The MyTimetable calendar push integration is able to connect to a user's calendar using service accounts. This page describes how to create a service account and how to grant calendar permissions to this service account. MyTimetable will then be able to access calendars without explicit consent of a user.
This page applies to both Microsoft Exchange (on-premises) and Microsoft Office 365.
Office 365 / Azure AD prerequisites
The following installs are required when managing Office 365 / Azure AD through Powershell.
The Microsoft Online Service Sign-in Assistant for IT Professionals RTW.
The Azure AD Module for Windows PowerShell:
You must be a tenant admin on your Office 365 tenant to run the cmdlets.
Creating a service account
A service account is needed to access the user's mailboxes. An account can be created in your on-premises Active Directory, or in Azure AD.
On-premises Active Directory
TODO
Azure AD
Create a service account using the following Powershell command. Of course you can also create an account in the Azure Portal.
- Open the Windows Azure Active Directory Powershell prompt
- Connect to Microsoft Online Services using your tenant admin account:
PS C:\> Connect-MsolService
- Create the service account. Replace the "UserPrincipalName" and "Password" parameters to match your situation and preferences:
PS C:\> New-MsolUser -DisplayName "MyTimetable Exchange Service Account" -UserPrincipalName sa-mytt-exch@eveoh.onmicrosoft.com -Password "xxx" -PasswordNeverExpires $true -StrongPasswordRequired $true
Assigning an Exchange Online license (Office 365 only)
xxx
Using the Office 365 Admin portal
- Open the Office 365 Admin portal.
- Click "Users" -> "Active Users".
- Click the service account you have just created.
- In the right bar, find "Assigned license" and click "Edit".
- Click the license you would like to assign. Make sure "Exchange Online" is checked.
Using Powershell
- Open the Windows Azure Active Directory Powershell prompt
- Connect to Microsoft Online Services using your tenant admin account:
PS C:\> Connect-MsolService
- List your Office 365 plans. Pick the AccountSkuId you would like to use.
PS C:\> Get-MsolAccountSku AccountSkuId ActiveUnits WarningUnits ConsumedUnits ------------ ----------- ------------ ------------- Eveoh:DEVELOPERPACK 1 0 1 Eveoh:ENTERPRISEPACK 5 0 2
- List all service plans that are included in your Office 365 plan. In this case, the EXCHANGE_S_ENTERPRISE service plan refers to Exchange Online.
PS C:\> Get-MsolAccountSku | Where-Object {$_.AccountSkuId -eq "Eveoh:ENTERPRISEPACK"} | ForEach-Object {$_.ServiceStatus}
ServicePlan ProvisioningStatus
----------- ------------------
INTUNE_O365 PendingActivation
YAMMER_ENTERPRISE PendingInput
RMS_S_ENTERPRISE Success
OFFICESUBSCRIPTION Success
MCOSTANDARD Success
SHAREPOINTWAC Success
SHAREPOINTENTERPRISE Success
EXCHANGE_S_ENTERPRISE Success
- We will now assign an Office 365 with only the Exchange Online service plan selected. Since we can only assign a plan and all service plans disabled, we first create a object reference that holds all disabled service plans. After that, we assign the license to the service account.
PS C:\> $O365Licences = New-MsolLicenseOptions -AccountSkuId Eveoh:ENTERPRISEPACK -DisabledPlans INTUNE_O365, YAMMER_ENTERPRISE, RMS_S_ENTERPRISE, OFFICESUBSCRIPTION, MCOSTANDARD, SHAREPOINTWAC, SHAREPOINTENTERPRISE PS C:\> Set-MsolUserLicense -UserPrincipalName sa-mytt-exch@eveoh.onmicrosoft.com -AddLicenses "Eveoh:ENTERPRISEPACK" -LicenseOptions $O365Licences
Delegating calendar permissions to service account
xxx
Office 365
xxx
Exchange on-premises
xxx