Office Offline Installation
Visit to https://config.office.com/deploymentsettings Step 1 - Download and install the Office Deployment Tool
Step 2 - Create the configuration file
Visit to https://config.office.com/deploymentsettings Step 1 - Download and install the Office Deployment Tool
Step 2 - Create the configuration file
T Thunderbird is a free email application that’s easy to set up and customize – and it’s loaded with great features. Thunderbird will need to be updated to version 77.0.b1 or higher in order to work with Office 365. You can download the latest version of Thunderbird here. You need to ensure that you have already configured app registration in Azure Active Directory and granted users access to use the application. If not please follow steps in our earlier blog here.Pre-requisites
Setting up Thunderbird
The settings you see should be:Username: username@domain.com
Password: Office 365 password
Protocol: IMAP
Incoming (IMAP): outlook.office365.com SSL
Outgoing (SMTP): smtp.office365.com STARTTLS
Manual Server Information
Username: username@domain.com
Password: Office 365 password
Incoming: IMAP
Server: outlook.office365.com
Port: 993
SSL Enabled: Yes
Authentication: OAuth2
Outgoing: SMTP
Server: smtp.office365.com
Port: 587
SSL Enabled: STARTTLS
Authentication: OAuth2
Microsoft has disabled Basic authentication for most Exchange Online protocols. Microsoft has documented the requirements and configuration steps to use OAuth with POP/IMAP in Microsoft 365 in this article: Authenticate an IMAP, POP or SMTP connection using OAuth | Microsoft Docs. You’ll see details about the registration of the required Azure AD applications and the permissions required for the access token to give Exchange Online the authorization of the mailbox access request. Microsoft 365 (formerly Office 365) supports two kinds of OAuth 2.0 authentication: In Azure Portal ⇒ expand the left menu ⇒ select Azure Active Directory ⇒ select App registrations ⇒ click + New registration. (Azure Portal is constantly evolving, so if you cannot find this page, use the search bar.) Name your application, choose which kind of accounts are going to use it, and click Register. Once you successfully register your application you can view its associated IDs. Some of them will be needed later to obtain an OAuth 2.0 token. In the left menu, select Certificates & secrets ⇒ click + New client secret. Provide some description for this secret, choose expiration period, and click Add. Immediately copy and save the newly created client secret’s Value (not Secret ID). You will not be able to view the Value later anymore. In the left menu, select API permissions ⇒ click + Add a permission. Navigate to APIs my organization uses tab ⇒ type Office 365 Exchange in the search bar ⇒ click Office 365 Exchange Online entry. Click Application permissions ⇒ type AccessAsApp ⇒ check IMAP.AccessAsApp and/or POP.AccessAsApp ⇒ click Add permissions. The newly-added IMAP.AccessAsApp and POP.AccessAsApp permissions have to be approved by your organization’s administrator. Ask them to grant consent to your application by clicking Grant admin consent for [organization]. Before you proceed, make sure you have AzureAD and ExchangeOnlineManagement PowerShell modules installed. If not then run the commands below to install them. Next we need to fetch the principal ID for the application we just created using the Azure Portal. Fill in the App ID and Tenant Id and run the following: Now we need to register the service principal for your application Add FullAccess mailbox permissions to all mailboxes you want to access from your application using: At this point you have registered an application for accessing Office 365 mailboxes via IMAP or POP3 protocol and received its Application (client) ID, Client secret and Directory (tenant) ID. These strings are going to be used by your application to authenticate to Microsoft 365 via OAuth 2.0 and receive an OAuth token. This token is then used to authenticate to Exchange Online using IMAP or POP3 protocols.OAuth 2.0 Authentication
This mode is described in detail in another article.Register your application
Set up client secret (application password)
Add app permissions
Add mailbox access permissions
Install-Module -Name AzureAD
Install-Module -Name ExchangeOnlineManagement
$AppId = "YOUR_APP_ID_HERE"
$TenantId = "YOUR_TENANT_ID_HERE"
Import-module AzureAD
Connect-AzureAd -Tenant $TenantId
($Principal = Get-AzureADServicePrincipal -filter "AppId eq '$AppId'")
$PrincipalId = $Principal.ObjectId
$DisplayName = "Service Principal for IMAP/POP3"
Import-module ExchangeOnlineManagement
Connect-ExchangeOnline -Organization $TenantId
New-ServicePrincipal -AppId $AppId -ServiceId $PrincipalId -DisplayName $DisplayName
Add-MailboxPermission -User $PrincipalId -AccessRights FullAccess -Identity "mailbox.1@domain.org"
Add-MailboxPermission -User $PrincipalId -AccessRights FullAccess -Identity "mailbox.2@domain.org"
Add-MailboxPermission -User $PrincipalId -AccessRights FullAccess -Identity "mailbox.3@domain.org"