Skip to main content

Scripting Contact folder Distribution List though OWA

Contact folder distribution lists presents some what of a challenge when it comes to scripting and programmatic access. The members in these lists are held in a couple of binary MAPI properties and there are no direct interfaces to modify these lists using CDOEX. Modifing the properties directly using Exoledb or WebDAV is possible in some cases just not very easy or flexible. Fortunately OWA does provide a method to create and modify these contact distribution lists which can easily be used in a automation script.

Creating a DL,

This is the one thing that you can do easily using CDOEX,ADO or WEBDAV but one extra thing you can do with OWA is create a DL and add a member to it at the same time. The one restriction I found for this is you can only add one member at a time per request. The following script creates a new DL in a public folder using the save cmd. You need to put the name of your new DL in http://schemas.microsoft.com/mapi/dlname=NewDlName

Set ObjxmlHttp = CreateObject("MSXML2.ServerXMLHTTP")
xmlstr = ""
xmlstr = xmlstr & "Cmd=save" & vbLf
xmlstr = xmlstr & "msgclass=IPM.DistList" & vbLf
xmlstr = xmlstr & "http://schemas.microsoft.com/mapi/dlname=NewDlName"
ObjxmlHttp.Open "POST", "http://server/public/test2/", false, "domain\user", "pass"
ObjxmlHttp.setRequestHeader "Accept-Language", "en-us"
ObjxmlHttp.setRequestHeader "Content-type", "application/x-www-UTF8-encoded"
ObjxmlHttp.setRequestHeader "Content-Length", Len(xmlstr)
ObjxmlHttp.Send xmlstr

I used MSXML2.ServerXMLHTTP because of the responses OWA gives back it gets a little bit messy and it best just to ignore the responses.

Adding members to a DLL

To add a member to a existing DL you first need to know what the URL of DL is (be careful its usually more then just the displayname you can use something like exchange explorer to look at the dav:href of the object if your not sure). Then what you do is post to the DL name submitting some commands in the body of the post

Set ObjxmlHttp = CreateObject("MSXML2.ServerXMLHTTP")
xmlstr = ""
xmlstr = xmlstr & "Cmd=addmember" & vbLf
xmlstr = xmlstr & "msgclass=IPM.DistList" & vbLf
xmlstr = xmlstr & "member=user@domain.com" & vbLf
ObjxmlHttp.Open "POST", "http://server/public/test2/Dlname.eml", false, "domain\user", "pass"
ObjxmlHttp.setRequestHeader "Accept-Language", "en-us"
ObjxmlHttp.setRequestHeader "Content-type", "application/x-www-UTF8-encoded"
ObjxmlHttp.setRequestHeader "Content-Length", Len(xmlstr)
ObjxmlHttp.Send xmlstr


Viewing the contents of a Distribution list

Viewing the members of a DL can be useful for a number of different purposes and its pretty easy all you need to do is issue the Cmd=viewmembers. What you get back is some XML with the email and memberid of each member in the DL. The MemberID comes in handy if you need to delete a member from the DL . Here's a script that demos this

Set ObjxmlHttp = CreateObject("Microsoft.XMLHTTP")
ObjxmlHttp.Open "GET","http://server/public/test2/dlname.EML?Cmd=viewmembers", False, "domain\user", "pass"
ObjxmlHttp.Send
set oResponseDoc = ObjxmlHttp.responseXML
set oNodeList = oResponseDoc.getElementsByTagName("memberid")
set oNodeList1 = oResponseDoc.getElementsByTagName("email")
For i = 0 To (oNodeList.length -1)
set oNode = oNodeList.nextNode
set oNode1 = oNodeList1.nextNode
wscript.echo oNode.text & " " & oNode1.text
next


Deleteing a member from a DL

To delete a member from a DL you first need to know what the memberid of the member you want to delete is. So you need to combine a Cmd=viewmembers query with a delete function. The code below does a loop though all the members of the DL until it matches a email address its supplied and then calls the delete function.

usertodel = "user@domain.com"
Set ObjxmlHttp = CreateObject("Microsoft.XMLHTTP")
ObjxmlHttp.Open "GET","http://server/public/test2/dlname.EML?Cmd=viewmembers", False, "domain\user", "pass"
ObjxmlHttp.Send
set oResponseDoc = ObjxmlHttp.responseXML
set oNodeList = oResponseDoc.getElementsByTagName("memberid")
set oNodeList1 = oResponseDoc.getElementsByTagName("email")
For i = 0 To (oNodeList.length -1)
set oNode = oNodeList.nextNode
set oNode1 = oNodeList1.nextNode
if oNode1.text = usertodel then
delmember(oNode.text)
wscript.echo "Member Deleted " & oNode1.text
end if
next

function delmember(utodel)
Set ObjxmlHttp = CreateObject("MSXML2.ServerXMLHTTP")
xmlstr = ""
xmlstr = xmlstr & "Cmd=deletemember" & vbLf
xmlstr = xmlstr & "msgclass=IPM.DistList" & vbLf
xmlstr = xmlstr & "memberid=" & utodel
ObjxmlHttp.Open "POST", "http://server/public/test2/dlname.EML", false, "domain\user", "pass"
ObjxmlHttp.setRequestHeader "Accept-Language", "en-us"
ObjxmlHttp.setRequestHeader "Content-type", "application/x-www-UTF8-encoded"
ObjxmlHttp.setRequestHeader "Content-Length", Len(xmlstr)
ObjxmlHttp.Send xmlstr
end function


Some things you need to be careful off, I found you always need to specify the authentication as pass though didn't seem to work. I've put copies off all the scripts from this post here. http://msgdev.mvps.org/exdevblog/contactdl.zip

Popular posts from this blog

Testing and Sending email via SMTP using Opportunistic TLS and oAuth in Office365 with PowerShell

As well as EWS and Remote PowerShell (RPS) other mail protocols POP3, IMAP and SMTP have had OAuth authentication enabled in Exchange Online (Official announcement here ). A while ago I created  this script that used Opportunistic TLS to perform a Telnet style test against a SMTP server using SMTP AUTH. Now that oAuth authentication has been enabled in office365 I've updated this script to be able to use oAuth instead of SMTP Auth to test against Office365. I've also included a function to actually send a Message. Token Acquisition  To Send a Mail using oAuth you first need to get an Access token from Azure AD there are plenty of ways of doing this in PowerShell. You could use a library like MSAL or ADAL (just google your favoured method) or use a library less approach which I've included with this script . Whatever way you do this you need to make sure that your application registration  https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-register-

How to access and restore deleted Items (Recoverable Items) in the Exchange Online Mailbox dumpster with the Microsoft Graph API and PowerShell

As the information on how to do this would cover multiple posts, I've bound this into a series of mini post docs in my GitHub Repo to try and make this subject a little easier to understand and hopefully navigate for most people.   The Binder index is  https://gscales.github.io/Graph-Powershell-101-Binder/   The topics covered are How you can access the Recoverable Items Folders (and get the size of these folders)  How you can access and search for items in the Deletions and Purges Folders and also how you can Export an item to an Eml from that folder How you can Restore a Deleted Item back to the folder it was deleted from (using the Last Active Parent FolderId) and the sample script is located  https://github.com/gscales/Powershell-Scripts/blob/master/Graph101/Dumpster.ps1

Using the MSAL (Microsoft Authentication Library) in EWS with Office365

Last July Microsoft announced here they would be disabling basic authentication in EWS on October 13 2020 which is now a little over a year away. Given the amount of time that has passed since the announcement any line of business applications or third party applications that you use that had been using Basic authentication should have been modified or upgraded to support using oAuth. If this isn't the case the time to take action is now. When you need to migrate a .NET app or script you have using EWS and basic Authentication you have two Authentication libraries you can choose from ADAL - Azure AD Authentication Library (uses the v1 Azure AD Endpoint) MSAL - Microsoft Authentication Library (uses the v2 Microsoft Identity Platform Endpoint) the most common library you will come across in use is the ADAL libraries because its been around the longest, has good support across a number of languages and allows complex authentications scenarios with support for SAML etc. The
All sample scripts and source code is provided by for illustrative purposes only. All examples are untested in different environments and therefore, I cannot guarantee or imply reliability, serviceability, or function of these programs.

All code contained herein is provided to you "AS IS" without any warranties of any kind. The implied warranties of non-infringement, merchantability and fitness for a particular purpose are expressly disclaimed.