RE: Modify GAL using ADSI

• From: "Hite, Ronald L" <rhite@xxxxxxxxxxxx>
• To: "[ExchangeList]" <exchangelist@xxxxxxxxxxxxx>
• Date: Wed, 13 Mar 2002 12:19:49 -0600

Mani,

I'm not sure I understand the question as you cannot modify the GAL directly.  
The GAL is a representation of exchange objects.  You can create / delete / 
modify exchange objects which in turn update the GAL.

Here's a script which creates a mailbox object.  This is in vbscript.

'-----------------------------------------------------------------
' start of script

        ' variables which need to be initialized with user informtion
        'sLogon = this is the NTDS / AD object name
        'sFName = First name
        'sLName = Last name

        ' the following strings need to be modified for your site
        sMSXServer = "EXCHANGE_SERVER_NAME"
        sNTDom = "NT_DOMAIN"
        sSite = "EXCHANGE_SITE"

        sMTA = "cn=Microsoft MTA,cn=" & sMSXServer & 
",cn=Servers,cn=Configuration,ou=" & sSite & ",o=" & sNTDom
        sMDB = "cn=Microsoft Private MDB,cn=" & sMSXServer & 
",cn=Servers,cn=Configuration,ou=" & sSite & ",o=" & sNTDom
        sADsPath = "LDAP://"; & sMSXServer & "/cn=Recipients,OU=" & sSite & 
",O=" & sNTDom

        Set oCont = GetObject(sADsPath)


        'Create a new MailBox
        Set oMailbox = oCont.Create("organizationalPerson", "cn=" & sLogon)
        oMailbox.Put "mailPreferenceOption", 0

        ' I believe this is the set of "mandatory" fields for a mailbox
        oMailbox.Put "cn", sLName & ", " & sFName                               
'Display Name
        oMailbox.Put "uid", sLogon
        oMailbox.Put "Home-MTA", sMTA
        oMailbox.Put "Home-MDB", sMDB
        oMailbox.Put "MAPI-Recipient", True
        oMailbox.Put "mail", sEmail
        oMailbox.Put "rfc822Mailbox", sEmail

        ' These are "optional"
        oMailbox.Put "givenName", sFName
        oMailbox.Put "sn", sLName
        
        ' Associate the mailbox to the NT account
        ' (ADSSecurity.dll is required)
        const ADS_SID_HEXSTRING         = 1
        const ADS_SID_WINNT_PATH        = 5

        Set oSID = CreateObject("ADsSID")
        oSID.SetAs ADS_SID_WINNT_PATH, "WinNT://" & sNTDom & "/" & sLogon & 
",user"
        sSIDHex = oSID.GetAs(ADS_SID_HEXSTRING)
        oMailbox.Put "Assoc-NT-Account", sSIDHex
        oMailbox.SetInfo

        ' assign other email addresses
        Const ADS_PROPERTY_APPEND                               = 3

        Redim aMailProxies(1)
        ' using an array allows you to add multiple secondary addresses for 
SMTP or other connectors
        ' you will need to modify the X400 for your site
        aMailProxies(0) = "X400:c=US;a= ;p=ORG;o=US;s=" & sLogon& ";"
        aMailProxies(1) = "smtp:" & sFName & "." & sLName & "@secondarySMTP.com"

        ' use "()" for the array
        oMailbox.putEX ADS_PROPERTY_APPEND, "Proxy-Addresses", (aMailProxies)
        oMailbox.SetInfo

        ' set mailbox security
        Const ADS_ACETYPE_ACCESS_ALLOWED                        = 0
        Const ADS_RIGHT_EXCH_MAIL_RECEIVE_AS            = &H10
        Const ADS_RIGHT_EXCH_MAIL_SEND_AS                       = &H8
        Const ADS_RIGHT_EXCH_MODIFY_USER_ATT            = &H2

        Set oACE = CreateObject("AccessControlEntry")
        Set oSec = CreateObject("ADsSecurity")
        Set oSD = oSec.GetSecurityDescriptor(oMailbox.ADsPath)
        Set oDACL = oSD.DiscretionaryAcl

        oACE.Trustee = sNTDom & "\" & sLogon
        oACE.AccessMask = ADS_RIGHT_EXCH_MODIFY_USER_ATT Or 
ADS_RIGHT_EXCH_MAIL_SEND_AS Or ADS_RIGHT_EXCH_MAIL_RECEIVE_AS
        oACE.AceType = ADS_ACETYPE_ACCESS_ALLOWED
        oDACL.AddAce oACE
        oSD.DiscretionaryAcl = oDACL
        oSec.SetSecurityDescriptor oSD

' end of script
'-----------------------------------------------------------------

I think I've included everything needed.

Ron Hite
Network Administrator
Bell, Boyd & Lloyd LLC
t - 312-558-6285
f - 312-827-8023

-----Original Message-----
From: Bansal, Mani (Contractor) [mailto:BansalM@xxxxxx]
Sent: Wednesday, March 13, 2002 11:45 AM
To: [ExchangeList]
Subject: [exchangelist] Modify GAL using ADSI


http://www.MSExchange.org/


Has anyone worked on modifying(ADD/DELETE/update) GAL using ADSI APIs?
I am sure that we can modify GAL using ADSI but anybody knows if we can add
or delete an address into it too.
If anybody has any script/code on this they are welcome if they want to
share it.

all suggestions are welcome.

Regards,
Mani

------------------------------------------------------
You are currently subscribed to this MSExchange.org Discussion List as: 
rhite@xxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')


------------------------------------------
The information contained in this e-mail message may be privileged, 
confidential, and protected from disclosure.  If you are not the
intended recipient, any further disclosure or use, dissemination,
distribution, or copying of this message or any attachment is strictly
prohibited.  If you think that you have received this e-mail message in
error, please delete it and notify the sender.

Other related posts:

• » Modify GAL using ADSI
• » RE: Modify GAL using ADSI
• » Re: Modify GAL using ADSI

1. Home
2. exchangelist
3. Archive
4. 03-2002

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---