Skip to main content Skip to footer

Configure certificate-based authentication to Office 365

The certificate-based authentication configuration method has been changed as of version 14.0.0143 to reduce the level of permissions granted to the Promodag application in Microsoft Entra ID (Azure AD). 

Please follow these steps:

  1. Make sure you run the latest version of Promodag Reports. Beginning with version 14.0.0143, we provide a script to publish an application in Azure AD and a certificate in C:\Users\Public\Documents\Promodag\Reports\: CreateRepexRBACApp.ps1Search for RBAC script
  2. Run Windows PowerShell 7 as administrator in that folder and install both the ExchangeOnlineManagement and Microsoft.Graph PowerShell modules:
    •    install-Module ExchangeOnlineManagement -Scope AllUsers
    •    install-Module Microsoft.Graph -Scope AllUsers

  3.  Then run the script to create the certificate, the application, a new role group in Exchange Admin Center, a Service Principal for the application and add it as a member of the role group.
    Input a password of your choice when prompted:
    Run script
  4. Once the certificate and the app have been created, open the RepexAppCreation.log file generated in C:\Users\Public\Documents\Promodag\Reports\ and paste the link indicated at the bottom of the file to proceed with the admin consent in Microsoft Entra ID:
    Use information in log file
  5. Enter the Application Id, path to the certificate file, certificate password in Promodag Reports.
    Since you have no public folder, you can safely ignore the "Public folder access" mailbox field.

    Paste the information collected in Promodag Reports

To create manually the certificate, the Entra ID application, the Service Principal and the admin role group, please follow this procedure.

Try Promodag Reports Free for 45 Days

Cookie Notice

Find out more about how this website uses cookies to enhance your browsing experience.