I am working on Outlook add-in and doing some Encryption and Decryption. I created some hashed string on the server during POST request. That string is later passed to GET request and on the server I need to compare that hashed string to see if the user is the same user who did POST request.
When I make a GET request I also send user smtp using Office.context.mailbox.userProfile.emailAddress.
Question: How can find user mailboxGUID(or account information which will include mailboxGUID and more) using their email address?
Do you want the AD/Directory GUID or the ExchangeGUID ? you can get the ADGuid using ResolveName and specifying the property set (this works from 2010 up) eg
PropertySet exProp = new PropertySet(BasePropertySet.FirstClassProperties);
NameResolutionCollection ncCol = service.ResolveName("user#domain.com", ResolveNameSearchLocation.DirectoryOnly, true, exProp);
if (ncCol.Count == 1)
{
Console.WriteLine(ncCol[0].Contact.DirectoryId);
}
The MailboxGUID makes up part of the FolderId format so can be parsed out that https://msdn.microsoft.com/en-us/library/ee217297(v=exchg.80).aspx if you really need it.
Related
Some time ago to get Outlook accounts and account info (e.g. Email address, SMTP address) i was use Outlook.Accounts entity, but Outlook.Accounts caches data and doesn't support events like Add/Remove. Here I was offered to switch to Outlook.Stores (Outlook.Store) entity, but I don’t understand how I can get the Email address from Outlook.Store at least.
If the store is associated with any account configured in Outlook you can use the following code which iterates over all accounts configured and finds the required one where you may ask for an email address:
Outlook.Account GetAccountForFolder(Outlook.Folder folder)
{
// Obtain the store on which the folder resides.
Outlook.Store store = folder.Store;
// Enumerate the accounts defined for the session.
foreach (Outlook.Account account in Application.Session.Accounts)
{
// Match the DefaultStore.StoreID of the account
// with the Store.StoreID for the currect folder.
if (account.DeliveryStore.StoreID == store.StoreID)
{
// Return the account whose default delivery store
// matches the store of the given folder.
return account;
}
}
// No account matches, so return null.
return null;
}
The Account.SmtpAddress property returns a string representing the Simple Mail Transfer Protocol (SMTP) address for the Account. The purpose of SmtpAddress and Account.UserName is to provide an account-based context to determine identity. If the account does not have an SMTP address, SmtpAddress returns an empty string.
Generally, stores do not have an intrinsic identity - imagine a standalone PST store: there is no user identity associated with it. Or you can have multiple POP3/SMTP accounts delivering to the same PST store - you now have multiple identities associated with the PST store.
Or imagine having a PF store - it is accessible to multiple users without having its own identity.
Only Exchange stores have a notion of an owner. You can go from an Exchange store to an email account by looping through the Namespace.Accounts collection and comparing (using Namespace.CompareEntryIDs) the entry id of your store in question and the store exposed by the Account.DeliveryStore property.
If using Redemption is an option (I am its author), it exposes the Exchange mailbox owner directly through the RDOExchangeMailboxStore.Owner property (returns RDOAddressEntry object).
I have stored Calendar FolderIds in order report on calendar events which a user has access to. I'm using Exchange Web Services via c# (using Microsoft.Exchange.WebServices)
These calendars can be associated with the authenticated user's mailbox, a shared mailbox, an impersonated|delegated mailbox, or a public mailbox. And now I'd like to go from the FolderId to the mailbox address.
Ideally there'd be a function to
string address = getMailboxAddress(new FolderId("AAJk...AA="));
If you have the FolderId what you have is the EWS version of this https://msdn.microsoft.com/en-us/library/ee217297(v=exchg.80).aspx which means with the data you have doesn't contain the Email Address. You would be better at the time you store the CalendarId store the Email address its associated with.
You can try using ConvertId with a generic non resolvable email Address this should return the EmailAddress the folder belongs (won't work for Public Folder) to eg
AlternateId aiAlternateid = new AlternateId(IdFormat.EwsId, SharedFoder.Id.UniqueId, "mailbox#domain.com");
AlternateIdBase aiResponse = service.ConvertId(aiAlternateid, IdFormat.EwsId);
Console.WriteLine(((AlternateId)aiResponse).Mailbox);
Cheers
Glen
I am trying to redirect an http request with digest MD5 header information to an active directory to validate the credentials.
I do have the information given by the http header like nonce and username. My problem now is that I have no link to put this information into a PrincipalContext object.
I obviously can't use PrincipalContext.ValidateCredentials(username, password) cause it requires the password in plain text.
The only validation that I am able to use is UserPrincipal user = UserPrincipal.FindByIdentity(context, IdentityType.SamAccountName, username);, but this does not include the password.
I do have a HttpListenerContext object. But the user variable is null.
After I told my server to user AuthenticationSchemes.IntegratedWindowsAuthentication he automaticaly deliveres a WindowsPrincipal, which provides information from the AD.
Tim once you get the information you can do something like this to check if is Valid or not If I am understanding what you want to test properly then try something like this
if you are running this via code or a service you should have no issues with the password in regards to being exposed ..if you are concerned about that then you need to write something that will decrypt the MD5 Header Information where the pass word is.
using(PrincipalContext prContext= new PrincipalContext(ContextType.Domain, "Your Domain"))
{
bool isValid = prContext.ValidateCredentials("Username", "Password");
}
The flow is:
user enters email address
after submit, an email is sent to the user
The email will include a link that will take the user to a reset password page.
Now, how do I fetch user's ID based on the email address and encrypt it? Then what should link be? Like, what I want is fetch the User ID then encrypt it somehow so that the link doesn't contain the actual ID and that link will take the user to a page that will have textboxes to reset the password. I am just confused how to go about it.
Also is this the secure way? To reset a password like this?
I usually create a new table in the database:
PasswordresetRequest with the following fields:
Id: Guid - Id of password reset request.
Accountid: string - username of user
Created: DataTime - timestamp of when password reset were created
Flow is as follows:
User request password reset at web site.
A new record is created in the PasswordresetRequest table.
An email with a link to the password reset page with the password request id as request parameter is sent to the user.
User click on link in email which send him to password reset page.
Password request if fetched from database from request parameter. If request could be found or and request is not older than e.g. 12 hours a form is presented to user where he can enter a new password.
This is pretty simple to implement and is secure enough for most sites.
There is any number of ways to go about doing this. If your major concern is security, one way could be to send a link that contains a guid parameter which you create and store on your end (in a db table, file or whatever suits you) together with the user id associated with it. When the request for password reset comes in, you check for the guid and look if there is one matching value in your db/file/whatever and proceed with the password reset. Don't forget to delete the guid from your storage to prevent multiple use of the same link.
There is a railscast on exactly this subject: http://railscasts.com/episodes/274-remember-me-reset-password?view=asciicast
I have an ASP.NET MVC project that uses DotNetOpenAuth as authentication provider. How do I get the username (or email address) when the user logs using https://www.google.com/accounts/o8/id?
switch (response.Status)
case AuthenticationStatus.Authenticated:
string userOpenId = response.FriendlyIdentifierForDisplay;
break;
(...)
I hope your userOpenId local variable isn't what you're using for a username, because as the property you're assigning it from is aptly named, it's for display only. You should only use IAuthenticationResponse.ClaimedIdentifier for usernames.
That aside, you can get the Google email address (you can never get the username) by sending a FetchRequest for email marked as a required attribute. This has been asked many times already, for instance this one.