Microsoft KB Archive/236012

= DOC: Error in ADSI Example in "Notes From the Field" Book =

Article ID: 236012

Article Last Modified on 3/4/2004

-

APPLIES TO


 * Microsoft Active Directory Service Interfaces 2.0
 * Microsoft Active Directory Service Interfaces 2.5

-



This article was previously published under Q236012



SUMMARY
The Microsoft Press book "Deploying Microsoft Exchange Server 5.5 (Notes from the Field)", in Chapter 17, includes a Microsoft Active Directory Service Interface (ADSI) sample that does not properly associate a Windows NT account to an Exchange mailbox.



MORE INFORMATION
To resolve this, replace the SetSecurity function found on page 473 with the following: ' SetSecurity

'This routine will associate an Windows NT Domain account with an Exchange mailbox. ' It requires information specifying the Windows NT Domain account and the ' Exchange mailbox.

' ADSI is used to set the "Assoc-NT-Account" and "NT-Security-Descriptor" properties

Public Sub SetSecurity(strNTDomain As String, strNTAccount As String, strServer As String, _                      strOrg As String, strSite As String, strContainer As String)

Dim pDomain(512) As Byte Dim pRawSID(512) As Byte Dim pSID As Byte Dim pRawSD As Byte Dim pSD As Byte Dim strPath As String Dim objUser As IADsUser Dim objContainer As IADsContainer ' Build the ADSI Path to the Exchange mailbox that's been passed in... strPath = "LDAP://" + strServer + "/cn=" + strNTAccount + ",cn=" + strContainer + ",ou=" + strSite + ",o=" + strOrg ' Retrieve the IADsUser object encapsulating the Exchange mailbox Set objUser = GetObject(strPath) ' Lookup the SID for the Windows NT Domain account that's been passed in... Dim lReturn As Long lReturn = LookupAccountName(GetPrimaryDCName("", strNTDomain), strNTAccount, pRawSID(0), 512, pDomain, 512, 1) ' Build the security descriptor for this new mailbox object BuildSD strServer, strNTDomain, pRawSID, pRawSD ' encode sid ReDim pSID(2 * (GetLengthSid(pRawSID(0)))) For i = 0 To GetLengthSid(pRawSID(0)) - 1 pSID(2 * i) = AscB(Hex$(pRawSID(i) \ &H10)) pSID(2 * i + 1) = AscB(Hex$(pRawSID(i) Mod &H10)) Next i   ' encode sd    ReDim pSD(2 * UBound(pRawSD) + 1) For i = 0 To UBound(pRawSD) - 1 pSD(2 * i) = AscB(Hex$(pRawSD(i) \ &H10)) pSD(2 * i + 1) = AscB(Hex$(pRawSD(i) Mod &H10)) Next i   ' Set the owner of the Exchange mailbox to the Windows NT Domain account that's been passed in... objUser.Put "Assoc-NT-Account", pSID objUser.Put "NT-Security-Descriptor", pSD objUser.SetInfo Set objUser = Nothing

End Sub

