After connecting to Exchange on a different domain using:
rdoSession = RedemptionLoader.new_RDOSession();
rdoSession.LogonHostedExchangeMailbox(Settings.Default.ExchangeServer, Settings.Default.ExchangeUserName, Settings.Default.ExchangePassword);
I want to get the default inbox folder:
RDOFolder folder = rdoSession.GetDefaultFolder(rdoDefaultFolders.olFolderInbox);
But I get this error:
System.Runtime.InteropServices.COMException (0x80040111): Error in IMAPISession::OpenMsgStore: MAPI_E_LOGON_FAILED
Make sure your code runs under the Windows user identity that has MAPI profiles.
When running in a service (including ASP under IIS), set your code to run under the Windows user account that has MAPI profiles.
When connecting to an Exchange Server, you can also use RDOSession.LogonExchangeMailbox which does not require an existing profile.
ulVersion: 0
Error: The information store could not be opened.
Component: MAPI 1.0
ulLowLevelError: 0
ulContext: 646
How can i read mails from exchange on different domain?
Thanks!
Sarah,
Consider using EWS instead. You can use Exchange Web Services (EWS) and other web services in Exchange Online, Exchange Online as part of Office 365, or Exchange on-premises to create solutions that enable your users to access Exchange mailbox data from services, websites, desktop computers, and mobile devices. See EWS Managed API, EWS, and web services in Exchange for more information.
Related
How do third party mailapps like samsung email and many others get access to exchange data without being registred as a application in the azure ad?
Every guide about exchange authentification (OAuth) i found online had the requirement to register your application in the azure active directory before it can be used to read mails etc. But if that's the case, how do widespreaded mailapps like samsung deal with this problem? They are never listed as an registerted application, yet they have full access on your mails, calendar etc. In real-time too.
I try to solve this with an app that is written in c# using the .net framework. I dont know if that is already a problem in that regard.
How do third party mailapps like samsung email and many others get
access to exchange data without being registered as a application in
the azure ad?
Samsung have their own Azure Application registration that must be consented to its generally done once by the tenant admin.
There is a good reason for the consent framework to allow both control of what applications can access data but also to allow for the correct auditing of the access. If you want to know what App registration a particular mail client is using just look at the Azure Signin logs. Another recent case was around this Apple's mail app see https://practical365.com/microsoft-auto-update-apple-mail-app-profiles/
I want to have a windows service that can received unread mail from my O365 account every 3 minutes and have different action depends on Mail subject. I choose EWS managed API instead of Graph is because maybe I would use this program on Exchange Server in the future. I'm following this tutorial Authenticate an EWS application by using OAuth and I have some question about permission control, in this case I use Application permissions which run without a signed-in user present. for example, apps that run as background services or daemons and can access multiple mailboxes.
Now I can access my mailbox with the applicationID, tennatID and Client-secret. But I have to inpersonate someone within my tennat(domain) and than I can send mail by the Mail Account. My question is Is it have any permission control can set that this application only can access or inpersonate part of tennat user rather than all user within my tennat? (in Azure AD Api permission setting I only seen full_access_as_app - Allows the app to have full access via Exchange Web Services to all mailboxes without a signed-in user.) I think its not make sense if this application have permission that can impersonate ALL user of my organization, that would be a big deal if this application client-secret exposes.
Sorry for my poor English.
You can use Application access policies to scope your application so it only has access the mailboxes it needs. see https://learn.microsoft.com/en-gb/graph/auth-limit-mailbox-access.
I'm working on a C# application that would access current user's mailbox in office 365, but cannot go past authentication phase.
I was using this example https://msdn.microsoft.com/en-us/library/office/dn567668(v=exchg.150).aspx
ExchangeService service = new ExchangeService(ExchangeVersion.Exchange2013_SP1);
service.UseDefaultCredentials = false;
//Specify login which works when connecting to Office 365 web UI
service.Credentials = new WebCredentials("office_365_login#domain", "password");
//would fail here with 401 unauthorised
service.AutodiscoverUrl("email_address", RedirectionUrlValidationCallback);
//As an alternative to autodiscover, I've tried to specify endpoint explicitly
service.Url = new Uri("https://outlook.office365.com/EWS/Exchange.asmx")
EmailMessage email = new EmailMessage(service);
...//Set email info
//Would fail with 401 unauthorised
email.Send();
Such code works just fine when connecting local Exchange mailboxes, but doesn't work with office 365 for some reason. I've tried using solution provided here, same result: Connection to Office 365 by EWS API
Infrastructure description:
Our company uses hybrid Exchange setup: some mailboxes are located on local Exchange servers, some have been migrated to Office 365. We have also Microsoft ADFS server installed, used for office 365 authentication.
When I open OWA URL in browser, I'm being first redirected to our ADFS server, if I'm using domain account, I'm being transparentry redirected to https://outlook.office.com/owa/ otherwise I'm being asked for credentials on our ADFS server.
Question:
Is it possible to connect Office 365 mailbox by specifying credentials explicitly, like in the code example? Or should I get token from our ADFS server and use it to connect to Office 365? I haven't found C# examples on the latter one.
Goals, I'm trying to achieve:
Perfect scenario. If user runs the app using domain account,
application should be able to access his mailbox without specifying
credentials explicitly
Acceptable scenario. User has to set credentials explicitly in order
for application to access mailbox
In case you are trying to use EWS API for connecting to Office 365 mailbox, have a look to this:
You cannot use basic authentication (username and password) in your EWS application to connect to Office/Microsoft 365 now. Microsoft no longer supports basic authentication in EWS for Exchange Online. You are advised to use OAuth2.0 to get a token and use the same in your EWS client to connect to Office 365.
For this you will have to register your application in Azure AD to use client credential flow. I did a POC on this using console application.
Here's the link to GitHub repository for source code and documentation.
I want to get an access to Calendar rest API. I've created azure multi-tenant app, and configured it.
I'm trying to get an access token to resource "https://outlook.office365.com/", but I get an error
'AADSTS50001: Resource 'https://outlook.office365.com/' is disabled.'
Note: I couldn't find "Office 365 Exchange Online" inside "Permissions to other applications" section inside azure account.
Your help please.
You won't see Exchange in your Azure account unless you have an Office 365 subscription that includes Exchange. It sounds like you're registering in https://manage.windowsazure.com? You might want to try registering your app in https://apps.dev.microsoft.com and using the v2 Azure auth flow. Big benefit is you can register apps with just a Microsoft account (like outlook.com, etc) See https://dev.outlook.com/RestGettingStarted for walkthroughs.
We have a web application that use forms authentication against Active Directory. In the same domain we also have an Exchange server 2010, soon to be 2013.
My question is, I would like to use the Exchange server to send outgoing emails from the user account using Exchange Web Services(EWS). Is it possible to reuse the user authentication that is already done on the form to connecto the the EWS?
We are using c#
I haven't tried this myself, but it's covered here: Accessing internal Exchange web services from an external application through ISA server using forms-based authentication.