Configuring Impersonation for Microsoft Exchange Online

Contributors netapp-rlithman netapp-aherbin Download PDF of this page

If you plan to use SaaS Backup with Microsoft Exchange Online, you must configure impersonation. Impersonation allows your Microsoft 365 service account to impersonate user accounts and access associated permissions.

Automatically configuring impersonation

To automatically configure impersonation, run MSDN PowerShell Commands.

Manually configuring impersonation

You can manually configure impersonation with your Microsoft 365 administrator account as well as with added Microsoft 365 service accounts in SaaS Backup. For more information about Microsoft 365 service accounts, go to creating a Microsoft 365 service account with global permissions.

To manually configure impersonation do the following:

Steps
  1. Log in to your Microsoft 365 service account.

  2. Select the Exchange tab.

  3. On the left, under Dashboard, select Permissions.

  4. Click Admin roles.

  5. Double-click in the right pane to select Discovery management.

  6. Under Roles, click the + symbol.

    Screen shot of write scope window when configuring impersonation for Microsoft Exchange Online

  7. Select ApplicationImpersonation from the drop-down menu.

  8. Click Add.

  9. Click OK.

  10. Verify that ApplicationImpersonation was added under Roles.

  11. Under Members, click the + symbol.

    Screen shot of members window when configuring impersonation for Microsoft Exchange Online
    A new window appears

  12. Choose the user name.

  13. Click Add.

  14. Click OK.

  15. Verify that the user name appears in the Members section.

  16. Click Save.