We have developed an application which accesses the mails from the user account by impersonating the user.
For impersonation, we have executed following two commands in the Exchange Power Shell:
Add-ADPermission -Identity (Get-ExchangeServer -Identityexchangeservername).DistinguishedName -User (Get-User -Identity "proxyaccount").Identity -extendedRight ms-Exch-EPI-Impersonation
Add-ADPermission -Identity (Get-User -Identity "useraccount").DistinguishedName -User (Get-User -Identity "proxyaccount").Identity -extendedRight ms-Exch-EPI-May-Impersonate
We tried running these commands in three environments with different Exchange Server instances and then running app. The app executed correctly in all three environment. However in production the application failed with following exception, even though we run exactly the same commands at the Exchange side :'( :p .
Microsoft.Exchange.WebServices.Data.ServiceResponseException : The server to which the application is connected cannot impersonate the requested user due to insufficient permission. at Microsoft.Exchange.WebServices.Data.ServiceRequestBase.ProcessWebException(WebException webException) at Microsoft.Exchange.WebServices.Data.ServiceRequestBase.GetEwsHttpWebResponse(IEwsHttpWebRequest request) at Microsoft.Exchange.WebServices.Data.ServiceRequestBase.ValidateAndEmitRequest(IEwsHttpWebRequest& request) at Microsoft.Exchange.WebServices.Data.MultiResponseServiceRequest`1.Execute() at Microsoft.Exchange.WebServices.Data.ExchangeService.SubscribeToPushNotifications(IEnumerable`1 folderIds, Uri url, Int32 frequency, String watermark, EventType[] eventTypes) at com.cos.app.method() in c:\app\code.cs:line 104
The environment is runs Exchange Server 2007 and Windows Server 2008.
What could be the problem?