ENow Management System (EMS) Configuration Guide

1.  Run the ENow Admin Console.  You can find the following shortcut in the Windows Server 2008 editions Start Menu:

 

Start > Programs > ENow > ENow Admin Console

Or

Start > ENow > ENow Admin Console



2.  To begin defining the Alert Configuration, select Server, Monitoring Policy, Alerts, and then Alert Disposition.  The ENow Management System supports sending alerts as email, writing to the Windows event log, and sending alerts as an SNMP notification.  After making a selection using the radio dial, select Save in the lower right of the ENow Admin Console.



3.  If you have selected the option to send alerts to an SMS address (recommended), email, and DLs (if you selected write to Windows event or send an SNMP notification, then skip to the next step), then scroll down and select Alert Recipients.  The email alerts can be segmented by feature.  After making your selection, select Save in the lower right.



4.  To adjust the Alert Intervals, simply scroll down and expand the Alert Intervals section.  The various alert types can be delivered at the interval that you prefer.



5.  Configure Email settings (If you configured writing alerts to the Windows event logs or alerts to be sent via SNMP notifications then skip to step 7 when Exchange 2013 or later is being monitored or skip to the last steps), by selecting the Server then Tuning Policy and finally Email Configuration.  We recommend using an SMTP server that is not part of your production Exchange environment.  An ISP SMTP server, an appliance, or GMAIL’s SMTP server are common choices.



6.  1. Once the configuration has been entered, please enter your email address in the space above Test.  Select Test to verify your configuration functions properly.  When complete, select Save in the lower right of the ENow Admin Console.



7. Navigate back to the Getting Started section by selecting Server.  If you are using Mailscape to monitor Exchange 2013 or higher then you will need to Configure Exchange Namespaces (if you are not using Mailscape to monitor Exchange 2013 or higher, then please skip to step 16).  Select the Click here link to configure Exchange namespaces (Exchange 2013 and later only).



8.  Select Add… to begin adding the namespace.



9.  A friendly name should be configured to accurately describe the AD site where the Client Access Servers resides to support the external Namespace URL.  Run the following Exchange PowerShell cmdlet to identify the host name (or common name which will be something like mail.contoso.com) of the Namespace URLs configured for each Client Access Server: Get-WebServicesVirtualDirectory | FL ExternalURL, Server.  Note: if you have several AD Sites, then please plan to run the cmdlet on a Client Access Server located in each of the other AD Sites.  Make a note of each Server Name that has the same external Namespace URL identified.  This information will be used to group Client Access Servers in step 11.  Select Next to continue to the configuration.



10. The individual Namespace URLs for OWA, ECP, EWS, ActiveSync (please note that /Microsoft-Server-ActiveSync may need to be added to the URL), and AutoDiscover may be verified by running the following Exchange PowerShell cmdlets:

 

Get-OWAVirtualDirectory | FL ExternalURL, Server

Get-ECPVirtualDirectory | FL ExternalURL, Server

Get-WebServicesVirtualDirectory | FL ExternalURL, Server

Get-ActiveSyncVirtualDirectory | FL ExternalURL, Server

Get-AutoDiscoverVirtualDirectory | FL ExternalURL, Server

 

For Outlook Anywhere, we use the following format of the URL where the actual FQDN of a mailbox server needs to replace SERVER.DOMAIN.COM after the "?" and before the ":" of the sample URL that is populated.

 

Select Next to begin adding the Client Access Servers and DAG members.



11. Review your notes that identified servers that should be aligned with this particular Namespace and select them from the list and then select Next.



12.  Please remember to enter or verify the credentials for the CAS health tests by visiting the following location of the ENow Admin Console: Server > Tuning Policy > General > Exchange Namespace Monitor Settings.  Select Finish to complete the configuration and repeat steps 8 to 12 for each additional Namespace that should be monitored.



13. When finished adding Namespaces, please select OK.



14. Select Server > Tuning Policy > General > Exchange Namespace Monitor Settings.  Enter the account details for the on premise internal mail flow test account that was prepared based on the EMS Prerequisites Guide.  All of the test users except for the OWA/ECP test user may be configured as this account.  We recommend using a separate test user account for the OWA/ECP test user settings since it will need to be a member of the Exchange Organization Management security group.  Once you have completed the configuration select Save. 

15. Please remember to install the Exchange Management Tools on the EMS Web Server. Finally, set the ENow Namespace Monitor Windows service to run as a domain account that is a local administrator of the EMS Web server and is a member of the Exchange Organization Management security group.  This completes the configuration of the Exchange Namespace settings.  The next steps will cover Office 365.

 


16. Configure Office 365 settings, by selecting the Server > Tuning Policy > General > Office 365 Settings.  Use the radio dial to Enable Office 365.  If required, use the radio dial to enable Hybrid mode.



17. Scroll down to configure the Office 365 Monitoring Account.  Please note that this account should be enabled with the following:

 

Service Administrator permission on the Office 365 tenant

Enabled for remote PowerShell

Assigned an Office 365 E3 license or higher and cloud mailbox enabled

Member of the View Only Organization Management security group for Exchange Online (only if the optional Office 365 Reporting Account is not configured).



18. Scroll down further to configure the optional Office 365 Reporting Account.  This option is recommended for organizations with more than 20,000 cloud mailboxes.  Please note that this account should be enabled with the following:

 

Member of the View Only Organization Management security group for Exchange Online

Enabled for remote PowerShell

Assigned an Office 365 E3 license or higher and cloud mailbox enabled



19. Scroll down further to configure the optional Office 365 Http Proxy Account.  This option is required for organizations that have the EMS web server configured to require a proxy when programmatic attempts are made by the software to access the Office 365 PowerShell.  If no proxy server is present, then please leave the fields blank.



20. Scroll down further to configure the Office 365 tenant Certificates for Exchange, ADFS, AutoDiscover, EWS, OWA, and Outlook Anywhere.  The Pre-populate option may be used to attempt to auto detect these values.



21. Scroll down further to configure additional certificates as an option.



22. Scroll down further to configure the Office 365 Test User in the format of Internal Domain\UserName.  For the ADFS tests to function properly, the account must be a domain user permitted to access the ADFS sign in page.



23. Scroll down further to configure the DirSync settings for the Office 365 Test User.  The UPN name should actually be in the format of user@domain.com and not user@domain.onmicrosoft.com.  The Office 365 Test User must meet the following requirements to be used for the DirSync tests:

 

Active Directory account that has been synced to the Office 365 tenant

Assigned SELF security principal with Write permissions in Active Directory (see notes)

Assigned an Office 365 E3 license or higher (and as an option it should be Skype for Business Online enabled to pair with Skype for Business Online test account)

Assigned a primary SMTP address that matches the UPN value.


24.  Scroll down to configure the Mail Flow Test options.  The Cloud-to-Azure (now Gmail) Mail Flow Test is the first optional Mail Flow Test that can be enabled.  In this section the Cloud Email settings will require an account that is assigned an Office 365 E3 license or higher.  The Cloud Email setting should be the primary SMTP address of the account.  The UPN Name setting is optional and should only be used if it differs in value from the primary SMTP address.  The Cloud (account) Password value should be entered.  A Gmail Address is also required.


25. Scroll down further to configure additional Mail Flow Test options.  The On-Premises To Cloud Mail Flow Test is the second optional Mail Flow Test that can be enabled.  In this section the Internal Domain\User settings will require an internal domain account that has on premise mailbox configured to use EWS.  The Internal Password value should be entered.  The Cloud Email setting should be the primary SMTP address of the account.  The UPN Name setting is optional and should only be used if it differs in value from the primary SMTP address.  The Cloud (account) Password value should be entered.  Please plan to leave the EWS URL value blank unless there is an issue preventing AutoDiscovery from functioning in the Exchange environment.  The Time out Period in Seconds setting may be modified.


26. Scroll down further to configure Organization Relationships options.  In this section, the On-Premises Email setting requires the primary SMTP address of an account that is hosted on an Exchange mailbox server.  The On-Premises Server setting requires the NETBIOS name of the Exchange mailbox server that hosts the previously specified primary SMTP address.  The Cloud Email setting requires the primary SMTP address of a cloud account that is assigned an Office 365 E3 license or higher.


27. Scroll down further to configure the OAuth Configuration Tests.  Use the radio dial to enable the OAuth Test.  The On-Premise mailbox setting requires the primary SMTP address of an account that is hosted on an Exchange mailbox server.  In addition, the account must also be synchronized to the Office 365 tenant with DirSync.  The Office 365 mailbox setting requires the primary SMTP address of a cloud mailbox that has an Active Directory account.


28.  Scroll down further to configure the Office 365 Mailbox Permissions Reporting and the Office 365 Mailbox Folder Statistics Reporting.  UPNs values separated by semi colons may be entered for both reporting options.  Lastly, the Service Health Dashboard may be enabled by using the radio dial.  When finished adjusting the Office 365 settings, please remember to select Save in the lower right of the ENow Admin Console.