Product DocsMenu

Microsoft Exchange Connector Deployment Overview

The following procedure outlines the steps needed to deploy the Microsoft Exchange connector. The steps indicate the order in which you must perform configuration tasks on both the Microsoft Exchange and CES systems. Some steps are applicable only to particular Exchange deployment configurations.

About the Support for Exchange Server 2013 Hybrid Deployments

In the context of an Exchange Server 2013 hybrid deployment, the Coveo connector supports to index the following content:

  • Local full content (mailboxes, archives, public folders) on the Exchange On-Premises Server 2013

  • Remote archives on Exchange Online

As you can see local is relative to the Exchange On-Premises Server. Archives can be both local when on the On-Premises server, or remote when on Exchange Online.

In the context of an Exchange Server 2013 hybrid deployment, as indicated in the following procedure, you must create two sources, respectively for the local and remote parts.

Note: CES 7.0.6684+ (May 2014) Support for indexing remote archives in the context of an Exchange Server 2013 hybrid deployment.

To deploy the Microsoft Exchange connector

  1. Validate that your environment meets the requirements (see Microsoft Exchange Connector Requirements).

  2. Microsoft Exchange configuration:

    1. Create the Exchange crawling account to be used by the Coveo connector to access your Exchange content (see Creating a Microsoft Exchange Crawling Account).

    2. For Microsoft Exchange Server 2010 only:

      1. Configure the throttling policy (see Configuring the Throttling Policy for the Microsoft Exchange Account).

      2. When you plan to index Exchange public folders, ensure that the public folders of your users are correctly configured for the crawler (see Preventing Microsoft Exchange Public Folder Crawling Issues).

    3. For an Exchange hybrid deployment only, when you want to index remote archives, you must enable impersonation for the CES crawling identity in Exchange Online (see Enabling Impersonation in Microsoft Exchange Online).

    4. CES 7.0.7814+ (August 2015) For an Exchange Online deployment with cloud-based users only, authorize the Coveo connector to access the online mailboxes of your Azure AD users (see Authorizing the Coveo Connector to Access the Exchange Online Mailboxes of Your Azure AD Users).

  3. On the Coveo server, in the Administration Tool:

    1. Configure the user identity.

      The connector needs to know the credentials of the Microsoft Exchange account that you created in step 2.a by creating a CES user identity that you will later associate to your Microsoft Exchange source (see Adding a User Identity).

    2. Configure a security provider that you will later associate to your Microsoft Exchange source.

      Depending on your kind of deployment:

      • For hybrid or on-premises deployments

        The connector needs information on how to manage Microsoft Exchange permissions (see Configuring a Microsoft Exchange Security Provider).

      • CES 7.0.7814+ (August 2015) For online deployments with cloud-based users

        Since the Azure AD Graph API used to list the Microsoft Exchange Online mailboxes is not an Exchange API, it is currently not possible to retrieve Exchange permissions on indexed items. Thus, only the owner of the mailbox, whom identity is either his principal email address or his UPN (UserPrincipalName), is allowed to see his documents.

        Starting with the owner identity of each mailbox, the security provider type to use depends on how users are authenticated when they access the Coveo search interface:


        • The members retrieved on documents are going to be mapped to this security provider identity type.

        • You may require to also use a REGEX Transform Member Name security provider in between the two security providers presented below to map member types. Contact Coveo Support for assistance.

        • When authenticated with their email address, use an Email security provider (see Configuring an Email Security Provider).

        • When authenticated with an Active Directory account, use an Active Directory security provider (see Configuring an Active Directory Security Provider).


          • CES comes with an Active Directory security provider that you can configure to connect to the default domain. When your environment contains more than one domain, you can select an Active Directory security provider that you created for other domains.

          • An Active Directory security provider is appropriate only when the User Principal Name (UPN) matches the email address for all users.

    3. Configure and index the Microsoft Exchange source.

      The Coveo connector needs to know details about the Microsoft Exchange Server or hybrid deployment to be able to index its content.

    4. Optionally, modify hidden source parameters.

      Once your Microsoft Exchange source is up and running, if you encounter indexing issues, consider modifying some hidden source parameters to try resolving the issues (see Modifying Hidden Microsoft Exchange Source Parameters).

    5. Optionally, fine-tune the callback service

      For Microsoft Exchange Server 2013, 2010, and 2007, the Coveo Exchange (WebServices) connector uses an Exchange API to identify modified content and improve incremental refresh performances. You can fine-tune the callback service configuration file (see Fine-Tuning the Exchange Callback Service).

What's Next?

In out-of-the-box Coveo .NET search interfaces, end-users can select to open Exchange email search results either in Outlook Web Access (OWA) or directly in Outlook from Coveo .NET search interfaces using the Open emails with Microsoft Outlook search interface preference option (see Modifying .NET Search Interface Preferences).

  • With Outlook 2007 and up on Windows systems, the outlook:// protocol is disabled by default when Microsoft Office is installed. The email result links in Coveo search interfaces use this protocol to allow users to open email search results directly in Outlook. If not already done, enable the protocol on all workstations for example using GPO (see Shortcuts and the Missing Outlook:// Protocol).

  • If not already done, consider deploying the Desktop Integration Package on workstations to allow users to take advantage of the Outlook Sidebar (see Desktop Integration Package Deployment Overview).

People who viewed this topic also viewed