Re: Error for some users ehrn connecting to exchange server folders
- From: David Wang <w3.4you@xxxxxxxxx>
- Date: Mon, 11 Jun 2007 10:59:24 -0000
On Jun 10, 12:29 pm, hjpal <h...@xxxxxxxxxxxx> wrote:
IIS 5 security issue
CDO is installed on web server
Scenario:
In an asp page users are authenticated throug the integrated windows method
a connection is made to a remote exchange server
"strProfileInfo = strServer & vblf & strMailbox
Set objSession = Server.CreateObject("MAPI.Session")
objSession.Logon , , , False, , True, strProfileInfo
Set objInfoStores = objSession.InfoStores"
Problem: this will only work if users are member of the Power User or
Administator groups on the web server.
I am not very pleased with that, so may this be avoided?
This does not look like an issue with IIS and not really a security
issue. Maybe the strProfileInfo access is restricted and you need to
look through documentation of MAPI.Session to determine requirements.
What if you run the script code on the commandline with an interactive
logged-in user. Does that user need to be Power User/Administrator or
not?
//David
http://w3-4u.blogspot.com
http://blogs.msdn.com/David.Wang
//
.
- References:
- Prev by Date: Re: Access Denied: Obtaining a Server Certificate from Your Own CA
- Next by Date: Re: IIS username:password@server.domain.com
- Previous by thread: Error for some users ehrn connecting to exchange server folders
- Index(es):
