> Looks like it might be related to permissions after all. I think it
> might be related to this:
> Exchange Management Shell currently (Exchagen 2007 RTM) actively
> blocks calls made with impersonated credentails.
> This is typically seen in an ASP.NET application which impersonates
> the client's user credentials and attempts call an Exchange Powershell
> cmdlet such as New-Mailbox.
> Has anyone else run into this who might be able to point me to a code
> example that works?
The way I do this is:
1) Create a service account on your AD that has permissions in Exchange.
2) Setup a new Application Pool in IIS on your CAS servers.
3) Use the account created in #1 for the identity on the Application Pool.
4) Put your website in the new pool
5) Use NTFS permissions to provide access to the website.
6) Use Windows authentication in your web.config
Then, once someone is authenticated on the website, all Exchange processes
are run as the service account created in step #1 - No impersonation needed.