如何在具有模拟功能的托管Exchange上使用EWS?
[英]How to use EWS on hosted Exchange with Impersonation?
问题描述
I want to create a service which to crawl all inboxes of all users on a hosted exchange server (“myclient.onmicrosoft.com”) via EWS. 
我想创建一个服务,该服务通过EWS爬网托管的交换服务器(“ myclient.onmicrosoft.com”)上所有用户的所有收件箱。
This already works well when I connect to on-premise exchange servers in the same domain. 当我连接到同一域中的本地交换服务器时,这已经很好地工作了。 But when I try to connect this service to a hosted exchange, it throws 401 (wrong authorization) errors. 但是,当我尝试将此服务连接到托管交易所时,它会引发401(错误的授权)错误。 Of course, this is a different domain as the hosted exchange server. 当然,这是与托管交换服务器不同的域。 My service runs on an on-premise server and uses a “god-mode” user to impersonalise to all active directory users. 我的服务在本地服务器上运行,并使用“上帝模式”用户来模拟所有活动目录用户。 My question is: How to connect the users of my on-premise system correctly to the hosted exchange in a different domain? 我的问题是:如何将本地系统的用户正确连接到其他域中的托管交换机?
Note: It works when I use the credentials directly and the impersonation way does work on on-premise installations. 注意:当我直接使用凭据并且模拟方式确实适用于本地安装时,它可以工作。
What I did so far (and I wonder of this is the right way to do it): On our on-premise server I created a domain “myclient.onmicrosoft.com” just like on the hosted server and an AD user with the same name and password as on the hosted exchange (called “mytest@myclient.onmicrosoft.com”). 到目前为止,我所做的事情(我不知道这是正确的方法):在本地服务器上,我创建了一个域“ myclient.onmicrosoft.com”,就像在托管服务器和具有相同AD的AD用户上一样托管交易所上的名称和密码(称为“ mytest@myclient.onmicrosoft.com”)。
On my crawler service I did: 在我的搜寻器服务中,我做了:
I got all AD users in our on premise server
我所有的AD用户都在我们的本地服务器中 var allUsers = SearchAllActiveDirectoryUsers(); foreach (DataRow user in allUsers.Rows) { String domainName = (String)user["DomainName"]; String samAccountName = (String)user["SamAccountName"]; String principalName = (String)user["PrincipalName"]; String principalDomainName = (String)user["PrincipalDomainName"]; String mail = (String)user["Mail"]; }Then for each AD user I connected the user with the exchange service like this:
然后,对于每个AD用户,我都将其连接到交换服务,如下所示: ExchangeService ex = new ExchangeService(version); ex.Url = new Uri(“https://outlook.office365.com/EWS/Exchange.asmx”); ex.Credentials = new WebCredentials("mytest@myclient.onmicrosoft.com", “XXX”, " myclient.onmicrosoft.com"); // THIS DOES WORK CORRECTLY! ex.ImpersonatedUserId = new ImpersonatedUserId(ConnectingIdType.PrincipalName, “mytest@myclient.onmicrosoft.com”); //this does NOT work!
Any ideas what I am missing? 有什么想法我想念的吗?
1 个解决方案
解决方案1
1 已采纳 2014-12-23 17:06:07
You need to use the credentials of your "god-mode" user, but set the ImpersonatedUserId to the AD user. 您需要使用“上帝模式”用户的凭据,但是将ImpersonatedUserId设置为AD用户。 Something like: 就像是:
ex.Credentials = new WebCredentials("account_with_impersonation_rights@myclient.onmicrosoft.com", "password");
ex.ImpersonatedUserId = new ImpersonatedUserId(ConnectingIdType.PrincipalName, "mytest@myclient.onmicrosoft.com");
When you connect to Office 365 via EWS, you always need to supply credentials. 通过EWS连接到Office 365时,始终需要提供凭据。 You can't use UseDefaultCredentials = true . 您不能使用UseDefaultCredentials = true 。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.