"Eric1776" <egregor***@gmail.com> wrote in message
news:1172067598.626611.236330@h3g2000cwc.googlegroups.com...
> I am trying to display a summary of calendar events and tasks for
each
> user on our intranet homepage. This is pulling from the exchange
> server using WebDAV and is writting in ASP.NET C#. I am passing the
> DefaultCredentials and the logged in user only sees their own
> information.
>
> It seems to be working well, except that I am having a permissions
> problem on the folder level. For example, I was getting a 401 error
> until I went into Outlook, right-clicked on my calendar folder and
> changed the default permissions from None to "Reviewer". After doing
> this everything works fine.
>
>
> I have no idea how Exchange works. Does something need to be done
> globally from Exchange for this to work? Does this open the folder
up
> for other people to access it? Am I going about this the wrong way?
>
> I talked to our Exchange admin about creating a master account that
> had read access to all mailboxes but we thought it would be a huge
> security violation.
>
> Any suggestions are appreciated!

> "Eric1776" <egregor***@gmail.com> wrote in message
>
> news:1172067598.626611.236330@h3g2000cwc.googlegroups.com...
>
>
>
>
>
> > I am trying to display a summary of calendar events and tasks for
> each
> > user on our intranet homepage. This is pulling from the exchange
> > server using WebDAV and is writting in ASP.NET C#. I am passing the
> > DefaultCredentials and the logged in user only sees their own
> > information.
>
> > It seems to be working well, except that I am having a permissions
> > problem on the folder level. For example, I was getting a 401 error
> > until I went into Outlook, right-clicked on my calendar folder and
> > changed the default permissions from None to "Reviewer". After doing
> > this everything works fine.
>
> > I have no idea how Exchange works. Does something need to be done
> > globally from Exchange for this to work? Does this open the folder
> up
> > for other people to access it? Am I going about this the wrong way?
>
> > I talked to our Exchange admin about creating a master account that
> > had read access to all mailboxes but we thought it would be a huge
> > security violation.
>
> > Any suggestions are appreciated!
>
> Exchange has a set of permissions just like NTFS does, and it doesn't
> matter what application you use, you can't access a resource if you
> don't have the right permissions.  By default, you don't have
> permission to open another user's folder.  This means that the
> logged-on user that your web app is impersonating can only access
> their own mailbox.  You will either have to give yourself full
> permission across the mailbox store, or create a separate account with
> those permissions (maybe you have a service account already created?).
> If this is meant to allow any user to see other users' calendars, then
> each user will need to give everyone access to their own calendars.
>
> Lee.
>
> --
> _______________________________________
>
> Outlook Web Access For PDA , OWA For WAPwww.owapda.com
> email a@t leederbyshire d.0.t c.0.m
> _______________________________________- Hide quoted text -
>
> - Show quoted text -

"Eric1776" <egregor***@gmail.com> wrote in message
news:1172071770.981406.17550@k78g2000cwa.googlegroups.com...
> It is setup so that each user that is authenticated with the
intranet
> sends their own credentials to the exchange store. So in theory,
they
> should each be able to access their own mailbox. But this doesn't
seem
> to be the case. If I log in as myself, I had to set the permissions
> for the folder to reviewer before I could access it.  If I logged in
> another account I would have to do the same thing.
>
>
> Thanks for your response.

> "Eric1776" <egregor***@gmail.com> wrote in message
>
> news:1172071770.981406.17550@k78g2000cwa.googlegroups.com...
>
> > It is setup so that each user that is authenticated with the
> intranet
> > sends their own credentials to the exchange store. So in theory,
> they
> > should each be able to access their own mailbox. But this doesn't
> seem
> > to be the case. If I log in as myself, I had to set the permissions
> > for the folder to reviewer before I could access it.  If I logged in
> > another account I would have to do the same thing.
>
> > Thanks for your response.
>
> So they are only accessing their own Calendars?  There should be no
> problem with that at all.  If it works when you set the default
> permission to reviewer, then maybe the permissions aren't being used
> in the way that you think they are.  I assume that you have the page
> protected by some kind of authentication?  If so, then if the
> mailboxes are on a different server, then there are only certain
> combinations of authentication that work, such as Basic on local IIS
> server with Integrated + Basic on the remote server.

On Feb 21, 12:28 pm, "Eric1776" <egregor***@gmail.com> wrote:
> Yes, each user is accessing only their own calendar. I'm using Basic,
> but NTLM seems to work too.
>
>                 MyCredentials.Add(new Uri(strRootURI), "Basic",
> (NetworkCredential)CredentialCache.DefaultCredentials);
>
> I am not certain how the authentication is setup on the Exchange
> server or how it supposed to be setup.
>
> I don't have any problems getting across the servers. I can log in as
> any user and it hits the exchange server just fine and pulls that
> users events and tasks, but it gives me that 401 error until I go and
> change the folder permissions on the calendar folder and tasks folder
> in Outlook.
>
> I appreciate your help!
>
> On Feb 21, 11:42 am, "Lee Derbyshire [MVP]" <email a@t leederbyshire d.
>
>
>
> 0.t c.0.m> wrote:
> > "Eric1776" <egregor***@gmail.com> wrote in message
>
> >news:1172071770.981406.17550@k78g2000cwa.googlegroups.com...
>
> > > It is setup so that each user that is authenticated with the
> > intranet
> > > sends their own credentials to the exchange store. So in theory,
> > they
> > > should each be able to access their own mailbox. But this doesn't
> > seem
> > > to be the case. If I log in as myself, I had to set the permissions
> > > for the folder to reviewer before I could access it.  If I logged in
> > > another account I would have to do the same thing.
>
> > > Thanks for your response.
>
> > So they are only accessing their own Calendars?  There should be no
> > problem with that at all.  If it works when you set the default
> > permission to reviewer, then maybe the permissions aren't being used
> > in the way that you think they are.  I assume that you have the page
> > protected by some kind of authentication?  If so, then if the
> > mailboxes are on a different server, then there are only certain
> > combinations of authentication that work, such as Basic on local IIS
> > server with Integrated + Basic on the remote server.- Hide quoted text -
>
> - Show quoted text -

On Feb 21, 12:28 pm, "Eric1776" <egregor***@gmail.com> wrote:
> Yes, each user is accessing only their own calendar. I'm using Basic,
> but NTLM seems to work too.
>
>                 MyCredentials.Add(new Uri(strRootURI), "Basic",
> (NetworkCredential)CredentialCache.DefaultCredentials);
>
> I am not certain how the authentication is setup on the Exchange
> server or how it supposed to be setup.
>
> I don't have any problems getting across the servers. I can log in as
> any user and it hits the exchange server just fine and pulls that
> users events and tasks, but it gives me that 401 error until I go and
> change the folder permissions on the calendar folder and tasks folder
> in Outlook.
>
> I appreciate your help!
>
> On Feb 21, 11:42 am, "Lee Derbyshire [MVP]" <email a@t leederbyshire d.
>
>
>
> 0.t c.0.m> wrote:
> > "Eric1776" <egregor***@gmail.com> wrote in message
>
> >news:1172071770.981406.17550@k78g2000cwa.googlegroups.com...
>
> > > It is setup so that each user that is authenticated with the
> > intranet
> > > sends their own credentials to the exchange store. So in theory,
> > they
> > > should each be able to access their own mailbox. But this doesn't
> > seem
> > > to be the case. If I log in as myself, I had to set the permissions
> > > for the folder to reviewer before I could access it.  If I logged in
> > > another account I would have to do the same thing.
>
> > > Thanks for your response.
>
> > So they are only accessing their own Calendars?  There should be no
> > problem with that at all.  If it works when you set the default
> > permission to reviewer, then maybe the permissions aren't being used
> > in the way that you think they are.  I assume that you have the page
> > protected by some kind of authentication?  If so, then if the
> > mailboxes are on a different server, then there are only certain
> > combinations of authentication that work, such as Basic on local IIS
> > server with Integrated + Basic on the remote server.- Hide quoted text -
>
> - Show quoted text -

"Eric1776" <egregor***@gmail.com> wrote in message
news:1173293870.087379.23840@p10g2000cwp.googlegroups.com...
> On Feb 21, 12:28 pm, "Eric1776" <egregor***@gmail.com> wrote:
> > Yes, each user is accessing only their own calendar. I'm using
Basic,
> > but NTLM seems to work too.
> >
> >                 MyCredentials.Add(new Uri(strRootURI), "Basic",
> > (NetworkCredential)CredentialCache.DefaultCredentials);
> >
> > I am not certain how the authentication is setup on the Exchange
> > server or how it supposed to be setup.
> >
> > I don't have any problems getting across the servers. I can log in
as
> > any user and it hits the exchange server just fine and pulls that
> > users events and tasks, but it gives me that 401 error until I go
and
> > change the folder permissions on the calendar folder and tasks
folder
> > in Outlook.
> >
> > I appreciate your help!
> >
> > On Feb 21, 11:42 am, "Lee Derbyshire [MVP]" <email a@t
leederbyshire d.
> >
> >
> >
> > 0.t c.0.m> wrote:
> > > "Eric1776" <egregor***@gmail.com> wrote in message
> >
> > >news:1172071770.981406.17550@k78g2000cwa.googlegroups.com...
> >
> > > > It is setup so that each user that is authenticated with the
> > > intranet
> > > > sends their own credentials to the exchange store. So in
theory,
> > > they
> > > > should each be able to access their own mailbox. But this
doesn't
> > > seem
> > > > to be the case. If I log in as myself, I had to set the
permissions
> > > > for the folder to reviewer before I could access it.  If I
logged in
> > > > another account I would have to do the same thing.
> >
> > > > Thanks for your response.
> >
> > > So they are only accessing their own Calendars?  There should be
no
> > > problem with that at all.  If it works when you set the default
> > > permission to reviewer, then maybe the permissions aren't being
used
> > > in the way that you think they are.  I assume that you have the
page
> > > protected by some kind of authentication?  If so, then if the
> > > mailboxes are on a different server, then there are only certain
> > > combinations of authentication that work, such as Basic on local
IIS
> > > server with Integrated + Basic on the remote server.- Hide
quoted text -
> >
> > - Show quoted text -
>
> Here is my query:
>
> // Build the SQL query.
>             strQuery = "<?xml version=\"1.0\"?>"
>                 + "<g:searchrequest xmlns:g=\"DAV:\">"
>                 + "\"DAV:href\", "
>                 + "<g:sql>SELECT \"urn:schemas:calendar:location\","
>                     + "\"urn:schemas:httpmail:subject\", "
>                     + "\"urn:schemas:calendar:dtstart\", "
>                     + "\"urn:schemas:calendar:dtend\", "
>                     + "\"urn:schemas:calendar:busystatus\", "
>                     + "\"urn:schemas:calendar:instancetype\", "
>                     + "\"urn:schemas:httpmail:textdescription\" "
>                 + "FROM Scope('SHALLOW TRAVERSAL OF \"" + strRootURI
+
> "\"') "
>                 + " WHERE NOT \"urn:schemas:calendar:instancetype\"
=
> 1 "
>                 + "AND \"DAV:contentclass\" = 'urn:content-
> classes:appointment' "
>                 + "AND (\"urn:schemas:calendar:dtstart\" &gt; '" +
> startDate + "') "
>                 + "AND (\"urn:schemas:calendar:dtend\" &lt; '" +
> endDate + "') "
>                 + "ORDER BY \"urn:schemas:calendar:dtstart\" ASC"
>                 + "</g:sql></g:searchrequest>";
>
>
> Here is a part of the code. I have followed the example provided
here
> http://msdn2.microsoft.com/en-us/library/aa123570.aspx
>
>
> // Create the HttpWebRequest object.
>                 Request =
> (HttpWebRequest)HttpWebRequest.Create(strRootURI);
>
>                 // Add the network credentials to the request.
>                 MyCredentials = new CredentialCache();
>                 MyCredentials.Add(new Uri(strRootURI), "Negotiate",
> (NetworkCredential)CredentialCache.DefaultCredentials);
>                 Request.Credentials = MyCredentials;
>
>                 // Specify the method.
>                 Request.Method = "SEARCH";
>
> I'm still not understanding why the authentication is not being
passed
> through.