none
Can't limit access to shared calendar through impersonation RRS feed

  • Question

  • Hi

    We're using EWS to integrate our CRM with Exchange Online 2010SP2. One of the tasks: provide one calendar for Sales persons with the next rule: every Sales can see all appointments in Scheduler, but can open and see details (body) only his/her own appointment. Appointment are being placed by CRM in response of certain business events. We tried to use impersonate and Sensitivity.Private property. Appointment is being placed with impersonated user name, but it can't be opened by that user neither through OWA nor via Outlook. So it's placed as private appointment of 'master' user (user who created shared calendar and his credentials is used for service connection), he can open it in Outlook or OWA. EWSEditor shows appointment's LastModifiedUser - correct impersonated username (not master's). In Fiddler we can see 'success' Response on appointment placement request (under impersonated user). In OutlookSpy, we can see that appointments  PR_SENDER_NAME_W, PR_SENT_REPRESENTING_NAME_W properties shows 'master's' username. We stuck.

    Impersonated user has 'owner' rights upon that shared calendar.

    Any help is very appreciated.

    Code snippet:

    ExchangeService services = new ExchangeService(ExchangeVersion.Exchange2010_SP2);

    services.Credentials = new WebCredentials("master@exchserver.com", "MasterPwd");
    services.Url = new Uri("https://someserver.com/ews/exchange.asmx");

    FolderId rfRootFolderid = new FolderId(WellKnownFolderName.Calendar);
    FolderView fvFolderView = new FolderView(100);

    DateTime startDate = DateTime.Now.AddDays(1);
    DateTime endDate;

    string SalesCalendarId = "AAMkADVlMGVjZWVkLTlmYzYtNDc3ZC04NzY3LWRhMGQ1Y2UwZWIzZAAzBBBBBBCxMmeDq5qRSpYm/DuZ9joXAQAE24KppLWXSpmjZHGCH4S8AAAADo8XAAA=";

    CalendarFolder folder = CalendarFolder.Bind(services, new FolderId(SalesCalendarId));

    TimeSpan ts = new TimeSpan(10, 00, 0);
    startDate = startDate.Date + ts;
    endDate = startDate.AddMinutes(60);

    services.HttpHeaders.Add("X-AnchorMailbox", "impersonateduser@exchserver.com");

    appointment.Subject = "from Test";
    appointment.Body = "Test";
    appointment.Start = startDate;
    appointment.End = appointment.Start.AddMinutes(30);
    appointment.ReminderDueBy = appointment.Start.AddHours(1);
    appointment.Sensitivity = Sensitivity.Private;
    ImpersonatedUserId = new ImpersonatedUserId(ConnectingIdType.SmtpAddress, "impersonateduser@exchserver.com");

    appointment.Save(SalesCalendarId, SendInvitationsMode.SendToNone);

    -----------------

    If Impersonating doesn't resolve this issue, can Delegate technique do that?

    Saturday, September 22, 2018 9:48 PM