Note: This behavior has been observed with both Exchange 2013 On-Premise as well as Exchange Online (Office 365).
I'm trying to get a list of delegates for a particular mailbox. This works perfectly fine if these delegates have been added or removed using ExchangeServices.AddDelegates and ExchangeServices.RemoveDelegates - the DelegateInformation object I get contains the expected list of mailboxes who are added as delegates.
using Microsoft.Exchange.WebServices.Data;
using System;
namespace QueryDelegateAccess
{
class Program
{
static void Main(string[] args)
{
try
{
ExchangeService service = InitializeService();
string emailAddressToImpersonate = "MailboxWithDelegates@example.com";
service.ImpersonatedUserId = new ImpersonatedUserId(ConnectingIdType.SmtpAddress, emailAddressToImpersonate);
Mailbox mailbox = new Mailbox(emailAddressToImpersonate);
Console.WriteLine($"Mailboxes which have delegate access to '{emailAddressToImpersonate}':");
// Every time I add or remove a delegate via ExchangeServices.AddDelegates or ExchangeServices.RemoveDelegates,
// the change is reflected in the console output.
while (true)
{
DelegateInformation di = service.GetDelegates(mailbox, true);
foreach (DelegateUserResponse delegateMailbox in di.DelegateUserResponses)
{
if (delegateMailbox.Result != ServiceResult.Error)
{
Console.WriteLine(delegateMailbox.DelegateUser.UserId.DisplayName);
}
}
Console.WriteLine();
System.Threading.Thread.Sleep(2000);
}
}
catch (Exception e)
{
Console.Error.WriteLine("An error has occurred: " + e);
}
finally
{
Console.WriteLine("Press any key to terminate the program.");
Console.ReadKey();
}
}
private static ExchangeService InitializeService()
{
ExchangeService service = new ExchangeService(ExchangeVersion.Exchange2007_SP1);
service.Credentials = new WebCredentials("MailboxWithImpersonationRole@example.com", "password");
service.Url = new Uri("https://outlook.office365.com/EWS/Exchange.asmx"); // or retrieve Url via AutoDiscover if Exchange On-Premise
return service;
}
}
}
However, if the delegate has been added via the Exchange Control Panel (a common way for Exchange Admins to add a delegate to a mailbox) by going to the mailbox permissions and adding a delegate in the "Send on behalf" section, the DelegateInformation object I get does not contain this delegate. The list is ONLY updated if the person to whom the mailbox with the added delegates belongs launches Outlook and opens/closes ANY delegate entry via File > Account Settings > Delegate Access.
This behavior confuses me and leads me to think that there is an additional "flushing" step I'm missing. What do I need to do in order to reliably retrieve the delegates added via ECP?
However, if the delegate has been added via the Exchange Control Panel (a common way for Exchange Admins to add a delegate to a mailbox) by going to the mailbox permissions and adding a delegate in the "Send on behalf" section, the DelegateInformation object I get does not contain this delegate.
Outlook Delegates and what your doing in ECP are two different things, eg all you doing in ECP is granting a permission for another user to Send On Behalf. Outlook delegates while it also includes that permission has Mailbox folder permissions and potential calendar forwarding rules. Its a client driven process and stores configuration information in the Mailbox itself and can only be Create/deleted through the Mailboxes API's while the ECP task is just modifying the underlying AD permission property.
