views:

780

answers:

1

How can i list the rights that have been assigned to a domain users mailbox?

e.g. The accounts that are specified in the "Mailbox Rights" section of the "Exchanged Advanced" tab of AD Users & Computers?

A: 

Yo, this is pretty gross stuff. Since there are no .NET wrappers (last time I checked, which was back in 1.1 daze), you'll need to do COM interop with CDOEXM.

Here's some pseudocode that I hope will give you a head-start my brutha:

DirectoryEntry userDirectoryEntry; // you need to new this up
IExchangeMailbox exchangeMailbox = (IExchangeMailbox)userDirectoryEntry.NativeObject;
IADsSecurityDescriptor securityDescriptor = (IADsSecurityDescriptor) exchangeMailbox.MailboxRights;   
IADsAccessControlList acl = (IADsAccessControlList) securityDescriptor.DiscretionaryAcl;
// Iterate thru each ACE in the ACL
foreach ( IADsAccessControlEntry ace in acl)
{
     // in here, you'll have access to each "ace"
}
barneytron
Just what I was looking for.Thanks