...
| Tip |
|---|
Hint: the following connection with the Exchange Admin Center must be executed using Edge or Internet Explorer |
Install or start Exchange Online PowerShell Module. You can download it from the Exchange admin Center.
Once logged in, scroll down to Hybrid.
(Should you have any issue when downloading this file with Google Chrome, please try with Edge).
Execute the following command and connect to your Office365 using an admin account.
Code Block language powershell Connect-EXOPSSession
Create a Mail-enabled security group with the following command. Here the name of the group is RoomzResources. You have to replace the PrimarySmtpAddress with a valid domain name.
Code Block New-DistributionGroup -Name RoomzResources -Alias RoomzResources -PrimarySmtpAddress RoomzResources@myorganization.com -Type security
Fill this group with all room mailboxes. Don't forget to change the name of RoomzResources should you have used another name:
Code Block Get-Mailbox| where {$_.RecipientTypeDetails -eq "RoomMailbox"} | foreach {Add-DistributionGroupMember -Identity RoomzResources -Member $_.UserPrincipalName}Apply an application access policy with the following command. Replace the myAppId with the Application (client) ID from the previous section. Replace RoomzResources with the name of the group you created.
Code Block New-ApplicationAccessPolicy -AppId myAppId -PolicyScopeGroupId RoomzResources -AccessRight RestrictAccess -Description "Restricted ROOMZ Access"
In order to reduce the propagation time required by Microsoft Azure, this command can accelerate the process:
Code Block language powershell Update-DistributionGroupMember RoomzResources
Thanks to this, the application is now restricted to access only the agenda of the group RoomzResources, containing only meeting rooms. Should you create new meeting rooms, please re-execute the command on point 4.
...