一段ADSI和EXCHANGE结合的示范代码

在独孤九剑兄的帮助下，完成了这段代码

包括NT用户的建立，EXCHANGE邮箱的建立，两者的结合，权限的设置

本代码在nt4.0+sp6+exchange5.5+adsi2.5下运行通过

建立以后的用户可以直接收发信件，是一个简化版本的WEB MAIL ACCESS

adsi_exchange.asp
-----------------------------------------------------------------------

<%
Set sid = CreateObject("ADsSID")
Set sec = CreateObject("ADsSecurity")
Set ace = CreateObject("Aclearcase/" target="_blank" >ccessControlEntry")


@#----------------------------------------------------------------------------
@#--- 如果没有安装ADSI2.5的安全库要手工定义以下参数
@#-----------------------------------------------------------------------------
Const ADS_SID_HEXSTRING = 1
Const ADS_SID_WINNT_PATH = 5
Const ADS_RIGHT_EXCH_MODIFY_USER_ATT = &H2
Const ADS_RIGHT_EXCH_MAIL_SEND_AS = &H8
Const ADS_RIGHT_EXCH_MAIL_RECEIVE_AS = &H10


@#-------------------------------------------------------
@#-----创建邮箱步骤----------------------
@#--------------------------------------------------------

@#---- 基本信息
server1 = "114DOMAINSERVER"
Org = "114ONLINE"
Site = "EXCHANGE"
domain = "EXCHANGE"
userName = "liuoo"
password = "43444"

@#--- 邮箱信息 -----
strDisplayName = "rtrtrt"
strFirstName = "gfgf"
strLastName = "fgfgfg"
strAlias = userName
strMTA = "cn=Microsoft MTA,cn=" & server1 & ",cn=Servers,cn=Configuration,ou=" & Site & ",o=" & Org
strMDB = "cn=Microsoft Private MDB,cn=" & server1 & ",cn=Servers,cn=Configuration,ou=" & Site & ",o=" & Org
strSMTPAddr = "ewwe@114online.com"


@#------ 建立一个nt用户
Set dom = GetObject("WinNT://" & domain)
Set usr = dom.Create("user", userName)
@#On Error Resume Next
usr.SetInfo
@#If Err.Number <> 0 Then
@#   Response.Write "111"
@#   Response.Write Err.Description
@#   Response.End
@#End If
usr.SetPassword password


@#--- 创建邮箱
ADsPath = "LDAP://" + server1
ADsPath = ADsPath + "/cn=Recipients,OU="
ADsPath = ADsPath + Site
ADsPath = ADsPath + ",O="
ADsPath = ADsPath + Org



Set objCont = GetObject(ADsPath)

@#Create a new MailBox
Set mailBox = objCont.Create("organizationalPerson", "cn=" & strAlias)
mailBox.Put "mailPreferenceOption", 0
mailBox.Put "givenName", strFirstName
mailBox.Put "sn", strLastName
mailBox.Put "cn", strDisplayName
mailBox.Put "uid", strAlias
mailBox.Put "Home-MTA", strMTA
mailBox.Put "Home-MDB", strMDB
mailBox.Put "mail", strSMTPAddr
mailBox.Put "MAPI-Recipient", True
mailBox.Put "rfc822Mailbox", strSMTPAddr

@#--------------------------------------------------------
@#  与nt用户联系
@#---------------------------------------------------------
sid.SetAs ADS_SID_WINNT_PATH, "WinNT://" & domain & "/" & strAlias & ",user"
sidHex = sid.GetAs(ADS_SID_HEXSTRING)
mailBox.Put "Assoc-NT-Account", sidHex

@# 完成设置
mailBox.SetInfo



@#-------------------------------------------------
@#更改安全设置
@#-------------------------------------------------
Set sd = sec.GetSecurityDescriptor(mailBox.ADsPath)
Set dacl = sd.DiscretionaryAcl
ace.Trustee = domain & "\" & strAlias
ace.AccessMask = ADS_RIGHT_EXCH_MODIFY_USER_ATT Or ADS_RIGHT_EXCH_MAIL_SEND_AS Or ADS_RIGHT_EXCH_MAIL_RECEIVE_AS
ace.AceType = ADS_ACETYPE_ACCESS_ALLOWED
dacl.AddAce ace
sd.DiscretionaryAcl = dacl
sec.SetSecurityDescriptor sd

response.write "successful"
%>

------------------------------------------------------------------------
请注意权限的设置

原文转自：http://www.ltesting.net