Signature Manager Exchange Edition

User Manual

Exclaimer Products
  • Table of ContentsTable of Contents
 

Sent items update service - manual configuration

To configure the Sent Items Update Service manually, the following steps are required:

  1. Create a user

  2. Grant rights

  3. Add the user to the local Administrators group

  4. Configure the service to use new credentials

These steps are detailed in the following sections.

Step 1: Create a user

There are two possible ways to create a new user - use ONE of the methods detailed below:

Use Exchange Management Console

A new user can be created by completing a Microsoft Exchange wizard:

  1. From Microsoft Exchange, select Recipient  Configuration > Mailbox > New Mailbox

  2. Set User Mailbox as a mailbox type.

  3. Having completed this wizard, it is advisable to hide the new mailbox from the Global Address List (this ensures that people will not be able to see this user from their email clients). To do this, run the following script:

Set-Mailbox -HiddenFromAddressListsEnabled $true -Identity "### Enter The Users Identity ###"

-

Note that elements surrounded by ’### ... ###’ should be substituted with information as indicated - remove the hash (#) symbols and maintain spacing. Please also refer to additional guidelines for creating a new user below.

Use a PowerShell script

The following script can be run in the Exchange Management Shell:

New-Mailbox -Name "### Enter a username ###" -UserPrincipalName "### Enter the domain username ###" -ResetPasswordOnNextLogon $false -Database "### Enter the Mailbox Database ###"

Set-Mailbox -HiddenFromAddressListsEnabled $true -Identity "### Enter The Users Identity ###"

This script will create the user and  hide the new mailbox from the Global Address List. Please also refer to additional guidelines for creating a new user below.

Note that elements surrounded by ’### ... ###’ should be substituted with information as indicated - remove the hash (#) symbols and maintain spacing. Please also refer to additional guidelines for creating a new user below.

Additional guidelines for creating a new user

The following guidelines should be considered when creating a new user using either of the methods described above:

  • The user should have no password expiration policy (i.e. the password should never expire).

  • The user should NOT be a member of Domain Admins or Enterprise Admins groups, since they are explicitly denied access to Exchange mailboxes by default Exchange settings.

  • The user should have LogonAsService rights (these will be granted if necessary during step 2).

  • The user should be a member of the local Administrators group.

  • Care should be taken when creating this user because it will have full access to email for all users on the Exchange server.

  • There is no requirement for the user to have an Exchange mailbox.

Step 2: Grant rights

PowerShell scripts are provided below to grant rights. Please note the following regarding mixed environments:

  • If you have a mixed environment which includes Exchange 2007 and Exchange 2010+  machines, the appropriate script should be run on one of each type. In other words, the 2007 script should be run on Exchange 2007 and the 2010+ script should be run on Exchange 2010, Exchange 2013 and Exchange 2016 .

  • If you have added a new Exchange 2007 server or a new Exchange 2007 database to the existing infrastructure, the 2007 script must be run again to grant necessary rights to new servers or databases. Similarly, the 2010+ script must be run again if you add a new Exchange 2010 / 2013 / 2016 server or a new Exchange 2010 / 2013 / 2016 database.

Exchange 2007

If you are using Exchange 2007, use the Grant Exchange Rights script below:

Get-ExchangeServer | where {$_.IsClientAccessServer -eq $true} | where {$_.IsValid  -eq $true} | where {$_.IsExchange2007OrLater -eq $true} | where { $_.AdminDisplayVersion.Major -eq 8 } | ForEach-Object {Add-ADPermission -Identity $_.distinguishedname -User (Get-User -Identity "### Enter The Users Identity ###" | select-object).identity -accessRights GenericRead, GenericWrite -extendedRights Send-As, Receive-As, ms-Exch-Store-Admin, ms-Exch-EPI-Impersonation -InheritanceType All }

Get-MailboxDatabase | ForEach-Object {Add-ADPermission -Identity $_.DistinguishedName -User (Get-User -Identity "### Enter The Users Identity ###" | select-object).identity  -ExtendedRights ms-Exch-EPI-May-Impersonate}
 

Note that elements surrounded by ’### ... ###’ should be substituted with information as indicated - remove the hash (#) symbols and maintain spacing.

Exchange 2010+

If you are using Exchange 2010, Exchange 2013 or Exchange 2016, use the Grant Exchange Rights script below:

$ExchangeServer = Get-ExchangeServer | where {$_.IsClientAccessServer -eq $true} | where {$_.IsValid -eq $true} | where {$_.IsExchange2007OrLater -eq $true} | where { $_.AdminDisplayVersion.Major -ge 14 }
 
$ExchangeServer | ForEach-Object { New-ManagementRoleAssignment -Role ApplicationImpersonation -User (Get-User -Identity "### Enter The Users Identity ###" | select-object).identity }
 

Note that elements surrounded by ’### ... ###’ should be substituted with information as indicated - remove the hash (#) symbols and maintain spacing.

Step 3: Add the user to the local administrators group

To add a user to the local Administrators group, follow the steps below:

  1. From the Windows Control Panel, open Administrative Tools.

  2. From the Administrative Tools folder, open Computer Management.

  3. Navigate to System Tools > Local Users and Groups > Groups and double click on Administrators.
    Computer management

  4. Access the Members tab, and add the new user to the group.

Step 4: Configure the service to use credentials

There are two possible ways to configure the service to use new credentials - use ONE of the methods described below:

Use the services applet

  1. Access the Services applet (Control Panel > Administrative Tools > Services).

  2. Locate the Exclaimer Signature Manager Exchange Edition Sent Items Update service.

  3. Right click on this service and select Properties.

  4. Select the Log On tab.

  5. Click the Browse button and locate the user created in step 1.

  6. Type the user's password and click OK to complete the process.

  7. Ensure that the service starts with the  new user's credentials and that its startup type is set to Automatic.

Use a PowerShell script

The following script can be run in the Exchange Management Shell:

Exchange 2007

If you are using Exchange 2007, use the Set Service Rights script below:

Get-WMIObject Win32_Service | where { $_.Name -eq "Exclaimer Signature Manager Exchange Edition Sent Items Update Service"} | ForEach-Object { $_.Change($null, $null, $null, $null, "Automatic", $null, "### Enter the domain username ###", password)  }

Restart-Service "Exclaimer Signature Manager Exchange Edition Sent Items Update Service"
 

Note that elements surrounded by ’### ... ###’ should be substituted with information as indicated - remove the hash (#) symbols and maintain spacing. Also note that the instance of password should be replaced with the appropriate password for the user account.

Exchange 2010+

If you are using Exchange 2010, Exchange 2013 or Exchange 2016, use the Set Service Rights script below:

Get-WMIObject Win32_Service | where { $_.Name -eq "Exclaimer Signature Manager Exchange Edition Sent Items Update Service"} | ForEach-Object { $_.Change($null, $null, $null, $null, "Automatic", $null, "### Enter The Users Identity ###", password)  }

Restart-Service "Exclaimer Signature Manager Exchange Edition Sent Items Update Service"

Note that elements surrounded by ’### ... ###’ should be substituted with information as indicated - remove the hash (#) symbols and maintain spacing. Also note that the instance of password should be replaced with the appropriate password for the user account.

 

 
 
 

Table of Contents

Index

Glossary

-Search-

Back