Friday, January 18, 2008

Making use of Autodiscovery in VBS and Powershell Scripts

Auto discovery is one of the new features that are trying to alleviate some of the pain of configuring and maintaining Outlook client setting. Once you have managed to overcome the SSL configuration peculiarities you have a nifty little service that you can authenticate against, supply it with your email address and it will inform you about everything you need to know about connecting to exchange using Outlook, OWA, EWS and or any of the other new services Exchange 2007 provides. If you’re a scripter the information the auto discovery service provides can be retrieved via Active Directory but it not that easy and certain not as convenient as doing with one request.

The scripts I’ll talk about in this post are designed to be run from workstation where the Exchange Management Tools aren’t install so they won’t be using any of the Exchange Management Shell cmdlets.

The first thing you need to do if you want to use Auto discovery is query Active Directory for the Service Connection Point. This will give you the URL which you can send your AutoDiscovery Query (okay there is another option which is using The SCP for Autodiscovery is located under the server/procotol nodes in the Active directory configuration partition. So to start with you need to use an ADSI query with the following filter (&(objectClass=serviceConnectionPoint) (|(keywords=67661d7F-8FC4-4fa7-BFAC-E1D7794C1F68) (keywords=77378F46-2C66-4aa9-A6A6-3E7A48B19596))). This will return one or more SCP you can then use to make a auto discovery request. If you want to find the closest SCP to the machine that is making the query you can use the Keywords attribute on the ServiceConnectionPoint to return the site name. You could also use a IP table with some metrics to work this out. Once you have the URL for auto discovery you can then send a XML request to the autodiscover service. Of course you will to also authenticate for this to work in a script you can do this in one of two way by hardcoding a username and password into the script file or by using the logged on user credentials the script from the post both make use of the Logged on user credentials.

Thats pretty much it for more information on Auto discovery I would recommend having a read of this if you want to write something in C# that uses autodiscover then check out the Auto discover sample in the Exchange SDK.

I’ve put a download of the scripts here the vbs sample looks like

ScpUrlGuidString = "77378F46-2C66-4aa9-A6A6-3E7A48B19596"
ScpPtrGuidString = "67661d7F-8FC4-4fa7-BFAC-E1D7794C1F68"

set conn = createobject("ADODB.Connection")
set com = createobject("ADODB.Command")
Set iAdRootDSE = GetObject("LDAP://RootDSE")
strNameingContext = iAdRootDSE.Get("configurationNamingContext")
Conn.Provider = "ADsDSOObject"
Conn.Open "ADs Provider"
svcQuery = "<LDAP://CN=Microsoft Exchange,CN=Services," & strNameingContext &
">;(&(objectClass=serviceConnectionPoint)" _
& "(|(keywords=" & ScpPtrGuidString & ")(keywords=" & ScpUrlGuidString & ")));cn,name,serviceBindingInformation,legacyExchangeDN;subtree"
Com.ActiveConnection = Conn
Com.CommandText = svcQuery
Set Rs = Com.Execute
while not rs.eof
wscript.echo rs.fields("cn")
call queryautodiscovery(wscript.arguments(0),rs.fields("serviceBindingInformation").Value)

sub queryautodiscovery(emailaddress,casAddress)
wscript.echo "Using AutoDisover Address : " & casAddress(0)
autodiscoResponse = "<Autodiscover xmlns="""">"
& " <Request>" _
& " <EMailAddress>" + emailaddress + "</EMailAddress>" _
& " <AcceptableResponseSchema></AcceptableResponseSchema>"
& " </Request>" _
& "</Autodiscover>"
set req = createobject("MSXML2.ServerXMLHTTP.6.0")
req.Open "Post",casAddress(0) ,False
req.SetOption 2, 13056
req.setRequestHeader "Content-Type", "text/xml"
req.setRequestHeader "Content-Length", len(autodiscoResponse)
req.send autodiscoResponse
wscript.echo req.responsetext
end sub


Anonymous said...

I get this error when running the script:

The certificate authority is invalid or incorrect


Anonymous said...

I installed another version of XML and I added code:

req.Open "Post",casAddress(0) ,False,"domain\user", "password"

This passes username and password and now I get this error:

"The Virtual Directory does not allow objects to be executed"

This was returned in the responsetext


Glen said...

VBS is a little hit and miss depending on your configuration what you can try is making the following mods

set req = createobject("microsoft.xmlhttp")
req.Open "Post",casAddress(0) ,False,"domain\user", "password"
'req.SetOption 2, 13056

As long as you trust the certificate thats being use this should work okay