Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
486
Views
1
Helpful
5
Replies

Removal of ApplicationImpersonation role in MS Exchange

Paul Austin
Level 4
Level 4

‎03-06-2024 01:57 AM

Hi All, with the impeding removal of the Impersonation role in MS exchange, does anyone know what the alternatives are? Sorry I am not MS technical.

Retirement of RBAC Application Impersonation in Exchange Online - Microsoft Community Hub

 

Thanks

Paul

0 Helpful
5 Replies 5

Max Jobs
Level 1
Level 1

‎03-06-2024 02:19 AM

Hi Paul,
As far as I know, with the impending removal of the Impersonation role in Microsoft Exchange, there are a few alternative options available:

Application Impersonation: This is a role-based access control in Exchange that allows a service account to impersonate users in an organization to perform tasks on their behalf. It's commonly used by applications or services that need to access mailboxes.

Delegate Access: Instead of using impersonation, users can be granted delegate access to other mailboxes. This allows them to act on behalf of the mailbox owner but without the need for a specific impersonation role.

OAuth and Modern Authentication: Microsoft is moving towards modern authentication methods like OAuth. With OAuth, applications can request access to mailboxes with the user's consent, removing the need for service accounts and impersonation.

Role-Based Access Control (RBAC): RBAC allows administrators to define custom roles with specific permissions. While impersonation is being deprecated, RBAC can still be used to grant appropriate permissions to users or service accounts.

It's essential to evaluate these alternatives based on your organization's requirements and security policies. Additionally, consulting with a Microsoft technical expert or referencing Microsoft's official documentation can provide more detailed guidance on choosing the most suitable alternative for your needs.

0 Helpful

Roger Kallberg
VIP
VIP

‎03-06-2024 04:38 AM

From version 14SU3 Unity Connection doesn't use impersonation anymore, it uses OAuth 2.0, ROPC to Client Credential Grant Flow.

image.png

If you're using older version(s) than this it is advised to upgrade to this release or CUC v15.



Response Signature


Paul Austin
Level 4
Level 4
In response to Roger Kallberg

‎03-06-2024 04:40 AM

Oh right - thats sounds great.

Thanks
0 Helpful

kengland2
Level 1
Level 1
In response to Roger Kallberg

‎03-20-2024 12:14 PM

Just to clarify, so if we are only running version  12.5.1.16900-29 then we have to upgrade, there is no other option to get around the removal of the Impersonation role in MS exchange?

0 Helpful

Roger Kallberg
VIP
VIP
In response to kengland2

‎03-20-2024 12:27 PM

Correct.



Response Signature


0 Helpful
Customers Also Viewed These Support Documents