Skip to content
samna
Samna Documentation
  • Pages
    • Changelog
    • Introduction
      • Key Features
      • Use Cases
    • General Documentation
      • Enroll Devices
      • System Architecture Overview
        • Components and Interactions
      • Security Features
        • Data Protection
        • User Authentication and Authorization
        • User Roles and Permissions
      • Installation and Setup
        • How to become a Samna-user
        • System Requirements
        • Installation Guide
        • Configuration Settings
      • icon picker
        Limiting Application Access to Specific Exchange Online Meeting Room Calendars
      • Microsoft Graph Permissions Documentation
    • Samna Meet Documentation
      • Getting Started
        • What is Samna Meet?
        • Key Features
        • Initial Setup
        • Device Configuration
      • Using Samna Meet
        • Booking Meetings
          • Filtering Private Meetings
        • Managing Calendars
        • In-Meeting Controls
      • Troubleshooting
        • Common Issues
        • FAQ
    • Samna Area Documentation
      • Getting Started
        • Installation
        • Floor Plan Setup
        • Content Management
      • Using Samna Area
        • Navigating the Map
        • Viewing Room Details
        • Interacting with the Information Bar
      • Customizing Samna Area
        • Floor Plan Updates
        • Information Bar Content
        • Branding
      • Troubleshooting
        • Common Issues
        • FAQ
      • Technical Documentation
        • API Reference
        • Integration Guide
        • Dynamic Map Updates
    • Samna Digital Signage Documentation
      • Introduction
        • What is Samna Digital Signage?
        • Why Choose Samna Digital Signage
        • Who is Samna Digital Signage For?
        • Key Features
        • SDS: A Seamless Part of the Samna Ecosystem
        • A Versatile Solution for Diverse Audiences
      • User Guide
        • How to use Samna Digital Signage
        • Interface Overview
        • Displaying Content
        • Scheduling Content
      • Admin Guide
        • Admin Setup and Configuration
        • Managing Content
        • Customizing Display Settings
        • Integration with Other Systems
      • Technical Documentation
        • API Reference
        • Integration Guide
        • Future Enhancements
    • API Documentation
samna
Samna Documentation
/
/
Limiting Application Access to Specific Exchange Online Meeting Room Calendars

Limiting Application Access to Specific Exchange Online Meeting Room Calendars

This guide outlines the steps to configure an application access policy and limit the scope of application permissions in Exchange Online.

Prerequisites

Access to Exchange Online PowerShell
Samna - Exchange Online Meetingroom Connector Enterprise App added to Enterprise Apps
Appropriate permissions to manage application access policies

Steps

1. Connect to Exchange Online PowerShell

Before configuring the application access policy, you need to connect to Exchange Online PowerShell. For detailed instructions, refer to the official documentation on
how to connect to Exchange Online PowerShell
.

2. Identify Required Information

Before creating the policy, gather the following information:
a. Application (Client) ID:
Navigate to the Microsoft Entra admin center > Enterprise Applications page
Locate and note the application (client) ID for Samna - Exchange Online Meetingroom Connector
b. Mail-Enabled Security Group:
Create a new mail-enabled security group or use an existing one
Add mailboxes you wish for Samna to be able to book and see, typically all room mailboxes in your tenant.d
Note the email address for this group

3. Create an Application Access Policy

Use the following PowerShell command to create a new application access policy:
New-ApplicationAccessPolicy -AppId <ClientID> -PolicyScopeGroupId <GroupEmail> -AccessRight RestrictAccess -Description "<PolicyDescription>"
Replace the placeholders with your specific information:
<ClientID>: The application (client) ID you noted earlier
<GroupEmail>: The email address of the mail-enabled security group
<PolicyDescription>: A description of the policy

4. Test the Application Access Policy

After creating the policy, it's important to test it to ensure it's working as expected. Use the following PowerShell command:
Test-ApplicationAccessPolicy -Identity <UserEmail> -AppId <ClientID>
Replace the placeholders:
<UserEmail>: The email address of a user you want to test the policy against
<ClientID>: The same application (client) ID used when creating the policy
Example:
Test-ApplicationAccessPolicy -Identity user1@contoso.com -AppId e7e4dbfc-046f-4074-9b3b-2ae8f144f59b
The output of this command will indicate whether the app has access to the specified user's mailbox.

Troubleshooting

If the policy isn't working as expected, double-check the application ID and group email address for accuracy.
Ensure that the user you're testing is a member of the specified mail-enabled security group.
Allow some time for the policy to propagate across the Exchange Online environment.

Additional Resources

Limiting App Permissions in Exchange to specific mailboxes
Exchange Online PowerShell Documentation
For further assistance, contact your organization's IT support or Microsoft Support.
Want to print your doc?
This is not the way.
Try clicking the ··· in the right corner or using a keyboard shortcut (
CtrlP
) instead.