Exchange Online migration with contentGATE

  1. Introduction
  2. Microsoft Entra ID app registration for Microsoft 365 migration
  3. Installation of contentGATE
  4. contentGATE welcome interface
  5. Migration "how to"
    1. Creating a new migration project
      1. Specifying Exchange Online as source or target archive
      2. Specifying contentACCESS Archive as target archive
    2. Migration project configuration
      1. Interface overview
      2. Default project settings
      3. Loading source objects
      4. Loading target objects
      5. Mapping source objects to target objects
      6. Creating migration group(s) and adding group members
      7. Creating migration job(s) to your migration project
    3. Starting the migration
    4. Job details
    5. Migration report and error handling

2.Microsoft Entra ID app registration for Microsoft 365 migration

This section explains how to register an application in the Azure portal, which enables contentGATE to authenticate and establish a connection with the Exchange Online using modern authentication.

Important: The registration of the Azure AD application can be automated using the following script. The script needs to be downloaded and saved on a computer and started with PowerShell.
Set-ExecutionPolicy -ExecutionPolicy Unrestricted -Scope CurrentUser
cd ([Environment]::GetFolderPath(“MyDocuments”))
Invoke-WebRequest -Url https://static.contentaccess.cloud/appregistration/Register-contentACCESSAADapp-v3.ps1 -OutFile “Register-contentACCESSAADapp.ps1”
.Register-contentACCESSAADapp.ps1
Please ensure that Windows PowerShell is run as Administrator for this process to execute correctly.
.
Once the script is ready to be installed, select the option marked “contentGATE (Exchange Online)” for contentGATE.
.

Manual application registration
Navigate to the Entra ID. Go to App registration -> +New registration. Provide the application details, the only required field to modify is the application name; other fields can remain as default. Click the Register button.

Once the app is registered, the Application ID and Tenant ID will be displayed on the app’s Overview page. These values will be entered in contentGATE, so please mark them down.

The next step is to assign the necessary permissions to the application. Click the API permissions button in the left menu of the application details page. When the configured permissions page loads, click the +Add a permission button and select the appropriate API.

On the Request API permissions tab, search for Office 365 Exchange Online and select it.

Then select Application permissions, and the available permissions will be listed.

Locate the full_access_as_app permission from the Other permissions category and the Exchange_ManageAsApp permission from the Exchange category, then click the Add permissions button.

Once the permissions have been assigned, an administrator must grant consent for them. Click the Grant admin consent for ‘Tenantname’ button.

The Exchange_ManageASApp permission allows the application to connect to PowerShell but does not automatically grant access to PowerShell commands or Exchange objects. Access to Exchange objects is managed through Role-Based Access Control (RBAC). This means that the App registration must be assigned either the Exchange Administrator role or the Exchange Recipient Administrator role.
To assign the role, navigate back to the Entra ID page, then go to Roles and Administrators | All roles, select Exchange Administrator from the list, and click on it.


Click the Add assignments button, search for the App registration (e.g., ‘Application for contentGATE’ in our example) and assign it to the role. The App registration is categorized as a ‘Service Principal’.

The roles will be listed on the Exchange Administrator | Assignments page now.

After assigning roles, return to the application settings and add a new client secret by clicking on the +New client secret button. This is required for some plugins and client applications.

Once the client secret is generated, copy and store it in a secure location for future use. The client secret is required when configuring the Exchange Server connection in contentGATE with modern authentication.

Note: Client secrets have a limited lifespan (usually one year). A new client secret must be generated annually, and all affected contentGATE configurations must be updated accordingly

Once all settings are configured, contentGATE can establish a secure connection to Exchange Online using modern authentication via PowerShell.

Yes No Suggest edit
« IntroductionInstallation of contentGATE »
Help Guide Powered by Documentor
Suggest Edit