Determining permission to another mailbox using RDO when user isin permission group

T

tEst

Hi all,
I am currently using RDO to read the current permission rights to a
delegate´s mailbox. I´m currently struggling on one particular situation:
we use groups to set permissions to users instead of setting them
directly to the acl.
Here´s an excerpt of what I did so far:

Dim Folder As RDOFolder =
Sess.GetFolderFromPath(applicationObject.ActiveExplorer.CurrentFolder.FolderPath)
Dim ace As RDOACE
For Each ace In Folder.ACL
If ace.Name = Sess.CurrentUser.Name Then
MsgBox(CStr(ace.Rights))
If ace.CanDeleteAll = True And ace.CanCreateItems =
True Then
NAR(ace)
ace = Nothing
Folder = Nothing
Return True
End If
End If
Next
ace = Nothing
Folder = Nothing

But this returns only the rights of the current entry. If the user is in
a permission group (I think we ar talking about public dist lists) I
cannot determine the actual permission level of that particular user.
Does anybody have an idea on how to detect the correct permission level
of a particular user?
Am I completely wrong with my code above? Does there exist another
(maybe low level) MAPI property where I can read the current permission,
or is there an entry in the active directory which I can access?

Thanks for any tip!

-Mike
 
D

Dmitry Streblechenko

What do you see in Outlook when you look at that folder (RMB, Permissions
tab)?
What do you see in OutlookSpy (click IMAPIFolder, PR_ACL_TABLE tab)?

BTW, why are you using GetFolderFromPath? Use GetFolderFromID:

Dim Folder As RDOFolder =
Sess.GetFolderFromID(applicationObject.ActiveExplorer.CurrentFolder.EntryID)

Make sure you set RDOSession.MAPIOBJECT to Namespace.MAPIOBJECT from OOM to
make sure RDO and OOM use the same MAPI session.


Dmitry Streblechenko (MVP)
http://www.dimastr.com/
OutlookSpy - Outlook, CDO
and MAPI Developer Tool
 
T

tEst

Hi Dmitry,

I´m sorry to ask: what do you mean by RMB?

In OutlookSpy I can see the following as Rows:
Row # 0
Maibox123-Reviewers
Mailbox123-PublishingEditors

Within the Rows there are five entries for each row:
PR_EntryID
PR_Instance_Key
PR_Member_ID
PR_Member_Name
PR_Member_Rights

I understand that I can read the actual entry of each of these rows with
ace.rights, but there are two questions left:
1 - how can I determine that an entry is a group instead of a person ?
2 - how can I resolve such permission groups to determine if a
particular user has sufficient permissions(I need to determine if the
user has delete permission) on that folder ?

Thanks again,

Mike
 
D

Dmitry Streblechenko

By RMB I mean "right mouse button click", sorry about being cryptic.
When accessing ACE in RDO, you can use RDOACE.AddressEntry property to get
back the corresponding RDOAddressEntry object. You can them access the
RDOAddressEntry.DisplayType property and RDOAddressEntry.Members collection
to figure out the type of fthe address entry and (in case of a DL) access
its members.

Dmitry Streblechenko (MVP)
http://www.dimastr.com/
OutlookSpy - Outlook, CDO
and MAPI Developer Tool
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

What permission do I need to add a user to a group? (C#) 9
User account permissions bugs? 5
Windows Forms No-Touch Deployment problems using DAO on User-Level Secured Access DB to access group 4
How to add a user to a local admin group in C# 1
Copying user profile from one user account to another user account on the same conputer ---- 3 chall 2
Weird Access 2003 multi-user performance problem 12
How to properly reference sub-folder using "WithEvents"? 3
Home network fails to work without Netbeui 2

Top