SUMMARY
Hidden recipients usually represent system objects used for configuration and directory replication purposes. However, Microsoft Exchange Server also lets you store recipients in the directory that can be hidden from regular view in Exchange Admin and the Global Address List. This step-by-step article shows you how to access them using ADSI.
back to the top
Access Hidden Receipients Using ADSI
In order to access hidden recipients, you have to bind to the directory with valid user credentials using clear text authentication. The credentials that are used must have Exchange Admin permissions. By appending ",cn=admin" to the user's distinguished name(for example, cn=username,dc=domain,cn=admin), you specify that you wish to be authenticated as an Administrator.
Once authenticated with the Exchange Directory, the user is able to view both hidden and deleted directory objects. The LDAP name attribute "Hide-From-Address-Book" is of Boolean type and indicates whether the object is hidden or not. The "Is-Deleted" property indicates whether or not the object is deleted. To view the Hidden Recipients, a filter would be applied for those objects that are hidden but not deleted.
back to the top
Using Visual C++
The following Visual C++ code shows how to do this using ADsOpenObject and IDirectorySearch.
HRESULT hr;
IDirectorySearch *pSearch;
// Initialization
CoInitialize(NULL);
// Bind to the base search object
hr = ADsOpenObject(L"LDAP://server", L"cn=username,dc=domain,cn=admin",
L"password", 0,IID_IDirectorySearch, (void**)&pSearch);
if(!SUCCEEDED(hr))
{
return hr;
}
// Perform a subtree search
ADS_SEARCHPREF_INFO prefInfo[1];
prefInfo[0].dwSearchPref = ADS_SEARCHPREF_SEARCH_SCOPE;
prefInfo[0].vValue.dwType = ADSTYPE_INTEGER;
prefInfo[0].vValue.Integer = ADS_SCOPE_SUBTREE;
hr = pSearch->SetSearchPreference( prefInfo, 1);
// Prepare for attributes return
LPWSTR pszAttr[] = { L"cn", L"mail"};
ADS_SEARCH_HANDLE hSearch;
DWORD dwCount= sizeof(pszAttr)/sizeof(LPWSTR);
// Search for hidden Recipients
hr=pSearch->ExecuteSearch(L"(&(Hide-From-Address-Book=True)(!(Is-deleted=true)))", pszAttr, dwCount, &hSearch );
if (!SUCCEEDED(hr))
{
pSearch->Release();
return hr;
}
// Now enumerate the result
ADS_SEARCH_COLUMN col;
while( pSearch->GetNextRow(hSearch) != S_ADS_NOMORE_ROWS )
{
// Get attributes
for(unsigned int i=0; i<dwCount; i++)
{
hr = pSearch->GetColumn( hSearch, pszAttr[i], &col );
if ( SUCCEEDED(hr) )
{
printf("\n%S",(LPWSTR)col.pADsValues->CaseIgnoreString);
pSearch->FreeColumn( &col );
}
}
}
// Clean-up
pSearch->CloseSearchHandle(hSearch);
pSearch->Release();
CoUninitialize();
back to the top
Using Visual Basic
Here's a code example using Visual Basic with ADO 2.0 (IDirectorySearch is not available for automation-based languages):
Set conn = CreateObject("ADODB.Connection")
conn.Provider = "ADSDSOObject"
conn.Open "ADs Provider", "cn=username,dc=domain,cn=admin", "password"
Set rs = conn.Execute("<LDAP://server>;(&(Hide-From-Address-Book=True)(!(Is-deleted=true)));cn,mail;subtree")
While Not rs.EOF
Debug.Print rs.Fields(0) & " " & rs.Fields(1)
rs.MoveNext
Wend
rs.Close
Set conn = Nothing
Set rs = Nothing
back to the top
REFERENCES
For additional information about binding to Exchange server using "cn=admin", please see the following
article in the Microsoft Knowledge Base:
196850 INFO: Viewing Hidden or Deleted Exchange Objects via ADSI/LDAP
More information on ADSI can be found at:
For more information about developing Web-based solutions for Microsoft Internet Explorer, visit the following Microsoft Web sites:
back to the top