Database scan account details
This dialog window displays if you still need to specify username and password for the Database scan. Specify the credentials of the user who has access to EWS (Exchange Web Services) in this window and click OK. Alternatively, go to Advanced setup > Server > On-demand mailbox database scan.
1.Type the User name, click Set, enter the password for this user account and click OK.
2.Click the check box next to Save account information to save account settings. Otherwise, you will be prompted to type the account information every time you run an On-demand mailbox database scan.
If a user account does not have appropriate access to Exchange Web Services (EWS), you can select Create ApplicationImpersonation role assignment to assign this role to the user account. Alternatively, you can assign the ApplicationImpersonation role manually.
|
Scan accounts must have the ApplicationImpersonation role assigned to enable the scan engine to scan user mailboxes within the Exchange mailbox database(s). If you are running Exchange Server 2010 or later version, a new unlimited EWS Throttling Policy is created for the user account. Ensure to configure the EWS Throttling Policy for the scan account to avoid too many operation requests by ESET Mail Security, which might otherwise cause some of the requests to timeout. See EWS Best Practices and Understanding Client Throttling Policies articles to learn about the Throttling Policies. Also, see Change user throttling settings for specific users article for further details and examples. |
If you want to assign ApplicationImpersonation role to a user account manually and create new EWS Throttling Policy for this account, you can use the following commands (replace ESET-user with an actual account name in your system, you can also set limits for the EWS Throttling Policy by replacing $null with numbers):
Exchange Server 2007 Get-ClientAccessServer | Add-AdPermission -User ESET-user -ExtendedRights ms-Exch-EPI-Impersonation Get-MailboxDatabase | Add-AdPermission -User ESET-user -ExtendedRights ms-Exch-EPI-May-Impersonate |
|---|
Exchange Server 2010 New-ManagementRoleAssignment -Name:ESET-ApplicationImpersonation -Role:ApplicationImpersonation -User ESET-user This might take a few moments to apply New-ThrottlingPolicy -Name ESET-ThrottlingPolicy -EWSFindCountLimit $null -EWSFastSearchTimeoutInSeconds $null -EWSMaxConcurrency $null -EWSPercentTimeInAD $null -EWSPercentTimeInCAS $null -EWSPercentTimeInMailboxRPC $null Set-ThrottlingPolicyAssociation -Identity user-ESET -ThrottlingPolicy ESET-ThrottlingPolicy |
Exchange Server 2013, 2016 and 2019 New-ManagementRoleAssignment -Name:ESET-ApplicationImpersonation -Role:ApplicationImpersonation -User ESET-user This might take a few moments to apply New-ThrottlingPolicy -Name ESET-ThrottlingPolicy -EWSMaxConcurrency Unlimited -EwsCutoffBalance Unlimited -EwsMaxBurst Unlimited -EwsRechargeRate Unlimited Set-ThrottlingPolicyAssociation -Identity ESET-user -ThrottlingPolicy ESET-ThrottlingPolicy |