Require All Senders are Authenticated

Question

I have a home page action for creating a new distribution group. I added ms-Exch-RequireAuthToSendTo attribute to the form for creation, however it doesn't appear to be honoring the settings, as it always creates the group with this set to true. Is there something I am doing wrong?

Answer 1

Hello,

Since you are creating a mail-enabled group, most probably, after the group AD object a created, you establish an e-mail address for the group. This means mail-enabling the group in Exchange. When mail-enabling a group, the Exchange Server resets the parameter to defaults.

To work around the issue, you can add a certain boolean (True/False) field to the form for creating mail-enabled groups that will be used to specify whether the new group requires authentication. Then, in your Business Rule that establishes e-mail addresses for new groups, after mail-enabling the group, you can change the Require All Senders are Authenticated option depending on the value of the boolean field.

As for the field that you need to add to the form, you can use one of Adaxes custom attributes that can store boolean values, for example, CustomAttributeBoolean1. Such attributes are not stored in AD, but can be used the same as any other attributes of AD objects.

To implement such a solution, you will need to do the following:

• Add a boolean field to your Home Page Action that creates distribution groups;
• Add an action that sets the Require All Senders are Authenticated option to your Business Rule.

i. Add a boolean field to your Home Page Action that creates distribution groups

To add a boolean field to the form used by your Home Page Action:

1. In the Interface type drop-down list of the Web Interface Customization tool, select the Web Interface in which you've created the Home Page Action.
   
2. On the General tab, click Configure Home Page Actions.
   
3. Select your Home Page Action and click Edit.
   
4. Activate the Form Customization tab.
5. Click Customize Form.
   
6. In the upper list, select a section where you would like to add the boolean field.
7. Click the Add button located under the lower list.
   
8. Select Show all properties a and select a custom attribute that you want to use, for example, CustomAttributeBoolean1.
   
9. Click OK 4 times, then click Apply.

ii. Add an action that sets the Require All Senders are Authenticated option to your Business Rule

1. In the Console Tree of the Administration Console, navigate to and select your Business Rule. The actions and conditions of the rule will be displayed in the Result Pane (located to the right).
2. Click the Add action to a new set link.
   
3. Select Modify Exchange properties and click the Exchange properties button.
   
4. Activate the Delivery Management tab.
5. Activate the Modify list of allowed senders option.
6. Select All senders.
   
7. Click OK 2 times.
8. Right-click the action you've just added and click Add Condition.
9. Select If <property> <relation> <value>.
10. Specify If CustomAttributeBoolean1 equals True, where CustomAttributeBoolean1 is the custom boolean attribute that you've used on the Home Page Action form.
    
11. Click OK. This will enable the Require All Senders are Authenticated option when the boolean attribute is set to True.
12. Repeat steps 2-5.
13. Select Only senders inside my organization.
    
14. Click OK 2 times.
15. Right-click the action you've just added and click Add Condition.
16. Select If <property> <relation> <value>.
17. Specify If CustomAttributeBoolean1 does not equal True.
    
18. Click OK. This will disable the Require All Senders are Authenticated option when the boolean attribute is not set to True.
19. With the help of the arrow buttons at the bottom, make sure that both the sets that you've added are triggered after a group is mail-enabled. You should receive something like this: