0 votes

Hi,

Within the view user web interface form the Exchange properties are very useful, but I can't find a way to limit/validate any changes made in there.

For example, I would like administrators to be able to change the primary email address (using the Set As Reply) button, but not add/remove addresses. Are there any hooks via Business Rules or Property Patterns for this section?

Thanks

by (390 points)

1 Answer

0 votes
by (215k points)
selected by
Best answer

Hello,

To achieve what you want, you can create a Business Rule triggered before modifying e-mail addresses that will cancel any attempt to modify e-mail addresses if an operation other than changing the primary address was attempted. To create such a Business Rule:

  1. Create a new Business Rule.

  2. On the 2nd step of the Create Business Rule wizard, select User and Before Modifying Exchange properties of a User.

  3. On the 3rd step, add the Run a program or PowerShell script action.

  4. Paste the following script in the Script field. The script will perform all the checks and cancel the operation, if necessary.

     $cancelReason = "You are not allowed to modify, add or delete SMTP addresses for the recipient. You can only assign a new primary address." # TODO: modify me
    
     # Get Exchange properties set by the action
     $modifiedMailboxParams = $Context.Action.MailParameters
    
     if (-not($modifiedMailboxParams.EmailAddressesModificationEnabled))
     {
         # E-mail addresses are not modified
         return
     }
    
     # Get the modified e-mail addresses
     $modifiedAddressesCollection = $modifiedMailboxParams.EmailAddresses
     if (-not($modifiedAddressesCollection.OverrideOldValues))
     {
         $Context.Cancel($cancelReason)
         return
     }
    
     $modifiedEmailAddresses = New-Object "System.Collections.Generic.HashSet[System.String]"([System.StringComparer]::OrdinalIgnoreCase)
     for ($i = 0; $i -lt $modifiedAddressesCollection.Count; $i++)
     {
         $operation = "ADS_PROPERTY_NONE"
         $modifiedEmailAddress = $modifiedAddressesCollection.GetAddress($i,[ref]$operation)
         $modifiedEmailAddresses.Add($modifiedEmailAddress)
     }
    
     # Get the current e-mail addresses
     $mailboxParams = $Context.TargetObject.GetMailParameters()
     $emailAddresses = $mailboxParams.EmailAddresses
    
     # Compare the number of e-mail addresses
     if ($modifiedAddressesCollection.Count -ne $emailAddresses.Count)
     {
         $Context.Cancel($cancelReason)
         return
     }
    
     # Compare the lists of the modified and current e-mail addresses
     for ($i = 0; $i -lt $emailAddresses.Count; $i++)
     {
         $operation = "ADS_PROPERTY_NONE"
         $emailAddress = $emailAddresses.GetAddress($i,[ref]$operation)
         $modifiedEmailAddresses.Remove($emailAddress) | Out-Null
     }
    
     if ($modifiedEmailAddresses.Count -ne 0)
     {
         $Context.Cancel($cancelReason)
         return
     }
    
  5. Enter a short description for the script and click OK.

  6. Finish creation of the Business Rule.

Related questions

0 votes
1 answer

Hi, In our system we a hybrid domain with Office365, so on prem AD accounts, O365 mailboxes with an OnPrem exchange for some legacy mailboxes. We have a number of AD accounts ... it's an option in a newer version that's absolutely fine as well. Thanks Gary

asked Feb 27, 2020 by gazoco (430 points)
0 votes
1 answer

Receive the following error when trying to access our Exchange properties. "Could not load file or assembly 'System.Management.Automation, Version=3.0.0.0, Culture=neutral, ... recently, and I'm not sure where to begin searching for a solution. Regards.

asked Oct 22, 2018 by jtop (680 points)
0 votes
1 answer

We are looking to implement a new Retention Policy across the company. When i go into a user and select Exchange properties, Retention policy they are all listed to select ... when creating a mailbox, i get NO policies listed see below. Please advise.

asked Nov 13, 2017 by willy-wally (3.2k points)
0 votes
0 answers

In the Adaxes GUI I was able to view exchange properties. Something change and now I am unable to view that from the GUI now all I see is Create mailbox, ... remove exchange attributes. Any idea how to get back to viewing the exchange properties? Thanks

asked Sep 12, 2016 by 7efd721c8b (420 points)
0 votes
1 answer

Good Afternoon, I'm hoping you can assist - I am a new customer and have just completed our installation. We are currently in the throes of migrating from Exchange ... any additional diagnostics I should be running to track down the problem? Many thanks Steve

asked Jul 6, 2015 by steve82 (50 points)
2,803 questions
2,535 answers
6,605 comments
62,218 users