Platform SDK: Exchange Server

Security with Custom Handlers

You may want to limit the power of your custom handler. To do this, you can incorporate code that diminishes its power by, for example, impersonating a Microsoft® Windows NT® account that has fewer permissions.

One way to accomplish this is to implement your handler (COM object) as a Microsoft Transaction Server (MTS) object. In addition to providing support for database transactions, MTS also can act as a process manager for in-process COM objects. You can use MTS to specify that your object is always to run under a specific Windows NT security account – one that has sufficiently low privileges for your application.