The User Accounts section is used to monitor Exchange account access for all staff members in Coconut Calendar. This will allow an Admin user in Coconut Calendar to see delegate permission status, or errors encountered when checking permissions. Users are grouped by the status returned from the Service Account permission checks, and then listed alphabetically within each of the status groups. The status of a specific staff member can be found by searching for them by first and/or last name.

Any staff members reported with permission errors or warnings can be fixed by ensuring the Service Account used for the integration has the proper delegate access to the Exchange user’s calendar, or the Coconut staff member is set up with the proper email. The Microsoft Exchange documentation can be referenced to further investigate the error codes listed below with some of the errors or warning statuses. Once adjustments have been made, the Admin user in Coconut Calendar is able to refresh the reporting for failed staff members to confirm the integration has the proper permissions in Coconut Calendar, or all users if there is a need to recheck staff members with warnings.

Incorrect Permissions

If a staff member is being reported with this status, it means that the Service Account being used for the integration is unable to access and/or manage the Exchange information with the proper set of permissions. Only users that take appointments in Coconut Calendar will have this state, and syncing events between Coconut Calendar and Exchange will not work.

Access Denied

Received ErrorAccessDenied code from Exchange. According to Microsoft Exchange documentation, this error occurs when the calling account does not have the rights to perform the requested action. In this case, the service account is requesting to check the Exchange account users permissions.

The most common reason for this error is Access Control Entries (ACE) containing unresolved names for the user accounts in the Access Control List (ACL), often showing up as "user@domain.com" or blank instead of "User Name". Removing or editing such corrupted entries will solve the issue.

Cannot Retrieve Permissions

Received ErrorBatchProcessingStopped code. If an Access Denied error is encountered for another user while processing a batch of users for permission checks, Exchange will stop processing the remaining users in the batch assuming they will also have similar errors. This means we are unable to find the current permissions state. If there are reports of Access Denied, these will need to be resolved before the user permissions can be retrieved consistently.

Could Not Access Calendar

Received ErrorFolderNotFound code from Exchange. According to Microsoft Exchange documentation, this error indicates that the folder ID that was specified does not correspond to a valid folder, or that the delegate does not have permission to access the folder. In this case, the folder is referring to the calendar folder. It is likely the Service Account does not have access to calendar for the Exchange user.

Does not have an Exchange account

If there is no email set in Coconut Calendar, the staff member will be reported in this status. Alternatively, if there is an email, and the permission check received ErrorNonExistentMailbox code from Exchange. According to Exchange documentation, this error occurs when the email address is empty in CreateManagedFolder, or the email address does not refer to a valid account.

Does not have a Coconut Calendar schedule

If a staff member is being reported with this status, it means they are not set up to take appointments in Coconut Calendar (no services assigned). Coconut Calendar is unable to sync Exchange events for staff members that do not have a schedule in Coconut Calendar.

Correct Permissions

If a staff member is being reported with this status, it means that the Service Account being used for the integration is able to access and/or manage the Exchange information for this user, and the permission check returned with no errors. Only users that take appointments in Coconut Calendar will have this state. Syncing events between Coconut Calendar and Exchange should be working for staff members in this state.

The results on the User Accounts page are stored for 4 hours. This is to limit the amount of requests that are being made to the Exchange server. There may be a need to get new results for staff member permission checks. There are 2 options available.

The “Refresh Failed” action is available if there are staff members that are being reported with errors from the permission check. This will request a permission check for only the staff members that have errors.

The “Refresh All” action is available at all times. This will request a permission check for all staff members in Coconut Calendar.