Configuring a Service Account to Manage Exchange 2019 Messages Using Exchange Web Services
Applies to: Exchange 2019
You must configure the service account, so that you can archive, restore, and clean up messages for Exchange 2019 using EWS (Exchange Web Services).
- EWS backup for Exchange version 2010 is not supported.
- Microsoft Outlook is required only if you want to restore data to PST file and MSG file. In this case, Microsoft Office 2013 Service Pack 1 (SP1) and above must be installed. For more information see, Description of Microsoft Office 2013 Service Pack 1 (SP1).
- In the Cleanup Policy Quota options, the Cleanup Oldest Emails First option is not supported.
- Assign EWS backup rights to the user who acts as the service account to back up the mailboxes.
To assign impersonation rights to the user, open Exchange PowerShell, and then type the following cmdlet.
"New-RoleGroup -Name "exchange_onPremise_backupgrp" -Roles "ApplicationImpersonation" , "View-Only Recipients" -Members service_account1, service_account2
- exchange_onPremises_backupgrp is a unique name for the new role group.
- service_account1 and service_account2 are service accounts.
Note: If the Role Group is already created with Application Impersonation rights, then the user can be added to that group and can be used as the EWS service account.
Add-RoleGroupMember "exchange_onpremises_backupgrp" -Member service_account1
- Create a new throttling policy and assign the service account to that throttling policy.
Set-Throttlingpolicy "CVEWSThrottlingPolicy" -EwsMaxConcurrency unlimited -EwsMaxSubscriptions unlimited -EwsMaxBurst unlimited -EwsCutoffBalance unlimited -EwsRechargeRate unlimited
Set-Mailbox -Identity "service_account" -ThrottlingPolicy "CVEWSThrottlingPolicy"
service_account is the Exchange administrator service account.
- Add the service account to the Local Administrator group.
Last modified: 4/13/2021 5:19:12 PM