Delegation

Delegation is a hodgepodge of several different bits of functionality. The big picture idea is "someone else deals with your mail or calendar, or you deal with theirs".

When you make someone a delegate in Outlook, the dialog lets you do a bunch of things:

  • You can edit their permissions on all of your folders in one easy place.

  • If you give them "Editor" permission on your Calendar, you can cause them to also get copies of your meeting requests.

  • If you make at least one person get copies of your meeting requests, you can make yourself not get them any more.

  • You can make it possible (on a per-delegate basis) for your delegates to be able to see "Private" appointments, contacts, and tasks in your folders. (Normally other people can't see your Private items regardless of what permissions you give them.)

  • Your delegate automatically becomes able to send mail from your address. Outlook doesn't actually allow you to enable/disable this functionality independently of calling someone a delegate, although it's possible to do so.

Different pieces of this information are stored in different places:

  1. Permissions information is stored in the security descriptors of the relevant folders. Outlook always adds the user to each of the delegatable folders (Inbox, Calendar, Contacts, Journal, Notes, and Tasks) even if they only have "None" permission there. The user is also added to the security descriptor of the "Freebusy Data" folder in the non-IPM subtree, with None or Reviewer permission if they have None or Reviewer on Calendar, and Editor permission if they have Author or Editor on Calendar.

  2. Who-can-send-mail-as-who data is kept in Active Directory. Your delegates are stored in the multivalued publicDelegates property on your AD entry. When you modify that property, AD automatically maintains back links in other entries' publicDelegatesBL properties. (Thus, by checking your own publicDelegatesBL property, you can find out who you are a delegate for.)

  3. Three multivalued MAPI properties on NON_IPM_SUBTREE/Freebusy%20Data/LocalFreebusy.EML also track your delegates:

    PR_DELEGATES_DISPLAY_NAMES

    display names of delegates

    PR_DELEGATES_ENTRYIDS

    ENTRYIDS of delegates

    PR_DELEGATES_SEE_PRIVATE

    boolean "can see private items" values

  4. Meeting request forwarding is controlled by a server-side rule in Inbox with a PR_RULE_MSG_PROVIDER of "Schedule+ EMS Interface"