antwhitehead
asked on
How to Set and remove send on behalf rights for Exchange 2003 programatically
Active Directory and Exchange 2003 on Windows.
I am trying to set the "Send on behalf" permission programatically, but I'm missing what I need to set
for exchange permissions. Just setting the publicDelegates is not enough, even if it looks that way
from the GUI side of things.
Does anyone have an example for setting and removing this right from vbscript or .net?
I am trying to set the "Send on behalf" permission programatically, but I'm missing what I need to set
for exchange permissions. Just setting the publicDelegates is not enough, even if it looks that way
from the GUI side of things.
Does anyone have an example for setting and removing this right from vbscript or .net?
There is an ongoing question on this at https://www.experts-exchange.com/questions/21834765/VBscript-set-right-for-'send-on-behalf'.html
ASKER
That thread has been inactive since mid 2006 and does not even mention the non-publicDelegates portion
of the problem. I read that thread and several others before posting the question.
of the problem. I read that thread and several others before posting the question.
i will ask a VBS guru to comment on this, he is in the UK so might not be here for a bit
J
J
Hey guys,
I'll certainly have a look. It's unlikely to be today though, I've some work to do for a change.
Chris
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi Chris,
Thanks for your comment, I'm getting the permission error as you suggested. But all the
GUI dialogs look correct. My code looks pretty much exactly the same as yours but done
by another LDAP API.
Do you think that the VBScript you have used is doing something in the background
other than just adding the correct LDAP attribute to the target DN?
Another wild speculation, is it possible that some global policy is set that is denying
users to do "Send on Behalf" whatever I set in AD?
Again, thanks for your help so far.
/Ant
Thanks for your comment, I'm getting the permission error as you suggested. But all the
GUI dialogs look correct. My code looks pretty much exactly the same as yours but done
by another LDAP API.
Do you think that the VBScript you have used is doing something in the background
other than just adding the correct LDAP attribute to the target DN?
Another wild speculation, is it possible that some global policy is set that is denying
users to do "Send on Behalf" whatever I set in AD?
Again, thanks for your help so far.
/Ant
Which API are you using? The above uses MS ADSI.
It would perhaps be worth trying the above on your environment (just VbScript) to see if that works. I'm not aware of it performing any actions other than those listed above, but I couldn't rule it out entirely as I don't really dig into the nuts and bolts of how ADSI actually works (only that it does).
I'm not aware of any policies that would deny Send on Behalf globally, overriding local settings. I'll have a dig around though and see if anything turns up.
Chris
ASKER
This worked correctly from the start, unfortunatly the error was a miscommunication of what wasn't working from my testers side. They expected to be able to open the mailbox before doing the "Send on Behalf", just setting the publicDelegates does not grant any other permissions, they did not understand that point.