HOWTO: Retrieve the ACLs for Folders You Do Not Own
ID: Q197743
|
The information in this article applies to:
-
Exchange Development Kit (EDK), versions 5.0, 5.5
SUMMARY
This article demonstrates how to access the Access Control List (ACL) of a
public folder that is not owned by the currently logged on user. While the
sample code is specific to this purpose, the same code can be easily
modified to access or modify the ACLs of any folder in any information
store.
MORE INFORMATION
The Access Control List of any given Microsoft Exchange Folder is contained
in either the PR_ACL_DATA or PR_ACL_TABLE properties of that folder.
The following functions are used to access ACLs on a public folder in an
Exchange Information Store. To review the data in the PR_ACL_DATA property,
you must get the data into an SRowSet structure. Getting this information
into the SRowSet structure is the main purpose of the code below.
The following libraries must be statically linked with your project:
- Kernel32.lib
- User32.lib
- Version.lib
- Advapi32.lib
- Msvcrt.lib
- Mapi32.lib
- Edkguid.lib
- Edkutils.lib
- Edkmapi.lib
- Addrlkup.lib
- Edkdebug.lib
- Mblogon.lib
Code Sample
// TODO: Change these constants to reflect the folder and server of
// interest.
#define STR_FOLDER_NAME "\\IPM_SUBTREE\\AFolder"
#define STR_DN_SERVERNAME "/O=Org/OU=AServer"\
"/CN=Configuration/CN=Servers"\
"/CN=AServer/CN=Org Private MDB"
#include <windows.h>
#include <edk.h>
#include <mapidbg.h>
#include <stdio.h>
#include <conio.h>
#include <mspab.h>
static LPMAPISESSION lpSession = NULL;
static LPMDB lpStore = NULL;
static CHAR szStore[MAX_PATH + 1] = {0};
static ULONG cbEIDStore = 0;
static LPENTRYID lpEIDStore = NULL;
static CHAR szFolder[MAX_PATH + 1] = {0};
static LPMAPIFOLDER lpFolder = NULL;
static ULONG cbEIDFolder = 0;
static LPENTRYID lpEIDFolder = NULL;
HRESULT Logon ( LPMAPISESSION *pSession )
{
HRESULT hRes = S_OK;
LPMAPISESSION pLocalSession = NULL;
ULONG ulFlags = 0L;
if ( FAILED ( hRes = MAPIInitialize ( NULL ) ) )
goto Quit;
ulFlags = MAPI_EXTENDED |
MAPI_LOGON_UI |
MAPI_EXPLICIT_PROFILE |
MAPI_NEW_SESSION;
if ( FAILED ( hRes = MAPILogonEx ( 0l,
NULL,
NULL,
ulFlags,
&pLocalSession ) ) )
goto Quit;
*pSession = pLocalSession;
Quit:
return hRes;
}
HRESULT ModifyACLS ( )
{
LPSRowSet pRows = NULL;
HRESULT hr = S_OK;
ULONG ulUIParam = 0;
LPCIID lpInterface = NULL;
ULONG ulFlags = MAPI_BEST_ACCESS;
ULONG ulObjType = 0;
LPSTR mstr = NULL;
LPMAPITABLE m_lpMapiTbl= NULL;
ULONG ulFlagsTable = 0;
ULONG lpulCount = NULL;
LPMDB lpMailbox = NULL;
LPEXCHANGEMODIFYTABLE m_lpExchTbl = NULL;
SizedSPropTagArray ( 2, sptCols ) = { 2,
PR_ENTRYID,
PR_DISPLAY_NAME };
// Logon to MAPI Session
hr = Logon ( &lpSession );
if (FAILED(hr))
{
MessageBox(NULL,"MAPI Logon failed",NULL,MB_OK);
goto cleanup;
}
// Get entry ID of the Public Folders store
hr = HrMAPIFindStore(lpSession,
"Public Folders",
&cbEIDStore,
&lpEIDStore);
if (FAILED(hr))
{
MessageBox(NULL,"Message Store Not Found",NULL,MB_OK);
goto cleanup;
}
// Open the Public Folders store
hr = lpSession->OpenMsgStore(ulUIParam,
cbEIDStore,
lpEIDStore,
lpInterface,
ulFlags,
&lpStore);
if (FAILED(hr))
{
MessageBox(NULL,"Message Store Not Opened",NULL,MB_OK);
goto cleanup;
}
// Logon to server and mailbox - as admin
hr = HrMailboxLogon(lpSession,
lpStore,
STR_DN_SERVERNAME,
NULL, &lpMailbox);
if (FAILED(hr))
{
MessageBox(NULL,"HrMailBoxLogon Failed",NULL,MB_OK);
goto cleanup;
}
strcpy(szFolder, STR_FOLDER_NAME);
// Get entry ID of specific public folder
hr = HrMAPIFindFolderEx(lpMailbox,
'\\',
szFolder,
&cbEIDFolder,
&lpEIDFolder);
if (FAILED(hr))
{
MessageBox(NULL,"Folder Not Found",NULL,MB_OK);
goto cleanup;
}
// Open the folder in an IMAPIFolder interface
hr = lpMailbox->OpenEntry(cbEIDFolder,
lpEIDFolder,
NULL,
MAPI_BEST_ACCESS,
&ulObjType,
(LPUNKNOWN FAR *)&lpFolder);
if (FAILED(hr))
{
MessageBox(NULL,"Folder Could Not Be Opened",NULL,MB_OK);
goto cleanup;
}
// Open the ACL table in an IExchangeModifyTable interface
hr = lpFolder->OpenProperty(PR_ACL_TABLE,
(LPGUID)&IID_IExchangeModifyTable,
0,
MAPI_DEFERRED_ERRORS,
(LPUNKNOWN FAR *)&m_lpExchTbl);
if (FAILED(hr))
goto cleanup;
// Open a MAPI table on the ACL table property. This table can be
// read to determine what the ACL table looks like.
hr = m_lpExchTbl->GetTable(0, &m_lpMapiTbl);
if (FAILED(hr))
{
hr = HR_LOG(E_FAIL);
goto cleanup;
}
hr = m_lpMapiTbl->GetRowCount(ulFlagsTable,&lpulCount);
if (FAILED(hr))
{
goto cleanup;
}
hr = HrQueryAllRows(m_lpMapiTbl,NULL, NULL, NULL, lpulCount,&pRows);
if (FAILED(hr))
{
goto cleanup;
}
// You now have the PR_ACL_DATA in a SRowSet structure.
cleanup:
if (lpSession)
{
lpSession->Logoff(0, 0, 0);
ULRELEASE(lpSession);
}
MAPIUninitialize();
return 0;
}
Additional query words:
Keywords : kbMsg kbEDK500 kbEDK550
Version : WINDOWS:5.0,5.5
Platform : WINDOWS
Issue type : kbhowto