You can use the IMAP4 protocol to connect the Google Apps for Business email server and the NuPoint UM server. A maximum of 2500 Advanced UM users are supported with this implementation.
To set up IMAP for Google Apps, do the following:
Note:
Messages marked as "urgent" will be delivered as regular messages in Google Mail.
In most cases, voice mail messages are sent immediately to the email server and then forwarded to the Advanced UM users. However, hosted email configurations such as Google Apps may experience slight delays due to virus scanning, anti-spam software, or routing delays caused by traffic volume. As a result, the timestamps of the original voice mail message and email audio attachment may not match.
You must enable global IMAP access for all users in the Google Apps domain to facilitate the synchronization of voice mail and email messages.
To enable global IMAP access:
Log in to the Google Apps administrator control panel: https://www.google.com/a/cpanel/yourdomainname
Enter the domain administrator Email and password.
Click the Settings tab and select Email.
Clear
the Disable POP and IMAP access for
all users in the domain check box.
IMAP access is enabled for all users in the domain, irrespective of
their individual account settings.
You must configure the OAuth (Open Authentication) 2.0 settings for service accounts. With this type of server-to-server interaction, the Mitel application has to prove its own identity to the Google API but end users do not need to be involved. This enables NuPoint UM to synchronize voice mails and email with Google Apps such as Google Calendar and eliminates the need for users to maintain email passwords on the NuPoint UM system.
Configuring OAuth is a multi-step process. First, you must log into the Google Apps console and create a new API project. Then you must select a service for the project, create a service account with client ID, and download your credentials (private key and JSON file). Finally, you must log in to MSL and upload your credentials to the server.
Note:
If the system time is inaccurate, NuPoint UM will be unable to access user email accounts using OAuth. To ensure that your system time is correct, log in to the MSL Server Manager, click Date and Time under Configuration, and then select the Enable Network Time Server option. Disabling this option and using the host's real time clock for the system time is not recommended.
Support for OAuth 1.0 has been deprecated with the release of MSL 10.1. If you are currently using OAuth 1.0 and upgrade to MSL 10.1 or later software, you should reprogram API access for your application using an OAuth 2.0 Service Account. After you have done this, the OAuth 1.0 tab will be removed from the MSL server manager interface.
Note: The following instructions are provided as a guide only. For up-to-date instructions, refer to the following resources:
Google online help available at https://developers.google.com/console/help/
Mitel Knowledge Base article 15-5138-00053 available at http://www.mitel.com/mol
Log In to the Google API Console
Open a web browser and navigate to https://code.google.com/apis/console.
Enter the domain administrator Email and password to log in.
Create the Project
Click the Create project button.
Enter the Project name (for example, "NuPoint Advanced UM") and click Create. Remain in the project.
Enable Google APIs for the project
Open the side menu and select API Manager.
Select a Google API such as "Calendar API" and click Enable API.
Repeat for all Google APIs you want to support. Remain in the project.
Create the Service Account with Client ID
Open the side menu and select Permissions.
Under the Service accounts tab, select Create service account.
Enter a Name, select Furnish a new private key and JSON as the file type, and then select Enable Google Apps Domain-wide Delegation. Set a Product name if prompted.
Click Create
and Close. The service account
is created and the file containing the Private Key and Client ID is
downloaded.
Note:
Store the file in a safe location. You will require it to establish
your credentials to MSL.
For the service account you just created, click View Client ID.
Copy the Client ID and click Cancel. You will require the Client ID in the next procedure.
Manage API Client Access (API Scopes)
Once a service account is created, you must enable the scope of access for your client ID.
Access the Google Admin console:
Open a web browser and navigate to admin.google.com.
Enter the domain administrator Email and password to log in.
Click Security.
Click Show more and then click Advanced settings.
Under Authentication, click Manage API Client access.
On the Manage API client access panel:
Paste the client ID in the Client Name box.
Enter the following
in the One or More API Scopes
box:
To support Gmail integration (for NuPoint Advanced UM), enter:
https://mail.google.com/
Click Authorize.
The client ID now has access to resources in the specified domains.
This procedure involves uploading your OAuth 2.0 credentials (service account Client ID and Private Key) from your computer to MSL. MiCollab employs these credentials to integrate with publicly available Google Apps.
Log in to the MSL Server Manager as "admin".
In the navigation tree, under Configuration, click Google Apps.
Select the Service Account tab.
Under Configuration, choose the following files from your computer:
Service Account ID (.json file)
Private Key (.p12 file)
Note: The Private Key (.p12 file) file is required only for earlier implementations.
Click Upload Credentials.
Confirm that the Client ID, Email address, and Private Key are correct by comparing them to the corresponding fields in the Google API project.
It is now possible to configure a secure connection to publicly-available Google Apps using the OAuth 2.0 protocol for the Service Account client ID.
Notes:
You can generate another private-public key pair and then upload the private key to the Service Account in MSL.
OAauth 2.0 data is not included in system (MSL) backups. Accordingly, if you perform a backup and restore procedure, you must then re-enter the OAuth 2.0 data in order to restore the Google Apps integration.
