Installing Exchange Agent 2022.7.15

  • Updated on Jun 20, 2023
  • Published on Aug 23, 2022
  • 3 minute(s) read
Prev Next

Installing Exchange Agent 2022.7.15

The instructions below assume that a previous version of the Exchange Agent is already installed and functional. 

Prerequisites are as follows:

  • RapidIdentity On-Premise customers must upgrade to 2022.0.4
  • RapidIdentity Cloud customers must upgrade to 2022.8.2

How to Install Exchange Agent 2022.7.15

Open the Azure AD Portal at https://portal.azure.com and login

  1. In the Search bar at the top enter App Registrations and enter then click on New Registration
  2.  Enter RapidIdentity Exchange Agent for the name and click Register in the Bottom Left
  3.  The App is now registered and we will need to apply API Permissions to it
  4. Click on Manifest in the left menu to show the Manifest that we will need to modify
  5. The section we will be updating is the requiredResourceAccess Section which by default looks like this
  6. Copy the code snippet below and replace the entire RequiredResourceAccess section so that it looks like the below section and click Save
  7. "requiredResourceAccess": [
		{
			"resourceAppId": "00000002-0000-0ff1-ce00-000000000000",
			"resourceAccess": [
				{
					"id": "dc50a0fb-09a3-484d-be87-e023b12c6440",
					"type": "Role"
				}
			]
		},
		{
			"resourceAppId": "00000003-0000-0000-c000-000000000000",
			"resourceAccess": [
				{
					"id": "e1fe6dd8-ba31-4d61-89e7-88639da4683d",
					"type": "Scope"
				}
			]
		}
	],
ActionScript
  1. Click on API Permissions in the left navigation 
  2. Click Yes to Grant Permissions on the popup screen


Login to your On-Premise Exchange Agent Server

  1. Generate a self-signed certificate by first downloading the Create-SelfSignedCertificate.ps1 attached to this article to your server
  2. Run PowerShell as an Administrator and execute the following
    1. Set-ExecutionPolicy -Scope Process -ExecutionPolicy Bypass
      1. Y to confirm
    2. .\Create-Self-SignedCertificate.ps1
      1. Supply values as follows:
        1. CommonName: RapidIdentity
        2. StartDate: 2022-09-01
        3. EndDate: 2027-09-01
        4. Enter Password to Protect Private Key: <ANYPASSWORDYOUWILLREMEMBER>
  3. Open the directory where you ran the PowerShell Script from and you will now see your certificates
  4. Right click on the RapidIdentity file listed with Type of Personal Information Exchange and Select Install PFX
  5. Select Local Machine and click Next
  6. Click Next
  7. Enter the password you set in step 2 when you generated the certificate and click next
  8. Click Next on the Certificate Store Prompt
  9. Click Finish
  10. Right click on the RapidIdentity file listed with Type of Security Certificate and Select Install Certificate
  11. Select Local Machine and click Next
  12. Click Next on the Certificate Store Prompt
  13. Click Finish


Go back to the Azure AD Portal at https://portal.azure.com

  1. Click on Certificates & Secrets on the left Navigation (make sure you are still in the App Registrations - RapidIdentity Exchange Agent section
  2. Click on Certificates and then on Upload Certificate
  3. Select the RapidIdentity.cer file that you just imported on your Exchange Agent Server and Enter the Description of RapidIdentity then Click Add
  4. In the top search bar, Search for Azure AD Roles and Administrators
  5. In Search by Name or Description enter Exchange Administrator
  6. Double Click on the Exchange Administrator Role and click on Add Assignments
  7. Enter RapidIdentity in the Add Assignments Search and select the RapidIdentity Exchange Agent and click Add
  8. You will need to locate and save the Application (Client ID) and Certificate Fingerprint for the Application you just set up for later. Please take note of these in a secure place.


Go Back to your On-Premise Exchange Agent Server

  1.  Run PowerShell as an Administrator and execute Install-Module -Name ExchangeOnlineManagement
    1. Answer A to Install when prompted
  2. Uninstall the existing idautoExchangeAdminWS via Control Panel
  3. Download the latest version of the Exchange Agent Installer and Install.
  4. Click Next.
  5. Click Install.
  6. Click Finish.
  7. Open Internet Information Service (IIS) Manager to configure the Agent.  Select the server and Application Pools
  8. Right-click on the idautoExchangeAgentAdminWS and select Advanced Settings.
  9. Click on Identity under Process Model and click the icon that pops up on the right.
  10. Click Custom Account  and Set to put in the credentials for the Identity Automation Exchange Administrator Service Account and click OK twice to close Advanced Settings
  11. Exit out of Advanced Settings.
  12. Right-click on the server and select Refresh.
  13. Right-click on the idautoExchangeAdminWS application pool and select Recycle.


  1. Test the Exchange Agent by opening a Web Browser on the Exchange Agent Server and navigate to http://[localhost]/idautoExchangeAdminWS/test 
    1. Enter the username/password for the Azure AD Portal
    2. Enter the AppID (Client ID) and Certificate Thumbprint from Azure AD that you captured earlier
    3. Enter the Azure Organization 
    4. Click Test


Create-SelfSignedCertificate.ps1


Related articles