TERMS OF USE
AGREEMENT BETWEEN USER AND CIRESON
The Cireson Community Web Site is comprised of various web pages operated by Cireson, LLC (collectively, the web pages are referred to herein as the “Cireson Community Web Site”).
The Cireson Community Web Site is offered to you conditioned on your acceptance of the terms, conditions, and notices contained herein without modification or exception. Your use of the Cireson Community Web Site constitutes your agreement to all such terms, conditions, and notices contained in these Terms of Use.
MODIFICATION OF THESE TERMS OF USE
Cireson reserves the right to change the terms, conditions, and notices under which the Cireson Community Web Site is offered, including but not limited to the charges associated with the use of the Cireson Community Web Site upon written notice.
LINKS TO THIRD PARTY SITES
The Cireson Community Web Site may contain links to other Web Sites (“Linked Sites”). The Linked Sites are not under the control of Cireson and therefore Cireson is not responsible for the contents of any Linked Site, including, without limitation, any link contained in a Linked Site, or any changes or updates to a Linked Site. Cireson is not responsible for webcasting or any other form of transmission received from any Linked Site. Cireson is providing these links to you only as a convenience, and the inclusion of any link does not imply endorsement by Cireson of the site or any association with its operators.
NO UNLAWFUL OR PROHIBITED USE
As a condition of your use of the Cireson Community Web Site, you warrant to Cireson that you will not use the Cireson Community Web Site for any purpose that is prohibited by law, rule regulation or by any of these terms, conditions, and notices, including, without limitation the export of any Software or technical data to any country prohibited by law. You may not use the Cireson Community Web Site in any manner which could damage, disable, overburden, or impair the Cireson Community Web Site or interfere with any other party’s use and enjoyment of the Cireson Community Web Site. You may not obtain or attempt to obtain any materials or information through any means not intentionally made available or provided for through the Cireson Community Web Site.
USE OF COMMUNICATION SERVICES
The Cireson Community Web Site may contain bulletin board services, chat areas, news groups, forums, communities, personal web pages, calendars, and/or other message or communication facilities designed to enable you to communicate with the public at large or with a group (each a “Communication Service,” and collectively, “Communication Services”). You agree to use the Communication Services only to post, send and receive messages and material that are appropriate, proper and related to the particular Communication Service. By way of example, and not as a limitation, you agree that when using a Communication Service, you will not:
Cireson has no obligation to monitor the Communication Services. However, Cireson reserves the right to review materials posted to a Communication Service and to remove any materials in its sole discretion. Cireson reserves the right to suspend or terminate your access to any or all of the Communication Services at any time without notice for any reason whatsoever.
Cireson reserves the right at all times to disclose any information as necessary to satisfy any applicable law, rule, regulation, legal process or governmental request, or to edit, refuse to post or to remove any information or materials, in whole or in part, in Cireson’s sole discretion.
Always use caution when giving out any personally identifying information about yourself or your children in any Communication Service. Always use caution when giving out any information concerning your employer or customers, if any. Cireson does not control or endorse the content, messages or information found in any Communication Service and, therefore, Cireson specifically disclaims any liability with regard to the Communication Services and any actions resulting from your participation in any Communication Service. Managers and hosts are not authorized Cireson spokespersons, and their views do not necessarily reflect those of Cireson.
Materials uploaded to a Communication Service may be subject to posted limitations on usage, reproduction and/or dissemination. You are responsible for adhering to such limitations if you download the materials.
MATERIALS PROVIDED TO CIRESON OR POSTED ON THE CIRESON COMMUNITY WEB SITE
Cireson does not claim ownership of the materials you provide to Cireson via the Cireson Community Web Site (including feedback and suggestions) or post, upload, input or submit to the Cireson Community Web Site or its associated services (collectively “Submissions”). However, by posting, uploading, inputting, providing or submitting your Submission you are granting Cireson, its affiliated companies and sublicensees permission to use your Submission in connection with the operation of their Internet businesses including, without limitation, the rights to: copy, distribute, transmit, publicly display, publicly perform, reproduce, edit, translate and reformat your Submission; and to publish your name in connection with your Submission.
No compensation will be paid with respect to the use of your Submission, as provided herein. Cireson is under no obligation to post or use any Submission you may provide and may remove any Submission at any time in Cireson’s sole discretion.
By posting, uploading, inputting, providing or submitting your Submission you warrant and represent that you own or otherwise control all of the rights to your Submission as described in this section including, without limitation, all the rights necessary for you to provide, post, upload, input or submit the Submissions.
LIABILITY DISCLAIMER
THE INFORMATION, SOFTWARE, PRODUCTS, AND SERVICES INCLUDED IN OR AVAILABLE THROUGH THE CIRESON COMMUNITY WEB SITE MAY INCLUDE INACCURACIES OR TYPOGRAPHICAL ERRORS. CHANGES ARE PERIODICALLY ADDED TO THE INFORMATION HEREIN. CIRESON (OR ITS SUPPLIERS) MAY MAKE IMPROVEMENTS AND/OR CHANGES IN THE CIRESON COMMUNITY WEB SITE AT ANY TIME. ADVICE RECEIVED VIA THE CIRESON COMMUNITY WEB SITE SHOULD NOT BE RELIED UPON FOR PERSONAL, MEDICAL, LEGAL OR FINANCIAL DECISIONS AND YOU SHOULD CONSULT AN APPROPRIATE PROFESSIONAL FOR SPECIFIC ADVICE TAILORED TO YOUR SITUATION.
NEITHER CIRESON NOR ANY OF ITS SUPPLIERS MAKE ANY REPRESENTATIONS ABOUT THE SUITABILITY, RELIABILITY, AVAILABILITY, TIMELINESS, AND ACCURACY OF THE INFORMATION, SOFTWARE, PRODUCTS, SERVICES AND RELATED GRAPHICS CONTAINED ON THE CIRESON COMMUNITY WEB SITE FOR ANY PURPOSE. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, ALL SUCH INFORMATION, SOFTWARE, PRODUCTS, SERVICES AND RELATED GRAPHICS ARE PROVIDED “AS IS” WITHOUT WARRANTY OR CONDITION OF ANY KIND. CIRESON AND/OR ITS SUPPLIERS HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS WITH REGARD TO THIS INFORMATION, SOFTWARE, PRODUCTS, SERVICES AND RELATED GRAPHICS, INCLUDING ALL IMPLIED WARRANTIES OR CONDITIONS OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-INFRINGEMENT.
TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT SHALL CIRESON AND/OR ITS SUPPLIERS BE LIABLE FOR ANY DIRECT, INDIRECT, PUNITIVE, INCIDENTAL, SPECIAL, CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF USE, DATA OR PROFITS, ARISING OUT OF OR IN ANY WAY CONNECTED WITH THE USE OR PERFORMANCE OF THE CIRESON COMMUNITY WEB SITE, WITH THE DELAY OR INABILITY TO USE THE CIRESON COMMUNITY WEB SITE OR RELATED SERVICES, THE PROVISION OF OR FAILURE TO PROVIDE SERVICES, OR FOR ANY INFORMATION, SOFTWARE, PRODUCTS, SERVICES AND RELATED GRAPHICS OBTAINED THROUGH THE CIRESON COMMUNITY WEB SITE, OR OTHERWISE ARISING OUT OF THE USE OF THE CIRESON COMMUNITY WEB SITE, WHETHER BASED ON CONTRACT, TORT, NEGLIGENCE, STRICT LIABILITY OR OTHERWISE, EVEN IF CIRESON OR ANY OF ITS SUPPLIERS HAS BEEN ADVISED OF THE POSSIBILITY OF DAMAGES. BECAUSE SOME STATES/JURISDICTIONS DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES, THE ABOVE LIMITATION MAY NOT APPLY TO YOU. IF YOU ARE DISSATISFIED WITH ANY PORTION OF CIRESON COMMUNITY WEB SITE, OR WITH ANY OF THESE TERMS OF USE, YOUR SOLE AND EXCLUSIVE REMEDY IS TO DISCONTINUE USING THE CIRESON COMMUNITY WEB SITE.
SERVICE CONTACT: team@cireson.com
TERMINATION/ACCESS RESTRICTION
Cireson reserves the right, in its sole discretion, to terminate your access to the Cireson Community Web Site and the related services or any portion thereof at any time, without notice.
GENERAL
To the maximum extent permitted by law, this agreement is governed by the laws of the State of California, U.S.A. and you hereby consent to the exclusive jurisdiction and venue of courts in San Diego County, California, U.S.A. in all disputes arising out of or relating to the use of the Cireson Community Web Site. Use of the Cireson Community Web Site is unauthorized in any jurisdiction that does not give effect to all provisions of these terms and conditions, including without limitation this paragraph. You agree that no joint venture, partnership, employment, or agency relationship exists between you and Cireson as a result of this agreement or use of the Cireson Community Web Site. Cireson’s performance of this agreement is subject to existing laws and legal process, and nothing contained in this agreement is in derogation of Cireson’s right to comply with governmental, court and law enforcement requests or requirements relating to your use of the Cireson Community Web Site or information provided to or gathered by Cireson with respect to such use. If any part of this agreement is determined to be invalid or unenforceable pursuant to applicable law including, but not limited to, the warranty disclaimers and liability limitations set forth above, then the invalid or unenforceable provision will be deemed superseded by a valid, enforceable provision that most closely matches the intent of the original provision and the remainder of the agreement shall continue in effect. Unless otherwise specified herein, this agreement constitutes the entire agreement between the user and Cireson with respect to the Cireson Community Web Site and it supersedes all prior or contemporaneous communications and proposals, whether electronic, oral or written, between the user and Cireson with respect to the Cireson Community Web Site. A printed version of this agreement and of any notice given in electronic form shall be admissible in judicial or administrative proceedings based upon or relating to this agreement to the same extent and subject to the same conditions as other business documents and records originally generated and maintained in printed form. It is the express wish to the parties that this agreement and all related documents be drawn up in English.
COPYRIGHT AND TRADEMARK NOTICES:
All contents of the Cireson Community Web Site are: Copyright 2016 by Cireson, LLC and/or its suppliers. All rights reserved.
TRADEMARKS
The names of actual companies and products mentioned herein and on the Cireson Community Web Site may be the trademarks of their respective owners.
The example companies, organizations, products, people and events depicted herein are fictitious. No association with any real company, organization, product, person, or event is intended or should be inferred.
Any rights not expressly granted herein are reserved.
NOTICES AND PROCEDURE FOR MAKING CLAIMS OF COPYRIGHT INFRINGEMENT
Cireson respects the intellectual property of others and asks that users of the Cireson Community Web Site do the same. In connection with the Cireson Community Web Site, we have adopted and implemented a policy respecting copyright law that provides for the removal of any infringing materials and for the termination, in appropriate circumstances, of users of the Cireson Community Web Site who are repeat infringers of intellectual property rights, including copyrights. If you believe that one of the Cireson Community Web Site users is, through the use of the Cireson Community Web Site, unlawfully infringing the copyright(s) in a work, and wish to have the allegedly infringing material removed, the following information in the form of a written notification (pursuant to 17 U.S.C. § 512(c)) must be provided to our designated Copyright Agent:
Please note that, pursuant to 17 U.S.C. § 512(f), any misrepresentation of material fact (falsities) in a written notification automatically subjects the complaining party to liability for any damages, costs and attorney’s fees incurred by us in connection with the written notification and allegation of copyright infringement.
Designated Agent: Matthew W. Deen, Esq.
Address of Agent: 1620 Fifth Avenue, Suite 875, San Diego, CA 92101
Telephone: 619-993-8873
Fax: 888-244-8458
Email: matt.deen@cireson.com
Comments
@Joakim_Normann - if you need to create a Run As Account, just open up any other connector you currently have configured and you'll see a "New" option within them. SCSM will automatically place it in a correct management pack. Once the account is created you can edit it afterwards from the "Run as Accounts" section and of course use it within the Settings UI for the connector.
@Matt_Overton what configuration within the script? v2.x, v3.x, and v4.x should not require any editing of the PowerShell. But if I've missed something lets get it updated! Feel free to DM me or open a Pull Request 😁
@Adam_Dzyacky creating a specific Run As account for the mailbox in the way you described worked perfectly. Using that account got the connector working. Thank you so much for the help.
Saw this article yesterday and was curious if the SMLets Exchange Connector is affected by this change to Remote PowerShell: https://office365itpros.com/2022/12/19/remote-powershell-deprecation/
Remote PowerShell for Exchange is all about managing Exchange infrastructure, for example:
etc. etc.
Whereas the Exchange Connectors for SCSM are all about interacting with a user's mailbox via the Exchange Web API.
So to answer your question. No, the SMLets Exchange Connector is not affected by this. 😁
Thanks Adam, I think the Web Services API was more the point I was concerned about. With all of the push to the Graph API, I wonder if the EWS API will go away or be reworked.
Hope you're rested and ready to roll because SMLets Exchange Connector v5 is out! 😁
This release also brings with it several bug fixes and optimizations such as:
And that incredibly specific bug above that I could not have found without those who made their voices heard on the GitHub repository. Like @Alexander_Axberg who introduced more logging functionality when connecting to M365 and improving Work Item creation so the native SCSM console search respects items created via the connector. 👍️
As always, thanks to everyone for their contributions, continued support, and usage of the SMLets Exchange Connector.
@Adam_Dzyacky I upgraded the Exchange connector from a very old version to version 5. I have followed all the instructions, but for some reason the connector won't start. I have created a Run As account with the credentials for our production mailbox and choosen that one in the settings.
Do I need 2 separate Tenant and Application/Client ID? One for Test and another for production?
It works fine in our test environment with the same version of the connector. I'm using the same Tenant and Application/Client ID's for production as I use for Test.
@Joakim_Normann
You only need separate IDs, if you have multiple tenants. If you just have a single Azure tenant, and you application has the correct access, then you can reuse that app across SCSM environments. If you use different service / mailbox accounts for the environments, you'll of course need to give permissions for the app to access the mailbox of the relevant accounts (as shown Step 7 in Scenario 3 here: https://github.com/AdhocAdam/smletsexchangeconnector/wiki/Configuration-Examples).
Do you new mailbox account also have the correct permissions in SCSM?
@Konstantin_Slavin-Bo
Thanks for the response.
We use the same Service Account for the WorkFlow account in both Test and Prod.
Have I understood it correctly that the service account need to have access to both mailboxes in order for the connector to work in both enironments?
Have I understood it correctly that the service account need to have access to both mailboxes in order for the connector to work in both enironments?
Yes, the workflow account needs access to the mailbox, from which it's supposed to fetch mails. If the workflow account itself does not have a mailbox, but have FullAccess rights to another mailbox, I'm guessing that you'll need to use impersonation to access the mailbox, although I'm not awfully familiar with this configuration.
...the service account need to have access to both mailboxes...
This comment has given me some pause, but @Konstantin_Slavin-Bo is already heading in the right direction. If the Run As Account is accessing the inbox of another account, then the Run As Account needs Exchange Impersonation rights to do so.
This configuration isn't impossible and I know people out there do it, but it does require a little bit more thought to map out from an Exchange permissions perspective as it's not the kind of permission you want to accidentally overprovision. Because as the name implies, you're giving another account the ability to Impersonate another one entirely within your organization.
You can read more about this permission on Microsoft Learn over here - Exchange ApplicationImpersonation Role.
Now that you're here @Adam_Dzyacky, I'd like to say thanks for a great piece of work - we finally made the jump to your SMLets EC, because our org finally shut down basic auth last October, and I love it.
I remember having some reservations regard error handling and logging, but a lot of work have been done on those fronts since then. Especially in v5, pretty much every step is logged, which really help troubleshooting and gives a peace of mind.
I do have some ideas for improvement, primarily regarding modularization (and easier error handling), mainly born out of our needs for some specific functionality - but that's the beauty of OS; I can just start working on it and tweak it to our needs. If the quality ends up being acceptable, I can always submit a PR to your repo.
Basically I'm just trying to say thanks to you and all the great contributers on this project 😎
Appreciate the kind words @Konstantin_Slavin-Bo. Always great knowing this has helped someone out.
I look forward to the Pull Requests
@Adam_Dzyacky @Konstantin_Slavin-Bo Thanks for both your responses. The issue was resolved earlier this week. I had to uncheck Exchange Online in the settings, because the mailbox wasn't in the cloud. By doing that the connector worked perfectly afterwards.
@Adam_Dzyacky , Email does not attach to work item by using SMlets Exchange connector v5.0.0.29. Only attachment in email is attach to WI. Can you give me advice on how to fix this issue?
Thank you in advance!
@Taras_Kirillov Have you checked "Attach Email to Work Item" under Processing Logic in the Connector settings? I'm using v5.0.0.29 and for us the emails are attached properly to the work items.
@Joakim_Normann Of course yes. But olny attaches of on email are attach to work item. The email itself is not attached.
As @Joakim_Normann has correctly stated, the only requirement here is to ensure that "Attach Email to Work Item" is enabled/checked off in the Settings UI. Beyond this, you would have to investigate event logs and/or debug runs of the connector yourself as to why you are experiencing this.
Does anyone have a fix to only process emails from users in CMDB?
Thanks in advance.
@Sandra_Cole I chose to go the route of Exchange to handle inbound emails, instead of attempting to modify the connector, for two reasons. First, all the work is handled before it hits the SMLets connector, so you save it the effort of processing an additional unnecessary email. Second, Exchange is flexible, so you can easily add/remove processing logic like allow/deny domains and/or specific addresses. If I know a group of consultants will need to converse on work items, I'll go to Exchange and add @exampledomain.lcl to be allowed to send to my environment email. The same is true on the reverse, like the occasional Microsoft Digest email that is sent out. That was creating tickets for me, so I just blocked that particular Microsoft address from being able to email to my SCSM environment. If you do take this approach, try to close the gap as much as possible, and then add as needed, much like firewall best practices.
@Daniel_Polivka1 Thank you for responding. We are currently using exchange rules to filter out known email addresses, but that means we are reactive weather then proactive. I was hoping to get a lead on a PowerShell script. My PowerShell scripting knowledge is very elementary.
@Sandra_Cole
I think @Daniel_Polivka1 is proposing to do it the other way around. You only allow internal addresses to reach the helpdesk inbox, thus creating a case. All others are relayed elsewhere. And if you then need to allow a specific external email address to be able to create a case, you can add that to an allow list.
This will proactively stop all external emails from reaching the inbox, enabling you to allow other senders as needed.
I think the approach Konstantin outlined is a solid practice. It allows you to redirect the "rejected" emails to another mailbox for review so nothing gets missed, and allows for the flexibility of whitelisting addresses you do want to receive from. Consider that a lot of common names like "help", "support", "helpldesk" are probed by spam bots or the eventuality that your processing mailbox address gets onto a spam or marketing mail list.
Adding code to the exchange connector to lookup a list of unknown length for each email received has the potential to add a lot of processing time to the script. Depending on the cost of the lookup for each CMDB object in the list this could become very expensive to efficiency.
Thanks @Daniel_Polivka1 , @Konstantin_Slavin-Bo , and @Brad_Zima - you guys rock!
Email does not attached to work item because an error below:
Does anyone can help me to fix this error? Thank you guys in advance!
Email from xxx on IR22 could not be attached. System.Management.Automation.MethodInvocationException: Exception calling "Bind" with "3" argument(s): "The specified time zone isn't valid." ---> Microsoft.Exchange.WebServices.Data.ServiceResponseException: The specified time zone isn't valid.
at Microsoft.Exchange.WebServices.Data.ServiceRequestBase.ProcessWebException(WebException webException)
at Microsoft.Exchange.WebServices.Data.ServiceRequestBase.GetEwsHttpWebResponse(IEwsHttpWebRequest request)
at Microsoft.Exchange.WebServices.Data.ServiceRequestBase.ValidateAndEmitRequest(IEwsHttpWebRequest& request)
at Microsoft.Exchange.WebServices.Data.MultiResponseServiceRequest`1.Execute()
at Microsoft.Exchange.WebServices.Data.ExchangeService.BindToItem(ItemId itemId, PropertySet propertySet)
at Microsoft.Exchange.WebServices.Data.ExchangeService.BindToItem[TItem](ItemId itemId, PropertySet propertySet)
at CallSite.Target(Closure , CallSite , Type , Object , Object , Object )
--- End of inner exception stack trace ---
at System.Management.Automation.ExceptionHandlingOps.CheckActionPreference(FunctionContext funcContext, Exception exception)
at System.Management.Automation.Interpreter.ActionCallInstruction`2.Run(InterpretedFrame frame)
at System.Management.Automation.Interpreter.EnterTryCatchFinallyInstruction.Run(InterpretedFrame frame)
at System.Management.Automation.Interpreter.EnterTryCatchFinallyInstruction.Run(InterpretedFrame frame)
Seems like an issue with the local timezone
Hello @Adam_Dzyacky ,
after some considerations, digging into the wiki and reading the manuals, we are planning to finally switch to the SMLet Exchange Connector. Some things are not 100 % clear for me, so I thought I ask them here. Maybe you have the time to have a look =)
Thanks for the amazing work with the connector, I am looking forward activating it in our environment.
EDIT: I had a look inside the script and point 2 is irrelevant now ;)
Hello @Adam_Dzyacky and all guys,
I hope you are doing well :)
After SCSM 2022 upgrade exchange connector v4.1 is stoped working. I found your greate tool made by you. All working perfect but emails does not attached to WorkItem. I found an error in Event log.
I tried to use this instruction (https://community.cireson.com/home/leaving?allowTrusted=1&target=https%3A%2F%2Fstackoverflow.com%2Fquestions%2F39467609%2Fthe-specified-time-zone-isnt-valid-using-ews-from-server) but I am newby to PowerShell :(
Guys please give me an advice what exactly I should do to fix the error.
I am stuck :(
In your manuals you state that the workflow should not be configured to run more often than every 5 minutes. In our environment, the main connector for the helpdesk runs every 2 minutes and I think reducing the cycle might be something my manager is not very happy about. We plan setting up the forwarding for at least 4 more mailboxes to the main mailbox, so you think it would be possible to set the cycle to 2 or 3 minutes though?
There are few reasons behind the "don't run this more than every 5 minutes"
So with all of this said:
We receive lots of "message could not be delivered" mails because of some external agents, which we are not able to send mails to via the internal subscriptions. With the OOTB connector these mails are not processed. How is the behaviour with the SMlet Connector? Will it skip these mails, and other "ootb mails sent from Outlook" too, or will it ceate work items from it?
They will not be processed and they have never been processed by any version of the connector
@Adam_Dzyacky Thanks for the answers :)
I will have a look and will start with the config of 4 minutes.
As for the 2nd part, good to know, so for me there are no arguments against the new connector :D