av中文字幕网免费观看,三a毛片,欧美欧美乱码一二三区

概要

本文介紹在 Microsoft Active Directory 目錄服務(wù)中為用戶對象啟用郵箱時，如何以編程方式修改 Microsoft Exchange Server 2000 或 2003 郵箱的郵箱權(quán)限。

本文包含示例代碼，向您顯示在已經(jīng)為 Exchange 2000 或 2003 信息存儲區(qū)中的用戶創(chuàng)建了實際郵箱之前，并且已經(jīng)在 Active Directory 中為用戶對象啟用了郵箱之后，如何設(shè)置 Exchange 2000 或 2003 郵箱的郵箱權(quán)限。

注意：如果 Exchange 2000 或 2003 信息存儲區(qū)中已經(jīng)存在郵箱，則此代碼不起作用。換句話說，如果用戶的郵箱已經(jīng)被訪問，則該代碼不會影響用戶郵箱的實際郵箱權(quán)限。有關(guān)在信息存儲區(qū)中已經(jīng)創(chuàng)建 Exchange 2000 郵箱前后如何設(shè)置該郵箱的郵箱權(quán)限的更多信息，請單擊下面的文章編號，以查看 Microsoft 知識庫中相應(yīng)的文章：

310866 (http://support.microsoft.com/kb/310866/) 如何設(shè)置信息存儲區(qū)中現(xiàn)有郵箱的 Exchange Server 2003 和 Exchange 2000 Server 郵箱權(quán)限

更多信息

在 Exchange 2000 或 2003 組織中，郵箱包含兩部分（在 Microsoft Windows 2000 或 Microsoft Windows Server 2003 域環(huán)境中）。

•	Active Directory 啟用了郵箱的用戶：這只是 Active Directory 中的用戶對象。此用戶對象上設(shè)置了多個相關(guān)郵件屬性和相關(guān)郵箱屬性。
•	Exchange 信息存儲區(qū)中的郵箱文件夾：這是用戶實際郵件的存儲位置，其中設(shè)置了多個特定于郵箱的屬性。

郵箱權(quán)限存儲在安全描述符屬性中，該屬性位于信息存儲區(qū)的郵箱中。Active Directory 用戶對象還有一個名為 msExchMailboxSecurityDescriptor 的屬性。此屬性設(shè)計為僅用于反映用戶郵箱的郵箱權(quán)限。

Exchange 2000 或 2003 中郵箱啟用過程的簡要概述

下面是在 Active Directory 中創(chuàng)建 Exchange 2000 或 2003 啟用了郵箱的用戶通常所采取的步驟：

1.	域管理員從“Active Directory 用戶和計算機(jī)”(ADUnC) 管理單元或從使用 Active Directory Services Interfaces (ADSI) 的代碼，創(chuàng)建 Active Directory 用戶對象并啟用用戶帳戶。
2.	域管理員然后從 ADUnC 或通過 Collaboration Data Objects for Exchange Management (CDOEXM) 中的 ImailboxStore 接口以編程方式為此用戶啟用郵箱。本文的“參考”一節(jié)中包含一個指向有關(guān) IMailboxStore 接口的文檔的鏈接。不支持除 CDOEXM 之外的任何用于以編程方式為用戶對象啟用郵箱的方法。這兩種方法可以確保在為用戶對象啟用郵箱時該用戶對象的 msExchMailboxSecurityDescriptor 屬性和其他多個屬性設(shè)置正確。此步驟主要設(shè)置 Active Directory 中用戶對象的郵件屬性和郵箱屬性的小子集。此時，用戶的郵箱還不能訪問。
3.	根據(jù)計劃運行的時間，Exchange 2000 或 2003 服務(wù)器上運行的收件人更新服務(wù) (RUS) 會對此用戶對象的其余所有相關(guān)郵件屬性和相關(guān)郵箱屬性進(jìn)行標(biāo)記。此時，尚未在 Exchange 2000 或 2003 信息存儲區(qū)中創(chuàng)建用戶的郵箱。但是，已經(jīng)完全為用戶啟用了郵箱?，F(xiàn)在，郵箱已經(jīng)可以訪問。
4.	用戶第一次訪問郵箱或第一封郵件被路由到郵箱時，將在 Exchange 2000 或 2003 信息存儲區(qū)中創(chuàng)建實際郵箱。此時，當(dāng) Exchange 為用戶創(chuàng)建郵箱時，將在存儲區(qū)中郵箱的安全描述符中設(shè)置郵箱權(quán)限。這基于 msExchMailboxSecurityDescriptor 屬性中設(shè)置的訪問控制條目 (ACE)。

msExchMailboxSecurityDesciptor 屬性

此屬性存在于 Active Directory 中的用戶對象中。它存儲用戶的郵箱安全描述符的部分副本。此屬性不鏈接回用戶的郵箱安全描述符。

換句話說，如果直接修改此屬性，將不會更新 Exchange 信息存儲區(qū)中用戶的郵箱中的實際郵箱安全描述符，除非在信息存儲區(qū)中創(chuàng)建實際郵箱之前設(shè)置此屬性。

實際上，如果由 Active Directory 中用戶對象的 msExchMailboxSecurityDescriptor 屬性反映的安全描述符和信息存儲區(qū)中用戶郵箱中存儲的安全描述符之間有沖突，Exchange 會修復(fù) msExchMailboxSecurityDescriptor 屬性以反映用戶郵箱中的安全描述符。如果從 ADUnC 或通過 CDOEXM IExchangeMailbox 接口修改用戶郵箱的安全描述符，則 msExchMailboxSecurityDescriptor 屬性會自動更新以反映這些更改。

使用 msExchMailboxSecurityDescriptor 屬性的限制

•

僅當(dāng)在信息存儲區(qū)中創(chuàng)建郵箱之前設(shè)置此屬性時，對此屬性進(jìn)行的更改才會反映在用戶郵箱的安全描述符中。注意，當(dāng) Active Directory 中啟用了郵箱的用戶第一次訪問郵箱或所有郵件都發(fā)送到此用戶時，將在 Exchange 存儲區(qū)中創(chuàng)建此用戶的 Exchang 2000 和 2003 郵箱。

•

此屬性的另一個限制是該屬性不反映實際郵箱的安全描述符中任何繼承的 ACE。因此，讀取此目錄屬性不是讀取用戶的郵箱權(quán)限的最準(zhǔn)確的方法。

使用 msExchMailboxSecurityDescriptor 屬性的優(yōu)點

•

此屬性在 Active Directory 中的用戶對象上定義。因此，可以使用任何與輕型目錄訪問協(xié)議 (LDAP) 兼容的 API（如 ADSI API 或 LDAP API）訪問該屬性。

•

因為此代碼不需要 CDOEXM，所以您可以從未安裝 Microsoft Exchange 2000 和 2003 系統(tǒng)管理工具的服務(wù)器運行該代碼。但是同樣必須在信息存儲區(qū)中創(chuàng)建用戶郵箱之前設(shè)置郵箱權(quán)限。另外，您可以隨時讀取此用戶郵箱的郵箱權(quán)限。但是請記住本文中提到的限制。（請參閱“使用 msExchMailboxSecurityDescriptor 屬性的限制”一節(jié)。）

如果未在信息存儲區(qū)中創(chuàng)建實際郵箱之前設(shè)置啟用了郵箱的用戶的 msExchMailboxSecurityDescriptor 屬性，則信息存儲區(qū)中郵箱的實際安全描述符屬性將不包含具有下列內(nèi)容的 ACE：

•	受信者屬性設(shè)置為本人
•	訪問掩碼屬性設(shè)置為郵箱完全控制權(quán)限
•	讀取權(quán)限設(shè)置為允許
•	ACE 類型設(shè)置為允許

如果是這種情況，則當(dāng)用戶嘗試訪問公用文件夾或本地 Exchange 服務(wù)器之外的任何資源時，可能會遇到問題。CDOEXM 庫中的 IMailboxStore 接口之所以是唯一受支持的以編程方式針對 Exchange 2000 或 2003 存儲區(qū)為 Active Directory 用戶啟用郵箱的機(jī)制，這是其中一個原因。下面的示例向您顯示如何使用 ADSI 和 CDOEXM 在 Active Directory 中創(chuàng)建啟用了郵箱的用戶對象。然后，手動設(shè)置 msExchMailboxSecurityDescriptor 接口以包含具有代碼中指定的受信者的 ACE。此示例的唯一目的就是向您顯示如何在訪問用戶郵箱以及在信息存儲區(qū)中創(chuàng)建用戶郵箱之前設(shè)置此屬性（如果該屬性以前未正確設(shè)置）。

設(shè)置 Visual Basic 環(huán)境以運行 Visual Basic 示例

1.	在 Exchange 2000 或 2003 服務(wù)器上啟動 Microsoft Visual Basic 6.0。
2.	創(chuàng)建一個新的標(biāo)準(zhǔn) EXE 項目。為此，請單擊文件菜單上的新建，然后雙擊標(biāo)準(zhǔn) EXE。
3.	在項目菜單上，單擊引用，然后選擇“活動 DS 類型庫”和“Microsoft CDO for Exchange Management”。
4.	在窗體的源視圖中，鍵入或粘貼以下代碼以替換 Form_Load() 子例程。
5.	將變量 sUserADsPath 中設(shè)置的值更改為您要查看或修改其郵箱權(quán)限的 Active Directory 用戶對象的 LDAP 路徑。

注意：此示例向您顯示了如何讀取 msExchMailboxSecurityDescriptor 屬性中存儲的郵箱權(quán)限的副本。它還顯示了如何修改郵箱權(quán)限以及向作為受信者的本人 ACE 添加郵箱完全控制權(quán)限的 ACE。

回到頂端

Visual Basic 代碼

‘********************************************************************‘*‘* Function AddAce(dacl, TrusteeName, gAccessMask, gAceType,‘*            gAceFlags, gFlags, gObjectType, gInheritedObjectType)‘*‘* Purpose: Adds an ACE to a DACL‘* Input:       dacl            Object‘s Discretionary Access Control List‘*              TrusteeName     SID or Name of the trustee user account‘*              gAccessMask     Access Permissions‘*              gAceType        ACE Types‘*              gAceFlags       Inherit ACEs from the owner of the ACL‘*              gFlags          ACE has an object type or inherited object type‘*              gObjectType     Used for Extended Rights‘*              gInheritedObjectType‘*‘* Output:  Object - New DACL with the ACE added‘*‘********************************************************************Function AddAce(dacl, TrusteeName, gAccessMask, gAceType, gAceFlags, gFlags, gObjectType, gInheritedObjectType)    Dim Ace1    ‘ Create a new ACE object    Set Ace1 = CreateObject("AccessControlEntry")    Ace1.AccessMask = gAccessMask    Ace1.AceType = gAceType    Ace1.AceFlags = gAceFlags    Ace1.Flags = gFlags    Ace1.Trustee = TrusteeName    ‘Check to see if ObjectType needs to be set    If CStr(gObjectType) <> "0" Then       Ace1.ObjectType = gObjectType    End If    ‘Check to see if InheritedObjectType needs to be set    If CStr(gInheritedObjectType) <> "0" Then        Ace1.InheritedObjectType = gInheritedObjectType    End If    dacl.AddAce Ace1    ‘ Destroy objects    Set Ace1 = NothingEnd FunctionPrivate Sub Form_Load()Dim objContainer As IADsContainerDim objUser As IADsUserDim objMailbox As CDOEXM.IMailboxStoreDim oSecurityDescriptor As SecurityDescriptorDim dacl As AccessControlListDim ace As AccessControlEntry‘ ********************************************************************‘ You must change this variable according to your environment‘sContainerADsPath = "LDAP://domain.com/cn=Users,DC=domain,DC=com"sUserLoginName = "testUser"sUserFirstName = "Test"sUserLastName = "User"sMBXStoreDN = "CN=Mailbox Store (ExServer),CN=First Storage Group," & _   "CN=InformationStore,CN=ExServer,CN=Servers,CN=AdminGP," & _   "CN=Administrative Groups,CN=Microsoft,CN=Microsoft Exchange," & _   "CN=Services,CN=Configuration,DC=domain,DC=com"sTrustee = "domainName\userName"‘ ********************************************************************‘ Get directory container object objectSet objContainer = GetObject(sContainerADsPath)‘ Create the user object in the target container in Active DirectorySet objUser = objContainer.Create("User", "CN=" & sUserFirstName & " " & _              sUserLastName)objUser.Put "samAccountName", sUserLoginNameobjUser.Put "givenName", sUserFirstNameobjUser.Put "sn", sUserLastNameobjUser.SetInfoobjUser.SetPassword "password"objUser.SetInfo‘ Mailbox-enable the user object by using the CDOEXM::IMailboxStore‘ interface‘ This also sets the msExchMailboxSecurityDescriptor appropriatelySet objMailbox = objUserobjMailbox.CreateMailbox sMBXStoreDNobjUser.SetInfo‘**************************************************************************‘  The msExchMailboxSecurityDescriptor attribute is a backlink attribute‘   from the Exchange Mailbox in the Web store to the directory. What this‘   implies is that the mailbox rights are stored on the actual mailbox in‘   the Web store and this directory attribute reflects these mailbox‘   rights.‘  By default, changing this attribute does not affect the mailbox rights‘   in the store. This attribute can only be modified before the actual‘   mailbox in the store is created. If it is set before the mailbox in‘   the Web store is created, Exchange will use the DACL set on this‘   attribute as the DACL for mailbox rights on the mailbox in the store.‘   Therefore, it can only be set before the mailbox-creation time.‘  On installing Exchange 2000 SP2 on the Exchange Server where this code‘   is being run, that would enable modifying the actual mailbox rights‘   even after mailbox creation.‘**************************************************************************‘ Get the copy Mailbox Security Descriptor (SD) stored on the‘ msExchMailboxSecurityDescriptor attributeobjUser.GetInfoEx Array("msExchMailboxSecurityDescriptor"), 0Set oSecurityDescriptor = objUser.Get("msExchMailboxSecurityDescriptor")‘ Extract the Discretionary Access Control List (ACL) using the‘ IADsSecurityDescriptor interfaceSet dacl = oSecurityDescriptor.DiscretionaryAcl‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘  The following block of code demonstrates reading all the ACEs on a‘  DACL for the Exchange 2000 mailbox.‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘Debug.Print "Here are the existing ACEs the mailbox‘s DACL - "‘ Enumerate all the access control entries (ACEs) in the ACL using‘ the IADsAccessControlList interface, thus displaying the current‘ mailbox rightsDebug.Print "Trustee, AccessMask, ACEType, ACEFlags, Flags, ObjectType, InheritedObjectType"Debug.Print "-------  ----------  -------  --------  -----  ----------" & _            " -------------------"Debug.PrintFor Each ace In dacl‘ Display all the ACEs‘ properties by using the IADsAccessControlEntry‘ interface    Debug.Print ace.Trustee & ", " & ace.AccessMask & ", " & _      ace.AceType & ", " & ace.AceFlags & ", " & ace.Flags & ", " & _      ace.ObjectType & ", " & ace.InheritedObjectTypeNext‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘  The following block of code demonstrates adding a new ACE to the DACL‘  for the Exchange 2000 mailbox with the Trustee specified in sTrustee,‘  giving allow "Full Control" over this mailbox.‘  This is the same task that is performed by ADUnC when selecting Add,‘  specifying the Trustee, and checking the "Full Mailbox Access" Rights‘  checkbox under the Mailbox Rights in the Exchange Advanced tab on the‘  properties of a user.‘  Similarly, you could remove ACEs from this ACL as well using the‘  IADsAccessControlEntry interfaces.‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘ Template: AddAce(TrusteeName, gAccessMask, gAceType, gAceFlags, gFlags, gObjectType, gInheritedObjectType)‘ Setting the Access Mask to 131075 enables "full mailbox access" and‘ "read" privilegesAddAce dacl, sTrustee, 131075, _       ADS_ACETYPE_ACCESS_ALLOWED, ADS_ACEFLAG_INHERIT_ACE, 0, 0, 0‘ Add the modified DACL back onto the Security DescriptoroSecurityDescriptor.DiscretionaryAcl = dacl‘ Save New SD onto the userobjUser.Put "msExchMailboxSecurityDescriptor", oSecurityDescriptor‘ Commit changes from the property cache to the Information StoreobjUser.SetInfoMsgBox "Done viewing and modifying the copy of the Mailbox Security Descriptor"End Sub

回到頂端

Visual Basic 腳本代碼

Dim objContainerDim objUserDim objMailboxDim oSecurityDescriptorDim daclDim ace‘ ********************************************************************‘ You must change this variable according to your environment‘sContainerADsPath = "LDAP://domain.com/cn=Users,DC=domain,DC=com"sUserLoginName = "testUser"sUserFirstName = "Test"sUserLastName = "User"sMBXStoreDN = "CN=Mailbox Store (ExServer),CN=First Storage Group," & _   "CN=InformationStore,CN=ExServer,CN=Servers,CN=AdminGP," & _   "CN=Administrative Groups,CN=Microsoft,CN=Microsoft Exchange," & _   "CN=Services,CN=Configuration,DC=domain,DC=com"sTrustee = "domainName\userName"‘ ********************************************************************‘ Get directory container object objectSet objContainer = GetObject(sContainerADsPath)‘ Create the user object in the target container in Active DirectorySet objUser = objContainer.Create("User", "CN=" & sUserFirstName & " " & _              sUserLastName)objUser.Put "samAccountName", sUserLoginNameobjUser.Put "givenName", sUserFirstNameobjUser.Put "sn", sUserLastNameobjUser.SetInfoobjUser.SetPassword "password"objUser.SetInfo‘ Mailbox enable the user object by using the CDOEXM::IMailboxStore‘ interface‘ This also sets the msExchMailboxSecurityDescriptor appropriatelySet objMailbox = objUserobjMailbox.CreateMailbox sMBXStoreDNobjUser.SetInfo‘**************************************************************************‘  The msExchMailboxSecurityDescriptor attribute is a backlink attribute‘   from the Exchange Mailbox in the Web Store to the directory. What this‘   implies is that the mailbox rights are stored on the actual mailbox in‘   the Web store and this directory attribute reflects these mailbox‘   rights.‘  By default, changing this attribute does not affect the mailbox rights‘   in the store. This attribute can only be modified before the actual‘   mailbox in the store is created. If it is set before the mailbox in‘   the Web store is created, Exchange will use the DACL set on this‘   attribute as the DACL for mailbox rights on the mailbox in the store.‘   Therefore, it can only be set before the mailbox creation time.‘  On installing Exchange 2000 SP2 on the Exchange Server where this code‘   is being run, that would enable modifying the actual mailbox rights‘   even after mailbox creation.‘**************************************************************************‘ Get the copy Mailbox Security Descriptor (SD) stored on the‘ msExchMailboxSecurityDescriptor attributeobjUser.GetInfoEx Array("msExchMailboxSecurityDescriptor"), 0Set oSecurityDescriptor = objUser.Get("msExchMailboxSecurityDescriptor")‘ Extract the Discretionary Access Control List (ACL) using the‘ IADsSecurityDescriptor interfaceSet dacl = oSecurityDescriptor.DiscretionaryAcl‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘  The following block of code demonstrates reading all the ACEs on a‘  DACL for the Exchange 2000 mailbox.‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘Wscript.echo "Here are the existing ACEs the mailbox‘s DACL - "‘ Enumerate all the access control entries (ACEs) in the ACL using‘ the IADsAccessControlList interface, thus displaying the current‘ mailbox rightsWscript.echo "Trustee, AccessMask, ACEType, ACEFlags, Flags, ObjectType, InheritedObjectType"Wscript.echo "-------  ----------  -------  --------  -----  ----------" & _            " -------------------"Wscript.echoFor Each ace In dacl‘ Display all the ACEs‘ properties using the IADsAccessControlEntry‘ interface    Wscript.echo ace.Trustee & ", " & ace.AccessMask & ", " & _      ace.AceType & ", " & ace.AceFlags & ", " & ace.Flags & ", " & _      ace.ObjectType & ", " & ace.InheritedObjectTypeNext‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘  The following block of code demonstrates adding a new ACE to the DACL‘  for the Exchange 2000 mailbox with the Trustee specified in sTrustee,‘  giving allow "Full Control" over this mailbox.‘  This is the same task that is performed by ADUnC when selecting Add,‘  specifying the Trustee, and checking the "Full Mailbox Access" Rights‘  checkbox under the Mailbox Rights in the Exchange Advanced tab on the‘  properties of a user.‘  Similarly, you could remove ACEs from this ACL as well using the‘  IADsAccessControlEntry interfaces.‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘‘ Template: AddAce(TrusteeName, gAccessMask, gAceType, gAceFlags, gFlags, gObjectType, gInheritedObjectType)‘ Setting the Access Mask to 131075 enables "full mailbox access" and‘ "read" priviledgesAddAce dacl, sTrustee, 131075, _       ADS_ACETYPE_ACCESS_ALLOWED, ADS_ACEFLAG_INHERIT_ACE, 0, 0, 0‘ Add the modified DACL back onto the Security DescriptoroSecurityDescriptor.DiscretionaryAcl = dacl‘ Save New SD onto the userobjUser.Put "msExchMailboxSecurityDescriptor", oSecurityDescriptor‘ Commit changes from the property cache to the information storeobjUser.SetInfoMsgBox "Done viewing and modifying the copy of the Mailbox Security Descriptor"‘********************************************************************‘*‘* Function AddAce(dacl, TrusteeName, gAccessMask, gAceType,‘*            gAceFlags, gFlags, gObjectType, gInheritedObjectType)‘*‘* Purpose: Adds an ACE to a DACL‘* Input:       dacl            Object‘s Discretionary Access Control List‘*              TrusteeName     SID or Name of the trustee user account‘*              gAccessMask     Access Permissions‘*              gAceType        ACE Types‘*              gAceFlags       Inherit ACEs from the owner of the ACL‘*              gFlags          ACE has an object type or inherited object type‘*              gObjectType     Used for Extended Rights‘*              gInheritedObjectType‘*‘* Output:  Object - New DACL with the ACE added‘*‘********************************************************************Function AddAce(dacl, TrusteeName, gAccessMask, gAceType, gAceFlags, gFlags, gObjectType, gInheritedObjectType)    Dim Ace1    ‘ Create a new ACE object    Set Ace1 = CreateObject("AccessControlEntry")    Ace1.AccessMask = gAccessMask    Ace1.AceType = gAceType    Ace1.AceFlags = gAceFlags    Ace1.Flags = gFlags    Ace1.Trustee = TrusteeName    ‘Check to see if ObjectType needs to be set    If CStr(gObjectType) <> "0" Then       Ace1.ObjectType = gObjectType    End If    ‘Check to see if InheritedObjectType needs to be set    If CStr(gInheritedObjectType) <> "0" Then        Ace1.InheritedObjectType = gInheritedObjectType    End If    dacl.AddAce Ace1    ‘ Destroy objects    Set Ace1 = NothingEnd Function

參考

有關(guān) CDOEXM IMailboxStore::CreateMailbox 的更多信息，請訪問下面的 Microsoft 網(wǎng)站：

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/wss/wss/_cdo_imailboxstore_createmailbox.asp (http://msdn.microsoft.com/library/default.asp?url=/library/en-us/wss/wss/_cdo_imailboxstore_createmailbox.asp)

有關(guān) ADSI 中相關(guān)安全接口的更多信息，請訪問下面的 Microsoft 網(wǎng)站：

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/netdir/adsi/security_interfaces.asp (http://msdn.microsoft.com/library/default.asp?url=/library/en-us/netdir/adsi/security_interfaces.asp)

Adssecurity.dll 是 Active Directory Service Interfaces (ADSI) 2.5 資源工具包的一部分。要下載 ADSI 2.5 資源工具包，請訪問下面的 Microsoft 網(wǎng)站。使用 Regsvr32 注冊 ADsSecurity.dll。

http://www.microsoft.com/ntserver/nts/downloads/other/ADSI25/default.asp (http://www.microsoft.com/ntserver/nts/downloads/other/ADSI25/default.asp)

有關(guān)關(guān)聯(lián)的外部帳戶的更多信息，請單擊下面的文章編號，以查看 Microsoft 知識庫中相應(yīng)的文章：

278888 (http://support.microsoft.com/kb/278888/) 如何將 Exchange 2000 郵箱或 Exchange 2003 郵箱與 Windows NT 4.0 帳戶關(guān)聯(lián)

本站僅提供存儲服務(wù)，所有內(nèi)容均由用戶發(fā)布，如發(fā)現(xiàn)有害或侵權(quán)內(nèi)容，請點擊舉報。

免费视频淫片aa毛片_日韩高清在线亚洲专区vr_日韩大片免费观看视频播放_亚洲欧美国产精品完整版

概要