How to receive emails and store them automatically in Alfresco - outlook

We are working with Alfresco 4.2.c community version and the need is to configure Alfresco to store automatically received emails (from Outlook) in a specific workspace.
I really need your help.

Alfresco does not have a pull mechanism include to get & store mails. But there is a push-style solution called "Inbound Mail".
This gives you the opportunity to send (e.g. by forwarding or via Outlook rule) mails to alfresco & get them automatically stored in a folder: How Emails are handled

For the simple configuration (known users, no other special requirements):
Basic configuration changes (tweak unknown/allowable/etc for your local security requirements) for the alfresco-global.properties file:
### Inbound SMTP ###
email.inbound.unknownUser=anonymous
email.inbound.enabled=true
email.server.enabled=true
email.server.port=25
email.server.domain=server.domain.tld
email.server.allowed.senders=.*
Sending user...
e-mail address must be known by Alfresco
must be a member of EMAIL_CONTRIBUTORS
must be a member of the destination site
must have permissions on the destination node
The e-mail address that you send TO is the node ID. This can be retrieved from 5.0a and earlier by viewing the node in the "Alfresco Explorer" (accessible from the "View Properties" screen in Share (since almost everyone is all Share all the time). Note that with 5.0b that option may not be available anymore (and I do not know what the replacement is)?
The standard setup for allowing non-registered e-mails to submit documents involves creating the "anonymous" account. It can be attached to sites and given permissions to nodes just like any other user (since it actually is). This also means you can get fancy and assign an existing user to be the accepting party for unknown source e-mails. Note that no matter how you do it, this does open you up to some new risks...

Related

Outlook deferredDeliveryTime goes to outbox and If application is closed it does not send

I am building an Outlook Add-in that is using the Outlook mailitem property deferredDeliveryTime in order to postpone the sending of the message. Everything works fine but I have realized that if I send an email using deferedDeliveryTime and the application is closed it won't send the email until the application is reopened which defeats the purpose of the add-in. I am using Exchange/Office 365 and should therefore be able to push the message to the messaging queue and then close the application but I don't know how to do this.
One solution I have found is disabling the "Use Cached Exchange Mode to download email to an Outlook data file" in Account Settings. When disabled it sends the message immediately to the Exchange server but I need this setting to be enabled due to group policy.
I believe it should be possible to have it enabled while still being able to immediately send to Exchange. Do anyone know how/if this works? Or if there is some workaround.
You are on the right avenue, Outlook add-ins work only when the host application is launched. When you deal with a cached mode of connecting to the Exchange server your data is kept locally until Outlook synchronizes its folders. The non-cached mode works a bit different - the data is reflected from the server-side and no cache is preserved locally, your changes are reflected on the server-side almost immediately. It seems you have found a possible workaround already.
But you may also consider using EWS when Outlook is closed at any point of time, see Explore the EWS Managed API, EWS, and web services in Exchange for more information. For Office365 accounts you may take a look at MS Graph.
I have not tried that particular scenario, but you should be able to create a message in the online mode and send it in that mode. On the Extended MAPI (C++ or Delphi only) level, you can open the parent folder (e.g., Outbox) with the MAPI_NO_CACHE flag, create the message (IMAPIFolder::CreateMessage), populate its properties, and send it (IMessage::SubmitMesage) - since the parent folder is opened in the online mode, the newly created message will also be in the online mode.
If Extended MAPI is not an option, you can try to use Redemption (I am its author, any language) - it will let you open a folder in the online mode (RDOSession.GetFolderFromID(..., MAPI_NO_CACHE | MAPI_BEST_ACCESS)).

How to get user device type accessing skype for business bot built in MS Bot Framework

Does anyone know how to get the information about user device that access the bot deployed in S4B channel and built using MS Bot Framework (C#).
I need to know about the options to detect the user device (Device type and OS) accessing the Skype For Business Bot. If there's a way to know whether user device is desktop or mobile. In bot framework the User-Agent header formatted similar to the string below:
SFBUserAgent (Microsoft-BotFramework/3.1+https://botframework.com/ua)
(The user agent from Connector returns the following:
fxversion/4.7.2563.0 osname/windowsserver2016datacenter osversion/6.3.14393 microsoft.bot.connector.connectorclient/3.14.1.1)
I want to know if UCWA can be used to detect the device type accessing Skype For Business bot.
UCWA is not able to do so, actually no client or client-facing api can provide such information. It's because User-Agent information is not part of the presence so the client doesn't publish it to other clients. The main purpose of this User-Agent information is for monitoring reporting purpose.
However there is still some space from server side to allow us to do something. If you have access to the Skype for Business server, you have several workarounds.
Get-CsConnections.ps1 is a well-known script to pull current logged in user from Lync server side. It was written in 2011 while we only had Lync 2010, but good news is it works fine with new version of Lync like Lync Server 2013, Skype for Business server 2015. This script needs to be run in Lync/Skype management shell or a Powershell session with Lync/Skype modules imported. It needs to run by using an Lync/Skype admin account.
To retrieve user agent for a particular user by using sip uri.
$UserHomePool = (Get-CsUser -Identity [sip address]).RegistrarPool
Get-CsConnections.ps1 -SipAddress [sip address] -Pool $UserHomePool
Connections.ps1 is the prototype script of the above Get-CsConnections.ps1, it's simpler but doesn't provide advanced features. You can look at it and decide which one you need.
Do it yourself. If you don't want to use 3rd party script or just want to do it in a simplest and pure way, it's possible to do it by querying it from server database. Lync/Skype server stores this user agent information in the dynamic database in Front End server. It's in the table dbo.RegistrarEndpoint of the database rtcdyn of the instance rtclocal.
Please notice that there is no public document about the database schema so you need to do a little guess and hacking yourself. Good news is all data in the database is strored in readable format so it shouldn't be a big issue.
In a very rare chance that you are not wanting this information in real-time, the monitoring report and database can be the best approach. It's not real-time data, the data is generated within 10 mins after a conversation is ended.
If you want to get it from monitoring database, you should look at SessionDetails view for P2P conversation and ConferenceSessionDetails for conference conversation. There are straighforward fields in the views called something like UserClientType to point out the user agent information for the certain session.
At last one thing I would like to remind is Skype allows user to logged in multiple clients simultaneously, so no matter how you make it work you still need to face the question which logged in client really matters to you if the user has multiple clients logged in.

Implications of allowing users to email content and attachments to a server

I have implemented a feature in my application that allows registered users to send an email to a gmail account, which my server polls using Spring Integration, and then if it recognises the sender, stores the subject and body content in a database (via JPA).
I also want to allow users to be able to send files as attachments to these emails which I plan to store on AWS.
I'm sure there must be security implications with both of these features, but I'm not aware of what they might be.
So my question is, what are the security implications of allowing users to store email content in my DB and attached files on AWS?
TIA
You could have some problems when you will have many emails to process using a single email account (probably not a problem at the beginning). Also making yourself dependent on an external email provider may sound for you clients really unreliable (depending on your clients/business). Also someone could eat up all your space on gmail by sending too many emails that don't get deleted on time. Also when storing the files in AWS you must store the files with random filenames. Probably you will have to read some tutorials for that.

Looking for a way (preferably an API) to determine Effective Permissions on Active Directory object

We have a custom Active Directory integrated web app that helps users perform some self-service on their accounts (e.g. update photo, change phone number, reset password etc.) Our app runs on domain-joined servers, as Local System, and is thus able to authenticate to the AD using the server account(s).
We use a service connection point, that the app's clients use to locate an instance of our app. (Our app clients are hard-coded to look for certain keywords which are published on the servie connection point's keywords attribute.)
We recently had a situation wherein someone (we believe accidentally) changed the keywords on one of the service connection points resulting in an outage, since the clients could no longer find our SCP when querying the AD for our keyword(s).
The customer is a bit upset about this and wishes for us to provide them the ability to determine who can change the keywords on our SCPs. This feedback was passed on from our sales guys to us, and now we need to provide some way of helping them figure out who can change the keywords on our SCPs.
So, we're looking for an API to help us to determine Effective Permissions on our Active Directory service connection point objects, so we can alleviate this situation for the customer. We couldn't quite find an Effective Permissions / Access API that could help us list all the users who have effective write access to the keyword and other attributes on our SCPs.
Is there an API/other way that one can use to determine Effective Permissions on an Active Directory object?
It needs to be able to list all the users who have a specified access on a specified set of attributes of an Active Directory object.
This stack overflow post may be able to help you. LINQ to LDAP should also allow you to access the information pretty easily as well.

Using MAPI w/ C++, how can I open another user's Inbox?

I'm looking to write an automated monitor script to programmatically retrieve information from another user's Exchange 2003 inbox. I have working C++ code to log into MAPI and connect to my own inbox. I can also use the Control Panel->Mail applet to configure another user's mailbox into my profile, and my code can access that way. However, this was done on my desktop with Outlook installed, which provides a richer mail profile editor.
Since this will run on a server, I'd prefer not to install Outlook at all. Instead, I can install the MAPI client. I then create a simple MAPI app that pops up the mail profile wizard using MAPILogonEx() with the MAPI_LOGON_UI flag. However, the basic MAPI client doesn't have the features to configure another user's mailbox. As a requirement, I can only run this script as the service account of the monitoring application, so I cannot tell it to run as the account whose mailbox I want.
Is it still possible to connect to another user's mailbox (assuming permissions are already granted) using the basic MAPI client? Or is it absolutely necessary to install Outlook for this functionality?
I would strongly recommend using the Microsoft Exchange MAPI Client (as you have linked). It is engineered to be far more robust than the Outlook version of these libraries. You should find the API no different between Outlook and Exchange Server with respect to Extended MAPI.
You will need to use Extended MAPI (as described by Cain T S Random) to open other mail stores, and of course your application will need to be logged in as the Windows user with appropriate permissions on the Exchange server.
I see... I'm not sure how to do that explicitly; that's usually a side effect of calling CreateStoreEntryID with the wrong flags. What's you're looking to do is probably:
Get an IID_IExchangeManageStore from your default message store
Call CreateStoreEntryID
Then open that store by the entry ID
LPEXCHANGEMANAGESTORE mapiObject = NULL;
store->QueryInterface( IID_IExchangeManageStore, (LPVOID *) &mapiObject);
mapiObject->CreateStoreEntryID( server, mailbox, OPENSTORE_TAKE_OWNERSHIP |
OPENSTORE_USE_ADMIN_PRIVILEGE, &len, &buffer);
//Call OpenEntry on the entry id
If you want a more detailed example, search the source of the MFC MAPI project for CreateStoreEntryID. If you have other questions, the best place to get them answered is the microsoft.public.win32.programmer.messaging newsgroup.
Have you looked into ConfigureMsgService? I believe that works with Exchange MAPI, or are you saying you tried that and it didn't work?

Resources