Office 365 Basic Authentication Retirement (Oct-1 2022)
Dear ResourceXpress Customer,
In March 2018 Microsoft published an announcement advising that Basic Authentication to Exchange Web Services (EWS) for Exchange Online will be retired on October-1 2022. Please see the below link for the original announcement from Microsoft.
Upcoming changes to Exchange Web Services (EWS) API for Office 365
Office 365 Administrators can also view details of the announcement in the O365 Message centre by searching communication numbers MC191153 and MC204828.
How does this affect ResourceXpress?
ResourceXpress is a .NET application which utilises Exchange Web Services (EWS) to synchronise and display resource bookings on our range of products i.e. Room Screen Displays, Qubi, Interactive Kiosk and Maps.
When Basic Authentication is retired any site that still uses this method will immediately see a disruption to ResourceXpress functionality.
Who does this affect?
This change will have a direct impact on any ResourceXpress deployment integrated to Resource Mailboxes hosted in Exchange Online (Office 365) and using the Basic Authentication method.
What if I use Exchange On-Premise?
Unless your company’s security policy enforces the use of Modern Authentication for local Exchange servers this change does not affect ResourceXpress deployments integrated to Exchange On-Premise environments, however, it may affect customers using a Hybrid Exchange setup.
If you are planning to migrate from Exchange On-Premise to O365 in the future, we recommend you upgrade your ResourceXpress software now to ensure Modern Authentication compatibility.
What do I need to do?
The replacement for Basic Authentication is Modern Authentication (OAuth 2.0) and this method of authentication will be a mandatory requirement from Oct-13 2020. Any customer currently using Basic Authentication must configure their ResourceXpress application to use OAuth 2.0 before this date to ensure continued functionality.
ResourceXpress has supported the use of OAuth 2.0 since the below versions
ResourceXpress On-Premise: Version 4.9j (Released Nov 2019)
ResourceXpress SaaS (RX SaaS): Version 1.5.1 (Released Jan 2020)
If you have any doubts what version you are using, please contact sales@qedas.com
How do I check which authentication method I am currently using?
ResourceXpress On-Premise Customers
Navigate to your ResourceXpress administration console in your browser (http(s)://<rxservername>/meetingmonitor)
Click System Settings in the left menu and select the Resource Server tab
Check the fields populated under Global Resource Authentication. If you see the fields
Resource Login User id, Resource Login Password and Resource Login Domain, you are using Basic Authentication and further action is required.
If you see the fields
OAuth Impersonation User id, OAuth Client Secret, OAuth Client id and OAuth Tenant id listed under the heading Global Resource Authentication Using OAuth, you are already using Modern Authentication and no further action is required.
ResourceXpress SaaS Customers
Log in to your RX SaaS administration console and navigate to Administration Settings – System Settings – Resource Server
Check the status of the option Use OAuth under Global Resource Credentials
If the option is set to No, you are using Basic Authentication and further action is required.
If the option is set to Yes, you are already using Modern Authentication and no further action is required.
I am an RX On-Premise customer – what are my next steps?
If you are currently on ResourceXpress version 4.9j or higher you do not need to upgrade your software to implement this change. You do need to make some configuration changes both in the ResourceXpress administration console and in the applications ‘webRX.config’ file. You will also need to configure an App Registration in your AzureAD environment. Full configuration instructions can be found at this link.
If you are running a version lower than 4.9j you will first need to upgrade your software. Please contact helpdesk@qedas.com to obtain the latest upgrade files.
A valid Software Maintenance Agreement is required to be eligible for application updates. If you do not have a Software Maintenance Agreement in place please contact sales@qedas.com for a renewal quote before contacting the helpdesk.
I am an RX SaaS customer – what are my next steps?
All RX SaaS customers will be running the most up to date version of the application, as such all that is required is to set up the App Registration in your AzureAD tenant and configure the use of OAuth in your ResourceXpress administration console.
Full configuration instructions can be found at this link.
What happens if I do not make the recommended changes?
Basic Authentication will be retired on Oct-13 2020. If your ResourceXpress application is still set to use this method on that date you will see the below symptoms
The SmartBook button will disappear from your room screen devices meaning interactive bookings will not be possible
Outlook booked meetings will not be displayed on your room screen devices
You will see the following error message on your room screen devices:
RXDS-SVC1000: Service Error: The request failed with HTTP status 401: UnauthorisedBookings will not synchronise with your Exchange Online environment
Qubi, Kiosk and Maps will also show the above behaviour
We are committed to providing a 1st class support service to all our customers with current software support agreements. However, where more in-depth assistance outside of the normal support agreement scope is required, we will be offering a discounted fixed cost option to ensure a smooth transition to the new architecture.
The ResourceXpress Support team
- style