How do I retrive User permissions for a Mailbox?

[Maximilian]

Hi,

Im using VSTO to build an add in for Outlook 2007.
The problem In my add in is that I need to know which permissions the users
has.
For example: I need to know if the user has permission to "Send As" and I
need to get this information runtime in code.
After spending more time I intended to learn this by searching I now hope
that someone here has an answer.

 

[Ken Slovak - [MVP - Outlook]]

That's not directly exposed in the Outlook 2007 object model. You can use
the Folder.PropertyAccessor() object on these properties, both are PT_LONG
(int32) that are bit flag values:

PR_ACCESS "http://schemas.microsoft.com/mapi/proptag/0x0FF40003"
PR_ACCESS_LEVEL "http://schemas.microsoft.com/mapi/proptag/0x0FF70003"

The DASL property tags for the properties are what you'd supply to
PropertyAccessor().

You then have to interpret the bit flags.

The same properties are also available on individual items, and on Store the
PR_ACCESS_LEVEL property is available. The bit flags such as MAPI_MODIFY are
in the mapidefs.h header file that's in most of the Windows and Exchange
SDK's.

However, that won't tell you some properties such as SendAs or ReceiveAs
permissions. For those you'd need to query the server. For that you could
use an LDAP query, or WebDAV or Exchange Web Services or a cmdlet, depending
on what version of Exchange is being queried. For more on that sort of stuff
you need to post in an Exchange development group such as
microsoft.public.exchange.development.

 

[Maximilian]

Ok, but feels like thats something that should have been exposed in the
object model thou. The problem is that I started with reading (LDAP) from the
AD directly but couldn't access the properties of the exchange - only the
ordinary stuff so that why I thought that this would be accessible through
the outlook Object model.

Do you know of any example on how to obtain this data through LDAP?

 

[Ken Slovak - [MVP - Outlook]]

The access properties are exposed that way, SendAs or ReceiveAs are purely
server side properties so they aren't in the object model. They mean nothing
in the case of a PST file for example, and only relate to Exchange.

There may be better ways than using LDAP, such as WebDAV or Exchange Web
services or a cmdlet, depending on what version of Exchange is being used. I
don't do that much with that sort of thing so that's why I suggested asking
about that in an Exchange development group.

 

[Dmitry Streblechenko]

On the MAPI level (C++ or Delphi), you can open the
PR_EMS_AB_PUBLIC_DELEGATES_BL_O and PR_EMS_AB_PUBLIC_DELEGATES properties as
IMAPITable objects. Redemption (url below) exposes these as
RDOAddressEntry.Delegates and RDOAddressEntry.IsDelegateFor collections -
http://www.dimastr.com/redemption/rdo/rdoaddressentry.htm

Folder level access settings can be retrieved by opening the PR_ACL_TABLE
property as IExchangeModifyTable from the IMAPIFolder objeect
(IMAPIFolder::OpenProperty). Redemption exposes ACL through the
RDOFolder.ACL collection: http://www.dimastr.com/redemption/rdo/rdoacl.htm

--
Dmitry Streblechenko (MVP)
http://www.dimastr.com/
OutlookSpy - Outlook, CDO
and MAPI Developer Tool
-