Configure OAuth authentication with SharePoint 2013 and Lync 2013

[Cette rubrique est une documentation préliminaire et peut être modifiée dans les versions ultérieures. Des rubriques vides sont incluses comme espaces réservés. N’hésitez pas à nous transmettre vos commentaires. Envoyez-nous un e-mail à l’adresse ExchangeHelpFeedback@microsoft.com.]  

S’applique à :Exchange Server 2016

Summary: Learn how to use the Open Authorization (OAuth) authentication protocol to authenticate applications to Exchange. The other applications need to be configured as partner applications in Exchange 2016.

Exchange 2016 supports partner applications such as SharePoint Server 2016 and Skype Entreprise Server 2015 by using OAuth configuration with the script, Configure-EnterpriseApplication.ps1. You can automate the task using the script to more easily configure authentication with partner applications and reduce configuration errors. The script performs the following tasks:

  1. Configures an Enterprise partner application that self-issues OAuth tokens to successfully authenticate to Exchange.

  2. Assigns Role Based Access Control (RBAC) roles to the partner application to authorize it for calling specific Services Web Exchange APIs.

  • Estimated time to complete: 5 minutes.

  • The partner application needs to publish an authentication metadata document for Exchange 2016 to establish a direct trust to this application and accept authentication requests.

  • Examples in this topic use the following default location of the \Scripts directory: C:\Program Files\Microsoft\Exchange Server\V15\Scripts.

  • Des autorisations doivent vous être attribuées avant de pouvoir exécuter cette procédure. Pour voir les autorisations qui vous sont nécessaires, consultez “Partner applications - configure" entry in the Autorisations de partage et de collaboration topic.

  • Pour des informations sur les raccourcis clavier applicables aux procédures de cette rubrique, voir Raccourcis clavier dans Exchange 2013Raccourcis clavier dans le Centre d’administration Exchange.

tipConseil :
Vous rencontrez des difficultés ? Demandez de l’aide en participant aux forums Exchange. Visitez le forum à l’adresse : Exchange Server, Exchange Online ou Exchange Online Protection.

This procedure uses the Configure-EntepriseApplication.ps1 script to configure OAuth authentication with partner applications. Access to resources depends on the permissions assigned to the partner application and/or the user it impersonates by using RBAC. After configuring OAuth authentication from Exchange, the partner application can use Exchange 2016 resources.

  1. This example configures OAuth authentication for SharePoint 2016.

    Cd C:\Program Files\Microsoft\Exchange Server\V15\Scripts
    Configure-EnterprisePartnerApplication.ps1 -AuthMetaDataUrl https://sharepoint.contoso.com/_layouts/15/metadata/json/1 -ApplicationType SharePoint
    
    
  2. This example configures OAuth authentication for Skype Entreprise or Lync Server 2013.

    Cd C:\Program Files\Microsoft\Exchange Server\V15\Scripts
    Configure-EnterprisePartnerApplication.ps1 -AuthMetaDataUrl https://lync.contoso.com/metadata/json/1 -ApplicationType Lync
    
    

If Exchange 2016 also needs to access resources offered by the partner application, you must also configure OAuth authentication in the partner application.

To verify that you have successfully configured an enterprise partner application to authenticate to Exchange 2016 , run the Get-PartnerApplication cmdlet in the Environnement de ligne de commande Exchange Management Shell to retrieve the configuration. You can also run the Test-OAuthConnectivity cmdlet to test OAuth connectivity with a partner application for a user.

 
Afficher: