1. In Server Settings page in PWA, goto Operational Policies - Additional Server Settings - Exchange Server details then check on
2. Synchronize Tasks check box
B. Create a PWA user account for each CAS server
1. From Server Setting page in PWA create new user
2. Clear "User can be assigned as a resource" check box and type the name of CAS server in the Display Name field. For eg CAS_Server
3. In the User Authentication section, enter the Windows account for CAS server computer account in the User logon account field. In my case DOMAIN\CAS_Server$
4. Check on Prevent AD synchronize this account
5. In the Security group section, add the user to the Administrator group
6. Click Save button
C. Configure Project Server users for Exchange synchronization
In Server Settings page in PWA double click on each existing user and check on Synchronize Tasks check box
D. Configure impersonation permissions for the Project Server Queue Service account
1. Discover account that is running Project Server Queue service
2. Log on to Exchange server, launch Exchange Management Shell as Administrator
3. Type the below command, replace the string queuingserviceaccount with the account in step 1
Add-ADPermission -Identity (Get-ExchangeServer).DistinguishedName -User (Get-User -Identity queuingservice_account | Select-Object).identity -extendedRights ms-Exch-EPI-Impersonation
If you get the below error that means you have more than one CAS server. Please follow step 3.1
Cannot bind argument to parameter 'Identity' because it is null.
+ CategoryInfo : InvalidData: (:) [Add-ADPermission], ParameterBindingValidationException
+ FullyQualifiedErrorId : ParameterArgumentValidationErrorNullNotAllowed,Add-ADPermission
3.1 Enter the below command in Exchange Power Shell
[PS]$CAS_Server = get-exchangeserver | where { $_.ServerRole -match "ClientAccess" }
[PS]$CAS_Server | foreach-object {Add-ADPermission -Identity $_.DistinguishedName -User (Get-User -Identity queuingservice_account | select-object).identity -extendedRights ms-Exch-EPI-Impersonation}
You will get
Identity User Deny Inherited
-------- ---- ---- ---------
CAS_Server DOMAIN\queuingservice_account False False
Repeat step 3.1 on every CAS server in your Exchange farm
E. Configure impersonation persmissions for all Exchange users
Execute this command in CAS server
[PS] New-ManagementRoleAssignment -Name PRJEXCHIntegration -Role applicationImpersonation -user DOMAIN\queuingservice_account
You will get
Name Role RoleAssigneeName RoleAssigneeType AssignmentMethod EffectiveUserName
---- ---- ---------------- ---------------- ---------------- ----------------
PRJEXCHIntegration ApplicationImp... queuingservice_account User Direct
References:
http://go.microsoft.com/fwlink/p/?LinkId=202797 (video)
http://blogs.msdn.com/b/mohits/archive/2010/05/29/integration-of-project-server-2010-and-exchange-2010-2007.aspx
http://technet.microsoft.com/en-us/library/ff468700.aspx