HOWTO: Retrieve the ACLs for Folders You Do Not Own

ID: Q197743


The information in this article applies to:
  • Exchange Development Kit (EDK), versions 5.0, 5.5


SUMMARY

This article demonstrates how to access the Access Control List (ACL) of a public folder that is not owned by the currently logged on user. While the sample code is specific to this purpose, the same code can be easily modified to access or modify the ACLs of any folder in any information store.


MORE INFORMATION

The Access Control List of any given Microsoft Exchange Folder is contained in either the PR_ACL_DATA or PR_ACL_TABLE properties of that folder.

The following functions are used to access ACLs on a public folder in an Exchange Information Store. To review the data in the PR_ACL_DATA property, you must get the data into an SRowSet structure. Getting this information into the SRowSet structure is the main purpose of the code below.

The following libraries must be statically linked with your project:

  • Kernel32.lib


  • User32.lib


  • Version.lib


  • Advapi32.lib


  • Msvcrt.lib


  • Mapi32.lib


  • Edkguid.lib


  • Edkutils.lib


  • Edkmapi.lib


  • Addrlkup.lib


  • Edkdebug.lib


  • Mblogon.lib


Code Sample


    // TODO: Change these constants to reflect the folder and server of
    // interest.
    #define STR_FOLDER_NAME "\\IPM_SUBTREE\\AFolder"
    #define STR_DN_SERVERNAME "/O=Org/OU=AServer"\ 
         "/CN=Configuration/CN=Servers"\ 
         "/CN=AServer/CN=Org Private MDB"

    #include <windows.h>
    #include <edk.h>
    #include <mapidbg.h>
    #include <stdio.h>
    #include <conio.h>
    #include <mspab.h>

    static   LPMAPISESSION    lpSession =                NULL;
    static   LPMDB            lpStore =                  NULL;
    static   CHAR             szStore[MAX_PATH + 1] =    {0};
    static   ULONG            cbEIDStore  =              0;
    static   LPENTRYID        lpEIDStore =               NULL;
    static   CHAR             szFolder[MAX_PATH + 1] =   {0};
    static   LPMAPIFOLDER     lpFolder =                 NULL;
    static   ULONG            cbEIDFolder =              0;
    static   LPENTRYID        lpEIDFolder =              NULL;


    HRESULT Logon ( LPMAPISESSION *pSession )
    {
      HRESULT hRes = S_OK;
      LPMAPISESSION pLocalSession = NULL;
      ULONG ulFlags = 0L;

      if ( FAILED ( hRes = MAPIInitialize ( NULL ) ) )
         goto Quit;

      ulFlags = MAPI_EXTENDED |
                MAPI_LOGON_UI |
                MAPI_EXPLICIT_PROFILE |
                MAPI_NEW_SESSION;

      if ( FAILED ( hRes = MAPILogonEx ( 0l,
                                         NULL,
                                         NULL,
                                         ulFlags,
                                         &pLocalSession ) ) )
         goto Quit;

      *pSession = pLocalSession;

    Quit:
      return hRes;
    }


    HRESULT ModifyACLS ( )
    {
      LPSRowSet      pRows   =      NULL;
      HRESULT        hr =           S_OK;
      ULONG          ulUIParam =    0;
      LPCIID         lpInterface =  NULL;
      ULONG          ulFlags =      MAPI_BEST_ACCESS;
      ULONG          ulObjType =    0;
      LPSTR          mstr =         NULL;
      LPMAPITABLE    m_lpMapiTbl=   NULL;
      ULONG          ulFlagsTable = 0;
      ULONG          lpulCount =    NULL;
      LPMDB          lpMailbox =    NULL;

      LPEXCHANGEMODIFYTABLE m_lpExchTbl =   NULL;

      SizedSPropTagArray ( 2, sptCols ) = { 2,
                                            PR_ENTRYID,
                                            PR_DISPLAY_NAME };


      // Logon to MAPI Session
      hr = Logon ( &lpSession );

      if (FAILED(hr))
      {

         MessageBox(NULL,"MAPI Logon failed",NULL,MB_OK);
         goto cleanup;
      }

      // Get entry ID of the Public Folders store
      hr = HrMAPIFindStore(lpSession,
                           "Public Folders",
                           &cbEIDStore,
                           &lpEIDStore);


      if (FAILED(hr))
      {
         MessageBox(NULL,"Message Store Not Found",NULL,MB_OK);
         goto cleanup;
      }

      // Open the Public Folders store
      hr = lpSession->OpenMsgStore(ulUIParam,
                                   cbEIDStore,
                                   lpEIDStore,
                                   lpInterface,
                                   ulFlags,
                                   &lpStore);

      if (FAILED(hr))
      {
         MessageBox(NULL,"Message Store Not Opened",NULL,MB_OK);
         goto cleanup;
      }

      // Logon to server and mailbox - as admin
      hr = HrMailboxLogon(lpSession,
                          lpStore,
                          STR_DN_SERVERNAME,
                          NULL, &lpMailbox);


      if (FAILED(hr))
      {
         MessageBox(NULL,"HrMailBoxLogon Failed",NULL,MB_OK);
         goto cleanup;
      }
      strcpy(szFolder, STR_FOLDER_NAME);

      // Get entry ID of specific public folder
      hr = HrMAPIFindFolderEx(lpMailbox,
                              '\\',
                              szFolder,
                              &cbEIDFolder,
                              &lpEIDFolder);

      if (FAILED(hr))
      {
         MessageBox(NULL,"Folder Not Found",NULL,MB_OK);
         goto cleanup;
      }

      // Open the folder in an IMAPIFolder interface
      hr = lpMailbox->OpenEntry(cbEIDFolder,
                                lpEIDFolder,
                                NULL,
                                MAPI_BEST_ACCESS,
                                &ulObjType,
                                (LPUNKNOWN FAR *)&lpFolder);

      if (FAILED(hr))
      {
         MessageBox(NULL,"Folder Could Not Be Opened",NULL,MB_OK);
         goto cleanup;
      }

      // Open the ACL table in an IExchangeModifyTable interface
      hr = lpFolder->OpenProperty(PR_ACL_TABLE,
                                  (LPGUID)&IID_IExchangeModifyTable,
                                  0,
                                  MAPI_DEFERRED_ERRORS,
                                  (LPUNKNOWN FAR *)&m_lpExchTbl);
      if (FAILED(hr))
         goto cleanup;

      // Open a MAPI table on the ACL table property.  This table can be
      // read to determine what the ACL table looks like.
      hr = m_lpExchTbl->GetTable(0, &m_lpMapiTbl);

      if (FAILED(hr))
      {
         hr = HR_LOG(E_FAIL);
         goto cleanup;
      }
      hr = m_lpMapiTbl->GetRowCount(ulFlagsTable,&lpulCount);

      if (FAILED(hr))
      {
         goto cleanup;
      }

      hr = HrQueryAllRows(m_lpMapiTbl,NULL, NULL, NULL, lpulCount,&pRows);
      if (FAILED(hr))
      {
         goto cleanup;
      }

    // You now have the PR_ACL_DATA in a SRowSet structure.

    cleanup:

      if (lpSession)
      {
         lpSession->Logoff(0, 0, 0);
         ULRELEASE(lpSession);
      }
      MAPIUninitialize();
      return 0;
    } 

Additional query words:

Keywords : kbMsg kbEDK500 kbEDK550
Version : WINDOWS:5.0,5.5
Platform : WINDOWS
Issue type : kbhowto


Last Reviewed: November 8, 1999
© 2000 Microsoft Corporation. All rights reserved. Terms of Use.