Delegated calendar
Ivanti Email+ supports delegated access for Calendar. The delegated calendar option enables the calendar owner to assign their calendar to a delegated user within the organization's exchange Global Address List (GAL). To enable the Add Delegated Calendar option in Email+, configure the calendar_delegation value in enabled_features key value pair.
Microsoft Exchange server provides Reviewer, Editor, and Author level permissions, in the Email+ app delegated user can create, view edit and remove calendar events according to permissions given by the owner. The delegated user can view event related updates on the Email+ app with this permission.
The following table displays the different delegation permissions and the actions they can perform:
Permission level | Action allowed |
---|---|
Reviewer |
With the Reviewer level permissions you can perform the following actions:
|
Author |
With the Author level permissions, you can perform the following actions:
|
Editor |
With the Editor level permissions, you can perform the following actions:
|
To configure delegation, configure the following key-value pairs:
- Add calendar_delegation value to enabled_features key-value pair to add the Add Delegated Calendar option in the Email+ app.
- Add email_ews_host key-value pair with EWS host value as FQDN to provide access to EWS server.
- Add ews_min_allowed_auth_mode key value pair to enable basic, certificate based authentication, and modern_auth authentication methods to the exchange server through EWS protocol. If Email+ is configured with eas_min_allowed_mode KVP as Modern Auth, add ews_min_allowed_auth_mode KVP with modern_auth value to enable modern authentication method to the EWS server.
- If EWS server is not accessible publicly (located in private network), then VPN should be configured.
When a calendar is delegated, a system generated mail is sent to the delegated user with details of the calendar owner. The calendar owner has the ability to assign or deny access to the delegated calendar.
Adding delegated calendar
In the Email+ app, go to Calendar >Add Delegated Calendar option and enter the calendar owner's email address. Select the calendar owner to add the delegated calendar. You can assign a color to the delegated calendar to differentiate between assigned calendars.
The calendar owner delegates the calendar from the Microsoft Outlook on the web (OWA). For more information on delegation, see Microsoft documentation.
The user can manually remove the delegated calendar from the Email+ app. If the access to the deleted calendar is available, then user can again add that delegated calendar.
When the calendar owner removes access to the delegated calendar, Email+ receives "Delegated Calendar access has been denied" notification when the Email+ app is launched.
Disabling delegated calendar feature
The admin can disable the Add Delegated Calendar option from the Email+ app by removing calendar_delegation value from the enabled_features key value pair.
Ivanti Email+ configurations supported for Delegated Calendar
The following table lists the supported Email+ and EWS configurations.
If EWS server is not accessible publicly (located in private network), then VPN should be configured.
Email+ Configuations |
Additional Configurations for EWS |
Supported |
---|---|---|
Ivanti EPMM and Ivanti Neurons for MDM with sentry, Modern auth with or without email_password KVP, Microsoft Office 365 |
Add email_ews_host KVP with EWS server value Add ews_min_allowed_auth_mode = modern_auth KVP |
Yes |
Ivanti EPMM or Ivanti Neurons for MDM, without sentry, Modern auth with or without email_password KVP, Microsoft Office 365 |
Add ews_min_allowed_auth_mode = modern_auth KVP |
Yes |
Ivanti EPMM or Ivanti Neurons for MDM, with sentry, Modern auth with or without email_password KVP, Microsoft Office 365 |
Exchange host for EWS should have value of the EWS server Add ews_min_allowed_auth_mode = modern_auth KVP |
Yes |
Ivanti EPMM or Ivanti Neurons for MDM, with sentry + Local certificate, Basic auth with or without email_password KVP, Microsoft Exchange versions 2016 and 2019, Microsoft Office 365 |
Add email_ews_host with EWS server value |
Yes |
Ivanti EPMM, with sentry + group certificate, Basic auth with or without email_password KVP, Microsoft Exchange versions 2016 and 2019, Microsoft Office 365 |
Add email_ews_host with EWS server value |
Yes |
Ivanti EPMM, with Sentry + MS scep certificate, Basic auth with or without email_password KVP, Microsoft Exchange versions 2016 and 2019, Microsoft Office 365 |
Add email_ews_host with EWS server value |
Yes |
Ivanti EPMM or Ivanti Neurons for MDM, with Sentry, Kerberos with prompt_email_password=true and enter password on Email+ login screen, Microsoft Exchange versions 2016 and 2019 |
Add email_ews_host with EWS server value |
Yes |
Ivanti EPMM or Ivanti Neurons for MDM, with Sentry, Kerberos with email_password KVP with hard coded value (which is not probably a use case), Microsoft Exchange versions 2016 and 2019 |
Add email_ews_host with EWS server value. |
Yes |
Ivanti EPMM or Ivanti Neurons for MDM, without sentry, Basic auth (with or without 'email_password' KVP), Microsoft Exchange versions 2016 and 2019, Microsoft Office 365 |
Add email_ews_host with EWS server value. |
Yes |
Ivanti EPMM or Ivanti Neurons for MDM, with or without sentry, Certificate based auth, Microsoft Exchange versions 2016 and 2019, Microsoft Office 365 |
Add email_ews_host with EWS server value Add ews_min_allowed_auth_mode = cert_base KVP |
Yes |
Ivanti EPMM or Ivanti Neurons for MDM, with sentry, Kerberos (without 'email_password' KVP), Microsoft Exchange versions 2016 and 2019 |
|
No |
Email+ does not show alerts and notifications for delegated events.