EWS: impersonating users from different servers in one domain

Question

I have two servers: S1 is Exchange2010 S2 is Exchange 2007

Both servers are in the same domain in ActiveDirectory.

Idea is to have "service account" on S1 with enabled impersonation of users from both servers. My app is using credentials of "service account" and then starts to iterate through a list of smtp addresses. It impersonates each smtp address and does some processing on content of mailbox of that account.

That is a theory, now time for problems.

I can connect as a service account and can access its mailbox but when I try to access mailbox of impersonated user I get exception saying that "SMTP address has no mailbox associated with it". And exception happens for both servers.

I started to debug and google about possible reasons and out of nothing I changed this:

svc.ImpersonatedUserId = new ImpersonatedUserId(ConnectingIdType.SmtpAddress, smtpAddress);

into this:

svc.ImpersonatedUserId = new ImpersonatedUserId(ConnectingIdType.PrincipalName, smtpAddress);

and it worked which is very strange because month ago I had different setup only with one server and using SmtpAddress enum worked and my admin swears that config of impersonation is exactly the same.

Now, if anyone could provide me with some hints on why I cannot use ConnectingIdType.SmtpAddress and what I should do to make it possible to work?

Answer 1

Of course it turned out that admin did something different way for my current configuration. New environment has a policy that account name is different than smtp address for an account and smtp has a dot between name and surname of a user. So, for example on old config I could impersonate User100@example.com no matter what ConnectingIdType I chose but on new environment I have to set proper id type depending if I'm using smtp or account name as impersonated id.

Hope it will help in case somebody else's admin "didn't changed anything" too :)