I'm creating an app that needs to get the permissions for each MailBox, and I can't seem to get it to work. I've noticed in the VS Object Browser that the Permissions property is on the Folder class.
So I'm guessing I need to get the MailBox object and then get the root/default folder so I can get the Permissions.
This is what I've done so far, but when it calls Folder rootfolder = Folder.Bind(service, sharedMailboxRootFolderId); I get the following exception:
"The Client Access Server version does not match the accessed
resource's Mailbox Server version."
ExchangeService service = new ExchangeService(ExchangeVersion.Exchange2007_SP1);
string exchangeServerWebServicesUrl = "https://example.com/EWS/Exchange.asmx";
service.Url = new Uri(exchangeServerWebServicesUrl);
string username = "*********************";
string password = "*********************";
service.UseDefaultCredentials = false;
service.Credentials = new WebCredentials(username, password);
Mailbox sharedMailbox = new Mailbox("shared#example.com");
FolderId sharedMailboxRootFolderId = new FolderId(WellKnownFolderName.Root, sharedMailbox);
Folder rootfolder = Folder.Bind(service, sharedMailboxRootFolderId);
var permissions = rootfolder.Permissions;
I've tried passing in different ExchangeVersion enum values, but they don't work either. But passing ExchangeVersion.Exchange2007_SP1 does work when I try and get the Public Folders root folder.
Folder rootfolder = Folder.Bind(service, WellKnownFolderName.PublicFoldersRoot);
So the question is how can I get a MailBoxes permissions using EWS?
I've just found the Find out which users have Full Access on a mailbox post that says
You can't using EWS (or any of the Exchange Mailbox API's) you can
only access the Folder level DACL's what you need to read is the
Mailbox DACL which can only be either accessed via the Exchange
Management Shell (Get-MailboxPermissions) or via reading the
msexchmailboxsecuritydescriptor from Active Directory.
So it looks like it's not possible to get the MailBox permissions using EWS.
Shame.
Related
With this code, I am able to get the files that have been shared to the service account email.
But, when I shared the folder (that was not owned by me, but is publicly accessible) from a different email it is not displayed in the list.
Is there any way an authenticated user can access the drive folder that is publicly accessible, but which I won't own?
var serviceAccountEmail = "";
var certificate = new X509Certificate2(_credentialsService.GetCredentialPath(), "notasecret", X509KeyStorageFlags.Exportable);
ServiceAccountCredential credential = new ServiceAccountCredential(
new ServiceAccountCredential.Initializer(serviceAccountEmail)
{
Scopes = new[] { DriveService.Scope.Drive }
}.FromCertificate(certificate));
var service = new DriveService(new BaseClientService.Initializer
{
HttpClientInitializer = credential
});
Getting Drive Details
Google.Apis.Drive.v3.FilesResource.ListRequest FileListRequest = service.Files.List();
// for getting folders only.
//FileListRequest.Q = "mimeType='application/vnd.google-apps.folder'";
FileListRequest.Fields = "nextPageToken, files(id, name)";
FileListRequest.Corpora = "allDrives";
FileListRequest.Q = "sharedWithMe";
FileListRequest.IncludeItemsFromAllDrives = true;
FileListRequest.SupportsAllDrives = true;
// List files.
IList<Google.Apis.Drive.v3.Data.File> files = FileListRequest.Execute().Files;
List<GoogleDriveFile> FileList = new List<GoogleDriveFile>();
Sharing Process:
I shared the file to the service account email, from my personal google email.
And See it is still not available, the image that I owned only is shared. Which is my problem.
Sending the link of a publicly viewable file is not the same as sharing the file
Your screen looks like this:
This means that you have view-only access to the file
If you had edit access to the file, the screen would look as following:
Thus, since you are not an editor of the public file, you cannot add another viewer / editor to this file and consecuently it will not appear in the sharedWithMe of the user to whom you sent the email - no matter if this user is an actual suer or a service account
Solution:
If you need to explicitly share the file with the service account, your options are
to obtain edit access to the public file (if feasible)
create a copy of the respective file onto your own Drive (if copying is not disabled) and share your version explicitly with the service account
I have a problem: I need to connect from a remote server to Active Directory, but the code has to be using the LdapConnection class. I need this because that way I can only test change notifiers when some event happen (such as user is deactivated or he changed group, data etc). OS on the remote server is Windows Server 2012.
I managed to do this from local using DirectoryServices with the following code:
String ldapPath = "LDAP://XRMSERVER02.a24xrmdomain.info";
directoryEntry = new DirectoryEntry(ldapPath, #"A24XRMDOMAIN\username", "pass");
//// Search AD to see if the user already exists.
DirectorySearcher search = new DirectorySearcher(directoryEntry);
search.Filter = "(&(objectClass=user))";
SearchResult result = search.FindOne();
This is okay and connection works but now I need to connect using the LdapConnection class.
I tried something like this on many ways but none of that helped me:
LdapConnection connection = new LdapConnection(XRMSERVER02.a24xrmdomain.info);
var credentials = new NetworkCredential(#"A24XRMDOMAIN\username", "pass");
connection.Credential = credentials;
connection.Bind();
It says that credentials are invalid but that is not true.
Explanations:
XRMSERVER02 - Domain controller
a24xrmdomain.info - Domain
A24XRMDOMAIN - Domain used for logging
Thanks for your help.
Even though I solved my problem I want to share with other developers what I achieved so far. Problem that I encountered was that I had remote server with OS Windows server 2012 and Active directory on it. I needed to connect on him via my local machine(Windows 10).
As I stated in my question it is possible to do that via DirectoryServices with the following code:
String ldapPath = "LDAP://(DomainController).a24xrmdomain.info";
directoryEntry = new DirectoryEntry(ldapPath, #"DOMAIN\username","pass");
//// Test search on AD to see if connection works.
DirectorySearcher search = new DirectorySearcher(directoryEntry);
search.Filter = "(&(objectClass=user))";
SearchResult result = search.FindOne();
This is one of the solutions, but since my task was to get notification and to identify when ever some object has changed in Active Directory, I needed connection to Active Directory on Remote server via LDAP class. Code for getting notifiers is taken from:
- Registering change notification with Active Directory using C#
I succeeded to connect with LDAP class via next code:
String ldapPath2 = "(DomainController).a24xrmdomain.info";
LdapConnection connection = new LdapConnection(ldapPath2);
var credentials = new NetworkCredential(#"username", "pass");
connection.Credential = credentials;
connection.Bind();
Want to mention that no IP address of remote server is needed, just Domain Controller that is used on him, and that Domain used for logging is unnecessary.
Happy coding
Try using NetworkCredential constructor with 3 parameters: username, password and domain. Specify domain separately from user name
I am analyzing a users Exchange mailbox with calls to the ExchangeService. This tool needs to run on the client environment periodically and by ommiting the credentials to the service I am connecting to the Exchange Service as the logged in Windows User. I can succesfully loop thrue the folders and items.
Now I want tot retrieve the information about the mailbox being used. Username and (main) E-mail should suffice. But I cannot find anything about how to retrieve this information. Every example provides credentails for the user, or auto-discovering the Exchange service from the e-mail adres. I do not want the user to configure anything :-).
Any suggestions?
ExchangeService service = new ExchangeService(ExchangeVersion.Exchange2007_SP1);
service.Url = new Uri("https://FQDN/EWS/Exchange.asmx");
???
FindItemsResults<Item> findResults = service.FindItems(WellKnownFolderName.SentItems, new ItemView(100)); // this works
I've tried using service.ResolveName, but that can give multiple answers, even using Environment.UserName
The easiest method to do this is to use ConvertId operation and use unresolvable address (blah#blah.com always works for me) in the Mailbox element. Exchange should convert this to the actual Mailbox in the response. eg
Folder chk = Folder.Bind(service, WellKnownFolderName.Inbox);
AlternateId aiItem = new AlternateId();
aiItem.Mailbox = "Blah#Blah.com";
aiItem.UniqueId = chk.Id.UniqueId;
aiItem.Format = IdFormat.EwsId;
String CasServer = service.Url.Host.ToString();
AlternateIdBase caid = service.ConvertId(aiItem, IdFormat.HexEntryId);
Console.WriteLine(((AlternateId)caid).Mailbox);
Cheers
Glen
This Microsoft page indicates that by setting the UseDefaultCredentials property to true, no login name and password are required to communicate with the Exchange server. However, that is not my experience.
My code creates an instance of ExchangeService called service:
ExchangeService service = new ExchangeService(ExchangeVersion.Exchange2010);
If I manually set the credentials as follows, everything works just fine:
service.Credentials = new WebCredentials("my#email.address", "my password");
However, if I remove that line and replace it with the following, my code doesn't work:
service.UseDefaultCredentials = true;
I have searched and searched for solutions but I'm not finding anything concrete. If someone here could please help me I would be very grateful.
EDIT:
I tried to use my own credentials instead of the Default Credentials.
string smtpaddress = "somesharedsmtp#domain.com";
es.Url = new Uri("https://outlook.office365.com/EWS/Exchange.asmx");
es.Credentials = new WebCredentials("myemail", "mypassword");
es.AutodiscoverUrl(smtpaddress, RedirectionCallback);
FolderId SharedMailbox = new FolderId(WellKnownFolderName.Inbox, "somesharedsmtp#domain.com");
Folder sharedInbox = Folder.Bind(es, SharedMailbox);
At this point I can check sharedInbox containing the details of the Inbox. I can see the unread email count and others.
But when I access
ItemView itemView = new ItemView(100);
FindItemsResults<Item> findResults1 = es.FindItems(pqInbox.Id, itemView);
I get exception "SMTP address has no mailbox associated with it"
my experience in that case is, that if you set service.UseDefaultCredentials = true your Login of your pc will be taken. Which works perfect if your in the same ActiveDirectory structure as the exchangeserver is. If your trying to connect to the exchange server from outside of the ADS you will have to set the credentials manually.
I'm using the defaultcredentials for my tools when I'm at work. If I connect from at home I have to set the credentials.
Hope that helps you...
From MSDN documentation, UseDefaultCredentials is ignored in Exchange Online. You must specify credentials for Exchange Online.
http://msdn.microsoft.com/en-us/library/office/microsoft.exchange.webservices.data.exchangeservicebase.usedefaultcredentials(v=exchg.80).aspx
How do I access group folders / shared folders from EWS (ExchangeService) - I can access my own folders - no problem - but I cannot see Mailboxes I have access to such as Team Mailboxes or group mailboxes.
I Can get my own folders this way:
ExchangeService _service = new ExchangeService();
_service.Credentials = new NetworkCredential("MY Username", "My Password");
_service.AutodiscoverUrl("My Email Address",delegate(string x) { return true; });
FolderView view = new FolderView(int.MaxValue);
view.Traversal = FolderTraversal.Shallow;
FindFoldersResults findFolderResults = service.FindFolders(id, view);
The above will only give my OWN stuff. Question is how do I get the rest of the Mailboxes that I have access to, and can see from within Outlook ?
If you know the mailbox name then DistinguishedFolderIdType.Mailbox may be what you're looking for. See this SO post regarding using delegates in EWS.
Here is an example of accessing a shared Exchange Mailbox via FolderId and Mailbox.