Skip to main content

Mail Enabling a Public folder with the EWS Managed API and finding and changing the primary email address without using Exchange cmdlets

If your working with Public Folders in the EWS Managed API then you may want to mailenable a new or existing Public Folder without using EMS cmdlets. I described a method that you can use to mail enable Public folders using EWS a while ago here and this same method will work with a little bit of different code. Like the previous post you need to set the following 2 properties to mail enabled a folder.

PR_PUBLISH_IN_ADDRESS_BOOK = 0x3FE6000B
PR_PF_PROXY_REQUIRED = 0x671F000B

So if you want to mailenable an existing folder that you have the path for say its "firstlevel/secondlevel/newfolder" you will first need to have some code that will find the folder based on the path by doing a search. Then once you have the folder ID you can Bind to the folder and set those Mapi properties. Using a UpdateFolder operation was one of the harder operations in normal EWS proxy code but its now so much easier to do in the EWS Managed API.

Once you have set these properties a backgroup process will create the AD Proxy object for this public folder which will contain all the email address's assigned to this and any other folder specific setting such a limits etc. If you want to connect to this proxy object and change things like limits and email address you can use LDAP directly without using the EMS cmdlets. A little word or warning if you are going to be setting email addresses directly you should make sure you implement code that ensures you dont create duplicate email addresses. To find the ADProxy object you can get the AD GUID of the proxy object by retrieving the following property via EWS and then use this GUID value to access the AD object.

PR_PF_PROXY = 0x671D

This is a binary property which will be returned base64 encoded so you first need to decode this and the convert it to hex to use in a System.DirectoryServices.

So the code to MailEnable a folder using the EWS Managed API looks like

String fpfolderPath = "";
ExtendedPropertyDefinition PR_PF_PROXY = new ExtendedPropertyDefinition(0x671D, MapiPropertyType.Binary);
PropertySet PsPropertySet = new PropertySet(PR_PF_PROXY);
PsPropertySet.BasePropertySet = BasePropertySet.FirstClassProperties;
Folder PfRoot = Folder.Bind(service, WellKnownFolderName.PublicFoldersRoot,PsPropertySet);
String[] faFldArray = fpfolderPath.Split('/');
Folder tfTargetFolder = PfRoot;
for (int lint = 1; lint < fview =" new" searchfilter =" new" propertyset =" PsPropertySet;" ffresult =" service.FindFolders(tfTargetFolder.Id," totalcount ="=" tftargetfolder =" ffResult.Folders[0];" pr_publish_in_address_book =" new" pr_pf_proxy_required =" new">


To access the AD proxy object using the FolderID from the prevous piece of code

ExtendedPropertyDefinition PR_PF_PROXY = new ExtendedPropertyDefinition(0x671D, MapiPropertyType.Binary);
PropertySet PsPropertySet = new PropertySet(PR_PF_PROXY);
Folder meMailEnabledFolder = Folder.Bind(service, tfTargetFolder.Id, PsPropertySet);
String pfProxy = "";
tfTargetFolder.Update();
byte[] pfPro = Convert.FromBase64String(meMailEnabledFolder.ExtendedProperties[0].Value.ToString());
pfProxy = BitConverter.ToString(pfPro);
DirectoryEntry deDirEnt = new DirectoryEntry(("LDAP://<GUID=" + pfProxy.Replace("-", "") + ">"));
PropertyValueCollection proxyAddresses = deDirEnt.Properties["proxyAddresses"];
if (proxyAddresses != null)
{
for (int ipar = 0; ipar < proxyAddresses.Count; ipar++)
{
Console.WriteLine(proxyAddresses[ipar].ToString());
if (proxyAddresses[ipar].ToString().Contains("SMTP:"))
{
proxyAddresses[ipar] = "SMTP:address@domain.com.au";
}
}
}
deDirEnt.CommitChanges();

I've put a download of this code here
Labels:

Popular posts from this blog

Testing and Sending email via SMTP using Opportunistic TLS and oAuth in Office365 with PowerShell

As well as EWS and Remote PowerShell (RPS) other mail protocols POP3, IMAP and SMTP have had OAuth authentication enabled in Exchange Online (Official announcement here ). A while ago I created  this script that used Opportunistic TLS to perform a Telnet style test against a SMTP server using SMTP AUTH. Now that oAuth authentication has been enabled in office365 I've updated this script to be able to use oAuth instead of SMTP Auth to test against Office365. I've also included a function to actually send a Message. Token Acquisition  To Send a Mail using oAuth you first need to get an Access token from Azure AD there are plenty of ways of doing this in PowerShell. You could use a library like MSAL or ADAL (just google your favoured method) or use a library less approach which I've included with this script . Whatever way you do this you need to make sure that your application registration  https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-register-
Read more

The MailboxConcurrency limit and using Batching in the Microsoft Graph API

If your getting an error such as Application is over its MailboxConcurrency limit while using the Microsoft Graph API this post may help you understand why. Background   The Mailbox  concurrency limit when your using the Graph API is 4 as per https://docs.microsoft.com/en-us/graph/throttling#outlook-service-limits . This is evaluated for each app ID and mailbox combination so this means you can have different apps running under the same credentials and the poor behavior of one won't cause the other to be throttled. If you compared that to EWS you could have up to 27 concurrent connections but they are shared across all apps on a first come first served basis. Batching Batching in the Graph API is a way of combining multiple requests into a single HTTP request. Batching in the Exchange Mail API's EWS and MAPI has been around for a long time and its common, for email Apps to process large numbers of smaller items for a variety of reasons.  Batching in the Graph is limited to a m
Read more

How to test SMTP using Opportunistic TLS with Powershell and grab the public certificate a SMTP server is using

Most email services these day employ Opportunistic TLS when trying to send Messages which means that wherever possible the Messages will be encrypted rather then the plain text legacy of SMTP.  This method was defined in RFC 3207 "SMTP Service Extension for Secure SMTP over Transport Layer Security" and  there's a quite a good explanation of Opportunistic TLS on Wikipedia  https://en.wikipedia.org/wiki/Opportunistic_TLS .  This is used for both Server to Server (eg MTA to MTA) and Client to server (Eg a Message client like Outlook which acts as a MSA) the later being generally Authenticated. Basically it allows you to have a normal plain text SMTP conversation that is then upgraded to TLS using the STARTTLS verb. Not all servers will support this verb so if its not supported then a message is just sent as Plain text. TLS relies on PKI certificates and the administrative issue s that come around certificate management like expired certificates which is why I wrote th
Read more
All sample scripts and source code is provided by for illustrative purposes only. All examples are untested in different environments and therefore, I cannot guarantee or imply reliability, serviceability, or function of these programs.

All code contained herein is provided to you "AS IS" without any warranties of any kind. The implied warranties of non-infringement, merchantability and fitness for a particular purpose are expressly disclaimed.