoint web interface. Outlook Web App (OWA) does not currently support site mailboxes.

1. Download the Exchange Web Services Managed API version 2.0 from Microsoft (EwsManagedApi.msi).

2. Run the Setup Wizard for the EWS Managed API 2.0 on the SharePoint server, which prompts you for a location to install the files. Alternatively, you can install the files from the command prompt by using the following syntax:

Click here to view code image

msiexec /i EwsManagedApi.msi
addlocal="ExchangeWebServicesApi_Feature,ExchangeWebServicesApi_Gac"

3. Run iisreset /noforce from the command prompt to reset Internet Information Services (IIS) on the SharePoint server after the installation.

1. Open Microsoft Internet Explorer and navigate to the SSL secured website on the other server. (That is, from SharePoint, navigate to https://e2013a.companyabc.com/owa, and from Exchange, navigate to https://sp2013a.companyabc.com, or whatever URL is used.)

2. On the Certificate Error: Navigation Blocked page, click Continue to This Website (Not Recommended), if prompted. If not prompted, the site is already trusted and the remaining steps in this list can be skipped.

3. In the Security Status bar (next to the Address bar), click Certificate Error.

4. In the Untrusted Certificate box, click View Certificates.

5. Select Install Certificate and then select Place All Certificates in the Following Store.

6. Select to show physical stores.

7. Install the certificate to Trusted Root Certification Authorities, Local Computer.

To start the process of enabling UPA in SharePoint 2013 to support site mailboxes, first turn on the UPA by navigating to SharePoint Central Admin. Click System Settings, Manage Services on Server; click User Profile Synchronization Service Application, click Start Service, and then enter the service account username and password. An IIS reset will need to be performed on the server after this step is complete.

After enabling the UPA, start a full sync by navigating to SharePoint Central Administration, Application Management, Manage Service Application, User Profile Service Application, Start Profile Synchronization, Start Full Synchronization, as shown in Figure 16.7.

Once again, note that UPA setup is a complex thing, and this example only illustrates a sample, very simple UPA setup.

Click here to view code image

New-SPTrustedSecurityTokenIssuer -Name Exchange –MetadataEndPoint
https://e2013a.companyabc.com/autodiscover/metadata/json/1

(Replace the e2013a.companyabc.com with the name of your Exchange Client Access Server [CAS] array.)

Click here to view code image

$exchange=Get-SPTrustedSecurityTokenIssuer
$app=Get-SPAppPrincipal -Site https://sp2013a.companyabc.com -NameIdentifier
$exchange.NameId
$site=Get-SPSite https://sp2013a.companyabc.com
Set-SPAppPrincipalPermission -AppPrincipal $app -Site $site.RootWeb -Scope
sitesubscription -Right fullcontrol –EnableAppOnlyPolicy

Click here to view code image

Enable-SPFeature CollaborationMailboxFarm

Click here to view code image

$webAppUrl=https://sp2013a.companyabc.com
$exchangeDomain="companyabc.com"
$exchangeServerName="E2013A"
$webApp=Get-SPWebApplication $webAppUrl
$webApp.Properties["ExchangeTeamMailboxDomain"] = $exchangeDomain
$webApp.Properties["ExchangeAutodiscoverDomain"] = $exchangeServerName
$webApp.Update()

Click here to view code image

.Configure-EnterprisePartnerApplication.ps1 -ApplicationType Sharepoint
-AuthMetadataUrl https://sp2013a.companyabc.com/layouts/15/metadata/json/1

1. Within a SharePoint site, install the Site Mailbox app by clicking the Quick Launch menu, selecting More, choosing Add an App, and selecting Site Mailbox, as shown in Figure 16.12.

2. From the Quick Launch menu in SharePoint, click Site Mailbox.

3. Sign in to Outlook Web App (OWA) with the user’s credentials.

4. Enter an alias for the site mailbox and click Next.

5. Click Import to import the current users from the site.

6. Click Finish.

SharePoint integrates with this type of online presence information if used in collaboration with Microsoft’s presence platform, Lync Server 2010/2013 and its predecessor, Office Communications Server. Using one of these platforms, SharePoint users can more easily collaborate with knowledge workers in real time, using an instant messaging (IM) client such as the Lync 2010/2013 client.

The color of the smart tag enables a user to quickly identify if the user is available (green), busy (yellow), or not available (blank). Right-clicking these smart tags allows for a sequence of options to be displayed, such as sending an email to the user or instant messaging with them directly. This makes it easier for users to collaborate with the owners of documents, allowing for quick and easy communications.

Enabling and using presence information within a SharePoint environment requires presence to be enabled on the web application within SharePoint, and also requires the correct version of IM software on the client. In addition, for enterprise IM functionality, an enterprise IM solution such as Lync Server 2013 is required.

To toggle online presence on or off an individual web application, follow these steps:

1. From the SharePoint Central Administration tool on a SharePoint server, navigate to the Application Management link in the navigation bar.

2. Under Web Applications, click the Manage Web Applications link.

3. Choose the web application to toggle the settings on, and then choose General Settings.

4. From the General Settings page, shown in Figure 16.13, select either Yes or No under the Enable Additional Actions and Online Status for Members, depending on whether you want to turn presence on or off.

5. Click OK to save the changes.

The following IM clients are supported for viewing presence information in a SharePoint 2013 site:

Lync 2010

Lync 2013

By default, SharePoint 2013 shows presence only for users who are members of the user’s contacts within the IM client. If a user is a contributor to a SharePoint site but is not in the contact list of another user, that user’s presence information is not displayed by default. To display a user’s presence when he or she is not in the contact list of the other user, a centralized enterprise IM platform must be used in conjunction with SharePoint 2013.

In addition to email-enabled content capabilities, SharePoint 2013 has other strong integration points with Exchange 2013, including powerful Site Mailbox functionality. It is subsequently no small surprise why Exchange 2013 and SharePoint 2013 are often installed together in many environments.

Use the Directory Management Service to automate the creation of AD contacts that correspond to email-enabled content on the SharePoint server, but be cautious about allowing users to auto create groups, because this can lead to a major proliferation of distribution groups in AD.

Enable recipient policies in Exchange to stamp the SharePoint-created contacts with secondary email addresses for the domain in which they will be accepted. If using Exchange 2010 or Exchange 2013, also configure an MX record for the SharePoint server.

Load balance the SMTP incoming email role on multiple SharePoint servers to provide for failover and high availability of this function. Use software network load balancing if a hardware load balancer is not available. Configure a VIP name for the contacts in this scenario, such as spsmtpin.companyabc.com, so that the emails will be sent to the load-balanced SMTP servers.

Restrict email messages to be received from only the IP addresses of Exchange servers to avoid having your SharePoint server used as a relay for spam.

Consider deploying an enterprise corporate IM application, such as Lync Server 2013, to provide for rich presence functionality in SharePoint sites.

Incorporate SharePoint 2013 design concepts with Exchange 2013 so that both components can fit into an overall messaging and collaboration strategy.