All Collections
On Premise Engine
Configuration
Microsoft 365 Setup On Premise Engine Setup
Microsoft 365 Setup On Premise Engine Setup
Updated over a week ago

The below processes are designed to be deployed in an Azure environment connecting to Office 365. You'll setup a Mail Enabled Security group which the On Premise Engine will watch for new mailboxes being added or removed.

Estimated Time: 1 hour with help from SigParser team.

Warning: Do not try this without a SigParser support staff member on a call. It is easy to miss a step.

Azure Account Setup

Create a new Azure account that can be used exclusively by SigParser’s engine. This is important for security reasons as it reduces the risk of misconfigurations by other people sharing the account.

You can use an existing Azure account if you want but you need to be sure the roles within the account are very well defined. You should not do this in a development Azure account as developers often are given too many permissions in development environments.

Setup Azure Virtual Machine

Create a new Azure virtual machine where all the processing will be done.

Azure Specific Settings

  • Windows Operating System

  • Network Access

    • Outbound network access needed.

    • Inbound: Need RDP 3389 access

  • Backup: Enable backup

    • Backup policy: (new) DailyPolicy

  • Guest OS updates: OS-orchestrated patching: patches will be installed by OS

  • Identity: System assigned managed identity = Checked

Once the VM is created go to the VM resource in the Azure portal.

  1. On the left menu under Settings, click Identity

  2. Under the System Assigned tab, change the Status to On

  3. Click Save

  4. Click Yes if a prompt appears.

  5. Save the name of the VM. You’ll need it in the next steps.

VM OS Configuration

  1. Login to the VM you just created

  2. Install Google Chrome or Microsoft Edge

  3. In Windows Explorer turn on the visibility of file extensions.

  4. Download the SigParser On Premise Engine release zip file to the VM

    1. Right click on the Zip file and click “Extract to…”

    2. Select the location C:\sigparser

    3. Click Next

    4. Wait for the extract to finish

  5. Go to c:\sigparser\

  6. Copy the C:\sigparser\EmailFetcher\appsettings-template - office365.json file from folder and paste it to C:\sigparser folder.

    1. Then rename the file to appsettings.json

  7. Open the new appsettings.json file for editing. We’ll put all our configuration into this file. Then later we’ll copy this file to different locations for each of the apps.

  8. In C:\sigparser create a text file named allow.txt

    1. If you want to allow only specific domains to be mined then put each domain name on a different line.

    2. If you want all domains to be mined then put an asterisk (*) only in the file.

  9. In C:\sigparser create a file called deny.txt

    1. On each line put any email domains SigParser shouldn’t process if all the people on an email have those domains. This should generally be your company domain names and maybe your HR company.

  10. In Windows search for Environment Variables and add the following AWS environment variables

    1. SigParserLicenseKey with the license key from SigParser

    2. AWS_ACCESS_KEY_ID = Access key with permission to write to Cloudwatch logs.

    3. AWS_SECRET_ACCESS_KEY = Access key secret for writing to Cloudwatch logs.

  11. Copy the file c:\sigparser\EmailFetcher\log4net-template.config file to c:\sigparser

    1. Rename the file to be called log4net.config

    2. Open c:\sigparser\log4net.config

      1. Change the region setting to the value provided by SigParser IT

      2. Save the file

    3. Copy c:\sigparser\log4net.config to c:\sigparser\EmailFetcher\

Create a Microsoft 365 Security Group

  1. Go to Exchange Admin Console (https://admin.exchange.microsoft.com)

  2. Go to Recipients > Groups > Mail-enabled security

  3. Click Add a group

    1. In Group Type, select Mail-enabled security

    2. In Basics, set Name to SigParser

    3. In Settings,

      1. Set Group email address to sigparser@yourdomain

    4. In Review, review data and click Create Group

  4. Go to Recipients > Groups > and select the SigParser group

  5. Go to Members > View all and manage owners > +Add owners

  6. Select your group owner and click Add

  7. Get the Group ID from the URL browser bar

  8. Go to next step to add members to your security group

Add Members to Security Group

  1. Go to Exchange Admin Console (https://admin.exchange.microsoft.com)

  2. Go to Recipients > Groups > and select the SigParser group

  3. Go to Members > View all and manage owners > +Add members

  4. Add the members or groups who will be connected to SigParser


Register SigParser App in Microsoft Azure

  1. Go to Microsoft Azure portal (https://portal.azure.com)

  2. Go to App registrations > New Registration

  3. Enter the following info

    1. Name: SigParser Email Fetcher

    2. Supported account types: Single tenant option

    3. Redirect URI : Leave blank

  4. Click Register

  5. Add API Permissions

  6. Click on the API permissions section

  7. Give the app these Microsoft Graph as Application permissions

    1. Calender.Read : Yes

    2. Contacts.Read : Yes

    3. GroupMember.Read.All : Yes

    4. Mail.Read : Yes

    5. User.Read.All : Yes

  8. Grant Admin Consent

Create Access Policy

  1. Open Powershell

  2. Open powershell as administrator and paste this command to install the Exchange Online Manager

    1. Install-Module -Name ExchangeOnlineManagement

  3. Run this command next to enable Microsoft powershell scripts to run

    1. set-executionpolicy unrestricted

  4. Load the Exchange Online Management Tool with this command

    1. Import-Module ExchangeOnlineManagement

  5. Connect to your Microsoft account

    1. Connect-ExchangeOnline

  6. Create a new access policy with SigParsers app id and a security group

    1. New-ApplicationAccessPolicy -PolicyScopeGroupId example@mail.com -AppId d323f806-e9e0-4f23-a8e2-4ca821ffbbeb -AccessRight RestrictAccess -Description "Restrict SigParser's access"

    2. (Replace -PolicyScopeGroupId example@mail.com with the email of your security group)

  7. Test if SigParser can access restricted email address

    1. Test-ApplicationAccessPolicy -Identity example@mail.com -AppId d323f806-e9e0-4f23-a8e2-4ca821ffbbeb

    2. (Replace -Identity example@mail.comwith an email outside of SigParsers scope)

Create secrets file

Create the following file: c:\sigparser\secrets.json

{  
"SigParserApiToken": "your api key",
"Office365ClientSecret": "office 365 client secret for the app you created in Azure"
}

Did this answer your question?