[英]Allow impersonation users to login to Exchange Server by EWS Managed API 2.0
我在Windows Server 2016
IIS 10
上托管了一个ASP .Net Application
。 Impersonation
和Windows Authentication
已启用。
我希望已登录的Active Directory用户可以执行与其自己的邮箱相关的某些操作,而无需进行任何其他登录(我的意思是不输入用户名/密码)。
是否可以对Exchange Server
, Active Directory
用户和托管应用的服务器进行哪些配置更改?
我是如何使用EWS Managed API
:
using (var context = WindowsIdentity.GetCurrent().Impersonate())
{
string mailbox = "user@domain.com"
ExchangeService service = new ExchangeService();
service.AutodiscoverUrl(mailbox);
service.Url = new Uri(serverAddress);
service.UseDefaultCredentials = true;
service.Credentials = CredentialCache.DefaultNetworkCredentials;
var rootFolder = Folder.Bind(service, new FolderId(WellKnownFolderName.MsgFolderRoot, mailbox));
}
在那种情况下,使用AutodiscoverUrl
会出错: The Autodiscover service couldn't be located.
当我尝试避免AutodiscoverUrl
,如下所示:
using (var context = WindowsIdentity.GetCurrent().Impersonate())
{
string serverAddress = "https://domain.com/EWS/Exchange.asmx";
string mailbox = "user@domain.com"
ExchangeService service = new ExchangeService();
service.Url = new Uri(serverAddress);
service.UseDefaultCredentials = true;
service.Credentials = CredentialCache.DefaultNetworkCredentials;
var rootFolder = Folder.Bind(service, new FolderId(WellKnownFolderName.MsgFolderRoot, mailbox));
}
我也遇到错误: The request failed. The remote server returned an error: (401) Unauthorized.
The request failed. The remote server returned an error: (401) Unauthorized.
您能否建议如何配置这些服务器以使其相互通信?
您需要允许Kerberos代表团查看https://blogs.msdn.microsoft.com/emeamsgdev/2012/11/05/ews-from-a-web-application-using-windows-authentication-and-impersonation/其中有一个样本并说明了需要做什么。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.