We use cookies to improve your experience.
By your continued use of this site you accept such use.
For more details please see our privacy policy and cookies policy.

Script repository

Prohibit changing Exchange mailbox addresses except the primary SMTP address

February 18, 2021 Views: 2122

The script will cancel modification of an Exchange mailbox or mail-enabled user if an attempt is made to modify any email addresses of an Exchange mailbox except the primary SMTP address. It can be used to control which email addresses users can modify.

To use the script with Adaxes, you need to create a business rule triggered before modifying Exchange properties of a user that runs the script using the Run a program or PowerShell script action.

For more information on retrieving email addresses using Adaxes ADSI API, see E-Mail Addresses.

Parameters:

  • $cancelReason - Specifies the error message for cancelling that will be shown to users by the script.
See Also: Make primary SMTP addresses unchangeable.
Edit Remove
PowerShell
$cancelReason = "You are allowed to modify only the primary SMTP address" # TODO: modify me

# Get Exchange properties set by the action
$modifiedMailboxParams = $Context.Action.MailParameters
if (-not($modifiedMailboxParams.EmailAddressesModificationEnabled))
{
    # E-mail addresses are not modified
    return
}

# Get the modified e-mail addresses
$modifiedAddressesCollection = $modifiedMailboxParams.EmailAddresses
if (-not($modifiedAddressesCollection.OverrideOldValues))
{
    $Context.Cancel($cancelReason)
    return
}

$modifiedEmailAddresses = New-Object "System.Collections.Generic.HashSet[System.String]"([System.StringComparer]::OrdinalIgnoreCase)
for ($i = 0; $i -lt $modifiedAddressesCollection.Count; $i++)
{
    $operation = "ADS_PROPERTY_NONE"
    $modifiedEmailAddress = $modifiedAddressesCollection.GetAddress($i,[ref]$operation)
    $modifiedEmailAddresses.Add($modifiedEmailAddress)
}

# Get the current e-mail addresses
$mailboxParams = $Context.TargetObject.GetMailParameters()
$emailAddresses = $mailboxParams.EmailAddresses

# Compare the number of e-mail addresses
if ($modifiedAddressesCollection.Count -ne $emailAddresses.Count)
{
    $Context.Cancel($cancelReason)
    return
}

# Compare the lists of the modified and current e-mail addresses
for ($i = 0; $i -lt $emailAddresses.Count; $i++)
{
    $operation = "ADS_PROPERTY_NONE"
    $emailAddress = $emailAddresses.GetAddress($i,[ref]$operation)
    $modifiedEmailAddresses.Remove($emailAddress) | Out-Null
}

if ($modifiedEmailAddresses.Count -ne 0)
{
    $Context.Cancel($cancelReason)
    return
}
Comments 0
Leave a comment
Loading...

Got questions?

Support Questions & Answers