Accessing Item Descriptors
The document is archived and information here might be outdated

Accessing Item Descriptors

Exchange Server 2003

Accessing Item Descriptors

This content is no longer actively maintained. It is provided as is, for anyone who may still be using these technologies, with no warranties or claims of accuracy with regard to the most recent product version or service release.

When generating the XML version of any given descriptor, the item's security properties are not returned automatically. To view or modify an item's descriptor in XML format, you must bind to the item and request the property directly, as in the following example:

Dim Rec as New ADODB.Record
Dim Conn as New ADODB.Connection
Dim Flds as ADODB.Fields
Dim strXMLDesc as String
Dim strXMLAdminDesc as String

Conn.Provider = "ExOLEDB.DataSource"
Conn.Open strItemURL
Rec.Open strItemURL, Conn
Set Flds = Rec.Fields

Note that access to the item's security descriptor itself is specified using the following standard access rights:

  • READ_CONTROL   Only trustees (users and groups) granted the standard READ_CONTROL access right can examine the security descriptor.
  • WRITE_DAC   Only trustees granted the WRITE_DAC access right can modify the discretionary access control list (ACL).
  • WRITE_OWNER   Only trustees granted the WRITE_OWNER access right can change the item's owner.
© 2016 Microsoft