OUTBOX: Configuring and Using Exchange Web Services Impersonation in Exchange 2007

Here is the information on setting up and using Exchange Web Services impersonation in Exchange 2007. Notice that it is a two part process, it is not just setting permissions on the target account, the service account also needs permissions on the Client Access Server itself...


Configuring Exchange Impersonation (Exchange Web Services)



…Notice that you have to set to rights “ms-Exch-EPI-Impersonation” must be on the Client Access server for the service account which will do the impersonation.  Additionally the service account will have to have the “ms-Exch-EPI-May-Impersonate” right granted to it on each mailbox it will impersonate.  This right is inherited down to mailboxes if you were to set it at the store, storage group, server, or organizational level.


The second piece is using impersonation in your Exchange Web Services application…


Using Exchange Impersonation (Exchange Web Services)



…This documentation does a good job of explaining things and provides examples of the raw XML requests however it does not provide a C# sample using the proxy classes.  It is actually just a matter of adding a object to the ExchangeServiceBinding used to submit your requests.  Here is a sample of adding the object to the binding in C#...


_esb.ExchangeImpersonation = new ExchangeImpersonationType();

      _esb.ExchangeImpersonation.ConnectingSID = new ConnectingSIDType();

      _esb.ExchangeImpersonation.ConnectingSID.PrimarySmtpAddress = mailbox;

…In this code sample “_esb” is an ExchangServiceBinding object and mailbox is the SMTP address of the mailbox I want to impersonate.