All geek questions in one place

Invoking the exchange activesync cmdlet from an ASP.NET application

I am working on a solution where users can erase mobile devices registered in Exchange 2010 through a web page using Outlook Web Access is not an option. I installed the Exchange management tools on my development computer, and the application pool uses an identifier that has the necessary rights to execute the commands (the designated group of roles is "Recipient Management"). I use the following code to execute napkins

string deviceId = "deviceid"; string username = "username"; RunspaceConfiguration rsConfig = RunspaceConfiguration.Create(); PSSnapInException snapInException = null; PSSnapInInfo info = rsConfig.AddPSSnapIn("Microsoft.Exchange.Management.PowerShell.E2010", out snapInException); if(snapInException != null) throw snapInException; using(var runspace = RunspaceFactory.CreateRunspace(new MyPowershellHost(), rsConfig)) { runspace.Open(); using(var pipeline = runspace.CreatePipeline()) { pipeline.Commands.AddScript(@". ""C:\Program files\Microsoft\Exchange Server\V14\bin\RemoteExchange.ps1"""); pipeline.Commands.AddScript("Connect-ExchangeServer -auto"); pipeline.Invoke(); } ActiveSyncDeviceConfiguration actualDevice; using(var pipeline = runspace.CreatePipeline()) { pipeline.Commands.AddScript(string.Format("Get-ActiveSyncDeviceStatistics -Mailbox {0}", username)); var result = pipeline.Invoke(); actualDevice = result.Select(x => x.BaseObject as ActiveSyncDeviceConfiguration).Where(x => x.DeviceID.EndsWith(deviceId)).SingleOrDefault(); } if(actualDevice != null) { var identity = actualDevice.Identity as ADObjectId; using(var pipeline = runspace.CreatePipeline()) { var cmd = new Command("Clear-ActiveSyncDevice"); cmd.Parameters.Add("Identity", identity.DistinguishedName); pipeline.Commands.Add(cmd); pipeline.Invoke(); } } }

I can get this to work when a user account is added as a local administrator on the machine, and is also written to windows. I can accept if the user should be a local administrator, but a constant user login is not suitable for the server application. The MyPowershellHost class is just a basic host implementation that allows the RemoteExchange.ps1 script to run from the moment it interacts with the user interface.

I can’t understand if the user needs additional privileges or I’m just doing it wrong.

0
source share
1 answer

One of the key issues you will have is how to connect to Exchange. You do not need to load script management tools like in the console, you just use remote PowerShell. You don’t even need the controls installed on the web server.

In addition, snap-in downloads are not directly supported by Exchange 2010.

See http://technet.microsoft.com/en-us/library/dd297932.aspx for more details.

Code example:

 using (var ps = PowerShell.Create()) { ps.AddScript("$session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionURI 'http://[host]/PowerShell/' ; Import-PSSession -Session $session"); ps.Invoke(); // ... further powershell pipelines - now connected to Exchange and cmdlets are loaded }

You should also examine the sending of an empty PSDataCollection to Invoke , on which Complete() was called. This will stop the Powershell pipeline from blocking the input request, which will cause your web server to freeze.

 var psInput = new PSDataCollection<PSObject>(); psInput.Complete();
+1
source

Source: https://habr.com/ru/post/1379476/

More articles:


All Articles