Create room mailbox

Question

Hi team,

what is the best approach to create a room mailbox for a MS Teams Room?

I created a "create user action", and assign a Team Pro Licnese to this user. However this will not trigger creation of a mailbox (we using hybrid exchange).

How do we enforce mailbox creation? Do we need to assign E3 license and revoke this later? Or would "create mailbox" action help and later move this to online?

Answer 1

Hello,

Sorry for the confusion, but we are not sure what exactly you need to achieve.

If it is about creating a room mailbox in Exchange Online, you can use the Enable-Mailbox cmdlet with the corresponding parameters. For details on how to connect to Exchange Online in Adaxes scripts, see https://www.adaxes.com/script-repository/connect-to-exchange-with-powershell-s506.htm.

If you need a remote room mailbox, you can use script Room remote mailbox from the following article in our repository: https://www.adaxes.com/script-repository/create-remote-mailbox-s256.htm. For more details on the method used in the script, see https://adaxes.com/sdk/IAdmExchangeRemoteMailboxOps/#EnableRemoteMailboxEx_details.

Either of the scripts should be executed in a business rule triggering After creating a user.

Comments

Hi,

I solved it with EnableRemoteMailboxEx() command, thanks!

Other question, I want to check if the provided mail in form is unique and set it to adm-CustomAttributeText3 before creating the user.

I tried this command, but seems to failing

$Context.SetModifiedPropertyValue("adm-CustomAttributeText3", "$newMail")

I found that "New-AdmUser" has the option for "-otherattributes" but "Set-AdmUser" has not this option

---

Hello,

I tried this command, but seems to failing

Your script is correct and should be executed in a business rule triggering Before creating a user. What makes you think it is failing?

I found that "New-AdmUser" has the option for "-otherattributes" but "Set-AdmUser" has not this option

To achieve the same you can use the -Add and -Replace parameters of the Set-AdmUser cmdlet. However, it will only work in a business rule triggering After creating a user, not before.

---

I have this web form

First try is with email value set during creation and thsi outcome

Second try is with no email set and this outcome

The field Please select final OU is stored in adm-CustomAttributeObject1

This is my script, running before user creation

. "\\xxxxx\xxxx\xxx\functions.ps1"

## Firstname
    $firstname = "%adm-CustomAttributeObject1:format[name],2% Room Mailbox"
    $Context.LogMessage("Firstname will be set to: " + $firstname, "Information") 

    # Update User First Name
    $Context.SetModifiedPropertyValue("givenName", "$firstname")

## Lastname
    $lastname = ReplaceCharacters("%displayName%")
    $Context.LogMessage("Lastname will be set to: " + $lastname, "Information") 

    # Update User Last Name
    $Context.SetModifiedPropertyValue("sn", "$lastname")

## CN
    $Context.LogMessage("CN will be set to: " + $firstname + " " + $lastName, "Information") 

    # Update User CN
    $Context.SetModifiedPropertyValue("cn", "$firstname $lastname")

## Display Name
    $displayNamePrefix = "%adm-CustomAttributeObject1:format[name]%"
    $displayNamePrefix = $displayNamePrefix.Replace("_"," ")
    $Context.LogMessage("Displayname will be set to: $($displayNamePrefix) %displayName%", "Information") 

    # Update User Display Name
    $Context.SetModifiedPropertyValue("displayname", "$($displayNamePrefix) %displayName%")        

## Username
    # Get the username
        $username = "%username%"
        $Context.LogMessage("Username checking: " + $username, "Information")

    # Replace special characters in username
        $username = generateSamaccountnameMailbox -mailboxLocation "%adm-CustomAttributeObject1:format[name],2%" -mailboxDisplayname "%displayName%"
        $Context.LogMessage("Username updated: " + $username, "Information")

    # Update User Logon Name (pre-Windows 2000)
        $Context.SetModifiedPropertyValue("samAccountName", $username)
        $Context.LogMessage("User Logon Name (pre-Windows 2000): $username", "Information")

    # Get domain name
        $domainName = "xyz.com"

    # Update User Logon Name
        $Context.SetModifiedPropertyValue("userPrincipalName", "$username@$domainName")
        $Context.LogMessage("User Logon Name: $username@$domainName", "Information")

## Email
    # Get the email address
        $mail = "%mail%"

    # Check if email is set in form
        if($mail) {
            $Context.LogMessage("Mail checking: " + $mail, "Information")
            # Check if mail is unique
                $uniqueEmail = IsEmailAddressUnique -emailaddress $mail

                if($uniqueEmail -eq $true) {
                    $Context.LogMessage("Mail is unique and can be used", "Information")
                    $Context.SetModifiedPropertyValue("adm-CustomAttributeText3", "$newMail")
                } else {
                    $newMail = generateEmailaddress -emailaddress $mail
                    $Context.LogMessage("Mail is NOT unique and can NOT be used", "Warning")
                    $Context.LogMessage("New Email Address: " + $newMail, "Information")
                    $Context.SetModifiedPropertyValue("adm-CustomAttributeText3", "$newMail")
                }        
        } else {
            # No email provided, will generate one
            $newMail = generateEmailaddress -emailaddress "$($username)@$($domainName)"
            $Context.LogMessage("Mail not provided, will generate one", "Information")
            $Context.LogMessage("New Email Address: " + $newMail, "Information")

            # Update User Mail
            $Context.SetModifiedPropertyValue("adm-CustomAttributeText3", "$newMail")
        }

---

Hello,

The functions used in the script are in a separate file, so we have no possibility to provide any analysis. Please, post here or send us (support@adaxes.com) the contents of the functions.ps1 file in TXT format.

For your information, using such an approach is not recommended. The thing is that you will need to keep the file in mind and act accordingly when the corresponding changes are made. For example, if you decide to move the file to a different location, you will need to update the path in the script. Also, you will need to make sure that all the Adaxes services you have must have access to the file.

---

Sure, here. And I know - but this file will never be moved , only be updated.

I am using this functions for several scripts in Adaxes and its much easier to maintain one file, instead of going into each Adaxes rule and might forget one :)

function ReplaceCharacters($value) {
    $map = @{
            " " = ""; 
            "'" = "";
            "á" = "a";
            "à" = "a";
            "â" = "a";
            "ã" = "a";
            "ą" = "a";
            "ä" = "ae";
            "ç" = "c";
            "ć" = "c";
            "č" = "c";
            "ď" = "d";
            "đ" = "d";
            "é" = "e";
            "è" = "e";
            "ê" = "e";
            "ě" = "e";
            "ę" = "e";
            "ë" = "ee";
            "ǧ" = "g";
            "ň" = "n";
            "ń" = "n";
            "ñ" = "n";
            "ó" = "o";
            "ò" = "o";
            "ô" = "o";
            "õ" = "o";
            "ő" = "o";
            "ø" = "o";
            "ö" = "oe";
            "ř" = "r";
            "í" = "i";
            "ì" = "i";
            "î" = "i";
            "ť" = "t";
            "ú" = "u";
            "ù" = "u";
            "û" = "u";
            "ű" = "u";
            "ü" = "ue";
            "ś" = "s";
            "š" = "s";
            "ý" = "y";
            "ÿ" = "ye";
            "ß" = "ss";
            "þ" = "th";
            "å" = "aa";
            "æ" = "ae";
            "ł" = "l";
            "ż" = "z";
            "ž" = "z";
            "ź" = "z"
            } 

    foreach ($key in $map.Keys) {
        $value = $value.Replace($key, $map[$key])
    }

    #$value = $value -replace '[^\x30-\x39\x41-\x5A\x61-\x7A]+', ''
    #$value = $value -replace '[^a-zA-Z0-9_]', ''
    $value = $value -replace '[\W]', ''

    return $value
}

function ReplaceCharacters_mail($value) {
    $map = @{
            " " = ""; 
            "'" = "";
            "á" = "a";
            "à" = "a";
            "â" = "a";
            "ã" = "a";
            "ą" = "a";
            "ä" = "ae";
            "ç" = "c";
            "ć" = "c";
            "č" = "c";
            "ď" = "d";
            "đ" = "d";
            "é" = "e";
            "è" = "e";
            "ê" = "e";
            "ě" = "e";
            "ę" = "e";
            "ë" = "ee";
            "ǧ" = "g";
            "ň" = "n";
            "ń" = "n";
            "ñ" = "n";
            "ó" = "o";
            "ò" = "o";
            "ô" = "o";
            "õ" = "o";
            "ő" = "o";
            "ø" = "o";
            "ö" = "oe";
            "ř" = "r";
            "í" = "i";
            "ì" = "i";
            "î" = "i";
            "ť" = "t";
            "ú" = "u";
            "ù" = "u";
            "û" = "u";
            "ű" = "u";
            "ü" = "ue";
            "ś" = "s";
            "š" = "s";
            "ý" = "y";
            "ÿ" = "ye";
            "ß" = "ss";
            "þ" = "th";
            "å" = "aa";
            "æ" = "ae";
            "ł" = "l";
            "ż" = "z";
            "ž" = "z";
            "ź" = "z"
            "/" = "-"
            "\" = "-"
            "|" = "-"
            "#" = ""
            "*" = ""
            "+" = ""
            "~" = ""
            } 

    foreach ($key in $map.Keys) {
        $value = $value.Replace($key, $map[$key])
    }

    #$value = $value -replace '[^\x30-\x39\x41-\x5A\x61-\x7A]+', ''
    #$value = $value -replace '[^a-zA-Z0-9_]', ''
    #$value = $value -replace '[\W]', ''

    return $value
}

function generateSamaccountname() {
    [CmdletBinding()]
    Param(
        [Parameter(Mandatory=$True)]
        [string]
        $employee_firstName,

        [Parameter(Mandatory=$True)]
        [string]
        $employee_lastName
    )
    #generate samaccountname based on rules, more rules can be added
    #samaccountname max length is 20 char, a two digit number might be added at the end to avoid duplicates

    $samaccountname = $null
    $samaccountnameStart = ""

    $firstName = $employee_firstName
    $lastName = ReplaceCharacters($employee_lastName)

    $firstName = $firstName.Split("-")[0]
    $lastName = $lastName.Split("-")[0]

    $samaccountnameNum = 1;
    if($firstName -match " ") {
        $firstNameArr = $firstName.split(" ");
        $firstNameArrSplit = $true
    } else {
        $firstNameArr = $firstName
    }

    $firstNameFull = ReplaceCharacters($firstName)

    #try with all first names and full last name
    $samaccountnameStart = "$($firstNameFull).$($lastName)"

    #if over 18 char, use only first first name if multiple
    if ( ($samaccountnameStart.Length -gt 20) -and ($firstNameArrSplit -eq $true) ) {
        $samaccountnameStart = "$($firstNameArr[0]).$($lastName)"
    }
    #if still over 18 char, shorten end/last name
    if ($samaccountnameStart.length -gt 20) {
        $samaccountnameStart = $samaccountnameStart.substring(0, 20);
    }

    $samaccountname = $samaccountnameStart;

    #if samaccountname already exists:
    #reduce to 18 char if needed and add two digits at the end
    $keepLooking = $true;
    while ($keepLooking) {
        try {
            $existingsamaccountname = Get-ADUser -Identity $samaccountname -ErrorAction Stop 
            $samaccountnameStartLength = $samaccountnameStart.Length
            if($samaccountnameStartLength -gt 18) {
                $substringmax = 18
            } else {
                $substringmax = $samaccountnameStartLength
            }
            $samaccountname = $samaccountnameStart.substring(0, $substringmax) + $samaccountnameNum.ToString().PadLeft(2, "0")
            $samaccountnameNum++
        } catch {
            $keepLooking = $false
        }
    }
    return $samaccountname
}

function generateSamaccountnameMailbox() {
    [CmdletBinding()]
    Param(
        [Parameter(Mandatory=$True)]
        [string]
        $mailboxLocation,

        [Parameter(Mandatory=$True)]
        [string]
        $mailboxDisplayname
    )
    #generate samaccountname based on rules, more rules can be added
    #samaccountname max length is 20 char, a two digit number might be added at the end to avoid duplicates

    $samaccountname = $null
    $samaccountnameStart = ""

    $lastName = ReplaceCharacters($mailboxDisplayname)

    $samaccountnameNum = 1;
    $firstNameFull = ReplaceCharacters($mailboxLocation)

    #try with all first names and full last name
    $samaccountnameStart = "$($firstNameFull)_$($lastName)"

    #if over 18 char, use only first first name if multiple
    if ($samaccountnameStart.length -gt 20) {
        $samaccountnameStart = $samaccountnameStart.substring(0, 20);
    }

    $samaccountname = $samaccountnameStart;

    #if samaccountname already exists:
    #reduce to 18 char if needed and add two digits at the end
    $keepLooking = $true;
    while ($keepLooking) {
        try {
            $existingsamaccountname = Get-ADUser -Identity $samaccountname -ErrorAction Stop 
            $samaccountnameStartLength = $samaccountnameStart.Length
            if($samaccountnameStartLength -gt 18) {
                $substringmax = 18
            } else {
                $substringmax = $samaccountnameStartLength
            }
            $samaccountname = $samaccountnameStart.substring(0, $substringmax) + $samaccountnameNum.ToString().PadLeft(2, "0")
            $samaccountnameNum++
        } catch {
            $keepLooking = $false
        }
    }
    return $samaccountname
}

function IsEmailAddressUnique {
    [CmdletBinding()]
    Param(
        [Parameter(Mandatory=$True)]
        [string]
        $emailaddress
    )

    $email = ReplaceCharacters_mail($emailaddress)
    $find = "SMTP:$($email)"
    $find2 = "smtp:$($email)"

    $getUser = Get-ADUser -Filter {(ProxyAddresses -like $find) -or (ProxyAddresses -like $find2)}  -Properties name, enabled, mail -ErrorAction Stop

    if($getUser) {
        return $false           
    } else {
        return $true
    }
}

function generateEmailaddress() {
    [CmdletBinding()]
    Param(
        [Parameter(Mandatory=$True)]
        [string]
        $emailaddress
    )

    $emailAddressNew = $null
    $emailAddressNewStart = ""

    $emailAddressNewStart = ReplaceCharacters_mail($emailaddress)
    $emailAddressNewNum = 1;

    $emailAddressNew = $emailAddressNewStart;

    $find = "SMTP:$($emailAddressNewStart)"
    $find2 = "smtp:$($emailAddressNewStart)"

    $keepLooking = $true;

    while ($keepLooking) {
        $existingEmailAddress = Get-ADUser -Filter {(ProxyAddresses -like $find) -or (ProxyAddresses -like $find2)} -ErrorAction Stop 

        if($existingEmailAddress) {
            $emailAddressNewStartLength = $emailAddressNewStart.Split("@")[0].Length
            if($emailAddressNewStartLength -gt 64) {
                $substringmax = 64
            } else {
                $substringmax = $emailAddressNewStartLength
            }

            $emailAddressNew = $emailAddressNewStart.Split("@")[0].substring(0, $substringmax) + $emailAddressNewNum.ToString().PadLeft(1, "0") + "@" + $emailAddressNewStart.Split("@")[1]
            $emailAddressNewNum++

            $find = "SMTP:$($emailAddressNew)"
            $find2 = "smtp:$($emailAddressNew)"

        } else {
            $keepLooking = $false
        }
    }
    return $emailAddressNew
}

---

One more information I noticed For the ceration with warning, both values are not set

• adm-CustomAttributeObject1
• adm-CustomAttributeText3

---

Hello,

What exactly do you mean by not set? Were the property values not specified on the creation form?

---

adm-CustomAttributeObject1 is a mandantory field and always set, however the warning object has this not set

Warning

No warning

---

Hello,

Thank you for clarifying. It means that the script influences the property values somehow. We will check the lot and get back to you as soon as there are any updates or additional information is required.

---

Hello,

The issue occurred because the custom attribute value was not properly specified in case of unique email. to remedy the issue, replace $newMail with $mail in the below code.

if($uniqueEmail -eq $true)
{
    $Context.LogMessage("Mail is unique and can be used", "Information")
    $Context.SetModifiedPropertyValue("adm-CustomAttributeText3", $mail)
} else {

---

Oh wow, how can I thank you for this? <3 tiny but big impacted issue ... doing a test currently and looking good so far

---

Two more questions about this issue

1. Why is even adm-CustomAttributeObject1 not set? This value is not modified during Powershell Script
2. Is it possible to improve warning level like above and add a line number for better reference?

---

Hello,

Why is even adm-CustomAttributeObject1 not set? This value is not modified during Powershell Script

As per our tests it worked fine. Please, provide us with a screenshot of the corresponding execution log.

Also, we fixed some coding mistakes in your script. Give the below version a try. It will probably give you more details insight on the actual issue.

. "\\xxxxx\xxxx\xxx\functions.ps1"

## Firstname
$firstname = "%adm-CustomAttributeObject1:format[name],2% Room Mailbox"
$Context.LogMessage("Firstname will be set to: " + $firstname, "Information") 

# Update User First Name
$Context.SetModifiedPropertyValue("givenName", $firstname)

## Lastname
$lastname = ReplaceCharacters("%displayName%")
$Context.LogMessage("Lastname will be set to: " + $lastname, "Information") 

# Update User Last Name
$Context.SetModifiedPropertyValue("sn", $lastname)

## CN
$Context.LogMessage("CN will be set to: " + $firstname + " " + $lastName, "Information") 

# Update User CN
$Context.SetModifiedPropertyValue("cn", $firstname + " " + $lastname)

## Display Name
$displayNamePrefix = "%adm-CustomAttributeObject1:format[name]%"
$displayNamePrefix = $displayNamePrefix.Replace("_"," ")
$Context.LogMessage("Displayname will be set to: $($displayNamePrefix) %displayName%", "Information") 

# Update User Display Name
$Context.SetModifiedPropertyValue("displayname", $displayNamePrefix + "%displayName%")        

## Username
# Get the username
$username = "%username%"
$Context.LogMessage("Username checking: " + $username, "Information")

# Replace special characters in username
$username = generateSamaccountnameMailbox -mailboxLocation "%adm-CustomAttributeObject1:format[name],2%" -mailboxDisplayname "%displayName%"
$Context.LogMessage("Username updated: " + $username, "Information")

# Update User Logon Name (pre-Windows 2000)
$Context.SetModifiedPropertyValue("samAccountName", $username)
$Context.LogMessage("User Logon Name (pre-Windows 2000): $username", "Information")

# Get domain name
$domainName = "xyz.com"

# Update User Logon Name
$Context.SetModifiedPropertyValue("userPrincipalName", "$username@$domainName")
$Context.LogMessage("User Logon Name: $username@$domainName", "Information")

## Email
# Get the email address
$mail = "%mail%"

# Check if email is set in form
if($mail)
{
    $Context.LogMessage("Mail checking: " + $mail, "Information")
    # Check if mail is unique
    $uniqueEmail = IsEmailAddressUnique -emailaddress $mail

    if($uniqueEmail -eq $true)
    {
        $Context.LogMessage("Mail is unique and can be used", "Information")
        $Context.SetModifiedPropertyValue("adm-CustomAttributeText3", $newMail)
    }
    else
    {
        $newMail = generateEmailaddress -emailaddress $mail
        $Context.LogMessage("Mail is NOT unique and can NOT be used", "Warning")
        $Context.LogMessage("New Email Address: " + $newMail, "Information")
        $Context.SetModifiedPropertyValue("adm-CustomAttributeText3", $newMail)
    }        
}
else
{
    # No email provided, will generate one
    $email = $username + "@" + $domainName
    $newMail = generateEmailaddress -emailaddress $email
    $Context.LogMessage("Mail not provided, will generate one", "Information")
    $Context.LogMessage("New Email Address: " + $newMail, "Information")

    # Update User Mail
    $Context.SetModifiedPropertyValue("adm-CustomAttributeText3", $newMail)
}

Is it possible to improve warning level like above and add a line number for better reference?

Unfortunately, there is no such possibility.

---

Ok thanks,

Would it be possible, to outsource my script above to a custom command? So instead of executing PS code before creating a user, I would like to execute a command, and this command contains the PS code.

Why?

I would like to maintain only 1 command/PS code for several object types. I would send over a paramater like room or shared mailbox to the custom command to differentiate this.

My first try shows me nothing for %mail% or %firstname%

---

Hello,

Unfortunately, there is no such possibility. The SetModifiedPropertyValue method used in the script can only be executed in business rules triggering before an operation. It will never work in a custom command.