0 votes

I have a home page action for creating a new distribution group. I added ms-Exch-RequireAuthToSendTo attribute to the form for creation, however it doesn't appear to be honoring the settings, as it always creates the group with this set to true. Is there something I am doing wrong?

by (370 points)

1 Answer

0 votes
by (216k points)
selected by
Best answer

Hello,

Since you are creating a mail-enabled group, most probably, after the group AD object a created, you establish an e-mail address for the group. This means mail-enabling the group in Exchange. When mail-enabling a group, the Exchange Server resets the parameter to defaults.

To work around the issue, you can add a certain boolean (True/False) field to the form for creating mail-enabled groups that will be used to specify whether the new group requires authentication. Then, in your Business Rule that establishes e-mail addresses for new groups, after mail-enabling the group, you can change the Require All Senders are Authenticated option depending on the value of the boolean field.

As for the field that you need to add to the form, you can use one of Adaxes custom attributes that can store boolean values, for example, CustomAttributeBoolean1. Such attributes are not stored in AD, but can be used the same as any other attributes of AD objects.

To implement such a solution, you will need to do the following:

  • Add a boolean field to your Home Page Action that creates distribution groups;
  • Add an action that sets the Require All Senders are Authenticated option to your Business Rule.

i. Add a boolean field to your Home Page Action that creates distribution groups

To add a boolean field to the form used by your Home Page Action:

  1. In the Interface type drop-down list of the Web Interface Customization tool, select the Web Interface in which you've created the Home Page Action.
  2. On the General tab, click Configure Home Page Actions.
  3. Select your Home Page Action and click Edit.
  4. Activate the Form Customization tab.
  5. Click Customize Form.
  6. In the upper list, select a section where you would like to add the boolean field.
  7. Click the Add button located under the lower list.
  8. Select Show all properties a and select a custom attribute that you want to use, for example, CustomAttributeBoolean1.
  9. Click OK 4 times, then click Apply.

ii. Add an action that sets the Require All Senders are Authenticated option to your Business Rule

  1. In the Console Tree of the Administration Console, navigate to and select your Business Rule. The actions and conditions of the rule will be displayed in the Result Pane (located to the right).
  2. Click the Add action to a new set link.
  3. Select Modify Exchange properties and click the Exchange properties button.
  4. Activate the Delivery Management tab.
  5. Activate the Modify list of allowed senders option.
  6. Select All senders.
  7. Click OK 2 times.
  8. Right-click the action you've just added and click Add Condition.
  9. Select If <property> <relation> <value>.
  10. Specify If CustomAttributeBoolean1 equals True, where CustomAttributeBoolean1 is the custom boolean attribute that you've used on the Home Page Action form.
  11. Click OK. This will enable the Require All Senders are Authenticated option when the boolean attribute is set to True.
  12. Repeat steps 2-5.
  13. Select Only senders inside my organization.
  14. Click OK 2 times.
  15. Right-click the action you've just added and click Add Condition.
  16. Select If <property> <relation> <value>.
  17. Specify If CustomAttributeBoolean1 does not equal True.
  18. Click OK. This will disable the Require All Senders are Authenticated option when the boolean attribute is not set to True.
  19. With the help of the arrow buttons at the bottom, make sure that both the sets that you've added are triggered after a group is mail-enabled. You should receive something like this:

Related questions

0 votes
1 answer

Is there a way to create a Business Unit that includes all Users in a OU that a Manager is in the ManagedBy field?

asked Mar 21 by dominik.stawny (280 points)
0 votes
1 answer

I'd like to be able to either send an email report or export a CSV of all of the business rules carried out when a user is disabled. This would be ... Management Activity section but this includes things that weren't part of the disable operation. Thanks

asked Feb 19, 2020 by bavery (250 points)
0 votes
1 answer

Hi, Anyone encounter an error where normal users logins to the Selfservice link is ok but if you use the Service Administrator account to login it will show the error "Fatal error. All web interface components are disabled"?

asked Mar 13, 2013 by Swire (40 points)
0 votes
1 answer

Will it use 1 license for an Active Directory user and his azure account or 2 licenses?

asked Nov 7, 2023 by johanpr (120 points)
0 votes
0 answers

Starting from Adaxes 2023.2, Adaxes uses the EXOv3 PowerShell module for all operations in Exchange Online. This means basic authentication in WinRM can be disabled on ... s OAuth token because the client-side implementation of WinRM does not support OAuth.

asked Mar 1, 2023 by Adaxes (560 points)
3,550 questions
3,241 answers
8,235 comments
547,827 users