Before initiating the sync process between Microsoft Outlook and InterAction using the GraphAPI, ensure you have a Microsoft Developer account, the .NET Framework 4.8, and proper Azure AD App registration permissions. Additionally, validate server connectivity to graph.microsoft.com over port 443, enable TLS 1.2 support in the Windows .NET Framework, install the necessary certificate, and choose an appropriate internal working port to guarantee a smooth sync execution.
Before starting the process to configure the Microsoft Outlook and InterAction synchronization, confirm the following prerequisites are met:
- A Microsoft Developer account
- Microsoft .NET Framework 4.8
-
Access to the Azure Directory portal with permissions to create and edit App Registrations
Users are advised to register the user account to Azure AD App registration to get the Application ID, Tenant ID and Secret Key for using the process Microsoft Outlook to InterAction Sync- GraphAPI.
Verify Server Access to MS Graph on the Internet
To verify that the server can connect to the Microsoft site graph.microsoft.com over port 443:
- Open PowerShell and enter the command `tnc graph.microsoft.com -port 443` to test connectivity. Press Enter.
- Check the results to confirm successful connectivity to the Microsoft Graph site over port 443. The results should display 'TcpTestSucceeded : True'. If it shows False, the server does not have access to graph.microsoft.com. Contact your network administrators to grant access.
Enable TLS 1.2 Encryption Support in Windows .NET Framework
The MS Graph sync needs a TLS 1.2 encrypted connection to work properly. Without it, the sync won't function correctly.
Microsoft provides instructions on how to enable TLS 1.2 for the .NET Framework here.
For 32-bit applications that are running on 32-bit OSs and for 64-bit applications that are running on 64-bit OSs, update the following subkey values:
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v2.0.50727]
"SystemDefaultTlsVersions" = dword:00000001
"SchUseStrongCrypto" = dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319]
"SystemDefaultTlsVersions" = dword:00000001
"SchUseStrongCrypto" = dword:00000001For 32-bit applications that are running on 64-bit OSs, update the following subkey values:
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v2.0.50727]
"SystemDefaultTlsVersions" = dword:00000001
"SchUseStrongCrypto" = dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\.NETFramework\v4.0.30319]
"SystemDefaultTlsVersions" = dword:00000001
"SchUseStrongCrypto" = dword:00000001Install the Certificate
IIS installation is not required on the server.
The sync will use a certificate to encrypt communication with Microsoft Graph. You can buy a certificate from a third party like DigiCert, create one using your firm's certificate authority, or use a self-signed certificate with the LexisNexis Certificate Maintenance Tool.
- Log in as an administrator on the server.
- Open the Run dialog by pressing Start > Run, then type `certlm.msc` and press Enter. It may take several seconds to load.
- In the Certificate Manager, expand the Personal folder, and then select Certificates.
- Choose the certificate to install. It can be self-signed, created by a private CA, or created by a public CA.
- Ensure the Subject and Subject Alternative Name fields are filled with either a wildcard or the server's name.
-
After installing the certificate, double-click on it and select the Details tab. Scroll down and find the Thumbprint value. Take note of it or copy it to Notepad as it will be required during the installation of the Admin tool.
If IQ is also installed on this server, you can use the IQ certificate for the MS Graph sync. Just obtain its thumbprint value.
Choose an Internal Working Port
- Choose an internal port to work on. No firewall changes are necessary as this port is not used for communication.
- Open a command prompt and run the command `netstat -ano` and press Enter to see a list of ports currently in use.
- Review the list of ports displayed by the `netstat -ano` command.
- Select a port that is not listed in the output. Recommended ports are 8150 or 8231.
It is essential to verify that all prerequisites are met to ensure a smooth and successful execution of the process.