-
Titel
Error UnAuthorized when setting up Exchange Online Connector -
Beschreibung
In Synchronization Editor, when Exchange Online is configured with App-only authentication with a certificate, the following Error appears after entering in App ID and Cert Thumbprint:
[System.Management.Automation.RuntimeException] UnAuthorized
[System.UnauthorizedAccessException] UnAuthorized
The document "Users and permissions for synchronizing with Exchange Online" is followed, all the permissions listed have been granted and the certificate is installed on the host running the Synchronization Editor.
The Microsoft Entra ID tenant is declared in One Identity Manager, and its synchronization is carried out regularly.
-
Ursache
There is a missing Application API permission: Office 365 Exchange Online > Exchange.ManageAsApp
The documentation does not mention it and is referenced behind the following statement:
For more information on how to set up app-only authentication, see Set up app-only authentication.
-
Lösung
Follow the steps below to add the missing permission:
- Follow the Hyperlink in Set up app-only authentication.
- Identify step number 2 "Assign API permissions to the application." The following statement indicates that we need a permission not listed in the previous document:
- For the application object to access resources in Exchange, it needs the Application API permission Office 365 Exchange Online > Exchange.ManageAsApp.
- In order to configure this permission, follow the hyperlink provided in the title "Assign API permissions to the application." to display the step by step with screenshots.
- After this permission is set, retry the Synchronization Editor wizard, and the "UnAuthorized" error will be passed.
An Enhancement Request has been submitted, and the ID will be updated when available.