|
dev
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Exch2003 - Add a public delegate?In Exchange 2003 you can enable a user to "Send on behalf of". This can be done from the Exchange General tab of the ADUC snap-in. You can also see users who have been granted this permission by looking at the AD attribute called publicDelegates. My question is, how can I add a new public delegate to an existing mailbox using programming? I looked over all the topics of the Exchange 2003 SDK, but can't find anything helpful. The only information I can find on the web about this is here: http://hellomate.typepad.com/exchange/2004/09/listing_which_e.html Scroll down to the post from Jason Krueger. It says "The actual delegation is done via EDITOR ACE's per delegate on the ACL's of the "NON_IPM_SUBTREE/Freebusy Data" and Calendar, Inbox folders on the mailstore (also 3 MAPI attributes are set on the localFreebusy message). Forwarding messages to delegates is done via a hidden rule which will have an action for every delegate in the list. You can change the publicDelegates attribute and the only thing that will happen is Outlook will erroneously display those users in the Tools -> Options -> Delegates tab, but no real permissions are actually granted." From the info above, I don't know which libraries and API technologies to use, to actually achieve the adding of a new public delegate. Any help appreciated. (I don't need detailed help with constructing ACEs, DACLs etc, just the high level overview). -- Gerry Hickman London (UK) You're looking at doing this through CDO, and there's too much to it to go
over here. You'll need to learn how to use the directory features, work with ACLs and ACEs, and apply properties. It's pretty complicated, but the information you need should be online--that's how I learned it. -- Show quoteHide quoteEd Crowley MVP "There are seldom good technological solutions to behavioral problems." .. "Gerry Hickman" <gerry666uk2@newsgroup.nospam> wrote in message news:O6OBL5S2JHA.5276@TK2MSFTNGP04.phx.gbl... > Hi, > > In Exchange 2003 you can enable a user to "Send on behalf of". This can be > done from the Exchange General tab of the ADUC snap-in. You can also see > users who have been granted this permission by looking at the AD attribute > called publicDelegates. > > My question is, how can I add a new public delegate to an existing mailbox > using programming? > > I looked over all the topics of the Exchange 2003 SDK, but can't find > anything helpful. The only information I can find on the web about this is > here: > > http://hellomate.typepad.com/exchange/2004/09/listing_which_e.html > > Scroll down to the post from Jason Krueger. It says > > "The actual delegation is done via EDITOR ACE's per delegate on the ACL's > of the "NON_IPM_SUBTREE/Freebusy Data" and Calendar, Inbox folders on the > mailstore (also 3 MAPI attributes are set on the localFreebusy message). > Forwarding messages to delegates is done via a hidden rule which will have > an action for every delegate in the list. You can change the > publicDelegates attribute and the only thing that will happen is Outlook > will erroneously display those users in the Tools -> Options -> Delegates > tab, but no real permissions are actually granted." > > From the info above, I don't know which libraries and API technologies to > use, to actually achieve the adding of a new public delegate. > > Any help appreciated. > > (I don't need detailed help with constructing ACEs, DACLs etc, just the > high level overview). > > -- > Gerry Hickman > London (UK) Hi Ed,
Can you describe the steps required and library dependencies? I'm already familiar with CDO and working with ACLs and ACEs. Or perhaps you have a link to a relevant web page? Ed Crowley [MVP] wrote: Show quoteHide quote > You're looking at doing this through CDO, and there's too much to it to > go over here. You'll need to learn how to use the directory features, > work with ACLs and ACEs, and apply properties. It's pretty complicated, > but the information you need should be online--that's how I learned it. -- Gerry Hickman (London UK) Sorry, I don't have the time to compose that. It'd take hours just for me
to put it together and remember myself. -- Show quoteHide quoteEd Crowley MVP "There are seldom good technological solutions to behavioral problems." .. "Gerry Hickman" <gerry666uk2@newsgroup.nospam> wrote in message news:OXe4SBY2JHA.4880@TK2MSFTNGP03.phx.gbl... > Hi Ed, > > Can you describe the steps required and library dependencies? I'm already > familiar with CDO and working with ACLs and ACEs. > > Or perhaps you have a link to a relevant web page? > > Ed Crowley [MVP] wrote: >> You're looking at doing this through CDO, and there's too much to it to >> go over here. You'll need to learn how to use the directory features, >> work with ACLs and ACEs, and apply properties. It's pretty complicated, >> but the information you need should be online--that's how I learned it. > > > -- > Gerry Hickman (London UK)
http://msdn.microsoft.com/en-us/library/cc425488.aspx the exchange protocol
documents has all the detailed information about adding delegates . Reproducing the Outlook delegate functionality programatically with CDO is pretty hard adding permission to folders is pretty easy using something like ACL.dll from cdo 1.2. eg http://support.microsoft.com/kb/240911 Cheers Glen Show quoteHide quote "Gerry Hickman" <gerry666uk2@newsgroup.nospam> wrote in message news:OXe4SBY2JHA.4880@TK2MSFTNGP03.phx.gbl... > Hi Ed, > > Can you describe the steps required and library dependencies? I'm already > familiar with CDO and working with ACLs and ACEs. > > Or perhaps you have a link to a relevant web page? > > Ed Crowley [MVP] wrote: >> You're looking at doing this through CDO, and there's too much to it to >> go over here. You'll need to learn how to use the directory features, >> work with ACLs and ACEs, and apply properties. It's pretty complicated, >> but the information you need should be online--that's how I learned it. > > > -- > Gerry Hickman (London UK) Hello Glen,
> http://msdn.microsoft.com/en-us/library/cc425488.aspx the exchange protocol Thanks. This is much more helpful than the previous posts. It does raise > documents has all the detailed information about adding delegates . some other questions; I'm having trouble finding any reference within the document to the version of Exchange to which is applies (?), and I'm also having trouble finding the CDO classes, interfaces, methods that would be used to work with the delegates. It appears there is a cmdlet for this in 2007 although I have only seen it working with one mailbox and one user on the local server, so not sure how well it would work with thousands of users on multiple servers from a remote client... -- Gerry Hickman (London UK) That document refers to 2000,2003 and 2007
>I'm having trouble finding any reference within the document to the version There are no interfaces for delegates in that API (also dont confuse the CDO >of Exchange to which is applies (?), and I'm also having trouble finding >the CDO classes, interfaces, methods that would be used to work with the >delegates. 1.2 with CDOEX or CDOSYS) the first API to had any support for delegates that I know of is Exchange Web Services and this will only work on 2007 (I think the Outlook 2007 OOM has as well but its not obvious to me where this it is). If you want to duplicate this functionality of Outlook your pretty much need to come up with you own solution that uses Mapi (CDO 1.2,ExMapi(c++),Redemption,OOM) and the protocol document i referred to before. Also have a read of http://calendarservermigration.blogspot.com/2008/09/just-where-heck-is-all-this-delegate.html which has a lot of good information and links to other reverse engineered solutions. If you just want to set permissions on folders then another easy method is pfdavadmin and setacl Cheers Glen Show quoteHide quote "Gerry Hickman" <gerry666uk2@newsgroup.nospam> wrote in message news:eKBQTkm2JHA.3780@TK2MSFTNGP04.phx.gbl... > Hello Glen, > >> http://msdn.microsoft.com/en-us/library/cc425488.aspx the exchange >> protocol documents has all the detailed information about adding >> delegates . > > Thanks. This is much more helpful than the previous posts. It does raise > some other questions; I'm having trouble finding any reference within the > document to the version of Exchange to which is applies (?), and I'm also > having trouble finding the CDO classes, interfaces, methods that would be > used to work with the delegates. > > It appears there is a cmdlet for this in 2007 although I have only seen it > working with one mailbox and one user on the local server, so not sure how > well it would work with thousands of users on multiple servers from a > remote client... > > -- > Gerry Hickman (London UK) Hi Glen,
> That document refers to 2000,2003 and 2007 OK.> There are no interfaces for delegates in that API (also dont confuse the CDO I only mentioned CDO because that was Ed Crowley's original suggestion, > 1.2 with CDOEX or CDOSYS) he said "You're looking at doing this through CDO" > the first API to had any support for delegates OK, I thought people would have been working with delegates for years > that I know of is Exchange Web Services and this will only work on 2007 (5.5, 2000, 2003). > (I OK, I should emphasize that I don't really want to duplicate the Outlook > think the Outlook 2007 OOM has as well but its not obvious to me where this > it is). If you want to duplicate this functionality of Outlook your pretty > much need to come up with you own solution that uses Mapi (CDO > 1.2,ExMapi(c++),Redemption,OOM) and the protocol document i referred to > before. functionality, what I really want is the "Send on behalf of" list that you get when clicking the "Delivery Options" button from the "Exchange General" tab of the the Exch 2003 ADUC snap-in. The reason I want this, is because we get a lot of requests for resource mailboxes, where multiple people can read and send mail BUT they refuse to be owners and manage the delegate list, they instead insist we set everything up for them. Setting the folder permissions is easy because we can use security groups, but you can't use groups for the "send on behalf of" delegates. > Also have a read of I had a look, it starts talking about the NON_IPM_SUBTREE again, but I > http://calendarservermigration.blogspot.com/2008/09/just-where-heck-is-all-this-delegate.html > which has a lot of good information and links to other reverse engineered > solutions. don't see any instructions on how to access this tree from Exch 2003. I tried to look at the "reverse engineering", but it just takes me to a Novell page:( Thanks for all your help with this, it's very interesting. -- Gerry Hickman (London UK) You can use CDO to do folder permissions, which is what I thought you were
referring to by delegates. -- Show quoteHide quoteEd Crowley MVP "There are seldom good technological solutions to behavioral problems." .. "Gerry Hickman" <gerry666uk2@newsgroup.nospam> wrote in message news:OJQrQ5x2JHA.4880@TK2MSFTNGP03.phx.gbl... > Hi Glen, > >> That document refers to 2000,2003 and 2007 > > OK. > >> There are no interfaces for delegates in that API (also dont confuse the >> CDO 1.2 with CDOEX or CDOSYS) > > I only mentioned CDO because that was Ed Crowley's original suggestion, he > said "You're looking at doing this through CDO" > > > the first API to had any support for delegates >> that I know of is Exchange Web Services and this will only work on 2007 > > OK, I thought people would have been working with delegates for years > (5.5, 2000, 2003). > > > (I >> think the Outlook 2007 OOM has as well but its not obvious to me where >> this it is). If you want to duplicate this functionality of Outlook your >> pretty much need to come up with you own solution that uses Mapi (CDO >> 1.2,ExMapi(c++),Redemption,OOM) and the protocol document i referred to >> before. > > OK, I should emphasize that I don't really want to duplicate the Outlook > functionality, what I really want is the "Send on behalf of" list that you > get when clicking the "Delivery Options" button from the "Exchange > General" tab of the the Exch 2003 ADUC snap-in. > > The reason I want this, is because we get a lot of requests for resource > mailboxes, where multiple people can read and send mail BUT they refuse to > be owners and manage the delegate list, they instead insist we set > everything up for them. Setting the folder permissions is easy because we > can use security groups, but you can't use groups for the "send on behalf > of" delegates. > > > Also have a read of >> http://calendarservermigration.blogspot.com/2008/09/just-where-heck-is-all-this-delegate.html >> which has a lot of good information and links to other reverse engineered >> solutions. > > I had a look, it starts talking about the NON_IPM_SUBTREE again, but I > don't see any instructions on how to access this tree from Exch 2003. I > tried to look at the "reverse engineering", but it just takes me to a > Novell page:( > > Thanks for all your help with this, it's very interesting. > > -- > Gerry Hickman (London UK) Okay well you might want to try CDOEXM
http://msdn.microsoft.com/en-us/library/aa487560(EXCHG.65).aspx and http://technet.microsoft.com/en-us/library/cc750307.aspx Cheers Glen Show quoteHide quote "Gerry Hickman" <gerry666uk2@newsgroup.nospam> wrote in message news:OJQrQ5x2JHA.4880@TK2MSFTNGP03.phx.gbl... > Hi Glen, > >> That document refers to 2000,2003 and 2007 > > OK. > >> There are no interfaces for delegates in that API (also dont confuse the >> CDO 1.2 with CDOEX or CDOSYS) > > I only mentioned CDO because that was Ed Crowley's original suggestion, he > said "You're looking at doing this through CDO" > > > the first API to had any support for delegates >> that I know of is Exchange Web Services and this will only work on 2007 > > OK, I thought people would have been working with delegates for years > (5.5, 2000, 2003). > > > (I >> think the Outlook 2007 OOM has as well but its not obvious to me where >> this it is). If you want to duplicate this functionality of Outlook your >> pretty much need to come up with you own solution that uses Mapi (CDO >> 1.2,ExMapi(c++),Redemption,OOM) and the protocol document i referred to >> before. > > OK, I should emphasize that I don't really want to duplicate the Outlook > functionality, what I really want is the "Send on behalf of" list that you > get when clicking the "Delivery Options" button from the "Exchange > General" tab of the the Exch 2003 ADUC snap-in. > > The reason I want this, is because we get a lot of requests for resource > mailboxes, where multiple people can read and send mail BUT they refuse to > be owners and manage the delegate list, they instead insist we set > everything up for them. Setting the folder permissions is easy because we > can use security groups, but you can't use groups for the "send on behalf > of" delegates. > > > Also have a read of >> http://calendarservermigration.blogspot.com/2008/09/just-where-heck-is-all-this-delegate.html >> which has a lot of good information and links to other reverse engineered >> solutions. > > I had a look, it starts talking about the NON_IPM_SUBTREE again, but I > don't see any instructions on how to access this tree from Exch 2003. I > tried to look at the "reverse engineering", but it just takes me to a > Novell page:( > > Thanks for all your help with this, it's very interesting. > > -- > Gerry Hickman (London UK) Gerry,
Don't know how far you have gotten on this, but I am required to provide a similar solution. First off - get Redemption - it is .NET friendly and provides a developemnt environment that lessens the CDO learning curve. Check out http://www.dimastr.com. I started using it after reporting a .NET & CDO issue and got the .NET is not supported with CDO speech. In my situation I have to get all of the current delegates and the permissioning first. I used Redemption to log on to the mailbox, get all of the folder permissions, a list of the current rules, and the delegates (a Redemption feature). That is where I am at right now. Be advised, there is an RPC leak or some other evil thing in the rules APIs. Using either ACL.DLL or Redemption on multiple mailboxes in series, I have had the process quit functioning after 100+ mailboxes. This was doing a mass discoveries of rules. Good luck bill tokar ps - Ed Crowley - good to see you out there.  
Other interesting topics
Create Mailbox
MapiExceptionLowLevelInitializationFailure in C# with powershell Mailbox Movement Code webdav repeating appointments Stand alone MAPI? Exchange 2007, obtaining mailbox list without cmdlets? SMTP Transport event not working for C++ mailbox size (EWS) how to send an email without email address WEBDAV connect with Exchange2007 |
|||||||||||||||||||||||
