配置Exchange邮箱的ACL
本文关键字:ACL Exchange 配置 | 更新日期: 2023-09-27 18:11:37
我正在尝试添加一个组到邮箱(在c#中)。我正在使用CDOEXM, DirectoryServices的组合。AccountManagement调用,失败。这是我的代码:
// userDe is a DirectoryEntry
IExchangeMailbox exMb = (IExchangeMailbox)userDe.NativeObject;
IADsSecurityDescriptor securityDescriptor = (IADsSecurityDescriptor)exMb.MailboxRights;
IADsAccessControlList acl = (IADsAccessControlList)securityDescriptor.DiscretionaryAcl;
AccessControlEntry ace = new AccessControlEntry();
// groupName - I have successfully created the group earlier
ace.Trustee = groupName;
acl.AddAce(ace);
securityDescriptor.DiscretionaryAcl = acl;
exMb.MailboxRights = securityDescriptor;
// How do I save it?
exMb.CommitChanges() etc etc
...or userDe.Properties["ntSecurityDescriptor"] = securityDescriptor;
不知道下一步该做什么,我尝试的每件事都导致编译错误或InvalidCastException。
请帮
经过相当多的痛苦(我正在设置的整数值以某种方式对应于API中的enum值,但我无法让它们工作)。变量userDe是一个DirectoryEntry。
IExchangeMailbox exMb = (IExchangeMailbox)userDe.NativeObject;
IADsSecurityDescriptor securityDescriptor = (IADsSecurityDescriptor)exMb.MailboxRights;
IADsAccessControlList acl = (IADsAccessControlList)securityDescriptor.DiscretionaryAcl;
AccessControlEntry ace = new AccessControlEntry();
ace.Trustee = groupName;
ace.AccessMask = 1;
ace.AceFlags = 2;
ace.AceType = 0;
acl.AddAce(ace);
securityDescriptor.DiscretionaryAcl = acl;
IADsUser iadsUser = (IADsUser)userDe.NativeObject;
iadsUser.Put("msExchMailboxSecurityDescriptor", securityDescriptor);
iadsUser.SetInfo();