0 votes

When we create a shared mailbox, we create an associated mail-enabled security group. In the security group I want to populate the description field with the name of the shared mailbox.

In my group pattern specific to an OU that contains mail-enabled security groups, I have added description with a default value of "For access to shared mailbox "%assistant%".

In the web interface I have an action called "Create New Mail-Enabled Security Group and using attribute "assistant" to search for the shared mailbox user and populating the assistant attribute. This works fine but the reference value is pulling the full DN of the shared mailbox user.

How can I get just the "name" of the shared mailbox versus the full DN?

by (120 points)

1 Answer

0 votes
by (270k points)
selected by
Best answer

Hello,

The thing is that Assistant is a DN syntax property. Unfortunately, there is no possibility to obtain the name of an object specified in the property using value references. It can only be done using a PowerShell script. For example, you can use the below script in a Business Rule triggering Before creating a user. In the script:

  • $propertyToSetName - Specifies the LDAP name of the property to update (description in your example).
  • $dnPropertyName - Specifies the LDAP name of the DN syntax property storing the object whose property value should be used (assistant in your example).
  • $propertyToGetName - Specifies the LDAP name of the property whose value will be obtained from the object stored in the DN syntax property (name in your example).
  • $valueTemplate - Specifies a template for the value to be set. In the template, the {0} placeholder will be replaced with the property value of the object stored in the DN syntax property.
$propertyToSetName = "description" # TODO: modify me
$dnPropertyName = "assistant" # TODO: modify me
$propertyToGetName = "name"  # TODO: modify me
$valueTemplate = "For access to shared mailbox {0}." # TODO: modify me

# Get object name from DN property
try
{
    $objectDN = $Context.GetModifiedPropertyValue($dnPropertyName)
    $object = $Context.BindToObjectByDN($objectDN)
    $objectName = $object.Get($propertyToGetName)    
}
catch
{
    return
}

# Update the target object
$value = [System.String]::Format($valueTemplate, @($objectName))
$Context.SetModifiedPropertyValue($propertyToSetName, $value)
0

Thank you! Works great!

Related questions

0 votes
1 answer

Is it possible to update a Propery Pattern using a powershell script? If a new department OU is created, is it possible to automaticly update the User Pattern's Department property to reflect that a new department has been added?

asked Jan 28, 2013 by kjesoo (960 points)
0 votes
1 answer

Hello, I have trouble understanding the instruction listed here: https://www.adaxes.com/script-repositor ... s-s516.htm What should I put into $propertyForSearch and ... Since Adaxes is not the only system adding new locations to AD. Thank you.

asked Jul 4, 2019 by DLe (760 points)
0 votes
1 answer

I am trying to use a property pattern to prevent email forwarding to accounts in other domains managed by Adaxes. Here is my regex: ^([^,]+,)+(DC=domain,DC=local) ... 't working? Is Adaxes using some other value before resolving the DN? Thanks in advance! Leah

asked May 9, 2019 by loliver (120 points)
0 votes
1 answer

Hello, is it possible to update a user attribute (extensionAttribute5) with the name of the group (Name), the user was just added to? Example: In Group A gets a new ... A should be written in the attribute extensionAttribute5 of User A. Can you please help me?

asked Jun 27, 2023 by lohnag (140 points)
0 votes
1 answer

I was wondering if it'd be possible to incorporate a property pattern rule for creating groups in specific containers. For example, say I have a container called ... Tubular, and the groups created under these containers would be named accordingly. Thanks!

asked Jul 7, 2012 by Legit (80 points)
3,326 questions
3,026 answers
7,727 comments
544,678 users