Exchange Integration (EWS)

HI Everyone,

I’ve made an app to bidirectionally live sync contacts and calendars with any server (Exchange, Kerio Connect, etc) that uses EWS (Exchange Web Services). And now it is the time to get a few people to test it and get your feed back on it.

The app currently only supports Contacts and Calendar integration but I’ve messaged the Mail team to see if we could integrate mail also. Will see what they says!

Please be gentle on the feed back, this is a initial release, this is also the first app I’ve made for NC and it’s been a few years since I’ve written any major code. So the GUI might need some more work, but the backend code is solid.

I will make the app available on the NC App Store soon, as soon as I get enough souls to test it, but for now it can be installed manually.

Please read the file for requirements, installation, capabilities and limitations.

Let me know what you think.


very cool! thank you for creating this app.

from the first look I’m missing some background details e.g. what is required for EWS login

  • is it user account (what about MFA?)
    • how the provided secret is secured?
  • can the admin auto-provision all/multiple accounts in the org?

As far I see there is no autodiscover support… autodiscover is widely used and user experience is much better when it’s in place (no need to provide server address)

Hi @wwe ,

Thank you for your feedback. I appreciate it!

So before I answer, I just want to say that this is an initial version and my focus for the release was proper translation of data between the two systems, data integrity (prevent duplicates, and make sure changes in one system properly reflect in the other system), and stability.

Now to answer you ,

What is required for the login?
The basics, Host (, Username (usually, and a password.

How the provided secret is secured?
At the moment the secret is not secured. I have thought about this, but the problem is that the secret would need to be secured with a reversible cipher, as it needs to be used in the connection details. So basically any one could download the code and reverse the password. I will have a look at the Mail app to see how they handle this.

What about MFA?
At the moment its is not implemented (this is something I have considered) as the app was designed to function is a closed environment, basically your EWS system (Exchange, Kerrio, SmarterMail, etc) is sitting next to your NC system on the same LAN. Which means you can exempt that IP from MFA requirements.

Can the admin auto-provision all/multiple accounts in the org?
At the moment no. But this would be an easy implementation, can be done through a cvs file or console command (This is actually on my list to do). Give me a few days.

Auto Discovery
At the moment no. But the Autodiscovery code is already there, I just haven’t implemented it in the GUI. My original thinking was that it wasn’t a big deal for a user to enter one extra piece of information. BUT your mention of autodiscovery just gave me a solution to my mail integration problem.

I was trying to contact the Mail team to see how I could implement mail over EWS also, since I see no ability to add a Mail Provider mechanism to the Mail app, but my attempts to reach someone have so far been met with silence. Which is too bad, because after this is completed I wanted to do a ActiveSync integration module since 80% of the code is reusable for ActiveSync.

Back to Autodiscovery, so the solution to mail integration might be Autodiscovery as the information returned does contain the IMAP and SMTP information, which I can then use to configure the Mail account. Its not pretty but its a solution for now. Thank you for this!!!

I hope that answers some of your questions.

1 Like

Hey @wwe,

I’ve address two of your concerns,

How the provided secret is secured?
The secret is now encrypted in the database.

Can the admin auto-provision all/multiple accounts in the org?
Yes, there are now occ console commands to provision an account.
I’ll add a CVS file importer in a few days



HI Sebastian, really appreciate you responsiveness and your engagement! Don’t get me wrong my questions where not intended as complaints rather as heads-up from a engineer, who knows which questions arise in business projects :wink:

I’m not sure what is the best way to get in touch with developers… there is a chat on Nextcloud instance - usually they are responsive: Nextcloud

usually it’s not a big deal… along with the hostname EWS has uses a suffix like /EWS/Exchange.asmx which users can easily mess up… and it costs you much more support when you have to teach everybody to enter 3 pieces of information to connect rather 2 of them, this is the reason for autodiscover. The assumption the user knows her email address for sure - all the technical stuff is populated automatically.

I’m not “the” Exchange engineer but from what I know SMTP and IMAP is not a good way to interact with Exchange and often this “legacy” protocols are disabled for most users. I think it’s not a good idea to build the app around this protocols.

I came across this article - OAUTH2 / Modern Authentication maybe it helps you in regards of Oauth2/MFA. but if you are dealing with Exchange you are likely aware of this awesome resource.

Many thanks for this nice APP that i have been looking for a long time
I am not a developer but also make extended test on apps.
For what i had read in the Readme and upcoming features this apps looks promising and can help a lot of people.

I would like to know if :

  • does it make sense to requested for ability (may be with checkbox on account id settings page) to decide what should be synced
  1. sync Calendar

  2. sync Contact

I also see that there is plan to integrate with Mail. but still don’t understand the goal of this feature.
Can you please elaborate more? thanks

Hi @wwe,

Hehehe. Dont worry, I didn’t take your comments that way! They where good points, and some of them where easy to implement. And things I was going to do anyway!

There is no need to put this in just the domain, the app does the rest, fills in the “

I agree, but unfortunately the NC Mail app only supports IMAP and SMTP. Which is a bummer, because the EWS protocol, can do mail also. So at this point I have two choices, configure the NC Mail app with the IMAP and SMTP information, or rewrite the Mail app to support other protocols, through a provider mechanism. (I’m not there yet, but maybe I’ll entertain the idea after this app is released. LOL)

Oauth is actually on my list of to do, it will just require a minor rewrite of the EWSClient.php. (I’ll probably tackle that next week, just need to get a O365 account I can test with.


Hi @Emile_DERLA_PORM ,

This is already, in the app.

You can choose how you would like the contacts and calendars to sync.

And you can choose witch contacts and calendars folders to sync witch NC addressbook or calendar.

EWS (Exchange Web Services) is the protocol (language) that clients like Outlook, EmClient, Mac Mail, etc. use to talk to the EWS capable server, like Exchange, Kerio Connect, SmarterMail, etc.

This protocol supports, all the functions like Mail, Contacts, Calendars, Tasks, Notes, and more. So the idea was that the user types in their information, and all the appropriate, NC apps, Mail, Contacts, Calendars, Tasks, Notes, etc also get populated with data from the EWS Server, using one protocol. This would simplify user experience and the communication between NC and an EWS system.

Hope that answers your questions.

Hi Everyone,

Just wanted to give you an update on some new features,

  • Support for account Auto Discovery has been added
  • Support for Mail app configuration has been added



Hi Everyone,

Got bored today, so I decided to add another feature,

  • Support for Tasks synchronization has been added.


hi @sebastiank
Thanks for replying and thanks for details …
Honestly i didn’t give a try before asking for “decide on what to sync” .
Also i now get the point about Mail integration which look very interested and good all luck for all the work.
bout the integretion with Mail, does it mean that we could expect something like possibility to directly share file access from Outlook client (which looks to be a functionality right now governed by Sedent through different Plan )


Hey @Emile_DERLA_PORM ,

So no, unfortunately my app is NOT a plugin for Outlook, my app runs as a service on the NC server and connects to the Mail server that Outlook would connect to.

To be able to share files in Outlook you would require a plugin designed specifically for Outlook.

Also, also most forgot to mention the Mail integration has been implemented. The app now configures the NC Mail app after a successful connection.


1 Like

Hi Everyone,

Just wanted to update everyone on progress,

  • Support for Microsoft Exchange 365 has been added.

All that is left now, is some minor code cleanup, then package a release and post it to the app store. Should be done soon.


1 Like

Done, didn’t assign the calendar to the Nextcloud calendar.

Good Morning @ManDal !

Thanks for trying the app.

From the time stamps, I believe the sync ran but did not sync anything as it was to short.

Did you select which Calendars, Contacts and Tasks to sync? You need to click the link icon beside the Calendar, Contacts, or Tasks and link it to a NC Calendar, Contacts or Tasks. Then click save at the bottom. You should then see one of the popup messages on the side say “Found X Calendar Correlations”.



One more thing, just use Passive sync or Manual sync (selectable in the EWS Integration in the admin section ), for now. I had to rewrite the Active/Live sync due to a inconsistency, in how Exchange generates events and watermarks. It will do the initial sync, and sync properly for a bit but will randomly stop working due to the watermarks being out of order, when certain events get generated. I will have the updated code up this weekend.


Seeing as this requires additional PHP stuff, I assume there is no way to get it running when using a docker image of NextCloud?
Keeps coming back with how its missing the library SOAP and trying to install additional stuff in a docker container kinda destroys the reason behind using docker ofcourse as I would have to redo it every single update :stuck_out_tongue:

Morning @Timeraider,

Sure, this works in Docker.

Have a look at my last response in this thread.


Hmm ok.
That does mean ill have to reinstall it every single update I do right as it uses a new image? (Guess I could look into which paths the soap extension uses and turn those into persistent mounted volumes)

If the docker image is destroyed every time yes.

I have been playing with the idea of bypassing PHP Soap all together and doing all the request via pure php http client, but there does not seem to be much demand for this app, so for now that idea in on the shelf.