Data Discovery & Risk Insights 25.2.0 Help Center

Exchange connection

If you will be creating datasets that process Exchange data, you must complete additional tasks to enable processing by the processing agent.

Configure the O365 organization connection

The OpenText Core Data Discovery & Risk Insights processing agent uses basic authentication to connect to on-premises implementations of Exchange and an OAuth based model, referred to as modern authorization, to connect to O365 implementations

For more information about basic authentication for Exchange, see https://techcommunity.microsoft.com/t5/exchange-team-blog/basic-authentication-deprecation-in-exchange-online-september/ba-p/3609437.

To configure the O365 organization to use modern authentication

Open a browser and connect to the Microsoft Entra admin center for the organization as an account with appropriate privileges.
In the left pane, expand Identity > Applications, and then click App registrations.

Create a new app registration.

Click New registration and complete the options as follows.

Option	Description
Name	Type FAS-DD_Exchange_Collection as the application name.
Support account types	Select Accounts in this organizational directory only.
Redirect URI	Select Public client (mobile & desktop) and then type `urn:ietf:wg:oauth:2.0:oob` for the redirect URI.

Click Register. The overview page for the new application registration displays.

Take note of the resulting Application (client) ID and Directory (tenant) ID values. These will be required when defining the source in the Connect UI.

Set permissions for the new app registration.
1. In the left pane of the new application registration page, expand Identity and then click API permissions.
2. Click Add a permission.
3. In the Request API permissions pane, click APIs my organization uses.
4. Type office 365 exchange online in the search box and then click Office 365 Exchange Online in the resulting list.
5. Click Application Permissions.
6. Search for and select full_access_as_app.
7. Click Add permissions.
8. On the API permissions page, click Grant admin consent for organizationName.
  
  A confirmation message displays. Click Yes to confirm consent.
Create the client secret.
1. In the left pane of the new application registration page, under Manage, click Certificates & secrets.
2. Click New client secret.
3. Type the desired description for the secret and select the desired expiration period.
4. Click Add.
After the secret is created, make a copy and record the resulting value in a safe location. This will be required when defining the source in the Connect UI.

Configure special processing for Exchange folders (Optional)

You can configure the processing agent to process hidden folders and to exclude specific folders within Exchange. By default, OpenText Core Data Discovery & Risk Insights does not process hidden Exchange folders and excludes a pre-defined set of folders.

The following Exchange folders are excluded by default.

Calendar and all subfolders
Contacts and all subfolders
Suggested Contacts and all subfolders
Draft and all subfolders
Deleted Items and all subfolders
Conflict and all subfolders
Sync Issues and all subfolders
Versions and all subfolders
Purges and all subfolders
MigratedMessages and all subfolders
Conversation Action Settings and all subfolders
Files and all subfolders
Social Activity Notifications and all subfolders
PersonMetadata and all subfolders
Yammer Root and all subfolders
Quick Step Settings and folders that start with this name, such as Quick Step Settings01
ExternalContacts and all subfolders

To configure the agent to exclude items in specific Exchange folders from processing

On the agent host server, open the Agent administration UI.

From the Start menu, click OpenText Core Data Discovery & Risk Insights Agent > Agent Admin. The Advanced process settings page opens.
In the Category list, click Exchange.
Locate the ExcludeFolderList option and modify as desired.

NOTE: The following folders are defined to be excluded from processing by default: Calendar\, Contacts\, Suggested Contacts\, Drafts\, Deleted Items\, Conflict\, Sync Issues\, Versions\, Purges\, MigratedMessages\, Conversation Action Settings\, Files\, Social Activity Notifications\, PersonMetadata\, Yammer Root\, Quick Step Settings, ExternalContacts\
- Separate each folder entry with a comma, with or without a trailing space.
  
  Example: Calendar\, Contacts\, Suggested Contacts\ or Calendar\,Contacts\,Suggested Contacts\
- Include a backslash (\) after the folder name to process all items in this folder and all items in all subfolders.
  
  Example: Calendar\, Contacts\, Suggested Contacts\
- Do not include a backslash (\) after the folder name to process items from folders starting with the defined folder name.
  
  Example: Quick Step Settings excludes folders Quick Step Settings and Quick Step Settings01 from processing.
Click Save.

Configure web proxy settings (optional)

The Exchange processor service controlled by the processing agent requires connectivity to the OpenText Core Data Discovery & Risk Insights cloud components, often located away from the local network where the agent host servers are located. Although direct connectivity is ideal, use of a web proxy may be required in some environments for the agent systems to reach the OpenText Core Data Discovery & Risk Insights cloud.

NOTE: Authenticated proxies are supported for Exchange Online (O365) only.

To configure the web proxy for the Exchange processor

On the machine hosting the OpenText Core Data Discovery & Risk Insights processing agent, log on to the agent administration UI.

From the Start menu, click OpenText Core Data Discovery & Risk Insights Agent > Agent Admin.
In the navigation panel, click Advanced Settings.

The Advanced Settings page opens.
In the Category list, click Exchange.

Complete the following options.

Option	Description
Proxy address URL	Type the URL of the web proxy.
Proxy bypass list	Type a comma separated list of addresses that do not use the proxy server..
Proxy Bypass on Local	Specify whether to bypass the proxy for local addresses. Select True to bypass for local addresses. Select False to not bypass for local addresses.
Proxy Password	If the proxy requires authentication, type the password for the user account that will access the proxy server. IMPORTANT: Authenticated proxies are only supported for Exchange Online (O365) resources. If not connecting to Exchange Online (O365), leave this field blank.
Proxy Username	If the proxy requires authentication, type the username for the user account that will access the proxy server. IMPORTANT: Authenticated proxies are only supported for Exchange Online (O365) resources. If not connecting to Exchange Online (O365), leave this field blank.

Click Save. You can close the agent administration UI.

Configure users and groups for Exchange datasets

Exchange processing is based on OpenText Core Data Discovery & Risk Insights datasets and their associated groups. Before creating Exchange datasets, you will create one or more OpenText Core Data Discovery & Risk Insights groups. You will also create a OpenText Core Data Discovery & Risk Insights user for each Exchange mailbox to be processed and assign those OpenText Core Data Discovery & Risk Insights users to OpenText Core Data Discovery & Risk Insights groups.

When creating datasets, processing is based on OpenText Core Data Discovery & Risk Insights groups. All Exchange items for all users within the group and associated with a specific dataset are processed in the same manner. Complete the following tasks to create OpenText Core Data Discovery & Risk Insights users and groups and to create datasets for Exchange processing.

To create OpenText Core Data Discovery & Risk Insights groups and users

In Administration, create a new group.

For full details about creating groups, see "Groups" in the Administration Help Center.
1. On the Details tab, type a Name for the group. The name should allow you to differentiate this group for any others you may create. For example, "Exchange NA01".
2. On the Roles tab, do not select any roles.
3. Click CREATE.
4. Repeat for any additional groups.

In Administration, create a new user for each Exchange mailbox you want to process.

For full details about creating users, see "Users" in the Administration Help Center.

On the Details tab for the new user, define the options as follows.

Option	Selection to define
Email	Type the primary email address for the Exchange user mail account to be processed.
User name	Defaults to the Email entry; ensure this is accurate.
First Name	Type the first name of the user.
Last Name	Type the last name of the user.
Groups	Select the group you created for Exchange processing.

On the Roles tab, do not select any roles.
Click CREATE.
Repeat for each Exchange user account mailbox you will process.

To create datasets to process Exchange items

In Connect, create a new Exchange source.

For full details on creating sources, see To create a source.
1. From the Sources > Manage Sources page, click NEW SOURCE.
2. On the General page of the New Source wizard, select Exchange or Exchange Online (O365) as the source type and complete the remaining options as appropriate to create the source
In Connect, create a new dataset.

For full details on creating datasets, see To create a dataset.
1. From the Sources > Manage Datasets page, click NEW DATASET.
2. On the General options page, select the new source just created and then complete the remaining general options as desired. Click NEXT.
3. In the Default action will be taken on mailboxes from the following group list on the Primary Capture Rules page, select the desired action to take when processing documents from this dataset and then select the name of the new OpenText Core Data Discovery & Risk Insights group you created. Complete the remaining primary capture options as desired and then click NEXT.
4. Complete the rest of the new dataset options as desired.
5. Click FINISH.
  
  The selected action will take place for the new group you created.
From the list of datasets in Connect, update () the new dataset to trigger processing.