How to work with Item and Folder Permissions using WebDAV?


Permissions to folders and items can be read and changed via WebDAV using an XML descriptor.  It’s also possible to use other APIs such as ADO update security settings.   An XML descriptor is an XML document in a string which describes security permissions to an item or folder.  A PROPFIND is used to read security information.  PROPPATCH is used to update the permission. 


 


Here is what a descriptor looks like:


Example Descriptor in XML


http://msdn.microsoft.com/library/en-us/wss/wss/_exch2k_example_descriptor_in_xml.asp?frame=true


 


This is the format of the descriptor:


Exchange Store XML Security Descriptor Format


http://msdn.microsoft.com/library/en-us/e2k3/e2k3/_exch2k_web_storage_system_xml_security_descriptor_format.asp?frame=true


 


Before starting to use the XML descriptor, it’s important to have an understanding of security…


Security


http://msdn.microsoft.com/library/en-us/e2k3/e2k3/_exch2k_web_storage_system_security.asp?frame=true


 


Here are some basic examples on usage:


Getting an Item’s XML Security Descriptor


http://msdn.microsoft.com/library/en-us/e2k3/e2k3/_exch2k_getting_an_item_s_xml_security_descriptor.asp?frame=true


 


How to add an access control entry to a folder item in Exchange 2000 Web Storage System by coding in Exchange 2000 Server.


http://support.microsoft.com/?id=317891


 


Note: ADO can also be used instead of WebDAV…


How To Deny a User Read Permissions on a Mail Item (ADO)


http://support.microsoft.com/default.aspx?kbid=289879


 


Here is some additional information on the subject:


Web Storage System Security Roles


http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnmes2k/html/secroles1.asp

Skip to main content