I am using the RDOSession.LogonExchangeMailbox method from the Outlook Redemption library to log into a specific mailbox on exchange server that the current user has access to but that does not necessarily belong to the current user.
If the current user has access to multiple mailboxes, does this method guarantee that only the specified mailbox will be included in RDOSession.Stores? Or is there a chance that other mailboxes (that the user has access to, or even the mailbox for the user himself) will be populated as stores inside RDOSession.Stores?
In summary, can I guarantee that RDOSession.Stores[1] will always point to the mailbox specified in the LogonExchangeMailbox method?
LogonExchangeMailbox (Exchange 2010 or older) always creates a temporary profile that points to the specified mailbox. It is not however guaranteed that RDOSession.Stores[1] will point to the primary mailbox - you can also have a PF store in the profile and the order is undetermined. Use RDOSession.Stores.DefaultStore instead.
Related
Using Exchange 2016 on premises, I'm trying to logon to another users mailbox from my admin account using the RDOSession.LogonExchangeMailbox method. The admin account has impersonation access to all other mailboxes so should have rights to do this. After running the logon method the RDOSession object shows ExchangeConnectionMode as olCachedConnectedFull, but the RDOSession.CurrentUser.name shows as UNKNOWN. If I try to access the inbox using GetDefaultFolder I get a MAPI_E_LOGON_FAILED message. Can you suggest what I might be doing wrong, or haven't done to allow this ?
LogonExchangeMailbox always uses the identity of the current user to connect to the mailbox in the RPC mode (no longer supported by Exchange 2016). To open another mailbox, you can call RDOSession.GetSharedMailBox / GetSharedMailBoxEx.
You can also use LogonHostedExchangeMailbox - it takes explicit credentials instead of connecting as the current local user.
Reviewing this, but not clear. Not looking to do this for just my user and can run with elevated application rights with access to all calendars.
https://developer.microsoft.com/en-us/graph/docs/api-reference/v1.0/api/calendar_list_events
Yes you just need to make sure you give your application the following permission
Calendars.Read.Shared Read user and shared calendars Allows the app to read events in all calendars that the user can access, including delegate and shared calendars.
ref https://developer.microsoft.com/en-us/graph/docs/concepts/permissions_reference
So as long as the calling account then has access to the Room Mailbox (eg via Delegation so they can access the same thing in Outlook etc) you just use the following endpoint
https://graph.microsoft.com/v1.0/users('room#domain.com')/calendar/events
I'm making an application that requires access to the shared/room-resource calendars in an Office 365 instance, using non-admin accounts. I've registered an app (in the Microsoft Application Registration Portal) using the V2 endpoint and Auth Code Grant. This successfully allows me to log in, and gives me a functional token with the Calendars.ReadWrite.Shared scope. With this token, I can retrieve my own calendars, and calendars that have been explicitly shared with me (and therefore added to my list of calendars). All of this is doable with just the normal Calendars.ReadWrite scope.
However, I get errors when requesting access to any other shared calendars, like the room calendars. Here's an example. If I make a GET call to https://graph.microsoft.com/beta/users/my-own-email#business.com/calendars it successfully returns a list of my calendars. If I make a GET call to https://graph.microsoft.com/beta/users/meetingroom1.4#business.com/calendars I get a 404 (Not Found) Error. The same error occurs for any other user, not just meeting rooms. Note that I can see these calendars when I'm logged into Office 365 online with the same account.
A different error occurs if I ask for events not calendars. If I make a GET call to https://graph.microsoft.com/beta/users/meetingroom1.4#business.com/events, I get a 500 (Internal Server) Error.
I've checked all the other threads I can find on the issue, and this one from November How to access shared calendars from Office REST API? says there's some kind of blocking issue on Microsoft's end. It's using the Office REST API rather than Graph, but on the back-end the APIs call the same stuff. Is this issue still about? Alternatively, am I missing some further permissions? I tried adding quite a few different permissions on top of Calendars.ReadWrite.Shared, but none of them fixed it. Is there a correct combination?
Thanks so much for any help, and let me know if any other info would be useful for diagnosis.
So if anyone else happens to be interested in this, I figured out a way to access room resource calendars without using the Calendars.ReadWrite.Shared permission. This allows you to use just the Calendars.ReadWrite permission to access the room resources, by moving them into the list of calendars of the email you're authenticating with. However, it will only work for specific accounts that you share the calendars with, so won't be usable in apps that have to work for any account. This is good enough for my use-case, but may not be for yours.
First, find or make an account that is a delegate to, and has full access to, the room resource calendar you want to use. On that account click 'Open another mailbox' in the dropdown list under your profile image.
Open another mailbox location
In the pop-up that follows, put in the email address of the room resource calendar that you want to use.
Then, on the new page that opens (which should be the Office account of the room resource calendar):
Navigate to the calendar page
Click 'Share'
Share the default calendar with the account you plan to authenticate with.
Then log into that 'authentication' account, check its email for the notification of the shared calendar, and click 'accept'. What this will do is move the calendar into the authenticated account's list of calendars, meaning you can access it with just a call to the https://graph.microsoft.com/v1.0/me/calendars endpoint. You'll have to repeat it for every calendar you want to be able to access, sadly.
I am trying to access user's mailbox as well as archive mailbox using Outlook MAPI. Outlook version is 2013. User's mailbox and archive both are in O365 (Exchange Online)
I am able to access users mailbox. However, access to users archive mailbox fails.
I have user's email address and Archive GUID of the archive mailstore.
Can someone please help me understand how to pass Archive GUID of user's mailbox to IMAPISession:OpenMsgStore.
Thanks,
Pranay
You will need to retrieve the legacy DN and server information from the autodiscover XML (Type == Archive), then construct the store entry id using IExchangeManageStore::CreateStoreEntryID in the same fashion as when opening a delegate mailbox.
Is it possible to manage multiple calendars from a single program? The task is to add events for different users in a domain, but do it from single program without knowing all users domain passwords. What type of authentication should be used to connect EWS? Is there any admin account exists? How to specify which calendar to update on each operation?
sure is this possible. You will have to create an ExchangeService-instance for each user and set the ImpersonatedUserId property to the mailbox of the user you want to the appointment or whatever you want to add.
have a look at http://msdn.microsoft.com/en-us/library/exchange/dd633680(v=exchg.80).aspx there you can find how to work with impersonation and also have a look at http://msdn.microsoft.com/en-us/library/bb204095.aspx where you can see how to set the rights your user needs to impersonate.
hope that answers your questions...