Adaxes

Is there a way to set the immutable ID to null to disconnect mailboxes?

0 votes

We are trying to avoid the issue of deleting accounts and resting accounts, we want to implement disconnecting the account by setting the immutable id to null on accounts we want to keep.

by (20 points)
0

Hello Carlos,

There is no possibility to clear the immutable ID natively in Adaxes. However, it does not seem to be required. Could you, please, describe the desired workflow in all the possible details with live examples?

by (280k points)
0

First I need to state that we do not have any local mailboxes, all of mailboxes are in the could in exchange online, our environment is hybrid for the convenience of making changes in ad and have them replicate to the cloud.

In our hybrid enviroment when we want to disconnect a cloud mailbox Microsoft recommended to move the local AD object to an unsynced OU, what would happend from that point is that the next AD Sync cycle would cause an update in Azure, which in turn would delete the account. We feel it is unnecessary to do this, because we just lost a mailbox last week and MS support is not providing any solutions. We contacted a consultant and he recommeded to just remove the immutable ID instead of moving objects to an unsynced OU which would cause the mailbox to become detached from local AD so in fewer words we are tyring to avoid deleting and restoring users in azure to detach or unbind mailboxes to user adobjects in a hybrid environment.

by (20 points)

1 Answer

0 votes
by (280k points)

Hello Carlos,

Thank you for clarifying. The recommended approach is correct. To achieve the desired, you can use the below script in your deprovisioning workflow. Make sure to install the MgGraph PowerShell module on all the computers where Adaxes service runs.

try
{
    # Get the object ID in Microsoft 365
    $objectId = ([Guid]$Context.TargetObject.Get("adm-AzureId")).ToString()
}
catch
{
    $Context.LogMessage("The user doesn't have a Microsoft 365 account.", "Error")
    return
}
$token = ConvertTo-SecureString -AsPlainText $Context.CloudServices.GetAzureAuthAccessToken() -Force

# Creat on-premises immutable ID
Connect-MgGraph -AccessToken $token
Update-MgUser -UserId $objectId -OnPremisesImmutableId @{}

Related questions

0 votes
1 answer
Is there a way to set up MFA push with Duo?

I am testing using MFA and we use Duo. I havn't seen where we can set up push instead of adding having the end users set up another account for Duo.

asked Jan 11 by mightycabal (1.0k points)
0 votes
1 answer
Is there any way to add a warning when adding a group member that is already part of the group?

Is there any way to add a warning message when someone tries to add a group member that already is member? Checked config but found nothing related. Added a new member that ... the group and there is no warning, and the logs show that the task was completed.

asked Jul 9 by lramirez (20 points)
0 votes
1 answer
Is there a way to see the actions a users just completed in the Frontend GUI?

For instance let's say our Ops team has created a role group based on a request from our ticketing software. They would then like to have the creation log on their home page so they can past the info into their ticket.

asked Jul 2 by ray.edelman (20 points)
0 votes
1 answer
Is there a way to update the account expiry after a user logs into a computer?

Hello, I'm trying to create a business rule that will update a user account expiry date when that user logs in for the first time. I'm new to Adaxes, so I don't have a ... updated by a user's action, such as "Last Logon". Is it possible to make this work?

asked Mar 6 by sjjb2024 (60 points)
0 votes
1 answer
is there a way to update the user photo in O365?

I'm looking at this onliner Set-AdmUser -Identity $DN -Replace @{AADPHoto = $photoBytes} -AdaxesService localhost -Server. I get an illegal operation error. Wondering what I ... the photo in AD and Azure at the same time to avoid waiting for synchronization.

asked Jan 30 by mightycabal (1.0k points)
3,439 questions
3,135 answers
7,993 comments
546,398 users