contentACCESS documentation – version 7.2

  1. Introduction to contentACCESS
    1. Services provided by contentACCESS
    2. Software requirements
      1. contentACCESS prerequisites
  2. contentACCESS setup package
    1. Installation of contentACCESS
      1. EULA
      2. Installation mode
        1. Basic installation mode
          1. License Key
          2. Settings
        2. Advanced installation mode
          1. Installation type
          2. Components
          3. Prerequisites
          4. Options
          5. Service settings
          6. Database connection
          7. contentACCESS Central Administration
          8. Backup Administration for Microsoft 365
          9. contentACCESS Web Services (Proxy)
          10. contentACCESS Portal
          11. Preview service
          12. Central login
          13. Virtual drive
          14. Search service
          15. Search service (V2)
          16. SMTP server
          17. SharePoint shortcut handler
      3. Overview
      4. Installation
      5. Summary
    2. Update of contentACCESS
      1. Managing the index reset or migration
  3. contentACCESS components
    1. contentACCESS Central Administration
      1. Central administration login
      2. contentACCESS Automated single sign on
      3. Central Administration logout
      4. contentACCESS Central Administration user interface
    2. contentACCESS Portal
      1. Logging in to contentACCESS Portal
      2. contentACCESS Portal Automated single sign on
    3. Backup Administration for Microsoft 365
    4. Virtual drive
    5. contentACCESS Web Services (Proxy)
    6. Central login page
  4. contentACCESS Tools
    1. Installing Outlook forms
    2. Legacy email archive connectors
    3. Legacy archive connector for Metalogix Archive Manager Exchange Edition (MAM EE)
      1. Installing Legacy MAM retrieve service and its configuration on the MAM server
      2. Configuration of the MAM server in contentACCESS Central Administration
    4. Legacy archive connector for Email Lifecycle Manager (ELM)
    5. Installing TECH-ARROW’s WinShortcutter
    6. contentACCESS Outlook add-in
      1. Installation of contentACCESS Outlook add-in
      2. How to use contentACCESS Outlook add-in
  5. Tenants in contentACCESS
    1. How to create a new tenant
      1. How to edit and disable a tenant
    2. Tenant limitations
    3. How to provide access to a tenant (adding new tenant administrators)
    4. Tenant administrator invitation types
    5. Tenant associations
      1. Tenant - database association
      2. Tenant - user association
    6. Tenant deletion
  6. General system configurations
    1. Connection
    2. User interface
    3. Users in contentACCESS
    4. Invitations
    5. Roles
      1. Creating roles
      2. Role details
      3. Role assignment
      4. Defining specific permissions of a role assignment
      5. Editing roles, editing role assignments
      6. Role cloning
      7. General use cases of how to create/assign roles
      8. Managing access to contentACCESS objects
    6. Login providers
      1. Login providers’ context menu options
      2. External login provider configuration
        1. Configuring Google OAuth
        2. Configuring Microsoft 365 login provider
        3. Exchange login provider
        4. External AD login provider
      3. Associating an enabled provider with a user login
      4. contentACCESS users in third party systems
    7. System
    8. Licensing
      1. How to activate your license key
    9. Notifications
    10. System logs — how to find out possible misconfigurations / reasons of potential system/job failures
    11. Configuration auditing
    12. Archive auditing
    13. Distributed environment in contentACCESS — Clusters
    14. Statistics
    15. Legal hold
    16. Task runner
    17. Indexing
    18. SMTP Servers
    19. SMTP Mappings
    20. SMTP Rules - selective journaling
    21. Sharing job
    22. Sharing settings
    23. How to create/configure databases — All databases
  7. Common features
    1. Databases
    2. Schedules
    3. Retentions
    4. Storages
      1. Amazon S3
      2. Wasabi storage
      3. Google drive storage
      4. Datengut storage
      5. Azure storage
      6. Disk storage
      7. HybridStore
      8. Perceptive storage
      9. Kendox storage
    5. Exchange connections
      1. Exchange performance settings – turning off the Exchange throttling policies
      2. Mixed Exchange environments in the Email Archive system
    6. Importing contentACCESS configurations from files
      1. Manual import of Exchange servers/groups/mailboxes to the contentACCESS Address book
      2. Importing File Archive root folders to be archived
  8. Creating new jobs in contentACCESS
  9. Jobs’ page, jobs’ context menu
  10. Filtering in jobs
  11. File Archive
    1. Introduction to File system archive
    2. File archive settings
    3. File archive Databases
    4. File archive System settings
    5. File archive Retentions
    6. File archive Storages
    7. Root folders
    8. Aliases
    9. File archive Schedules
    10. Provisioning settings and managing access to contentACCESS Portal
      1. File system provisioning job description
    11. Remote agents (file archive)
    12. Global rules (remote file archive)
    13. Configuring aliases
    14. Configuration of jobs available in contentACCESS File Archive
    15. Configuration of File archive retention changer job
    16. Configuration of File system archive job
      1. File system archive job description
    17. Configuration of a File system restore job
      1. File system restore job description
    18. Configuration of File system recovery job
      1. File system recovery job description
    19. Configuration of Delete job in File archive
      1. File system delete job description
    20. Configuration of File system shortcut synchronization job
      1. File system shortcut synchronization job description
    21. Configuration of Remote shortcutting job
      1. File system remote shortcutting job description
    22. Active/inactive documents in File system archive
  12. Email Archive
    1. Important settings before creating an Email Archive job
    2. Database settings
    3. Email archive System settings
      1. Hybrid exchange settings
    4. Email archive Provisioning settings
      1. Email archive provisioning job description
    5. Retention settings
    6. Shortcuts in email archiving
    7. Storing of archived emails
      1. LoboDMS storage
    8. Creating email archive schedulers
    9. User experience
      1. Exchange 2013+: contentACCESS MailApp in OWA 2013+ or on MS Outlook 2013+ desktop version
      2. Exchange 2010: OWA 2010 integration
    10. Address book objects
      1. Adding address book objects manually
      2. Removing groups and mailboxes from the Address book
    11. Granting access rights for mailbox users and explicit users to view the mailbox archive
      1. Creating contentACCESS Portal users (option 1)
      2. Manage access to a mailbox archive (option 2)
    12. Database and store assignment in email archiving
      1. How to assign database, storage and index zone to an Exchange group?
      2. How to assign database, storage and index zone to a mailbox?
      3. How to move data from source database/storage into a second (target) database/storage?
    13. contentACCESS MailApp access
    14. Remote agents (email archive)
    15. PST import
      1. PST import job description
    16. Creating Email archive jobs: archive, restore, recovery, delete, mailbox move, shortcut synchronizaion, shortcut repair
    17. Email archive job
      1. Email archive job configuration
      2. Email archive job description
      3. Email archive journal processing
        1. Recommendations after turning on journal archive
      4. Archiving of rights protected messages
    18. Email archive retention changer job
    19. Email restore job
      1. Email restore job configuration
      2. Email restore job description
    20. Email recovery job
      1. Email recovery job configuration
      2. Email recovery job description
    21. Configuration of Delete job in Email archive
      1. Email delete job description
    22. Journal post processing job
      1. Journal post processing job configuration
    23. Mailbox move job
      1. Mailbox move job configration
      2. Mailbox move job description
    24. Shortcut synchronization job
      1. Shortcut synchronization job configuration
      2. Email shortcut synchronization job description
    25. Shortcut repair job
      1. Shortcut repair job configuration
      2. Email shortcut repair job description
    26. Public folder archiving
      1. How to configure a job to archive public folders
      2. Public folders in the contentACCESS Portal archive
      3. User permissions to public folders
      4. Public Folder archiving in mixed Exchange environments
    27. Access to private emails and archiving them
    28. SMTP archiving
  13. SharePoint archive plugin
    1. SharePoint Archive settings
    2. SharePoint archive System settings
    3. Site connections in the SharePoint archive
    4. SharePoint archive Provisioning settings
      1. SharePoint provisioning job description
    5. Shortcut configuration in SharePoint
      1. contentACCESS File Handler for Windows
    6. SharePoint archive Address book
    7. SharePoint Archive job configuration
      1. SharePoint archive job description
    8. SharePoint archive retention changer job configuration
    9. SharePoint recovery job configuration
      1. SharePoint recovery job description
    10. SharePoint shortcut repair job configuration
    11. Configuration of Delete job in SharePoint archive
      1. SharePoint delete job description
    12. SharePoint Publishing job
      1. SharePoint publishing job description
    13. SharePoint in the contentACCESS Portal archive
  14. OneDrive archive
    1. OneDrive Archive job configuration
    2. OneDrive archive Jobs
  15. GDPR plugin
    1. GDPR Settings
      1. GDPR Databases
      2. GDPR Schedules
      3. GDPR Index zones
    2. GDPR Processing
      1. GDPR File system settings
      2. GDPR Exchange settings
      3. GDPR Applications
      4. GDPR Jobs
        1. GDPR File system job
          1. GDPR file system job description
        2. GDPR Exchange job
          1. GDPR Exchange job description
        3. GDPR Application job
          1. GDPR application job description
  16. Teams archive
    1. Teams archive databases
    2. Teams archive System settings
    3. Teams archive Provisioning settings
    4. Shortcut configuration in Teams archive
    5. Teams archive Address book
      1. Removing objects from Teams archive Address book
    6. Teams archive Licensing
    7. Teams archive Jobs
      1. Teams archive job
      2. Teams compliance archive job
        1. Comparison between the Teams archive and Teams compliance archive jobs
      3. Teams chat archive job
      4. Teams chat compliance archive job
        1. Comparison between the Teams chat archive and Teams chat compliance archive jobs
      5. Teams archive recovery
        1. Teams recovery job description
      6. Configuration of Teams archive retention changer job
      7. Configuration of Teams chat archive retention changer job
      8. Configuration of Delete job in Teams archive
        1. Teams archive delete job description
      9. Configuration of Delete job in Teams chat archive
  17. Custom plugins
    1. Email management job configuration
    2. Storage replication plugin
    3. Sharing plugin
    4. Datengut plugin
    5. Email synchronizer plugin
    6. Categorize to Public folders plugin
    7. LoboDMS plugin
  18. ThreatTest
    1. ThreatTest configuration
      1. ThreatTest Databases
      2. ThreatTest System settings
      3. ThreatTest Schedules
      4. ThreatTest User experience
      5. ThreatTest Statistics
      6. ThreatTest Job
    2. Using ThreatTest App
  19. officeGATE
  20. contentACCESS Mobile
  21. Virtual drive configurations
  22. Teams application
  23. Application settings
  24. Terms of use
  25. FAQ
    1. Download sample for the file to be imported does not work
    2. Archiving is not working if MAPI is set to communicate with the Exchange server
    3. Virtual drive is still appearing after the uninstall
    4. Outlook forms problems
    5. Unable to open shortcuts of archived files on the server side
    6. Samples are not shown using 'Show sample" option in the Import dialog
    7. Do I need to create separate tenants for file archiving and email archiving
    8. What is the recommended database size for email, file and Sharepoint archiving
    9. The TEMP folder is running out of space when archiving big files
    10. The attachment could not be opened
    11. After updating Exchange 2013, the EWS connection might not work in contentACCESS
    12. If Windows authentication is not working in contentACCESS and an alias was created for contentACCESS
    13. contentACCESS Outlook add-in certificate issue
    14. Prerequisites for Microsoft 365 archiving
    15. How to configure contentACCESS for Microsoft 365 with limited permissions
    16. PowerShell scripts for setting up Email archive
    17. How to reconfigure your email archive to use modern authentication for PowerShell
    18. Solution for Outlook security patches
    19. Solution for Outlook security patches through GPO
    20. Solution for indexing PDF files
    21. Microsoft 365 SuperUser mailbox configuration
    22. Microsoft 365 journaling
      1. Configuring Microsoft 365 journal forwarding through third-party Exchange Online Protection
    23. Organizational forms
    24. Multifactor authentication
    25. Region setting
    26. contentACCESS MailApp installation issue
    27. Azure app registration for Microsoft 365 archiving
      1. Grant permissions for Email archive
      2. Grant permissions for the OneDrive archive
      3. Grant permissions for the SharePoint archive
      4. Grant permissions for Teams archive
      5. How to request access to Microsoft Protected API
    28. Shortcut Handler Azure App registration
  26. Troubleshooting

25.28.Shortcut Handler Azure App registration

Introduction
.alink files are contentACCESS shortcuts used in Microsoft 365 SharePoint, OneDrive, and Teams when rarely used documents are offloaded from Microsoft 365 to contentACCESS Archive. the original document is replaced by a small shortcut file (the .alink). In Microsoft 365, your organization registers a contentACCESS file handler in the tenant so that opening an .alink directly in SharePoint/Teams/OneDrive correctly redirects you to the contentACCESS Shortcut Handler web service.
The Shortcut Handler Azure application registration is required to enable users to open modern shortcuts (.alink files) from SharePoint, Teams, and Teams-related SharePoint sites through contentACCESS. Without this configuration, modern shortcuts cannot be properly handled, previewed, or restored within the Microsoft 365 environment.
For more information about the Azure application registration for Microsoft 365 archiving, please refer to this chapter.
This section explains how to register the Shortcut Handler Azure application for:

  1. an existing application
  2. a single-tenant application (on-premises installation)
Note: To register the Shortcut Handler Azure App in a cloud environment, please reach out to our Professional Services team at the following email address: support@tech-arrow.com

1. Register the Shortcut Handler for an existing application – Step 1/A:
If you already have an Azure application registration, you can extend it to support the Shortcut Handler. First, navigate to the Azure Portal, then open App registrations. Here, select the existing application you wish to extend with the Shortcut Handler. From the Redirect URI configuration step onward, the process is the same as for a single-tenant application. Therefore, the remaining steps are described together in the next section.

2. Register the Shortcut Handler for a single-tenant application (on-premises installation) – Step 1/B:
Navigate to Azure Portal. Go to All services -> App registrations -> + New registration. Fill in the details of the new application and leave the Supported account types settings as Single tenant only. The only mandatory field that needs to be changed is the name of the application; the other options can be left as-is. Click the Register button.

After the app is successfully registered, you will be able to see the Application (client) ID and Directory (tenant) ID in the app’s Overview. (These are used in archive settings to connect contentACCESS with the Microsoft 365 SharePoint, OneDrive, and Teams).

Step 2 – configure the Redirect URIs
Go to Manage > Authentication (Preview), and click the Add Redirect URI button.

From the menu that appears, you will need the Web and Single-page application.

First, configure the Web application by providing the following Redirect URI:
https://{Fully Qualified Domain Name}/ShortcutHandler/signin-oidc

  • For example:

Next, configure the Single-page application. Please note, that for the Single-page application option, you cannot configure both Redirect URIs at the same time during the first setup. You need to enter one URI first and save it by clicking the Configure button. Once the URI appears in the Redirect URI list under the Single-page application type, you can click Edit to add the second required URI.
https://{FQDN}/ShortcutHandler/handler/iframe-auth
https://{FQDN}/ShortcutHandler/handler/msal-callback

  • For example:

Step 3 – create a new client secret

Note: This step is only required when creating a new application registration. If you are extending an existing application to support the Shortcut Handler, you can use an already existing client secret — there is no need to create a new one.

If you created a new single-tenant application, you need to generate a new client secret. To do this, go to the Certificates & secrets tab and click + New client secret. After creating it, make sure to copy the client secret value shown in the Value dialog and store it in a secure location because it can only be viewed immediately after the creation. Once you leave the page, you won’t be able to see it.

Important: Creating a client secret is particularly important for on-premises (single-tenant) installations. The contentACCESS setup requires a client secret, as well as the application and tenant IDs, to properly configure the SharePoint shortcut handler.

Step 4 – add API permissions
Once both applications are set and a client secret was created (if it was necessary), go to the API permissions tab. Here, you need to click the + Add a permission button and select the Microsoft Graph option from the Microsoft APIs tab.

The following permissions need to be added to the application:

  • Microsoft Graph -> Delegated permissions -> Files.ReadWrite.All
  • Microsoft Graph -> Application permissions -> Files.ReadWrite.All

When you finished, grant consent for these permissions by clicking the Grant admin consent for “TENANTNAME” button.

Step 5 – Update the manifest
You also need to update the manifest with the following addIn through the editor on the Manifest tab. 

{
  "id": "ec61c2d1-04d7-4feb-91b9-de53351744f9",
  "type": "FileHandler",
  "properties": [
    {
      "key": "version",
      "value": "2"
    },
    {
      "key": "fileTypeDisplayName",
      "value": "contentACCESS Archive Shortcut"
    },
    {
      "key": "fileTypeIcon",
      "value": "{\"svg\":\"https://static.contentaccess.cloud/spsh/2_0/cac-logo.svg\",\"png1x\":\"https://static.contentaccess.cloud/spsh/2_0/cac-logo.png\",\"png1.5x\":\"https://static.contentaccess.cloud/spsh/2_0/cac-logo.png\",\"png2x\":\"https://static.contentaccess.cloud/spsh/2_0/cac-logo.png\"}"
    },
    {
      "key": "appIcon",
      "value": "{\"svg\":\"https://static.contentaccess.cloud/spsh/2_0/cac-logo.svg\",\"png1x\":\"https://static.contentaccess.cloud/spsh/2_0/cac-logo.png\",\"png1.5x\":\"https://static.contentaccess.cloud/spsh/2_0/cac-logo.png\",\"png2x\":\"https://static.contentaccess.cloud/spsh/2_0/cac-logo.png\"}"
    },
    {
      "key": "actions",
      "value": "[{\"type\":\"open\",\"url\":\"https://{FQDN}/ShortcutHandler/handler/open\",\"availableOn\":{\"file\":{\"extensions\":[\".alink\"]},\"web\":{}}},{\"type\":\"preview\",\"url\":\"https://{FQDN}/ShortcutHandler/handler/preview\",\"availableOn\":{\"file\":{\"extensions\":[\".alink\"]},\"web\":{}}},{\"type\":\"custom\",\"url\":\"https://{FQDN}/ShortcutHandler/handler/restore\",\"displayName\":\"Restore archived file\",\"shortDisplayName\":\"Restore\",\"icon\":{\"png1x\":\"https://static.contentaccess.cloud/spsh/2_0/cac-logo.png\"},\"availableOn\":{\"file\":{\"extensions\":[\".alink\"]},\"folder\":{},\"allowMultiSelect\":true,\"web\":{}}}]"
    }
  ]
}
Important: Please be aware that in the provided JSON, the URLs are incorrect (e.g.: “https://{FQDN}/ShortcutHandler/handler/preview) and you need to replace them with your fully qualified domain name!


Screenshot: Update the manifest in the requested section


Screenshot: Saved manifest file

Step 6 – enable application visibility for users
This step is required to ensure that users (who belong to the registered tenant) can access the Shortcut Handler in SharePoint, OneDrive, and Teams. Go to Enterprise Applications (Home -> Azure services -> Enterprise applications) and select your application. Under Manage → Properties, set Visible to users? → Yes.

Step 7. – Force SharePoint to reload add-ins
It is important that this step is performed by an administrator to ensure access to the necessary endpoints. By completing this step, you can force SharePoint to reload, which may help the platform register the changes made in the application more quickly.
From a browser where the admin is logged into SharePoint, call the following URLs:
https://{SHAREPOINT_SITE_URL}/_api/v2.0/drive/apps?$adminForceRefresh=1
https://{SHAREPOINT_SITE_URL}/_api/v2.0/drive/apps?forceRefresh=1&select=*,promoted&expand=actions

Note: Replace {SHAREPOINT_SITE_URL} with the URL of the SharePoint site where your modern shortcuts are located.

Important: Without this step, it may take 24–48 hours for SharePoint to register the changes in its cache. However, even with this step, it is possible that SharePoint may require more time to fully reflect the updates.
Yes No Suggest edit
« How to request access to Microsoft Protected APITroubleshooting »
Help Guide Powered by Documentor
Suggest Edit