Additional products : Connect : Connect for Calendars : Connect for Calendars (C4C) : Configuration : C4C Configuration using C4C app for Microsoft Graph API : Configure Exchange
Configure Exchange
This section describes the steps for configuring Exchange.
Steps for configuring ExchangeSteps for configuring Exchange
Configuring Role Base Access Control (RBAC) for Applications
* 
Microsoft has replaced the Application Access Policy with RBAC for Applications, hence existing C4C configuration needs to be adapted. You can read more about it in Microsoft's Critical Update. Also, follow this short list of steps to transition from Application Access Policies to RBAC.
It is a best practice to restrict the access of an App to Resources in Exchange. This can be achieved by defining an RBAC for the App created through Entra.
The next sections will describe these steps in more detail.
Add a Service Principal
Service Principals represent an instance of an application within your tenant. You should consider the Service Principal in Exchange to be a pointer to an existing Service Principal in Microsoft Entra ID.
Procedure
1. Connect to Exchange Online.
Run the command New-Service Principal
App/Client ID
Object ID
Provide a name
3. # New Service Principal
New-ServicePrincipal -AppId "<your App’s ID>" -ObjectId <Service Principal Object ID> -DisplayName “C4C-App Service Principal”
Create Mail-enabled Security Group
The Mail-enabled Security Group will contain all applicable Room Resources as a member to which the C4C-App requires access. The group will be used in the recipient filter of the Management Scope.
Procedure
1. Open a Web browser and navigate to your Microsoft Exchange Admin Center (EAC).
2. Select Recipients > Groups.
3. Select Mail-enabled Security.
4. Select the action Add a group.
5. Select the option Mail-enabled Security and click Next.
6. Provide a name (e.g. “C4C Room Resources”) and a description for the new group and click Next.
7. Add owners for the mail-enabled security group (e.g. your Facility Manager / Application Manager) and click Next.
8. Add members to the mail-enabled security group. These are the Room Resources the C4C-App needs to be able to access and click Next.
9. Provide a unique email address (e.g. “c4croomresources”) for the group and leave the check boxes unselected and click Next.
10. Review the details of the new group and click Create Group.
Create Management Scope
A management scope is required to restrict the Management Role Assignment for the App.
Procedure
1. Connect to Exchange Online.
2. Retrieve the distinguished name of the mail-enabled security group by running the command Get-Group.
Get-Group -Identity "C4C Room Resources"
3. Create a new Management Scope by running the command New-ManagementScope.
New-ManagementScope -Name "C4C Room Resources" -RecipientRestrictionFilter "MemberOfGroup -eq '<distinguished name of the mail-enabled security group>'"
Create Management Role Assignment
A management role assignment uses the management scope to restrict the related app to only the roles (permissions) provided.
Procedure
1. Connect to Exchange Online.
2. Create a new Management Role Assignment for the App by running the command New-ManagementRoleAssignment. The following roles have to be applied when using the synchronization behavior:
In-the-lead: Application Mail.ReadWrite,Application Calendars.ReadWrite
Follows: Calendars.ReadWrite
New-ManagementRoleAssignment -App <ObjectId> -CustomerScope “<name of the Management Scope” -Role “Application Mail.ReadWrite”
New-ManagementRoleAssignment -App <ObjectId> -CustomerScope “<name of the Management Scope” -Role “Application Calendars.ReadWrite”
Align resource's regional configuration with time zone information in Planon ProCenter
A resource in Exchange has no regional configuration set by default. It is important that the regional configuration of the resource is aligned with the time zone of the reservation unit's property.
Procedure
2. Connect to Exchange online.
3. Execute the following PowerShell command to achieve the goal.
#Retrieve a list of available time zones
$TimeZone = Get-ChildItem "HKLM:\Software\Microsoft\Windows NT\CurrentVersion\Time zones" | foreach {Get-ItemProperty $_.PSPath};
$TimeZone | sort Display | Format-Table -Auto PSChildname,Display
#Regional Configuration
Set-MailboxRegionalConfiguration -Identity <Resource’s email address>
-TimeZone "<Time zone aligned with the one of the Property in Planon>"
Room resource calendar processing configuration
The C4C app for Microsoft Graph API supports two types of synchronization behavior: In-the-Lead and Follows. Depending on the configuration of the C4C app connection, you need to configure the Resource's Calendar Processing configuration differently.
* 
Calendar Processing properties for which the default value corresponds with a correct configuration are not mentioned here.
Procedure
2. Connect to Exchange online.
3. Execute the following PowerShell command to achieve the goal.
#Configure Calendar Processing
Set-CalendarProcessing -Identity <Resource’s email address>
-AutomateProcessing <AutoUpdate (for In-the-Lead) / AutoAccept (for Follows)>
-DeleteSubject $false
-AddOrganizerToSubject $false
-AllowConflicts $true
-EnforceSchedulingHorizon $false
-MaximumDurationInMinutes 0
-RemoveOldMeetingMessages <$false (for In-the-Lead) / $true (for Follows)>
-RemovePrivateProperty $false
-BookingWindowInDays 900​​​​​​​
Setting Organization Configuration (In-the-Lead only)
In a default environment, Exchange will send explicit updated meeting requests to a resource when changing the location property of a meeting or any other property within fifteen minutes from the start time of the meeting ("Location,AllProperties:15").
Planon ProCenter requires to receive explicit updated meeting requests for it to be able to update a reservation.
The following tutorial provides a PowerShell command to configure this in Exchange.
Procedure
2. Connect to Exchange online.
3. Execute the following PowerShell command to achieve the goal.
#Organization Config
Set-OrganizationConfig -VisibleMeetingUpdateProperties "Location,Subject,Sensitivity"