0 votes

We have several domains in use. A users default email reply to address is based on brand employee is working for.

Default value in the property pattern is %firstname:lower%.%lastname:lower%

Is it possible to add domain based on OU user belongs to?

For UPN there's PS Script:

$propertyName = "company" # TODO: modify me
$upnSuffixMap = @{
    "aaa.com" = @("aaa")
    "bbb.com" = @("bbb")
    "ccc.com" = @("ccc")
    "company.local" = @("External")
} # TODO: modify. Example: $upnSuffixMap = @{"<UPN Suffix>" = @("<Property Value 1>", "<Property Value 2>")}

# Get property value
try
{
    $value = $Context.TargetObject.Get($propertyName)
}
catch
{
    return # Property is empty
}

# Get UPN Suffix
$upnSuffix = $NULL
foreach ($item in $upnSuffixMap.GetEnumerator())
{
    if ($item.Value -notcontains $value)
    {
        continue
    }

    $upnSuffix = $item.Key
    break
}

if ([System.String]::IsNullOrEmpty($upnSuffix))
{
    $Context.LogMessage("UPN suffix is not specified for '$value'. Default UPN suffix will be used.", "Warning")
    return
}

# Get UPN
$userPrincipalName = "%userPrincipalName%"
if ([System.String]::IsNullOrEmpty($userPrincipalName))
{
    $Context.LogMessage("Cannot assign a UPN suffix because the user logon name is empty", "Warning")
    return
}

# Build new UPN
$userPrincipalName = $userPrincipalName.SubString(0, $userPrincipalName.IndexOf("@")) + "@$upnSuffix"

# Save changes
$Context.TargetObject.Put("userPrincipalName", $userPrincipalName)
$Context.TargetObject.SetInfo()
by (210 points)
0

Hello,

Sorry for the confusion, but we are not sure what exactly you have configured and what changes are required. Could you, please, describe the existing and desired workflow in all the possible details with live examples? Also, please, post here or send us (support@adaxes.com) a screenshot of the property pattern you have.

Any additional information will be much appreciated.

1 Answer

+1 vote
by (289k points)
selected by
Best answer

Hello,

Thank you for the provided details. You can remove the constraint for the property from the property pattern and use the below script in a business rule triggering After creating a user. In the script:

  • $prefixTemplate - Specifies a template for the value prefix. You can use value references in the template. They will be resolved into corresponding property values.
  • $suffixPropertyName - Specifies the LDAP name of the property whose value will be used to determine the suffix for the property value.
  • $valuesToSuffixes - Maps values of the property specified in the $suffixPropertyName variable with the corresponding suffixes.
  • $propertyToSetName - Specifies the LDAP name of the property to be updated with the resulting value.
$prefixTemplate = "%firstname:lower%.%lastname:lower%" # TODO: modify me
$suffixPropertyName = "company" # TODO: modify me
$valuesToSuffixes = @{
    "aaa" = "aaa.com"
    "bbb" = "bbb.com"
    "ccc" = "ccc.com"    
} # TODO: modify me
$propertyToSetName = "mail" # TODO: modify me

# Get property value
try
{
    $propertyValue = $Context.TargetObject.Get($suffixPropertyName)
}
catch
{
    $Context.LogMessage("Property $propertyName is not set for user %fullname%", "Information")
    return
}

# Build value
$suffix = $valuesToSuffixes[$propertyValue]

if ($NULL -eq $suffix)
{
  $Context.LogMessage("Email suffix is not specified for '$propertyValue'.", "Warning")
  return
}

$value = $prefixTemplate + "@" + $suffix

# Update the user
$Context.TargetObject.Put($propertyToSetName, $value)
$Context.TargetObject.SetInfo()

Related questions

0 votes
1 answer

The use case we are looking for is providing a list of titles for users to choose from when initiating a re-hire. We already have a title property pattern established and would ... that we can manage the list in one place. Let me know and as always, thanks.

asked 13 hours ago by msheppard (470 points)
0 votes
1 answer

Is there a way I can bypass a property pattern for a set of users? For example we have an AP team that creates an account and want to restrict Job Title and Department to a ... we would like to be able to override that list. Is there an easy way to do that?

asked Sep 5 by curtisa (290 points)
0 votes
1 answer

I have a specific computer property pattern for three different types of computers, which live in three different OUs and are in three different business units. I will have ... How do I enforce a property pattern for a specific business unit at creation time?

asked Jul 17, 2023 by bennett.blodinger (60 points)
0 votes
1 answer

My webform is not picking info based off the property pattern template specifically the logon name and the UPN

asked Mar 8, 2022 by Keonip (180 points)
0 votes
1 answer

When we create a shared mailbox, we create an associated mail-enabled security group. In the security group I want to populate the description field with the name of the shared mailbox ... How can I get just the "name" of the shared mailbox versus the full DN?

asked Feb 4, 2021 by atnorman (120 points)
3,548 questions
3,238 answers
8,232 comments
547,811 users