Skip to main content

Posts

Showing posts from 2016

Using the Birthday calendar in EWS in Exchange 2016 and Office365

One of the new features that has been added in Exchange 2016 and Office365 in OWA is a birthday calendar which is a dedicated calendar for the Birthday appointments that are associated with contacts. eg Like many of the special folders in a Mailbox the folder name for this is localized so if your mailbox is set to use a different language this folder name should appear in your localized language. Unlike most of the special folders in Exchange there is no WellKnownFolder enumeration for the birthday calendar so if you want to open this folder you either need to search for it by name (as long as you know the localization of the Mailbox) or you can use the following extended property that should exist on the root mailbox folder. So in EWS you can do something like the following to access the HexEntryId value from this extended property which you can then convert to a EWSId using the ConvertId operation and then you will be able to bind to the folder using that ID. eg f

Using EWS to upload / set user photos in Exchange Online and 2016

Between Exchange 2013 and 2016 there where few new operations introduced into EWS, one operation that was introduced was the SetUserPhoto operation which pairs with the GetUserPhoto operation that was introduced in Exchange 2013. What this operation does is allows you to set/upload a high resolution photo for a user to be used in Exchange and Skype for Business in Exchange Online or Exchange 2016. A little bit more about the high ressolution user photo is that when you set this it uploads this as an item in the Non_IPM_Root of the Mailbox (so it is not visible to the user) with a message class of IPM.UserPhoto if you where to look at a Mailbox with a Mapi Editor you can see the object that this creates. eg If you look at the UserPhoto Object itself you can see the different size formats are stored ready to access in a number of different Binary Mapi properties eg So what the SetUserPhoto operation does is handles creating this object and all the different photo formats th

EWS Basics Accessing and using Shared mailboxes

One of the most commonly asked and misunderstood things that people starting out using Exchange Web Services get wrong is accessing a Shared Mailbox or a Delegated Mailbox other then that of security principal (another way of saying credentials) you are authenticating with. Autodiscover One of the first confusion points is with Autodiscover, for people who aren't that familiar with Exchange its important to understand that all Autodisover does is gives you the endpoint to connect to for Exchange Web Services. Some people confuse using the following line $service.AutodiscoverUrl("Mailbox@domain.com",{$true}) To mean all future EWS requests will go the mailbox you use here which isn't the case all this will do is return the most optimized endpoint for EWS request for that particular user. Authentication By default nobody has access to a Mailbox other then the owner of that mailbox, a common problem that people have is to believe they can use the admin accoun

Search for Credit Card numbers in Address Book\Contact data using EWS

Information security and data breaches are a hot topic at the moment, there seems to be a constant stream of data breaches and vulnerabilities in different products being exploited on a daily basis. One topic that was brought up in the last few weeks has been Address Book data https://www.wired.com/2016/09/people-please-dont-store-private-data-address-book/  . Address books can be the proverbial open window on the house with bars on door and maybe not something that is commonly thought about.  If you want to detect if people are using Address book to store confidential information it can be a challenge because this data isn't searchable via a conventional eDiscovery type search. But this is where a scripted enumeration and filtering approach can do the job. I posted a Contacts Powershell module that consolidated a lot of EWS contacts function into one script last year so for this post I've extended this to include a Search that will enumerate all the contacts in a Mailbox&#

How to Like\Unlike an Item using EWS in Exchange Online

Likes and Mentions are a new feature in Exchange Online (in OWA) that was introduced late last year in First Release for Office365. With the focused Inbox now being rolled out to replace clutter these are some of the new social user curation type features that could change the user experience (hopefully for the better) in the coming years. While none of these features are new to those people using other Social platforms like facebook, twitter etc they do offer a world of new possibilities to those that have a little imagination. In this post I'm going to look at how you can Like an item using Exchange Web Services eg Currently there is no real documentation on the use of Likes in any API or how they are delivered in Exchange Online so care should be taken as this may mean the feature is subject to change in any of the future service updates. Versioning your Requests To use likes fully you need to make sure you version your EWS requests (which involves setting the ServerRe

Sending a Message in Exchange Online via REST from an Arduino MKR1000

This is part 2 of my MKR1000 article, in this previous post  I looked at sending a Message via EWS using Basic Authentication.  In this Post I'll look at using the new Outlook REST API  which requires using OAuth authentication to get an Access Token. The prerequisites for this sketch are the same as in the other post with the addition of the ArduinoJson library  https://github.com/bblanchon/ArduinoJson  which is used to parse the Authentication Results to extract the Access Token. Also the SSL certificates for the login.windows.net  and outlook.office365.com need to be uploaded to the devices using the wifi101 Firmware updater. To use Token Authentication you need to register an Application in Azure https://msdn.microsoft.com/en-us/office/office365/howto/add-common-consent-manually  with the Mail.Send permission. The application should be a Native Client app that use the Out of Band Callback urn:ietf:wg:oauth:2.0:oob. You need to authorize it in you tenant (eg build a small ap
All sample scripts and source code is provided by for illustrative purposes only. All examples are untested in different environments and therefore, I cannot guarantee or imply reliability, serviceability, or function of these programs.

All code contained herein is provided to you "AS IS" without any warranties of any kind. The implied warranties of non-infringement, merchantability and fitness for a particular purpose are expressly disclaimed.