XADM: The CDOEXM IMailboxStore::CreateMailbox() or IMailboxStore::MoveMailbox() Method Fails (317234)


The information in this article applies to:

  • Microsoft Exchange 2000 Server
This article was previously published under Q317234

SYMPTOMS

If you run the IMailboxStore::CreateMailbox() method or the IMailboxStore::MoveMailbox() method from CDO for Exchange Management (CDOEXM), and you are using an account that does not use the same security context as the Exchange 2000 server, the CreateMailbox() or the MoveMailbox() method may fail.

In the following code sample, the ADS code succeeds: 
' ADS code succeeds
Dim objUser As IADsUser
Set objUser = objOpenDSO.OpenDSObject(sUsersDN, "domain1\Administrator", "password",ADS_SECURE_AUTHENTICATION)
Then the IMailboxStore interface on the same object fails: 
' IMailboxStore interface on the same object fails
Dim objMailbox As CDOEXM.IMailboxStore
Set objMailbox = objUser
objMailbox.CreateMailbox(sPrivMdbDN)
The CreateMailbox() method fails with an access denied error when the application is not run under the domain/Exchange Administrator account.

The CreateMailbox() member function does a security check against the Exchange 2000 security settings. This security check should succeed because objUser was created using the Administrator credentials.

CAUSE

This problem occurs because Exchange 2000 has to impersonate the Administrator account to use remote procedure call (RPC) to the remote computer. This requires local logon rights for the Administrator account for which credentials are passed.

WORKAROUND

To work around this problem, run the code under a context that is a local Administrator on the Exchange 2000 server.

STATUS

Microsoft has confirmed that this is a problem in Microsoft Exchange 2000 Server.
Modification Type:MinorLast Reviewed:4/25/2005
Keywords:kbbug kbnofix KB317234
©2004 Microsoft Corporation. All rights reserved.