Exchange Protocols: ActiveSync, Exchange Web Services, MAPI

Andrew Davidoff

Senior Software Engineer

Agenda

• Brief introduction to Exchange Server Open Specifications

• An overview of the protocol architecture for Exchange

• Important protocol families that are used to communicate with Exchange Server

Introduction to Open Specifications

• Normative language• Designed to document bits over the wire

• No APIs – only Protocols

• MUST, SHOULD, MAY are used to document version-specific behavior

• Strict document structure

• Windows/Exchange or product API knowledge not required…• Microsoft Products are not mentioned in normative content, only in

endnotes

Exchange Protocols

Overview Document [MS-OXPROTO]Defines Exchange protocol families

Scenario-Based

How multiple protocols work together in typical scenarios

How to complete the same task using different protocol families

Walkthroughs and examples

Send email using different protocols

Resolve a recipient from an Address Book

Synchronize items

Many other scenarios

Protocol families

• RPC/ROPS (Remote Operations, the core protocol family behind MAPI)• Name Service Provider Interface (NSPI) provides access to Address Book

• New in Exchange 2013 – MAPI over HTTP, combines ROPS and NSPI bypassing RPC layer

• Exchange Web Services (EWS)

• Exchange ActiveSync (EAS)

• Other groups of protocols• Autodiscover

• Content Conversion

• Standards Support

Client communication with Exchange

EAS

EWS

MAPIHTTP

POP/IMAP

SMTP

Storage

NSPI

RPC/ROPs

M

A

P

I

Exchange RPC/ROPs protocols

• Implemented in some form from “Day 1” (such as Exchange 4.0), extended and re-architected several times

• Low-level access to Exchange Storage

• Workhorse for Outlook communication with Exchange

• Used by MAPI

• Transport layer: ROPs (Remote Operations) within an RPC binary blob

• Optimized to minimize traffic on the wire; very complex parsing

• RPC can use HTTP(S) or TCP connections (HTTP(S) only in Exchange 2013)

• New [MS-OXCMAPIHTTP] as alternative to use ROPs over HTTP; no RPCs

Exchange RPC/ROPs: Transport

HeaderRPC : Binary Blob

ROP1 ROP2 …

RopID ROP Data

HSOT TableRopSize

RopID ROP Data

Note: No ROP Data size or end marker.

Every ROP Data in the blob must be parsed.

Every RopID has different ROP Data structure.

Number of documented RopIDs: 130

(EcDoRpcExt2)

RPC/ROPS protocols - continued

• RPC/ROPs protocols define both Exchange (server) and Outlook (client) behaviors

• Client (not Server) is handling logic behind complex items –messages, folders, calendar items, contacts, tasks, etc.

• Naming: [MS-OXO*] and [MS-OXC*] (few exceptions)

• 40+ Protocols, ~3000 pages

Exchange Web Services (EWS)

• Alternative to RPC protocols

• Higher level of abstraction compared with RPC protocols• EWS implement messages, attachments, calendar events, contacts on

server side in a way that is interoperable with Outlook.

• First implemented in Exchange Server 2007

• Current support in Exchange 2016 as well as Exchange Online

• Outlook uses subset of EWS protocols • Unified Messaging, MailTips, Availability, OOF, Office Apps, Room List,

Archive, Mailbox Policies, Calendar Sharing, Site Mailboxes, etc.

• New Exchange features are likely to be implemented in EWS

• Intuitive/readable XML (vs MAPI) (easier troubleshooting)

Exchange Web Services (EWS) - continued

• Versioning• Clearly defined

• Versioned by schema for the SOAP bodies

• RequestServerVersion header element in each request let’s client to request version-specific behavior

• Transport: • SOAP over HTTP(S)

• Code against it using any language/platform that supports making HTTP/SOAP calls

• Naming: [MS-OXW*]

• 43 Protocols, ~2000 pages

EWS Schema versions

•

Archiving

eDiscovery

Personas

Retention policies

Unified Contact Store

User photos

Full access to items, folders, and

attachments (Create, Get,

Update, Delete)

Availability

Out of Office settings

Notifications

Synchronization

Name resolution

Distribution list (DL) expansion

Search

MS-OXWSCDATA 2.2.5.14 t:ExchangeVersionType Simple Type

Exchange ActiveSync (EAS)

• Lightweight synchronization protocol for Microsoft Exchange

• Optimized to work on high-latency and low-bandwidth networks

• High level of abstraction, similar to EWS in complexity

• Provides access to email, calendar, contacts, tasks, documents, etc.

• Designed to maximize battery life

• Device management enforcement for enterprise organizations

• Industry standard, several non-Exchange Server implementations

• Wide range of clients – Windows, iOS, Android, …

• Server support from Exchange Server 2003 to latest Exchange Server 2016

Exchange ActiveSync (EAS) - continued

• Versioning• Clearly defined version negotiation

• Version-specific features documented in open specifications

• Transport• WBXML over HTTP(S)

• Naming: [MS-AS*]

• 15 Protocols, ~900 pages

• Licensing requirements

Typical Usage of Exchange ActiveSync

• Mobile phones• “De-facto standard” supported by email applications on all major platforms.

• Tablets• Allows for low-bandwidth and high-latency data (Internet) connections

while scaling reasonably on high-speed connections.

• Lightweight desktop applications• Windows 8/8.1/10 Mail application uses EAS.

• Mobile Applications

Not all Exchange features are accessible through EAS

Version History

• 2.5 - Exchange Server 2003 SP2

• 12.0 - Exchange Server 2007

• 12.1 - Exchange Server 2007 SP1

• 14.0 - Exchange Server 2010

• 14.1 - Exchange Server 2010 SP1

• 16.0 - Exchange Server 2016

• 1.0, 2.0, 2.1 – early versions; not in scope for this talk.

EAS in Interoperability tools

• Exchange Server EAS Protocol Test Suites• Client Side protocol implementation, can be run against an

existing EAS server

• C# implementation of all EAS protocols (except [MS-ASSMS])

• Reference implementation of transport, including WBXML encoding algorithm

• Microsoft Message Analyzer• Exchange ActiveSync Parsers available with Message Analyzer (optional

package)

• Updated in June 2015

Other Exchange protocols

• Autodiscover

• Content Conversion

• Standards-based protocols – Extensions and Compliance

• [MS-OXPROTO] is a good reference

Exchange test tools update

• New parsers for Message Analyzer• Protocol families: EAS, EWS, RPC, and MAPIHTTP

• New test suites for EAS, EWS, RPC, and MAPIHTTP

• Fiddler Inspectors for MAPIHTTP and other protocols

Exchange protocols resources

• All Exchange protocol documents• https://msdn.microsoft.com/en-us/library/cc425499(v=exchg.80).aspx

• Microsoft Message Analyzer• http://www.microsoft.com/en-us/download/details.aspx?id=44226

• Fiddler inspectors for Office and Exchange protocols• https://github.com/OfficeDev/Office-Inspectors-for-Fiddler

• Protocol Test Suites• https://connect.microsoft.com/site216/Downloads

• Help with Open Specifications: • mailto:dochelp@microsoft.com

• Office Interoperability blog:• http://blogs.msdn.com/b/officeinteroperability/

https://msdn.microsoft.com/en-us/library/cc425499(v=exchg.80).aspxhttp://www.microsoft.com/en-us/download/details.aspx?id=44226https://github.com/OfficeDev/Office-Inspectors-for-Fiddlerhttps://connect.microsoft.com/site216/Downloadsmailto:dochelp@microsoft.comhttp://blogs.msdn.com/b/officeinteroperability/

Questions or

Comments?

Questions or

Comments?