3.2.5.1.1 Private Mailbox Logon

  • Article

Look up the ESSDN (specified in the Essdn field of the request) in the global directory to get that user's configuration information. If lookup fails specifically because the ESSDN could not be found, the server MUST fail the operation with a ReturnValue of ecUnknownUser (section 3.2.5.1.3). If lookup fails for any other reason, the server MUST fail the operation with a ReturnValue of ecLoginFailure, as specified in section 3.2.5.1.3.

If the user has no configured mailbox database, the ROP MUST fail with a ReturnValue of ecUnknownUser, as specified in section 3.2.5.1.3. If the database indicated by the user's configured mailbox database is currently offline, the operation SHOULD<20> fail with a ReturnValue of ecLoginFailure. If the client attempts to log on to a mailbox that is in transit, the server MUST fail the operation with ecMailboxInTransit, as specified in section 3.2.5.1.3, in the ReturnValue field. If the client attempts to log on to a mailbox that is disabled, the server SHOULD<21> fail the operation with ecUnknownUser in the ReturnValue field.

If the user's configured mailbox is not hosted by this server, the server determines the name of the correct server hosting the user's mailbox and fail the ROP with a ReturnValue of ecWrongServer, as specified in section 3.2.5.1.3. For details about properly forming the response when a ReturnValue of ecWrongServer is sent, see section 2.2.1.1.2.

If the client attempts to log on to a nonhome message store and the USE_ADMIN_PRIVILEGE bit in the OpenFlags field is not set, the server MUST fail the operation with ecProfileNotConfigured, as specified in section 3.2.5.1.3, in the ReturnValue field.

If the client specified an invalid code page for a string or a Server object when establishing the connection to the server, the server SHOULD<22> fail the operation with ecUnknownCodePage, as specified in section 3.2.5.1.3, in the ReturnValue field.

If the client has made more than five attempts within a 10-second period to log on to a mailbox that is not hosted on the server, the server MUST fail the operation with ecServerPaused, as specified in section 3.2.5.1.3, in the ReturnValue field.

If the client sets an undefined flag in either the LogonFlags field or the OpenFlags field, the server SHOULD<23> fail the operation with ecError, as specified in [MS-OXCDATA] section 2.4, in the ReturnValue field.

If the SUPPORT_PROGRESS flag is set, the server responds as specified in [MS-OXCMSG] section 3.2.5.10.<24>

If the PidTagSortLocaleId property (section 2.2.2.1) is set, then the server supports the GET/read operation for the property.<25> If the property is not set, then the server returns ecNotFound, as specified in [MS-OXCDATA] section 2.4, in the ReturnValue field.

For the USE_PER_MDB_REPLID_MAPPING flag of the OpenFlags field, the server SHOULD<26> have the following behavior:

  • If the logon is the first on the RPC session, or if the logon is additional on the RPC session and it is to the same mailbox that is associated with the first logon, then the server ignores the USE_PER_MDB_REPLID_MAPPING flag of the OpenFlags field.<27>

  • If the logon is additional on the RPC session, and it is to a mailbox that is different from the mailbox that is associated with the first logon, then the server inspects the USE_PER_MDB_REPLID_MAPPING flag of the OpenFlags field to see if it is set. If the USE_PER_MDB_REPLID_MAPPING flag is not set, then the server SHOULD<28> fail the ROP with a ReturnValue of ecInvalidParameter 0x80070057.<29> If the USE_PER_MDB_REPLID_MAPPING flag is set, then the server takes no action.<30>

If the user does not match the owner of the mailbox, then the return value is implementation-specific;<31> otherwise, the server checks the user's permissions to determine whether the user is an owner of the mailbox or a delegate. An owner is not required to have security settings checked before performing any non-administrative operations on the mailbox. For more details about delegates, see [MS-OXODLGT].

The server then finds the mailbox in the mailbox table. If the mailbox is not present in the table and the user has owner permission on the mailbox, the server creates the mailbox. That process includes creating the default folders and establishing the proper Receive folder values. For details about setting Receive folder values, see section 3.2.3. The server does not create the mailbox if the user does not have owner permission. In that case, the ROP fails with a ReturnValue of ecLoginPerm, as specified in section 3.2.5.1.3 or a ReturnValue of ecAccessDenied, as specified in section 3.2.5.1.3; the return value is implementation specific.<32> Other failures to find the user in the mailbox table (beyond a "not found" error) MUST fail the operation with a ReturnValue of ecLoginFailure.

The server then determines the appropriate FIDs to return to the client. For details, see section 2.2.1.1.3. The server returns the appropriate REPLGUID in the ReplGuid field. If the server returns the same REPLGUID for different logons, the server MUST use the same REPLID-to-REPLGUID mapping and named property-to-property ID mapping for those different logons.