0 votes

Hi,

Within the view user web interface form the Exchange properties are very useful, but I can't find a way to limit/validate any changes made in there.

For example, I would like administrators to be able to change the primary email address (using the Set As Reply) button, but not add/remove addresses. Are there any hooks via Business Rules or Property Patterns for this section?

Thanks

by (390 points)

1 Answer

0 votes
by (216k points)
selected by
Best answer

Hello,

To achieve what you want, you can create a Business Rule triggered before modifying e-mail addresses that will cancel any attempt to modify e-mail addresses if an operation other than changing the primary address was attempted. To create such a Business Rule:

  1. Create a new Business Rule.

  2. On the 2nd step of the Create Business Rule wizard, select User and Before Modifying Exchange properties of a User.

  3. On the 3rd step, add the Run a program or PowerShell script action.

  4. Paste the following script in the Script field. The script will perform all the checks and cancel the operation, if necessary.

     $cancelReason = "You are not allowed to modify, add or delete SMTP addresses for the recipient. You can only assign a new primary address." # TODO: modify me
    
     # Get Exchange properties set by the action
     $modifiedMailboxParams = $Context.Action.MailParameters
    
     if (-not($modifiedMailboxParams.EmailAddressesModificationEnabled))
     {
         # E-mail addresses are not modified
         return
     }
    
     # Get the modified e-mail addresses
     $modifiedAddressesCollection = $modifiedMailboxParams.EmailAddresses
     if (-not($modifiedAddressesCollection.OverrideOldValues))
     {
         $Context.Cancel($cancelReason)
         return
     }
    
     $modifiedEmailAddresses = New-Object "System.Collections.Generic.HashSet[System.String]"([System.StringComparer]::OrdinalIgnoreCase)
     for ($i = 0; $i -lt $modifiedAddressesCollection.Count; $i++)
     {
         $operation = "ADS_PROPERTY_NONE"
         $modifiedEmailAddress = $modifiedAddressesCollection.GetAddress($i,[ref]$operation)
         $modifiedEmailAddresses.Add($modifiedEmailAddress)
     }
    
     # Get the current e-mail addresses
     $mailboxParams = $Context.TargetObject.GetMailParameters()
     $emailAddresses = $mailboxParams.EmailAddresses
    
     # Compare the number of e-mail addresses
     if ($modifiedAddressesCollection.Count -ne $emailAddresses.Count)
     {
         $Context.Cancel($cancelReason)
         return
     }
    
     # Compare the lists of the modified and current e-mail addresses
     for ($i = 0; $i -lt $emailAddresses.Count; $i++)
     {
         $operation = "ADS_PROPERTY_NONE"
         $emailAddress = $emailAddresses.GetAddress($i,[ref]$operation)
         $modifiedEmailAddresses.Remove($emailAddress) | Out-Null
     }
    
     if ($modifiedEmailAddresses.Count -ne 0)
     {
         $Context.Cancel($cancelReason)
         return
     }
    
  5. Enter a short description for the script and click OK.

  6. Finish creation of the Business Rule.

Related questions

0 votes
1 answer

Hello, I am trying to do as best as I can researching the best and effective way to manage the properties of Office 365 Exchange Properties with Adaxes (Latest Version) ... sure if there is a command or config I missed for adjusting the Distribution Lists.

asked Dec 19, 2023 by Edogstraus00 (470 points)
0 votes
0 answers

Hi all, We have Adaxes running in our environment. We don't have an on-prem Exchange environment, everything is in Exchange online. Our existing distrubution groups all ... how to get the exchange properties back for newly created groups? Kind regards, Eddy

asked Dec 8, 2022 by eddy1985 (20 points)
0 votes
1 answer

I am using an account with global admin permissions to o365, so it does not appear to be that as the issue. Adaxes V.2017.2 Trace logs showing the following [11/02/2022 11:24:58] ... at #2e.#Vh.#h8() at #eb.#Wb.#j8() at #2e.#Uh.Execute(#ib command) Any ideas?

asked Nov 2, 2022 by bbrunning (50 points)
0 votes
1 answer

Hi, In our system we a hybrid domain with Office365, so on prem AD accounts, O365 mailboxes with an OnPrem exchange for some legacy mailboxes. We have a number of AD accounts ... it's an option in a newer version that's absolutely fine as well. Thanks Gary

asked Feb 27, 2020 by gazoco (490 points)
0 votes
1 answer

Receive the following error when trying to access our Exchange properties. "Could not load file or assembly 'System.Management.Automation, Version=3.0.0.0, Culture=neutral, ... recently, and I'm not sure where to begin searching for a solution. Regards.

asked Oct 22, 2018 by jtop (680 points)
3,326 questions
3,026 answers
7,727 comments
544,681 users