ExchangeServices.GetDelegates 的结果在通过 ECP 添加委托到邮箱时未反映更改
Result of ExchangeServices.GetDelegates not reflecting change when adding delegate to mailbox via ECP
注意: Exchange 2013 On-Premise 和 Exchange Online (Office 365) 都观察到此行为。
我正在尝试获取特定邮箱的代理人列表。如果使用 ExchangeServices.AddDelegates and ExchangeServices.RemoveDelegates - the DelegateInformation 对象添加或删除了这些代表,这将非常有效,我得到的对象包含作为代表添加的预期邮箱列表。
using Microsoft.Exchange.WebServices.Data;
using System;
namespace QueryDelegateAccess
{
class Program
{
static void Main(string[] args)
{
try
{
ExchangeService service = InitializeService();
string emailAddressToImpersonate = "MailboxWithDelegates@example.com";
service.ImpersonatedUserId = new ImpersonatedUserId(ConnectingIdType.SmtpAddress, emailAddressToImpersonate);
Mailbox mailbox = new Mailbox(emailAddressToImpersonate);
Console.WriteLine($"Mailboxes which have delegate access to '{emailAddressToImpersonate}':");
// Every time I add or remove a delegate via ExchangeServices.AddDelegates or ExchangeServices.RemoveDelegates,
// the change is reflected in the console output.
while (true)
{
DelegateInformation di = service.GetDelegates(mailbox, true);
foreach (DelegateUserResponse delegateMailbox in di.DelegateUserResponses)
{
if (delegateMailbox.Result != ServiceResult.Error)
{
Console.WriteLine(delegateMailbox.DelegateUser.UserId.DisplayName);
}
}
Console.WriteLine();
System.Threading.Thread.Sleep(2000);
}
}
catch (Exception e)
{
Console.Error.WriteLine("An error has occurred: " + e);
}
finally
{
Console.WriteLine("Press any key to terminate the program.");
Console.ReadKey();
}
}
private static ExchangeService InitializeService()
{
ExchangeService service = new ExchangeService(ExchangeVersion.Exchange2007_SP1);
service.Credentials = new WebCredentials("MailboxWithImpersonationRole@example.com", "password");
service.Url = new Uri("https://outlook.office365.com/EWS/Exchange.asmx"); // or retrieve Url via AutoDiscover if Exchange On-Premise
return service;
}
}
}
但是,如果代理是通过 Exchange 控制面板(Exchange 管理员向邮箱添加代理的常用方法)添加的,方法是转到邮箱权限并在 "Send on behalf" 中添加代理部分,我得到的 DelegateInformation 对象不包含这个委托。仅当添加了代理人的邮箱所属的人启动 Outlook 并且通过 文件 > 帐户设置 > 代理访问.[=18 opens/closes 任何代理条目时才会更新列表=]
Screenshot of Outlook option
这种行为让我感到困惑,并让我认为我还缺少一个额外的 "flushing" 步骤。我需要做什么才能可靠地检索通过 ECP 添加的委托?
However, if the delegate has been added via the Exchange Control Panel (a common way for Exchange Admins to add a delegate to a mailbox) by going to the mailbox permissions and adding a delegate in the "Send on behalf" section, the DelegateInformation object I get does not contain this delegate.
Outlook Delegates 和您在 ECP 中所做的是两件不同的事情,例如,您在 ECP 中所做的只是授予另一个用户代表发送的权限。 Outlook 委托同时还包括该权限具有邮箱文件夹权限和潜在的日历转发规则。它是一个客户端驱动的进程,将配置信息存储在邮箱本身中,并且只能通过邮箱 API Create/deleted,而 ECP 任务只是修改基础 AD 权限 属性。
注意: Exchange 2013 On-Premise 和 Exchange Online (Office 365) 都观察到此行为。
我正在尝试获取特定邮箱的代理人列表。如果使用 ExchangeServices.AddDelegates and ExchangeServices.RemoveDelegates - the DelegateInformation 对象添加或删除了这些代表,这将非常有效,我得到的对象包含作为代表添加的预期邮箱列表。
using Microsoft.Exchange.WebServices.Data;
using System;
namespace QueryDelegateAccess
{
class Program
{
static void Main(string[] args)
{
try
{
ExchangeService service = InitializeService();
string emailAddressToImpersonate = "MailboxWithDelegates@example.com";
service.ImpersonatedUserId = new ImpersonatedUserId(ConnectingIdType.SmtpAddress, emailAddressToImpersonate);
Mailbox mailbox = new Mailbox(emailAddressToImpersonate);
Console.WriteLine($"Mailboxes which have delegate access to '{emailAddressToImpersonate}':");
// Every time I add or remove a delegate via ExchangeServices.AddDelegates or ExchangeServices.RemoveDelegates,
// the change is reflected in the console output.
while (true)
{
DelegateInformation di = service.GetDelegates(mailbox, true);
foreach (DelegateUserResponse delegateMailbox in di.DelegateUserResponses)
{
if (delegateMailbox.Result != ServiceResult.Error)
{
Console.WriteLine(delegateMailbox.DelegateUser.UserId.DisplayName);
}
}
Console.WriteLine();
System.Threading.Thread.Sleep(2000);
}
}
catch (Exception e)
{
Console.Error.WriteLine("An error has occurred: " + e);
}
finally
{
Console.WriteLine("Press any key to terminate the program.");
Console.ReadKey();
}
}
private static ExchangeService InitializeService()
{
ExchangeService service = new ExchangeService(ExchangeVersion.Exchange2007_SP1);
service.Credentials = new WebCredentials("MailboxWithImpersonationRole@example.com", "password");
service.Url = new Uri("https://outlook.office365.com/EWS/Exchange.asmx"); // or retrieve Url via AutoDiscover if Exchange On-Premise
return service;
}
}
}
但是,如果代理是通过 Exchange 控制面板(Exchange 管理员向邮箱添加代理的常用方法)添加的,方法是转到邮箱权限并在 "Send on behalf" 中添加代理部分,我得到的 DelegateInformation 对象不包含这个委托。仅当添加了代理人的邮箱所属的人启动 Outlook 并且通过 文件 > 帐户设置 > 代理访问.[=18 opens/closes 任何代理条目时才会更新列表=]
Screenshot of Outlook option
这种行为让我感到困惑,并让我认为我还缺少一个额外的 "flushing" 步骤。我需要做什么才能可靠地检索通过 ECP 添加的委托?
However, if the delegate has been added via the Exchange Control Panel (a common way for Exchange Admins to add a delegate to a mailbox) by going to the mailbox permissions and adding a delegate in the "Send on behalf" section, the DelegateInformation object I get does not contain this delegate.
Outlook Delegates 和您在 ECP 中所做的是两件不同的事情,例如,您在 ECP 中所做的只是授予另一个用户代表发送的权限。 Outlook 委托同时还包括该权限具有邮箱文件夹权限和潜在的日历转发规则。它是一个客户端驱动的进程,将配置信息存储在邮箱本身中,并且只能通过邮箱 API Create/deleted,而 ECP 任务只是修改基础 AD 权限 属性。