��к�

Select the product you need help with

�Ըա�õ�駤�� Exchange Server 2000 ��Է��㹡��ͧ�� 2003 ��ҧ��ͧ��

��Ţ�� (Article ID): 304935 - ��Ե�ѳ��Ǣ�ͧ㹺��

��ԡ��ʹ٢�ͨӡѴ��Ѻ�Դ�ͺ�ͧ KB ��¤��

��ԡ��ʴ��¤��е鹩�Ѻ��ѧ��§��ҧ�ѹ

��·�� | �غ��

��ʴ��Ըա�û�Ѻ��¹�Է��ͧ��ͧ��º� Microsoft Exchange Server 2000 ��͡��ͧ�� 2003 ��ǡѹ�Դ��س��ͧ��§ҹ�ѵ�ؼ��㹺�ԡ��á�� Active Directory �ͧ Microsoft �·ҧ��

��Сͺ��ʵ��ҧ��ʴ��Ըա�õ�駤��Է��ͧ��ͧ�� Exchange 2000 ��͡��ͧ�� 2003 ��͹�� ж١��ҧ��Ѻ�� Exchange 2000 ��ͧ��·��ԧ ��͡�èѴ�红�� 2003 ��ѧ �ҡ��ѵ�ؼ��١�Դ��ͧ�� Active Directory

��˵�:��ʹ��ռ��ҡ��ͧ��·�� Exchange 2000 ��红�� 2003 ��ҧ�� ռšѺ�Է��ͧ��ͧ��·��ԧ㹡��ͧ��¢ͧ��ҡ��ͧ��¢ͧ��١��Ҷ֧��Ѻ��ǡѺ�Ըա��Է��ͧ��ͧ��¡��ͧ�� Exchange 2000 ��駡�͹ ��ѧ �ҡ��١��ҧ��㹡��红�� ԡ��Ţ��仹��ʹٺ��㹰ҹ��ͧ Microsoft:

310866

(http://support.microsoft.com/kb/310866/ )

�Ըա�õ�駤��Է��㹡��ͧ�� Exchange 2000 ��ͧ��·��红��

��Ѻ仴�ҹ�� | ��ʹ��

��

��ͧ��ͧ��ǹ� Exchange 2000 ��ͧ�� 2003 ��к�� Microsoft Windows 2000 �� Microsoft Windows Server 2003

��Դ��ͧ�� Active Directory: ��§��ѵ�ؼ�� Active Directory �س��ѵԷ��Ǣ�ͧ�Ѻ��Фس��ѵԷ��Ǣ�ͧ�Ѻ��ͧ��¶١��駤�Һ��ѵ�ع��
��ͧ��红�� Exchange: ��͵��˹� ��纨��·��ԧ�ͧ�� ա�õ�駤�Ҥس��ѵԵ�ҧ � ��੾�СѺ��ͧ��

�Է��㹡��ͧ��¨Ѵ��㹤س��ѵԵ�Ǻ͡��ǡѺ��ʹ��·��躹��ͧ��红�� ѧ�͵��Ժ�ǵ�� Active Directory ��ѵ�� ¡��msExchMailboxSecurityDescriptor. �س�ѡɳй��١�͡Ẻ��з�͹�֧�Է��㹡��ͧ��¡��ͧ��¢ͧ��ҹ��

��Ҿ��ҧ�Ǵ��Ǣͧ��кǹ��Դ��ͧ�� Exchange 2000 �� 2003

��仹��繢�鹵͹��ҧ � ��»��Դ��Թ��ҧ Exchange 2000 ��ͼ��Դ��ͧ�� 2003 � Active Directory:

��ҧ�ѵ�ؼ�� Active Directory ��Դ��ҹ�ѭ�ռ�� ҡ�� "Active Directory ��Ф��" (ADUnC) �ṻ�Թ�� ҡ��ʷ�� Active Directory Services �Թ��࿫ (ADSI)
�Դ��Ţͧ��ǡ��ͧ��§ҹ�� ҡ ADUnC ��·ҧ�� ҹ�Թ��࿫ IMailboxStore ��ѵ�آ��š��͡ѹ��Ѻ��š��¹��èѴ�� (CDOEXM) ��§�Ѻ�͡��û�Сͺ��Ѻ�Թ��࿫ IMailboxStore ��ǹ "��ҧ�ԧ" �ͧ�� ʹѺʹع��Ըա��蹷�� CDOEXM ��㹡��Դ��·ҧ��ͧ��§ҹ�ѵ�ؼ��

��Ǩ�ͺ approaches �ͧ��ҹ��ҡ��msExchMailboxSecurityDescriptor�͵��Ժ�ǵ��Фس�ѡɳ�� ¶١��駤��ҧ�١��ͧ��ѵ�ؼ��Դ��ѧ��ǡ��ͧ��§ҹ�� 鹵͹�� basically ��˹��ش��¢ͧ�͵��Ժ�ǵ�ͧ��͵��Ժ�ǵ�ͧ��ͧ��¢�Ҵ��硺��ѵ�ؼ�� Active Directory ��ش�� ͧ��¢ͧ��ѧ��Ѻ��Ҷ֧
��Ѻ��û�Ѻ��ا Service (RUS) ��ѹ� Exchange 2000 �� 2003 ��Ѻ��ͤس�ա�èѴ��˹��ѹ stamps ��Ǣ�ͧ �Ѻ�� Ǣ�ͧ �Ѻ��ͧ��¤س�ѡɳк��ѵ�ع�� ش�� ͧ��¢ͧ��١��ҧ� Exchange 2000 ��͡�èѴ�红�� 2003 ��ҧ�á�� ó��ͧ��Դ��ҹ ��й�� ͧ��ö��Ҷ֧
��ͼ��Ҷ֧��ͧ��á �� ա�á�˹��鹷ҧ��ͤ��á��ѧ��ͧ�� ͧ��·��ԧ�١��ҧ� Exchange 2000 ��红�� 2003 ��ش�� Exchange ��ҧ��ͧ��Ѻ�� Է��ͧ��·��١��駤�Һ��͸Ժ�¤��ʹ��¢ͧ��ͧ�� This is based on the access control entries (ACEs) that are set on themsExchMailboxSecurityDescriptor�͵��Ժ�ǵ�

The msExchMailboxSecurityDesciptor attribute

This attribute exists on the user object in Active Directory. It stores a partial copy of the user's mailbox security descriptor. This attribute is not back-linked to the user's mailbox security descriptor.

In other words, if you modify this attribute directly, you do not update the actual mailbox security descriptor on the user's mailbox in the Exchange information store, unless you set this attribute before the actual mailbox has been created in the information store.

In fact, if there is a conflict between the security descriptor that is reflected by themsExchMailboxSecurityDescriptorattribute on the user object in Active Directory and the security descriptor that is stored on the user's mailbox in the information store, Exchange fixes themsExchMailboxSecurityDescriptorattribute to reflect the security descriptor on the user's mailbox. If you modify the security descriptor of the user's mailbox from ADUnC or through the CDOEXM IExchangeMailbox interface, themsExchMailboxSecurityDescriptorattribute is updated automatically to reflect these changes.

Limitations of using the msExchMailboxSecurityDescriptor attribute

The changes that you make on this attribute are reflected on the security descriptor of the user's mailbox only when you set this attribute before the mailbox is created in the information store. Note that the Exchange 2000 and 2003 mailbox for a mailbox-enabled user in Active Directory is created in an Exchange store when the user first accesses the mailbox or when any mail is sent to this user.
Another limitation of this attribute is that the attribute does not reflect any of the inherited ACEs on the actual mailbox's security descriptor. Hence, reading this directory attribute is not the most accurate approach to read a user's mailbox rights.

Advantages of using the msExchMailboxSecurityDescriptor attribute

This attribute is defined on a user object in Active Directory. Therefore, it can be accessed using any API that is compliant with Lightweight Directory Access Protocol (LDAP), such as the ADSI APIs or the LDAP APIs.
Because this code does not require CDOEXM, you can run it from a server that does not have the Microsoft Exchange 2000 and 2003 System Management Tools installed. But, again, you must set the mailbox rights before the user's mailbox is created in the information store. Also, you can read the mailbox rights at any time on this user's mailbox. But keep in mind the limitations that are mentioned in this article. (See the "Limitations of Using themsExchMailboxSecurityDescriptorAttribute" section.)

If you do not set themsExchMailboxSecurityDescriptorattribute on the mailbox-enabled user before the actual mailbox is created in the information store, the actual security descriptor property on the mailbox in the information store does not include an ACE with the following:

��кǹ��Trustee�س��ѵԷ��˹�Self
��кǹ��Access Mask�س��ѵԷ��˹�Full Mailbox Access
��кǹ��Readpermission set to͹حҵ��
��кǹ��ACE Type��õ�駤��͹حҵ��

If this is the case, the user may experience problems when the user tries to access public folders or any resources that are outside the local Exchange server. This is one of the reasons why the IMailboxStore interface in the CDOEXM library is the only supported mechanism to programmatically mailbox-enable an Active Directory user against an Exchange 2000 or 2003 store.Here is a sample that shows you how to use ADSI and CDOEXM to make a mailbox-enabled user object in Active Directory. Then you manually set themsExchMailboxSecurityDescriptorinterface to include an ACE with the trustee specified in the code. The sole purpose of this sample is to show you how to set this attribute before the user's mailbox has been accessed and created in the information store if the attribute was not set correctly in the past.

Setting up the Visual Basic environment to run the Visual Basic sample

Start Microsoft Visual Basic 6.0 on the Exchange 2000 or 2003 server.
Create a New Standard EXE Project. ��͵�ͧ��÷��蹹�� ԡ��㹡����:�� Ф�ԡ�ͧ��駷��EXE �ҵðҹ.
㹡��Project�� ԡ��ҧ�ԧ:�� ͡�ź��ժ�Դ DS ��ҹ����CDO Microsoft ��Ѻ��èѴ��á��š��¹.
��ͧ�鹷ҧ�ͧ�� ҧ��ʵ��仹��ͷ��᷹Form_Load()subroutine
��¹�ŧ��ҷ��˹��Ѻ��sUserADsPath��鹷ҧ�ͧ LDAP ��Ѻ�ѵ�ؼ�� Active Directory ��Է��ͧ��·��س��ͧ��ô� ��

��˵�::��ҧ��ʴ��Ըա�÷��ҹ��Ңͧ�Է��ͧ��ͧ��·��㹹��msExchMailboxSecurityDescriptor�͵��Ժ�ǵ� �ѧ��ѧ�ʴ��Ը� ��û�Ѻ��¹�Է��ͧ��ͧ�� ACE ��Ѻ��Ҷ֧��ͧ��Selface �繷��ʵշ��

�� Visual Basic

'********************************************************************
'*
'* Function AddAce(dacl, TrusteeName, gAccessMask, gAceType,
'*            gAceFlags, gFlags, gObjectType, gInheritedObjectType)
'*
'* Purpose: Adds an ACE to a DACL
'* Input:       dacl            Object's Discretionary Access Control List
'*              TrusteeName     SID or Name of the trustee user account
'*              gAccessMask     Access Permissions
'*              gAceType        ACE Types
'*              gAceFlags       Inherit ACEs from the owner of the ACL
'*              gFlags          ACE has an object type or inherited object type
'*              gObjectType     Used for Extended Rights
'*              gInheritedObjectType
'*
'* Output:  Object - New DACL with the ACE added
'*
'********************************************************************

Function AddAce(dacl, TrusteeName, gAccessMask, gAceType, gAceFlags, gFlags, gObjectType, gInheritedObjectType)
    Dim Ace1
    ' Create a new ACE object
    Set Ace1 = CreateObject("AccessControlEntry")
    Ace1.AccessMask = gAccessMask
    Ace1.AceType = gAceType
    Ace1.AceFlags = gAceFlags
    Ace1.Flags = gFlags
    Ace1.Trustee = TrusteeName
    'Check to see if ObjectType needs to be set
    If CStr(gObjectType) <> "0" Then
       Ace1.ObjectType = gObjectType
    End If

    'Check to see if InheritedObjectType needs to be set
    If CStr(gInheritedObjectType) <> "0" Then
        Ace1.InheritedObjectType = gInheritedObjectType
    End If
    dacl.AddAce Ace1

    ' Destroy objects
    Set Ace1 = Nothing
End Function


Private Sub Form_Load()
Dim objContainer As IADsContainer
Dim objUser As IADsUser
Dim objMailbox As CDOEXM.IMailboxStore
Dim oSecurityDescriptor As SecurityDescriptor
Dim dacl As AccessControlList
Dim ace As AccessControlEntry

' ********************************************************************
' You must change this variable according to your environment
'

sContainerADsPath = "LDAP://domain.com/cn=Users,DC=domain,DC=com"
sUserLoginName = "testUser"
sUserFirstName = "Test"
sUserLastName = "User"
sMBXStoreDN = "CN=Mailbox Store (ExServer),CN=First Storage Group," & _
   "CN=InformationStore,CN=ExServer,CN=Servers,CN=AdminGP," & _
   "CN=Administrative Groups,CN=Microsoft,CN=Microsoft Exchange," & _
   "CN=Services,CN=Configuration,DC=domain,DC=com"
sTrustee = "domainName\userName"
' ********************************************************************

' Get directory container object object
Set objContainer = GetObject(sContainerADsPath)

' Create the user object in the target container in Active Directory
Set objUser = objContainer.Create("User", "CN=" & sUserFirstName & " " & _
              sUserLastName)
objUser.Put "samAccountName", sUserLoginName
objUser.Put "givenName", sUserFirstName
objUser.Put "sn", sUserLastName
objUser.SetInfo
objUser.SetPassword "password"
objUser.SetInfo

' Mailbox-enable the user object by using the CDOEXM::IMailboxStore 
' interface
' This also sets the msExchMailboxSecurityDescriptor appropriately
Set objMailbox = objUser
objMailbox.CreateMailbox sMBXStoreDN
objUser.SetInfo

'**************************************************************************
'  The msExchMailboxSecurityDescriptor attribute is a backlink attribute 
'   from the Exchange Mailbox in the Web store to the directory. What this
'   implies is that the mailbox rights are stored on the actual mailbox in
'   the Web store and this directory attribute reflects these mailbox 
'   rights.
'  By default, changing this attribute does not affect the mailbox rights 
'   in the store. This attribute can only be modified before the actual 
'   mailbox in the store is created. If it is set before the mailbox in 
'   the Web store is created, Exchange will use the DACL set on this 
'   attribute as the DACL for mailbox rights on the mailbox in the store.
'   Therefore, it can only be set before the mailbox-creation time.
'  On installing Exchange 2000 SP2 on the Exchange Server where this code
'   is being run, that would enable modifying the actual mailbox rights 
'   even after mailbox creation.
'**************************************************************************

' Get the copy Mailbox Security Descriptor (SD) stored on the
' msExchMailboxSecurityDescriptor attribute
objUser.GetInfoEx Array("msExchMailboxSecurityDescriptor"), 0
Set oSecurityDescriptor = objUser.Get("msExchMailboxSecurityDescriptor")

' Extract the Discretionary Access Control List (ACL) using the 
' IADsSecurityDescriptor interface
Set dacl = oSecurityDescriptor.DiscretionaryAcl

'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
'  The following block of code demonstrates reading all the ACEs on a 
'  DACL for the Exchange 2000 mailbox.
'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''Debug.Print "Here are the existing ACEs the mailbox's DACL - "

' Enumerate all the access control entries (ACEs) in the ACL using 
' the IADsAccessControlList interface, thus displaying the current 
' mailbox rights
Debug.Print "Trustee, AccessMask, ACEType, ACEFlags, Flags, ObjectType, InheritedObjectType"
Debug.Print "-------  ----------  -------  --------  -----  ----------" & _
            " -------------------"
Debug.Print

For Each ace In dacl
' Display all the ACEs' properties by using the IADsAccessControlEntry 
' interface
    Debug.Print ace.Trustee & ", " & ace.AccessMask & ", " & _ 
      ace.AceType & ", " & ace.AceFlags & ", " & ace.Flags & ", " & _
      ace.ObjectType & ", " & ace.InheritedObjectType
Next

'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
'  The following block of code demonstrates adding a new ACE to the DACL 
'  for the Exchange 2000 mailbox with the Trustee specified in sTrustee, 
'  giving allow "Full Control" over this mailbox.
'  This is the same task that is performed by ADUnC when selecting Add, 
'  specifying the Trustee, and checking the "Full Mailbox Access" Rights 
'  checkbox under the Mailbox Rights in the Exchange Advanced tab on the 
'  properties of a user.
'  Similarly, you could remove ACEs from this ACL as well using the 
'  IADsAccessControlEntry interfaces.
'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''

' Template: AddAce(TrusteeName, gAccessMask, gAceType, gAceFlags, gFlags, gObjectType, gInheritedObjectType)
' Setting the Access Mask to 131075 enables "full mailbox access" and 
' "read" privileges
AddAce dacl, sTrustee, 131075, _
       ADS_ACETYPE_ACCESS_ALLOWED, ADS_ACEFLAG_INHERIT_ACE, 0, 0, 0

' Add the modified DACL back onto the Security Descriptor
oSecurityDescriptor.DiscretionaryAcl = dacl

' Save New SD onto the user
objUser.Put "msExchMailboxSecurityDescriptor", oSecurityDescriptor

' Commit changes from the property cache to the Information Store
objUser.SetInfo

MsgBox "Done viewing and modifying the copy of the Mailbox Security Descriptor"

End Sub

��ʢͧʤ�Ի�� Visual Basic

Dim objContainer
Dim objUser
Dim objMailbox
Dim oSecurityDescriptor
Dim dacl
Dim ace

' ********************************************************************
' You must change this variable according to your environment
'

sContainerADsPath = "LDAP://domain.com/cn=Users,DC=domain,DC=com"
sUserLoginName = "testUser"
sUserFirstName = "Test"
sUserLastName = "User"
sMBXStoreDN = "CN=Mailbox Store (ExServer),CN=First Storage Group," & _
   "CN=InformationStore,CN=ExServer,CN=Servers,CN=AdminGP," & _
   "CN=Administrative Groups,CN=Microsoft,CN=Microsoft Exchange," & _
   "CN=Services,CN=Configuration,DC=domain,DC=com"
sTrustee = "domainName\userName"
' ********************************************************************

' Get directory container object object
Set objContainer = GetObject(sContainerADsPath)

' Create the user object in the target container in Active Directory
Set objUser = objContainer.Create("User", "CN=" & sUserFirstName & " " & _
              sUserLastName)
objUser.Put "samAccountName", sUserLoginName
objUser.Put "givenName", sUserFirstName
objUser.Put "sn", sUserLastName
objUser.SetInfo
objUser.SetPassword "password"
objUser.SetInfo

' Mailbox enable the user object by using the CDOEXM::IMailboxStore 
' interface
' This also sets the msExchMailboxSecurityDescriptor appropriately
Set objMailbox = objUser
objMailbox.CreateMailbox sMBXStoreDN
objUser.SetInfo

'**************************************************************************
'  The msExchMailboxSecurityDescriptor attribute is a backlink attribute 
'   from the Exchange Mailbox in the Web Store to the directory. What this
'   implies is that the mailbox rights are stored on the actual mailbox in
'   the Web store and this directory attribute reflects these mailbox 
'   rights.
'  By default, changing this attribute does not affect the mailbox rights 
'   in the store. This attribute can only be modified before the actual 
'   mailbox in the store is created. If it is set before the mailbox in 
'   the Web store is created, Exchange will use the DACL set on this 
'   attribute as the DACL for mailbox rights on the mailbox in the store.
'   Therefore, it can only be set before the mailbox creation time.
'  On installing Exchange 2000 SP2 on the Exchange Server where this code
'   is being run, that would enable modifying the actual mailbox rights 
'   even after mailbox creation.
'**************************************************************************

' Get the copy Mailbox Security Descriptor (SD) stored on the
' msExchMailboxSecurityDescriptor attribute
objUser.GetInfoEx Array("msExchMailboxSecurityDescriptor"), 0
Set oSecurityDescriptor = objUser.Get("msExchMailboxSecurityDescriptor")

' Extract the Discretionary Access Control List (ACL) using the 
' IADsSecurityDescriptor interface
Set dacl = oSecurityDescriptor.DiscretionaryAcl

'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
'  The following block of code demonstrates reading all the ACEs on a 
'  DACL for the Exchange 2000 mailbox.
'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''Wscript.echo "Here are the existing ACEs the mailbox's DACL - "

' Enumerate all the access control entries (ACEs) in the ACL using 
' the IADsAccessControlList interface, thus displaying the current 
' mailbox rights
Wscript.echo "Trustee, AccessMask, ACEType, ACEFlags, Flags, ObjectType, InheritedObjectType"
Wscript.echo "-------  ----------  -------  --------  -----  ----------" & _
            " -------------------"
Wscript.echo

For Each ace In dacl
' Display all the ACEs' properties using the IADsAccessControlEntry 
' interface
    Wscript.echo ace.Trustee & ", " & ace.AccessMask & ", " & _ 
      ace.AceType & ", " & ace.AceFlags & ", " & ace.Flags & ", " & _
      ace.ObjectType & ", " & ace.InheritedObjectType
Next

'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
'  The following block of code demonstrates adding a new ACE to the DACL 
'  for the Exchange 2000 mailbox with the Trustee specified in sTrustee, 
'  giving allow "Full Control" over this mailbox.
'  This is the same task that is performed by ADUnC when selecting Add, 
'  specifying the Trustee, and checking the "Full Mailbox Access" Rights 
'  checkbox under the Mailbox Rights in the Exchange Advanced tab on the 
'  properties of a user.
'  Similarly, you could remove ACEs from this ACL as well using the 
'  IADsAccessControlEntry interfaces.
'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''

' Template: AddAce(TrusteeName, gAccessMask, gAceType, gAceFlags, gFlags, gObjectType, gInheritedObjectType)
' Setting the Access Mask to 131075 enables "full mailbox access" and 
' "read" priviledges
AddAce dacl, sTrustee, 131075, _
       ADS_ACETYPE_ACCESS_ALLOWED, ADS_ACEFLAG_INHERIT_ACE, 0, 0, 0

' Add the modified DACL back onto the Security Descriptor
oSecurityDescriptor.DiscretionaryAcl = dacl

' Save New SD onto the user
objUser.Put "msExchMailboxSecurityDescriptor", oSecurityDescriptor

' Commit changes from the property cache to the information store
objUser.SetInfo

MsgBox "Done viewing and modifying the copy of the Mailbox Security Descriptor"


'********************************************************************
'*
'* Function AddAce(dacl, TrusteeName, gAccessMask, gAceType,
'*            gAceFlags, gFlags, gObjectType, gInheritedObjectType)
'*
'* Purpose: Adds an ACE to a DACL
'* Input:       dacl            Object's Discretionary Access Control List
'*              TrusteeName     SID or Name of the trustee user account
'*              gAccessMask     Access Permissions
'*              gAceType        ACE Types
'*              gAceFlags       Inherit ACEs from the owner of the ACL
'*              gFlags          ACE has an object type or inherited object type
'*              gObjectType     Used for Extended Rights
'*              gInheritedObjectType
'*
'* Output:  Object - New DACL with the ACE added
'*
'********************************************************************

Function AddAce(dacl, TrusteeName, gAccessMask, gAceType, gAceFlags, gFlags, gObjectType, gInheritedObjectType)
    Dim Ace1
    ' Create a new ACE object
    Set Ace1 = CreateObject("AccessControlEntry")
    Ace1.AccessMask = gAccessMask
    Ace1.AceType = gAceType
    Ace1.AceFlags = gAceFlags
    Ace1.Flags = gFlags
    Ace1.Trustee = TrusteeName
    'Check to see if ObjectType needs to be set
    If CStr(gObjectType) <> "0" Then
       Ace1.ObjectType = gObjectType
    End If

    'Check to see if InheritedObjectType needs to be set
    If CStr(gInheritedObjectType) <> "0" Then
        Ace1.InheritedObjectType = gInheritedObjectType
    End If
    dacl.AddAce Ace1

    ' Destroy objects
    Set Ace1 = Nothing
End Function

��Ѻ仴�ҹ�� | ��ʹ��

��ҧ�ԧ

��Ѻ��ǡѺIMailboxStore::CreateMailbox CDOEXM��䫵�ͧ Microsoft ��Ѻ�ѡ�Ѳ��͢�� (MSDN) ��仹��:

.aspx http://msdn.microsoft.com/en-us/library/aa487558 (EXCHG.65)

(http://msdn.microsoft.com/en-us/library/aa487558(EXCHG.65).aspx)

��Ѻ��ǡѺ�Թ��࿫��ǡѺ��ѡ�Ҥ��ʹ�� ADSI 价�� MSDN ��䫵��仹��:

.aspx http://msdn.microsoft.com/en-us/library/aa772161 (VS.85)

(http://msdn.microsoft.com/en-us/library/aa772161(VS.85).aspx)

Adssecurity.dll ��ǹ˹�觢ͧ Kit ��Ѿ�ҡâͧ Active Directory Service �Թ��࿫ (ADSI) 2.5 ��ô�ǹ��Ŵ�ش ADSI 2.5 ��Ѿ�ҡ� 价��䫵��仹��ͧ Microsoft Regsvr32 ��㹡��ŧ��¹ ADsSecurity.dll

http://technet.microsoft.com/en-us/library/cc749949.aspx

(http://technet.microsoft.com/en-us/library/cc749949.aspx)

��Ѻ informationabout �� Ǣ�ͧ�ѭ��¹͡ ��ԡ��Ţ��仹��ʹٺ��㹰ҹ��ͧ Microsoft:

278888

(http://support.microsoft.com/kb/278888/ )

�Ըա��§�Ѻ��ͧ�� Exchange 2000 ��㹡��ͧ�� Exchange 2003 �Ѻ�ѭ�ռ�� Windows NT 4.0

��Ѻ仴�ҹ�� | ��ʹ��

�س��ѵ�

��Ţ�� (Article ID): 304935 - ��Ǥ��ش��: 10 ��Ҥ� 2554 - Revision: 2.0

��Ѻ

Microsoft Exchange Server 2003 Standard Edition
Microsoft Exchange 2000 Server Standard Edition
Microsoft Windows Server 2003 Standard Edition
Microsoft Windows 2000 Server

kbdswadsi2003swept kbhowto kbmt KB304935 KbMtth

��¤��

��Ӥѭ: ��«Ϳ��Ŵ��¤��ͧ Microsoft ᷹��繹ѡ�ŷ��繺ؤ�� Microsoft �պ��¹ѡ��к��Ŵ��¤�� س��ö��Ҷ֧��㹰ҹ��ͧ�� Ңͧ�س�ͧ ��ҧ�á�� Ŵ��¤��Ҩ�բ�ͺ��ͧ ��Ҩ�բ�ͼԴ��Ҵ㹤��Ѿ�� ٻẺ��ҡó� ��ǡѺ�óշ��ǵ�ҧ�ҵԾٴ�Դ��;ٴ��Ңͧ�س Microsoft ��ǹ�Ѻ�Դ�ͺ��ͤ��Ҵ��͹ ��Դ��Ҵ��ͤ��·��Դ�ҡ��ҼԴ��Ҵ ��͡��麷�Ţͧ�١�� Microsoft �ա�û�Ѻ��ا�Ϳ��Ŵ��¤��繻�Ш�

��仹��繩�Ѻ��ѧ��ɢͧ��:304935

(http://support.microsoft.com/kb/304935/en-us/ )

��Ѻ仴�ҹ�� | ��ʹ��