I'm trying to use CreateItem to create a CalendarItem for a Mailbox belonging to a user other than the one I'm connected as. The user I am connecting as does not have a Mailbox.
Below is my xml
<CreateItem xmlns="http://schemas.microsoft.com/exchange/services/2006/messages"
xmlns:t="http://schemas.microsoft.com/exchange/services/2006/types"
SendMeetingInvitations="SendToAllAndSaveCopy" >
<SavedItemFolderId>
<t:DistinguishedFolderId Id="calendar">
<Mailbox>
<EmailAddress>user1#testhost</EmailAddress>
</Mailbox>
</t:DistinguishedFolderId>
</SavedItemFolderId>
<Items>
<t:CalendarItem xmlns="http://schemas.microsoft.com/exchange/services/2006/types">
<Subject>Test Calendar Entry</Subject>
<Body BodyType="Text">Test.</Body>
<ReminderIsSet>true</ReminderIsSet>
<ReminderMinutesBeforeStart>60</ReminderMinutesBeforeStart>
<Start>2012-01-20T09:00:00</Start>
<End>2012-01-20T17:00:00</End>
<IsAllDayEvent>false</IsAllDayEvent>
<Location>Test Location</Location>
</t:CalendarItem>
</Items>
</CreateItem>
After sending this to the server the reply I receive is:
[MessageText] => When making a request as an account that does not have a mailbox, you must specify the mailbox primary SMTP address for any distinguished folder Ids.
[ResponseCode] => ErrorMissingEmailAddress
Additionally, I can successfully run this xml from an account with a mailbox (omitting the mailbox element) and it does create the Calendar item.
I've checked the user I'm logging in as does have full access to user1's mailbox.
I've tried specifying the UPN instead of the primary SMTP.
If I specify an invalid or non-primary email address, I get the expected errors, which indicates I am specifying the correct element.
Thanks in advance for any hints.
You have to impersonate as other user before do any operation on the calendar item
An issue with impersonation, well if your on the 2007 Exchange Server, is that you don't have much control on the granularity of roles applied to the impersonating user. Exchange server 2010 addresses this with role based impersonation. You may want to look at phasing it in if you have a large user base.
I think the standard behavior is to create a service account which would have the impersonation rights on the groups/people your interested in. This approach minimizes the number of users who need to be granted the impersonation rights and also allows you to control the access as its all through your API
The other way Exchange allows you to get this behavior is through delegation of course that is only through the Outlook UI.
Related
So far all information that I read about streaming notifications says that you are expected to use impersonation with streaming subscriptions when you want to subscribe to not your mailboxes. This sounds reasonable when you have service application that accesses user mailboxes. In my case I need to subscribe to calendars of room mailboxes.
Based on this answer: Getting notification from Resource calendar in EWS room mailboxes usually have their account disabled and I need to use delegation.
So what is proper way to subscribe and maintain affinity when using delegation? Should I just ignore setting the impersonation header and do everything else as described in How to: Maintain affinity between a group of subscriptions and the Mailbox server in Exchange?
When you creating folder object, pass the other user email address which shared his calendar with you. AS below
folders[0] = new FolderId(WellKnownFolderName.Calendar, new Mailbox("OtherUserEmail"));
And then subscribe.
service.SubscribeToStreamingNotifications
For resource rooms I use impersonation as the preferred access. I know that in general the AD userids for room resources are disabled for login in AD, but my guess is that affects only Windows login. Technically when you impersonate, you don't really login as the room user. You log in as the service account with those credentials, and then indicate with the impersonation id that you want Exchange to pretend it's actually the room making all the requests you are about to make.
I have a service account that I want to be able to access another users calendar through the ews api in such a way that it can create appointments, update appointments they have created and delete appointments they have created but NOT be able to read all items on the users calendar.
This appears to be possible in office 365 (see screenshot) but is it possible with Exchange 2010? If so how?
Sure the image you have posted is just the Folder permissions from Outlook these permission are the same from Exchange 2007 to Office365. The two ways you can set permission pro-grammatically like you have shown is first use one of the Mailbox Access API's like Mapi or EWS and set the Folder permission eg https://msdn.microsoft.com/en-us/library/office/dn641962(v=exchg.150).aspx
Or you can use the Exchange Management Shell and Add-MailboxFolderPermissions https://blogs.technet.microsoft.com/ilvancri/2009/11/24/exchange-2010-and-then-there-is-the-long-awaited-cmdlet-add-mailboxfolderpermission/ this can be a better approach as it just requires delegated admin rights via an RBAC role where setting the folder permission via EWS because it uses a User API would require the account setting those permissions to be the Mailbox owner, have been delegate Full Access rights on the Mailbox (eg add-mailboxpermission) or use Impersonation.
I have an email account with exchange, i can send and receive emails from that account's email.
This account is a member of a distribution list, i want to be able to send the replies from this account with the address of the distribution list (on behalf of).
I tried to set the Email.From property and that made no difference
I tried to set the Email.Sender property and it gave me at error that this property cannot be changed although it is a set and get.
The account does have permissions to send on behalf of the distribution list.
Please any ideas?
Regards
Yazeed
I'm writing an application that needs to create Calendar events on a user's Outlook Calendar. However, I will not have access to their passwords, and they will most likely not be involved in the workflow to enter them at any point.
Is it possible to create these events with the user being authenticated? If not, are there alternatives?
This is for an on-premise Exchange Server, not Exchange Online.
You can use app impersonation, as long as the admin can add a service account and grant app impersonation. See https://msdn.microsoft.com/en-us/library/office/dd633680(v=exchg.80).aspx for more details.
If the user can use his Windows Login to login to the Exchange Server, you can simply use that - if your application runs on the users machine under his account. EWS-managed-API does that out-of-the-box.
If not, you could create an additional user on the Exchange Server, who creates the appointments on his own account and invites everyone per email.
We have users in our company that have smart phones (Android/Windows Phone mix)and put their contacts in their Exchange account. It is a unified group of users that just need the phone numbers for each other (with a considerably high turnaround for employees in this position as well). I am looking to get a list of contact names/phone numbers to be automatically pushed to (and updated, if possible) their Exchange contact lists. Previously we have been logging in with their account into a computer, opening Outlook, then loading a csv with the contacts on there. The issue is how time consuming it is, given that amount of turnaround on those users. Thanks in advance!
To create a Contact in a users Mailbox you will need access to that contacts folder in that mailbox so you either need to create a Service Account and give that account rights to the folder via something like Add-MailboxFolderPermission or get the user to delegate the access themselves if they are sensitive to security changes or use EWS impersonation.
Once you have rights to the users Contacts folder then you could automate the process of the CSV import using EWS and Powershell here are a few sample scripts
https://gallery.technet.microsoft.com/scriptcenter/Using-Powershell-to-import-14bef4b8
http://blogs.technet.com/b/bill_long/archive/2010/04/23/importing-public-folder-contacts-from-a-csv-file.aspx
http://gsexdev.blogspot.com.au/2010/04/flexible-exchange-contact-creation.html
Cheers
Glen