We use cookies to improve your experience.
By your continued use of this site you accept such use.
For more details please see our privacy policy and cookies policy.

Script repository

Check e-mail domains

February 18, 2021 Views: 3519

The script can be used to check whether e-mail addresses that users are trying to assign to a mailbox belong to accepted e-mail domains in Exchange. If any of the addresses do not belong to the accepted domains, the script will stop the operation.

To verify e-mail domains with the help of Adaxes, you need to create a business rule triggered before modifying Exchange properties of a User that runs the script using the Run a program or PowerShell script action.

Parameter:

  • $exchangeServer - Specifies the fully qualified domain name or IP address of your Exchange Server.
Edit Remove
PowerShell
$exchangeServer = "exchangeserver.domain.com" # TODO: modify me

function VerifyMailAddress ($emailAddress, $acceptedDomainNames, [ref]$needCancelOperation)
{
    # Get domain part of the email address
    $emailAddress = $emailAddress.ToString()
    
    $emailAddressDomainPart = $emailAddress.SubString($emailAddress.IndexOf("@") + 1)
    
    # Verify domain part
    foreach ($domainName in $acceptedDomainNames)
    {
        if ($emailAddressDomainPart -eq $domainName)
        {
            return
        }
    }
    
    $Context.LogMessage("Email address '$emailAddress' not allowed" , "Error") # TODO: modify me
    $needCancelOperation.Value = $True
    return
}

try
{
    # Get all accepted domains
    $session = New-PSSession -connectionURI "http://$exchangeServer/powershell" -ConfigurationName Microsoft.Exchange -Authentication Kerberos
    Import-PSSession -session $session
    $acceptedDomains = Get-AcceptedDomain | Where {$_.Name -like "%adm-ParentName%*"}
}
finally
{
    Remove-PSSession -Session $session
}

# Exit the script if no accepted domains found
if ($acceptedDomains -eq $NULL)
{
    $Context.LogMessage("No accepted domains found for %cn%", "Warning") # TODO: modify me
    return
}

$acceptedDomainNames = @()
foreach ($domain in $acceptedDomains)
{
    $acceptedDomainNames += $domain.DomainName.ToString()
}

# Get email addresses
$mailParams = $Context.Action.MailParameters
$emailAddresses = $mailParams.EmailAddresses
$needCancelOperation = $False
$operation = "ADS_PROPERTY_NONE"
for ($i = 0; $i -lt $emailAddresses.Count; $i++)
{
    $emailAddress = $emailAddresses.GetAddress($i, [ref]$operation)

    # Verify email addresses
    if ($emailAddress.OverrideOldValues)
    {
        VerifyMailAddress $emailAddress $acceptedDomainNames ([ref]$needCancelOperation)
    }
    elseif (!($emailAddress.OverrideOldValues) -and ($operation -eq "ADS_PROPERTY_APPEND"))
    {
        VerifyMailAddress $emailAddress $acceptedDomainNames ([ref]$needCancelOperation)
    }
}

# Cancel operation if there any invalid email addresses
if ($needCancelOperation)
{
    $Context.Cancel("You are trying to add invalid email addresses!") # TODO: modify me
}
Comments 0
Leave a comment
Loading...

Got questions?

Support Questions & Answers