Sign in
 
Open Specifications Developer Center > Open Specifications Forums > Using the Exchange Server Protocols > Impersonation in Exchange Server 2010 (for Exchange Web Services)
Ask a questionAsk a question
Search Forums:
 

AnswerImpersonation in Exchange Server 2010 (for Exchange Web Services)

  • Friday, September 11, 2009 1:49 AMRuss Iuliano Users MedalsUsers MedalsUsers MedalsUsers MedalsUsers Medals
     
    Sign In to Vote
    0
    Sign In to Vote
    I am testing an existing Exchange Web Services application that adds calendar data into Exchange 2007 for operability in Exchange 2010. Impersonation is failing. Here is the context: I created a domain user account and granted it impersonation rights as described in the Exchange 2010 Web Services SDK: http://msdn.microsoft.com/en-us/library/bb204095(EXCHG.140).aspx. (I have used these steps many times to successfully impersonate user mailbox accounts in Exchange 2007.) I tried to configure impersonation on Exchange 2010 at the server database, and account levels. All web service requests fail with "impersonation failed" messages. The domain controller and the exchange server are members of the windows authorization access group. This is a standard exchange install (vs a forest trust), so user accounts are 'enabled'.) When I create a second the service account and grant it 'Full Access' rights, the web service requests succeed. I've tried to look at the effective permissions for both service accounts using Active Directory Sites and Services, but the "Show Services Node" view is not a context menu choice. Is the "New-ManagementRoleAssignment" commandlet a better way to go? If so, i would appreciate some help with the "ms-Exch-EPI-May-Impersonate" syntax at the exchange server or mailbox database. If not, can someone in the community please provide some thoughts on ways to solve this issue? Thanks for your help! Russ
     

Answers

All Replies

  • Friday, September 11, 2009 3:39 PMJohn DunningMSFT, ModeratorUsers MedalsUsers MedalsUsers MedalsUsers MedalsUsers Medals
     
    Sign In to Vote
    0
    Sign In to Vote
    Hi Russ:
    This forum is for discussion around the technical content and implementation using the the Open Protocol specifications for Exchange Server. Since your post does not appear to be related to the Open Protocol Specification documentation set we would appreciate it if you could try posting your question to a different forum. I would recommend starting with the following:

    http://social.technet.microsoft.com/Forums/en-US/exchangesvradmin/threads

    Thanks
    John Dunning
    Senior Escalation Engineer Microsoft Corporation
    US-CSS DSC PROTOCOL TEAM
     
  • Friday, September 11, 2009 5:55 PMRuss Iuliano Users MedalsUsers MedalsUsers MedalsUsers MedalsUsers Medals
     Answer
    Sign In to Vote
    0
    Sign In to Vote
    John,
    Sorry for misposting the request. Thanks for redirecting me to the exchange server admin forum.
    Russ