Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Create Exchange MailBox (ASP)

4 views
Skip to first unread message

swwalsh

unread,
Aug 13, 2007, 2:58:05 PM8/13/07
to
I have a script (ASP) written which creates an account in AD, creates a
folder on our file server and sets its permissions, and then creates a
mailbox on the exchange server and sets its permissions... This script use to
work fine, and it hasnt been used in 2 months (since we have had no new
students since the end of the term).

I have part of the script below. There is alot of code above this script
which gets executed perfectly. The code that is missing creates an account in
the AD, creates a folder on the file server and gives that folder the correct
permissions... This is the section that does not work, and I am testing
seperately with no success... I have checked the permissions on the server
(gave the account full permissions), still nothing... I added the account
creating the mailboxes to the security in the exchange system manager...
still nothing... Can somsone please help... I am going nuts.

When executed, all I get is this:

error '80070057'
/computing/test.asp, line 450

Line 450 is: objMailbox.createMailBox exchURL

Here is the code.

<%

strDisplayName="zcarey"
strEmail="zca...@swgc.mun.ca"
strLdapPath = "LDAP://ou=TEST Accounts Students,ou=TEST,dc=test,dc=ca"
sUserADsPath = "LDAP://CN=" & strDisplayName & ",ou=TEST Accounts
Students,ou=TEST,DC=test,DC=ca"

set objOU = GetObject(strLdapPath)
set objUser = objOU.Create("User", "cn=" & strDisplayName)
exchURL =
"CN=TEST_Students,CN=TEST_Accounts,CN=InformationStore,CN=SERVERNAME,CN=Servers,CN=TEST,CN=Administrative
Groups,CN=College,CN=Microsoft
Exchange,CN=Services,CN=Configuration,DC=test,DC=ca"

'create mailbox
Set objMailbox = objUser
objMailbox.createMailBox exchURL
objUser.SetInfo

objUser.Put "mail", strEmail
objUser.SetInfo

'set permissions on exchange mailbox
CONST ADS_ACEFLAG_INHERIT_ACE = 2
CONST ADS_ACETYPE_ACCESS_DENIED = 1
CONST ADS_ACETYPE_SYSTEM_AUDIT = 2
CONST ADS_ACETYPE_ACCESS_ALLOWED_OBJECT = 5
CONST ADS_ACETYPE_ACCESS_DENIED_OBJECT = 6
CONST ADS_ACETYPE_SYSTEM_AUDIT_OBJECT = 7
CONST ADS_ACETYPE_SYSTEM_ALARM_OBJECT = 8

' ********************************************************************
' You will need to change this variable according to your environment.
'

sTrustee01 = "DOMAIN\" & strUserName
sTrustee02 = "DOMAIN\user1"
sTrustee03 = "DOMAIN\user2"
sTrustee04 = "DOMAIN\user3"
sTrustee05 = "DOMAIN\user4"

' Get directory user object.
Set objUser = GetObject(sUserADsPath)

' Get the Mailbox security descriptor (SD).
Set oSecurityDescriptor = objUser.MailboxRights

' Extract the discretionary access control list (ACL) by using the
IADsSecurityDescriptor.
' Interface
Set dacl = oSecurityDescriptor.DiscretionaryAcl

''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
' The following block of code demonstrates how to add a new ACE to the
' DACL for the Exchange 2000 mailbox with the Trustee specified in
' sTrustee, which permits "Full Control" over this mailbox.
' This is the same task that is performed by ADUnC when you follow these
' steps to modify the properties of a user: on the Exchange Advanced tab,
' under Mailbox Rights, click Add, select the Trustee, and then select the
' Full Mailbox Access Rights check box.
' Similarly, you can also remove ACEs from this ACL by using the
IADsAccessControlEntry interfaces.
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''

' Template: AddAce(TrusteeName, gAccessMask, gAceType, gAceFlags, gFlags,
gObjectType, gInheritedObjectType)

AddAce dacl, sTrustee01, 131073, ADS_ACETYPE_ACCESS_ALLOWED,
ADS_ACEFLAG_INHERIT_ACE, 0, 0, 0
AddAce dacl, sTrustee02, 983041, ADS_ACETYPE_ACCESS_ALLOWED,
ADS_ACEFLAG_INHERIT_ACE, 0, 0, 0
AddAce dacl, sTrustee03, 131073, ADS_ACETYPE_ACCESS_ALLOWED,
ADS_ACEFLAG_INHERIT_ACE, 0, 0, 0
AddAce dacl, sTrustee04, 983041, ADS_ACETYPE_ACCESS_ALLOWED,
ADS_ACEFLAG_INHERIT_ACE, 0, 0, 0
AddAce dacl, sTrustee05, 983041, ADS_ACETYPE_ACCESS_ALLOWED,
ADS_ACEFLAG_INHERIT_ACE, 0, 0, 0

' Add the modified DACL to the security descriptor.
oSecurityDescriptor.DiscretionaryAcl = dacl

' Save new SD onto the user.
objUser.MailboxRights = oSecurityDescriptor

objUser.SetInfo

response.write "DONE"
%>


Kevin C

unread,
Aug 16, 2007, 9:06:00 PM8/16/07
to
I have an exchange user account creation script similar to the one you have
written. I found that I could not launch the script successfully unless it
was run on an exchange server. The createMailBox command was failing.

Try to execute the code on the box and let us know


--
Kevin Callanan
MSCA 2003, A+, Network+
www.weblabtechs.com

Please let us know if this response was helpful...

swwalsh

unread,
Aug 17, 2007, 8:02:11 AM8/17/07
to
Well Kevin, the script magically works now on the web. I had this working for
a year creating accounts in AD, making the file folders, assigning
permissions and making the mailbox. Then it broke with the error I gave
below. Now it works again... God only knows what was wrong... Thanks for your
suggestion though.
0 new messages