0 votes

When we create a shared mailbox, we create an associated mail-enabled security group. In the security group I want to populate the description field with the name of the shared mailbox.

In my group pattern specific to an OU that contains mail-enabled security groups, I have added description with a default value of "For access to shared mailbox "%assistant%".

In the web interface I have an action called "Create New Mail-Enabled Security Group and using attribute "assistant" to search for the shared mailbox user and populating the assistant attribute. This works fine but the reference value is pulling the full DN of the shared mailbox user.

How can I get just the "name" of the shared mailbox versus the full DN?

by (280 points)

1 Answer

0 votes
by (194k points)
selected by
Best answer


The thing is that Assistant is a DN syntax property. Unfortunately, there is no possibility to obtain the name of an object specified in the property using value references. It can only be done using a PowerShell script. For example, you can use the below script in a Business Rule triggering Before creating a user. In the script:

  • $propertyToSetName - Specifies the LDAP name of the property to update (description in your example).
  • $dnPropertyName - Specifies the LDAP name of the DN syntax property storing the object whose property value should be used (assistant in your example).
  • $propertyToGetName - Specifies the LDAP name of the property whose value will be obtained from the object stored in the DN syntax property (name in your example).
  • $valueTemplate - Specifies a template for the value to be set. In the template, the {0} placeholder will be replaced with the property value of the object stored in the DN syntax property.
$propertyToSetName = "description" # TODO: modify me
$dnPropertyName = "assistant" # TODO: modify me
$propertyToGetName = "name"  # TODO: modify me
$valueTemplate = "For access to shared mailbox {0}." # TODO: modify me

# Get object name from DN property
    $objectDN = $Context.GetModifiedPropertyValue($dnPropertyName)
    $object = $Context.BindToObjectByDN($objectDN)
    $objectName = $object.Get($propertyToGetName)    

# Update the target object
$value = [System.String]::Format($valueTemplate, @($objectName))
$Context.SetModifiedPropertyValue($propertyToSetName, $value)

Thank you! Works great!

Related questions

0 votes
1 answer

Is it possible to update a Propery Pattern using a powershell script? If a new department OU is created, is it possible to automaticly update the User Pattern's Department property to reflect that a new department has been added?

asked Jan 28, 2013 by kjesoo (7k points)
0 votes
1 answer

Hello, I have trouble understanding the instruction listed here: https://www.adaxes.com/script-repositor ... s-s516.htm What should I put into $propertyForSearch and ... Since Adaxes is not the only system adding new locations to AD. Thank you.

asked Jul 4, 2019 by DLe (3.9k points)
0 votes
1 answer

I am trying to use a property pattern to prevent email forwarding to accounts in other domains managed by Adaxes. Here is my regex: ^([^,]+,)+(DC=domain,DC=local) ... 't working? Is Adaxes using some other value before resolving the DN? Thanks in advance! Leah

asked May 9, 2019 by loliver (710 points)
0 votes
1 answer

I was wondering if it'd be possible to incorporate a property pattern rule for creating groups in specific containers. For example, say I have a container called ... Tubular, and the groups created under these containers would be named accordingly. Thanks!

asked Jul 7, 2012 by Legit (850 points)
0 votes
1 answer

Hi, I am making business rule which calls powershell script and inside the script I need to check whether account which is added to group is security group. I am using Get- ... , the same command return, that group type is security So what am I doing wrong?

asked Feb 20, 2020 by KIT (3.3k points)
2,414 questions
2,166 answers
230,406 users