This content is no longer actively maintained. It is provided as is, for anyone who may still be using these technologies, with no warranties or claims of accuracy with regard to the most recent product version or service release.
You can control access to an item and its properties using a security descriptor. Using Exchange store security descriptors, you can:
- Both grant and deny a trustee access rights to an item and its properties.
- Identify trustees using a Microsoft® Windows® security identifier (SID).
- Set, retrieve, and modify the descriptor in XML format.
- Access the descriptor using both the Exchange OLE DB (ExOLEDB) provider and WebDAV in XML format.
Each item's security descriptor is accessed through the item's descriptor Field property. This property is the item's descriptor in XML format. The descriptor is physically stored and replicated in a Microsoft Exchange Server 2003-specific binary format, which is internally based on the standard Microsoft Windows® server operating systems descriptor format. The XML representation of the descriptor is not stored directly for the item. When you request this property for an item, the XML string is generated and then returned. When you set this property for an item, the XML string is parsed and the binary descriptor for the item is updated.