Page 1 of 2 12>
Topic Options
#75673 - 2003-07-07 04:18 PM Creating mailbox in Exchange 5.5
Raceeend Offline
Starting to like KiXtart

Registered: 2002-05-09
Posts: 129
Loc: The Netherlands
Hello,

I'm playing around with an example i found in the ADSI sdk doc. (ADSI Exchange programmer's guide --> Advanced Shema Concepts --> Visual basic usage examples --> Creating a Mailbox with IADsSecurityDescriptor and IADsSID in the ADSI Resource Kit)

The NT user creation part goes ok but the mailbox part not. The following piece of code have i created for making a mailbox.

code:
;--- MailBox Parameters ---
$strDisplayName = "John Smith"
$strFirstName = "John"
$strLastName = "Smith"
$strAlias = $userName
;$strMTA = "cn=Microsoft MTA,cn=$server,cn=Servers,cn=Configuration,ou=$Site,o=$Org"
$strSMTPAddr = "jan.smith@@gispen.nl"

;---------------------------------------------------------------
; Build Recipient container's adsPath:
; LDAP://myserver/CN=Recipients, OU=Site, O=Org
;---------------------------------------------------------------
$ADsPath = "LDAP://MyServer/cn=Recipients,ou=Site,o=Organisation"
$objCont = $GetObject($ADsPath)
? @SERROR

;---Create a new MailBox---
$mailBox = $objCont.Create($strAlias)
? @SERROR
$mailBox.mailPreferenceOption = "0"
? @SERROR
$mailBox.givenName = $strFirstName
? @SERROR
$mailBox.sn = $strLastName
? @SERROR
$mailBox.cn = $strDisplayName
? @SERROR
$mailBox.uid = $strAlias
? @SERROR
;$mailBox.Home-MTA = $strMTA
? @SERROR
;$mailBox.Put "Home-MDB", strMDB
$mailBox.mail = $strSMTPAddr
? @SERROR
;$mailBox.Put "MAPI-Recipient", True
$mailBox.rfc822Mailbox = $strSMTPAddr
? @SERROR

;--------------------------------------------------------
; Associating to a primary account
; (Requires the ADSI tool kit - REGSVR32 ADSSECURITY.DLL )
;--------------------------------------------------------
;sid.SetAs ADS_SID_WINNT_PATH, "WinNT://" & domain & "/" & strAlias & ",user"
;sidHex = sid.GetAs(ADS_SID_HEXSTRING)
;mailBox.Put "Assoc-NT-Account", sidHex

; Commit the property cache to the directory service
$mailBox.SetInfo
? @SERROR
$mailbox = ""

During the $mailbox.xxx = $Variable section i get all kind of Invalid Handle error.

code:
The operation completed successfully.LDAP://MyServer/cn=Recipients,ou=Site,o=Organisation
The operation completed successfully.smithj
The handle is invalid.0
The handle is invalid.John
The handle is invalid.Smith
The handle is invalid.John Smith
The handle is invalid.smithj
The handle is invalid.
The handle is invalid.jan.smith@gispen.nl
The handle is invalid.jan.smith@gispen.nl
The handle is invalid.
The handle is invalid.

Anyone an idea what i'm doing wrong?

The account i use to create the user has all rights in Exchange from top to bottom

@Kix = 4.12
OS = NT 4
_________________________
regards, Martijn

Top
#75674 - 2003-07-07 04:31 PM Re: Creating mailbox in Exchange 5.5
Sealeopard Offline
KiX Master
*****

Registered: 2001-04-25
Posts: 11164
Loc: Boston, MA, USA
Some of your variables do not have a preceeding '4' sign. Secondly, comment out all lines, then start enabling each line to see where exactly the error occurs.
_________________________
There are two types of vessels, submarines and targets.

Top
#75675 - 2003-07-07 04:36 PM Re: Creating mailbox in Exchange 5.5
Richard H. Administrator Offline
Administrator
*****

Registered: 2000-01-24
Posts: 4946
Loc: Leatherhead, Surrey, UK
Rather than:
quote:
$objCont = $GetObject($ADsPath)
Try:
quote:
$objCont = GetObject($ADsPath)
GetObject() is a function, not an object.

[ 07. July 2003, 16:37: Message edited by: Richard H. ]

Top
#75676 - 2003-07-07 08:24 PM Re: Creating mailbox in Exchange 5.5
Raceeend Offline
Starting to like KiXtart

Registered: 2002-05-09
Posts: 129
Loc: The Netherlands
Hi,

i'm making progress

code:
;---------------------------------------------------------------
; Build Recipient container's adsPath:
; LDAP://myserver/CN=Recipients, OU=Site, O=Org
;---------------------------------------------------------------
$ADsPath = "LDAP://10.40.18.2/cn=Recipients,ou=GISPEN,o=Gispen International BV"
$objCont = GetObject($ADsPath)
;---Create a new MailBox---
$mailBox = $objCont.Create("organizationalPerson", $strAlias)
$mailBox.Put("mailPreferenceOption",0)
$mailBox.Put("givenName", $strFirstName)
$mailBox.Put("sn", $strLastName)
$mailBox.Put("cn", $strDisplayName)
$mailBox.Put("uid", $strAlias)
$mailBox.Put("Home-MTA", $strMTA)
;$mailBox.Put "Home-MDB", strMDB
$mailBox.Put("mail", $strSMTPAddr)
$mailBox.Put("MAPI-Recipient", True)
$mailBox.Put("rfc822Mailbox", $strSMTPAddr)
;--------------------------------------------------------
; Associating to a primary account
; (Requires the ADSI tool kit - REGSVR32 ADSSECURITY.DLL )
;--------------------------------------------------------
$ADS_SID_WINNT_PATH = "5"
$ADS_SID_HEXSTRING = "1"
$sid.SetAs($ADS_SID_WINNT_PATH, "WinNT://GISPEN/$strAlias,user")
$sidHex = $sid.GetAs($ADS_SID_HEXSTRING)
$mailBox.Put("Assoc-NT-Account", $sidHex)

; Commit the property cache to the directory service
$mailBox.SetInfo
? @SERROR
$mailbox = ""

The above code is working until the "Associating to a primary account" part starts. I get an error in expression in : $sid.SetAs($ADS_SID_WINNT_PATH, "WinNT://GISPEN/$strAlias,user")
_________________________
regards, Martijn

Top
#75677 - 2003-07-07 08:33 PM Re: Creating mailbox in Exchange 5.5
Bryce Offline
KiX Supporter
*****

Registered: 2000-02-29
Posts: 3167
Loc: Houston TX
search the ADSI SDK for "ADS_SID_WINNT_PATH" this should be some type of value that the ADSI .SetAs() is looking for.

The VBS script already had this variable defined where your kix scirpt does not.

Top
#75678 - 2003-07-07 08:36 PM Re: Creating mailbox in Exchange 5.5
Bryce Offline
KiX Supporter
*****

Registered: 2000-02-29
Posts: 3167
Loc: Houston TX
ohh, i see you are setting the variable $ADS_SID_WINNT_PATH... but you are creating it as a string.

Have you tried creating it as a numeric number?

$ADS_SID_WINNT_PATH = 5

Also... you do have the ADSSECURITY.DLL registered?

Top
#75679 - 2003-07-08 04:06 PM Re: Creating mailbox in Exchange 5.5
Raceeend Offline
Starting to like KiXtart

Registered: 2002-05-09
Posts: 129
Loc: The Netherlands
I've tried both ways (string and numeric) but no result

still :
code:
Script error: expected expression!
$sid.SetAs($ADS_SID_WINNT_PATH, "WinNT://GISPEN/$strAlias,user")

And i can't find, not in the SDK or on msdn/technet what SetAs() wants.
_________________________
regards, Martijn

Top
#75680 - 2003-07-08 04:08 PM Re: Creating mailbox in Exchange 5.5
Lonkero Administrator Offline
KiX Master Guru
*****

Registered: 2001-06-05
Posts: 22346
Loc: OK
at first...
as far as I know, you can do nothing with ADSI if you are using exchange 5.5
_________________________
!

download KiXnet

Top
#75681 - 2003-07-08 04:17 PM Re: Creating mailbox in Exchange 5.5
Lonkero Administrator Offline
KiX Master Guru
*****

Registered: 2001-06-05
Posts: 22346
Loc: OK
oh, stupid me.
sure it works.
haven't tried does not mean that it does not work.
now am wiser.

anyway, isn't getas and setas wscript functions?
(stupid me again quessing here...)
_________________________
!

download KiXnet

Top
#75682 - 2003-07-08 04:21 PM Re: Creating mailbox in Exchange 5.5
Howard Bullock Offline
KiX Supporter
*****

Registered: 2000-09-15
Posts: 5809
Loc: Harrisburg, PA USA
I think you are missing the proper object:

$oADsSid = CreateObject("ADsSid")
$oADsSid.SetAS(1,$HexSid)
$GetADsPathFromHexSid=$oADsSid.GetAS(5)

This does the opposite of what you are doing.
_________________________
Home page: http://www.kixhelp.com/hb/

Top
#75683 - 2003-07-08 04:25 PM Re: Creating mailbox in Exchange 5.5
Howard Bullock Offline
KiX Supporter
*****

Registered: 2000-09-15
Posts: 5809
Loc: Harrisburg, PA USA
This is what you want...

$sidobj = createobject("adssid")
$sidobj.setas(5,"WinNT://domain1/administrators,group")
$sid = $sidobj.getas(1)

"ADSI SID = " + $sid ?

[ 08. July 2003, 16:25: Message edited by: Howard Bullock ]
_________________________
Home page: http://www.kixhelp.com/hb/

Top
#75684 - 2003-07-09 08:24 AM Re: Creating mailbox in Exchange 5.5
Raceeend Offline
Starting to like KiXtart

Registered: 2002-05-09
Posts: 129
Loc: The Netherlands
Got it working [Smile]

Thank you all.

code:
;--------------------------------------------------------
; Security object for SD manipulation
; (REQUIRED ADSI TOOL KIT - REGSVR32 ADSSECURITY.DLL)
;--------------------------------------------------------

;--------------------------------------------------------
;---------------CREATING A MAILBOX ----------------------
;--------------------------------------------------------

;--- Server, Org and Site information ---
$server = "ExchangeServer"
$Org = "Organisation"
$Site = "Organisational Unit"
$domain = "@DOMAIN"
$strDisplayName = "John Smith"
$strFirstName = "John"
$strLastName = "Smith"
$username = "smithj"
$strAlias = $username
$strMTA = "cn=Microsoft MTA,cn=$server,cn=Servers,cn=Configuration,ou=$Site,o=$Org"
$strSMTPAddr = "john.smith@@domain.com"
;---------------------------------------------------------------
; Build Recipient container's adsPath:
; LDAP://myserver/CN=Recipients, OU=Site, O=Org
;---------------------------------------------------------------
$ADsPath = "LDAP://$server/cn=Recipients,ou=$site,o=$Org"
$objCont = GetObject($ADsPath)
;---Create a new MailBox---
$mailBox = $objCont.Create("organizationalPerson", "cn=$strAlias")
$mailBox.Put("mailPreferenceOption",0)
$mailBox.Put("givenName", $strFirstName)
$mailBox.Put("sn", $strLastName)
$mailBox.Put("cn", $strDisplayName)
$mailBox.Put("uid", $strAlias)
$mailBox.Put("Home-MTA", $strMTA)
$mailBox.Put("mail", $strSMTPAddr)
$mailBox.Put("MAPI-Recipient", True)
$mailBox.Put("rfc822Mailbox", $strSMTPAddr)
;--------------------------------------------------------
; Associating to a primary account
; (Requires the ADSI tool kit - REGSVR32 ADSSECURITY.DLL )
;--------------------------------------------------------
$ADS_SID_WINNT_PATH = 5
$ADS_SID_HEXSTRING = 1
$sidobj = CreateObject("adssid")
$sidobj.setas(5,"WinNT://@DOMAIN/$strAlias,user")
$sid = $sidobj.getas(1)
"ADSI SID = " + $sid ?
$mailBox.Put("Assoc-NT-Account", $sid)
$mailBox.SetInfo
? "Mailbox created: "@SERROR +"Error code: "+@ERROR
$mailbox = ""

_________________________
regards, Martijn

Top
#75685 - 2003-07-09 11:30 AM Re: Creating mailbox in Exchange 5.5
Raceeend Offline
Starting to like KiXtart

Registered: 2002-05-09
Posts: 129
Loc: The Netherlands
Not completely :-(

The mailbox security is not working.

vb code:

code:
Dim sec As New ADsSecurity 'You can also use -- Set sec = CreateObject("ADsSecurity") for late binding
Dim sd As IADsSecurityDescriptor
Dim dacl As IADsAccessControlList
Dim ace As New AccessControlEntry

Const ADS_RIGHT_EXCH_MODIFY_USER_ATT = &H2
'-------------------------------------------------
' Set the mailbox security
' to allow the user to modify a user attribute,
' send mail, and receive mail
'-------------------------------------------------
Set sd = sec.GetSecurityDescriptor(mailBox.ADsPath)
Set dacl = sd.DiscretionaryAcl
ace.Trustee = domain & "\" & strAlias
ace.AccessMask = ADS_RIGHT_EXCH_MODIFY_USER_ATT Or ADS_RIGHT_EXCH_MAIL_SEND_AS Or ADS_RIGHT_EXCH_MAIL_RECEIVE_AS
ace.AceType = ADS_ACETYPE_ACCESS_ALLOWED
dacl.AddAce ace
sd.DiscretionaryAcl = dacl
sec.SetSecurityDescriptor sd



"Translated to KiX"
code:
$ADS_RIGHT_EXCH_MODIFY_USER_ATT = "H2"
$secobj = CreateObject("ADsSecurity")
$sd = getobjectoption("IADsSecurityDescriptor")
$dacl = getobjectoption("IADsAccessControlList")
$aceobj = CreateObject("AccessControlEntry")
$sd = $Secobj.GetSecurityDescripter($mailbox.$ADsPath)
$dacl = $sd.DiscretionaryAcl
$aceobj.Thrustee = "@DOMAIN\$strAlias"
$aceobj.AccessMask = $ADS_RIGHT_EXCH_MODIFY_USER_ATT
$aceobj.AceType = $ADS_ACETYPE_ACCESS_ALLOWED
$dacl.AddAce = $aceobj
$sd.DiscretionaryAcl = $dacl

$secobj.SetSecurityDescriptor = $sd

Result:
Script error: unknown or unexpected command []!
$sd = $Secobj.GetSecurityDescripter($mailbox.$ADsPath)

Any ideas?
_________________________
regards, Martijn

Top
#75686 - 2003-07-09 11:36 AM Re: Creating mailbox in Exchange 5.5
Lonkero Administrator Offline
KiX Master Guru
*****

Registered: 2001-06-05
Posts: 22346
Loc: OK
how come:
Set sd = secobj.GetSecurityDescriptor(mailBox.ADsPath)

translates to:
$sd = $secobj.GetSecurityDescriptor($mailBox.$ADsPath)

I would quess:
$sd = $secobj.GetSecurityDescriptor($mailBox.ADsPath)

is closer, but...
without seeing what is ADsPath in initial code, can't make really good quesses [Wink]

[ 09. July 2003, 12:00: Message edited by: Lonkero ]
_________________________
!

download KiXnet

Top
#75687 - 2003-07-10 12:00 AM Re: Creating mailbox in Exchange 5.5
Raceeend Offline
Starting to like KiXtart

Registered: 2002-05-09
Posts: 129
Loc: The Netherlands
$ADsPath = "LDAP://$server/cn=Recipients,ou=$site,o=$Org"

When changing to:
$sd = $Secobj.GetSecurityDescripter($mailbox.ADsPath)

I get "Unknown name"
_________________________
regards, Martijn

Top
#75688 - 2003-07-10 12:01 AM Re: Creating mailbox in Exchange 5.5
Lonkero Administrator Offline
KiX Master Guru
*****

Registered: 2001-06-05
Posts: 22346
Loc: OK
with initial code I ment the vbscript. [Wink]
_________________________
!

download KiXnet

Top
#75689 - 2003-07-10 12:05 AM Re: Creating mailbox in Exchange 5.5
Lonkero Administrator Offline
KiX Master Guru
*****

Registered: 2001-06-05
Posts: 22346
Loc: OK
found the difference in your vb-code and in the script code [Big Grin]

you write in kix-version:
getsecuritydescripter()

instead of:
getsecuritydescriptor()
_________________________
!

download KiXnet

Top
#75690 - 2003-07-10 12:26 AM Re: Creating mailbox in Exchange 5.5
NTDOC Administrator Offline
Administrator
*****

Registered: 2000-07-28
Posts: 11623
Loc: CA
Very keen eye there Lonkero. [Cool]
Top
#75691 - 2003-07-10 09:50 AM Re: Creating mailbox in Exchange 5.5
Raceeend Offline
Starting to like KiXtart

Registered: 2002-05-09
Posts: 129
Loc: The Netherlands
Indeed very keen [Smile]

This part is now working without errors
code:
$ADS_RIGHT_EXCH_MODIFY_USER_ATT = "0x02" 
$ADS_RIGHT_EXCH_MAIL_SEND_AS = "0x08"
$ADS_RIGHT_EXCH_MAIL_RECEIVE_AS = "0x10"
$ADS_ACETYPE_ACCESS_ALLOWED = "0x00"
$secobj = CreateObject("ADsSecurity")
$sd = getobjectoption("IADsSecurityDescriptor")
$dacl = getobjectoption("IADsAccessControlList")
$aceobj = CreateObject("AccessControlEntry")
$sd = $Secobj.GetSecurityDescriptor($mailbox.ADsPath)
$dacl = $sd.DiscretionaryAcl
$aceobj.Trustee(@DOMAIN+"\"+$strAlias).Put
$aceobj.AccessMask.Put($ADS_RIGHT_EXCH_MODIFY_USER_ATT)
$aceobj.AceType = $ADS_ACETYPE_ACCESS_ALLOWED
$dacl.AddAce.Put = $aceobj
$sd.DiscretionaryAcl = $dacl
$secobj.SetSecurityDescriptor($sd)

But it doesn't give the result that i thought it should have. I thought that this would set the NT account with permissions on the mailbox but as you can see in the image that isn't working.
 -
_________________________
regards, Martijn

Top
#75692 - 2003-07-10 09:54 AM Re: Creating mailbox in Exchange 5.5
Lonkero Administrator Offline
KiX Master Guru
*****

Registered: 2001-06-05
Posts: 22346
Loc: OK
hey, how you got that kind of view?
I have 5.5 sp4 and don't have no permissions tab.
does the account occur on general tab as box owner?
_________________________
!

download KiXnet

Top
Page 1 of 2 12>


Moderator:  Glenn Barnas, NTDOC, Arend_, Jochen, Radimus, Allen, ShaneEP, Ruud van Velsen, Mart 
Hop to:
Shout Box

Who's Online
0 registered and 248 anonymous users online.
Newest Members
gespanntleuchten, DaveatAdvanced, Paulo_Alves, UsTaaa, xxJJxx
17864 Registered Users

Generated in 0.047 seconds in which 0.017 seconds were spent on a total of 12 queries. Zlib compression enabled.

Search the board with:
superb Board Search
or try with google:
Google
Web kixtart.org