Challenge
Metro Health has been a long time user of Adaxes for provisioning user accounts. Recently our organization migrated from on-premise Groupwise to Outlook in the cloud. The migration was large disrupter for our team as we were use to launching Powershell scripts to manage email setup in Groupwise, then to login and manually cleanup a few items in Groupwise. Conference room setup and changes, user proxy and shared mailbox assignments were all managed manually in Groupwise.
Solution
During a time we were short staffed and weak on developers, Adaxes shined when we converted to Azure/Outlook. In under 50 hours of work and very little testing, our team was able to automate the email setup in Azure/Outlook, build an Adaxes interface to manage conference room setup, proxy, vacation rule changes and shared mailboxes all from a single Adaxes console. While we had changed the organization from old to new, handling hundreds of calls, we were able to build out added features, functionality and make it easier for our small team to manage account provisioning more efficiently. Using Adaxes, managing conference rooms has never been easier. From the Adaxes administration interface, our account administrators are able to take ticket requests for new rooms and easily create conference rooms correctly. This process begins by selecting the "Create Conference Room" from the main Adaxes administration page. The administrator is presented with the pre-selected attributes we require for all new conference rooms. The administrator adds all the required attributes through the web-interface form. We see all of the property patterns that are specific to the Email Only container. A Powershell script is run before the user is created which removes all spaces from the username and email address; and replaces them with underscores. A CustomAttributeText11 attribute is added to all new conference rooms being created "Create Resource Mailbox." The business rule for for Conference Rooms is run on the EmailOnly container and only if the CustomAttributeText11 is equal to "Create Resource Mailbox". It adds the user to the Active Directory Security Group for Office365 licenses, enables the remote mailbox on our hybrid server, and adds a value to the proxyAddresses attribute. Once every 20 minutes a scheduled task is run to check for users with CustomAttributeText11 is equal to "Create Resource Mailbox" and verifies that the exchange mailbox has been provisioned. If these conditions are true, the mailbox is converted into a resource mailbox on the hybrid server, run PowerShell to disable adding the calendar organizer to the subject, and modify the CustomAttributeText11 to "Once a day." Once every day at 11:00 PM a scheduled task is run to check for users with CustomAttributeText11 equal to "Once a day." If this holds true we run Powershell to add the new conference room to the "ConferenceRoomList" security enabled distribution group for searching in Office365, it also removes the licensing security group as resource rooms do not require a license. Lastly the "CustomAttributeText11" is cleared. We are energized about the Adaxes features that we did not know we had.
Benefits
Time to build out additional account provisioning user interface was under 50 hours. Time to improve our teams responsiveness to the business needs was enhanced.
John Weller
Chief Information Security Officer