Platform SDK: Exchange Server |
The following example demonstrates how to go about adding a new entry to a folder's access control list. Assume we have a current CDO Session object and have retrieved the folder for which we wish to modify the ACL. The Folder object reference is stored in the fldr variable, and the Session is stored in the session variable in the example below.
Const ROLE_AUTHOR = &H41b ' This value is defined in the Type Library for the ' Component and is convenient for Java, C++ and Visual ' Basic to use with "intelli-sense" We must hard-code ' it here for our script ' This value is the same as "or ing the rights together ' For example, this would work too: ' ' Const RIGHTS_EDIT_OWN = &H8 ' Const RIGHTS_CREATE_ITEMS = &H2 ' Const RIGHTS_FOLDER_VISIBLE = &H400 ' Const RIGHTS_READ_ITEMS = &H1 ' Const ROLE_AUTHOR = RIGHTS_EDIT_OWN _ or RIGHTS_CREATE_ITEM _ or RIGHTS_READ_ITEMS _ or RIGHTS_FOLDER_VISIBLE set acl = createobject("MSExchange.aclobject") set acl.cdoitem = fldr ' previously retrieved CDO folder object set fldr_aces = acl.aces ' create a new ace and bind member set newace = createobject("MSExchange.ACE") ' fetch and use the GAL set gal = session.addresslists.item(1) ' one can use memberid or name set member = gal.addressentries.item("member_name") newace.ID = member.id newace.rights = CLng(ROLE_AUTHOR) ' role author fldr_aces.add newace ' add the ACE to the collection acl.Update
Note the use of the CLng function in VBScript when setting the Rights property. This is to make sure that VBScript does not sent a reference to a VARIANT (VT_BYREF|VT_VARIANT) in the IDispatch::Invoke call (DISPATCH_PROPERTYPUT) to the newace object.