13 May 2012

Synchronize Project Server 2010 with Exchange 2010

A. Enable Exchange synchronization for the PWA

1. In Server Settings page in PWA, goto Operational Policies - Additional Server Settings - Exchange Server details then check on
2. Synchronize Tasks check box

B. Create a PWA user account for each CAS server
1. From Server Setting page in PWA create new user
2. Clear "User can be assigned as a resource" check box and type the name of CAS server in the Display Name field. For eg CAS_Server

3. In the User Authentication section, enter the Windows account for CAS server computer account in the User logon account field. In my case DOMAIN\CAS_Server$

4. Check on Prevent AD synchronize this account

5. In the Security group section, add the user to the Administrator group

6. Click Save button


C. Configure Project Server users for Exchange synchronization
In Server Settings page in PWA double click on each existing user and check on Synchronize Tasks check box

D. Configure impersonation permissions for the Project Server Queue Service account
1. Discover account that is running Project Server Queue service

2. Log on to Exchange server, launch Exchange Management Shell as Administrator

3. Type the below command, replace the string queuingserviceaccount with the account in step 1

Add-ADPermission -Identity (Get-ExchangeServer).DistinguishedName -User (Get-User -Identity queuingservice_account | Select-Object).identity -extendedRights ms-Exch-EPI-Impersonation

 If you get the below error that means you have more than one CAS server. Please follow step 3.1

Cannot bind argument to parameter 'Identity' because it is null.
    + CategoryInfo          : InvalidData: (:) [Add-ADPermission], ParameterBindingValidationException
    + FullyQualifiedErrorId : ParameterArgumentValidationErrorNullNotAllowed,Add-ADPermission

3.1 Enter the below command in Exchange Power Shell

[PS]$CAS_Server = get-exchangeserver | where { $_.ServerRole -match "ClientAccess" }
[PS]$CAS_Server | foreach-object {Add-ADPermission -Identity $_.DistinguishedName -User (Get-User -Identity queuingservice_account | select-object).identity -extendedRights ms-Exch-EPI-Impersonation}

You will get

Identity             User                                          Deny  Inherited
--------                ----                                       ----  ---------
CAS_Server           DOMAIN\queuingservice_account                  False False

Repeat step 3.1 on every CAS server in your Exchange farm

E. Configure impersonation persmissions for all Exchange users
Execute this command in CAS server
[PS] New-ManagementRoleAssignment -Name PRJEXCHIntegration -Role applicationImpersonation -user DOMAIN\queuingservice_account

You will get

Name                           Role              RoleAssigneeName  RoleAssigneeType  AssignmentMethod  EffectiveUserName
----                           ----              ----------------  ----------------  ----------------  ----------------
PRJEXCHIntegration             ApplicationImp... queuingservice_account         User              Direct



References:
http://go.microsoft.com/fwlink/p/?LinkId=202797  (video)
http://blogs.msdn.com/b/mohits/archive/2010/05/29/integration-of-project-server-2010-and-exchange-2010-2007.aspx
http://technet.microsoft.com/en-us/library/ff468700.aspx

Total Pageviews