Thank you for specifying. To achieve the desired, you need to create the related Microsoft 365 account first. To do so, you can use the Activate or modify Microsoft 365 account action executed in the business rule triggering After creating a user. In the action configuration, do not select any licenses, just activate the account and it will create a user in Microsoft 365. However, the account creation takes some time. To be sure that the account actually exists before adding it to the Microsoft 365 group, the following approach can be used. You can mark the account by setting, for example, a custom Boolean attribute to True in the business rule triggering After creating a user. Then create a scheduled task that will check whether the user is marked and whether the account actually exists in Microsoft 365. If the conditions are met, the task will run the script that adds the user to the required group and clear the custom Boolean attribute. To check if the user is marked, use the If <property> <relation> <value> condition. To check if the account exists in Microsoft 365, run the below script in the If PowerShell script returns True condition.
To connect to Microsoft 365, the script uses the credentials specified in the Run As section of the condition settings.
For the script to work, you need to install Microsoft Azure Active Directory Module on each computer where Adaxes service is running.
$Context.ConditionIsMet = $False
# Get Microsoft 365 Object ID
$objectId = [Guid]$Context.TargetObject.Get("adm-O365ObjectId")
# Connect to Microsoft 365
$password = ConvertTo-SecureString -AsPlainText -Force -String $Context.RunAs.Password
$credential = New-Object System.Management.Automation.PsCredential($Context.RunAs.UserName, $password)
Connect-MsolService -Credential $credential
# Get user in Microsoft 365
Get-MsolUser -ObjectId $objectId -ErrorAction Stop
$Context.ConditionIsMet = $True
Regarding the modification of the mailbox properties. The mailbox gets created once the user gets the Microsoft 365 license assigned that grants access to Exchange Online. The mailbox creation takes some time as well. It means that you can use the same approach with marking the users and then processing them in a scheduled task. The task will check if the user is marked and has a mailbox in Exchange Online. If the conditions are met, the task will execute the custom command modifying Exchange properties. To make sure that a mailbox exists in Exchange Online, the following script from our repository can be used: https://www.adaxes.com/script-repository/check-whether-user-has-mailbox-in-exchange-online-s303.htm. Finally, the task will clear the custom Boolean attribute used as the mark.
Both, the addition to the group and mailbox modifications can be done in a single scheduled task. The task configuration should look like the following:
For your information, if you assign Microsoft 365 licenses in Adaxes, there is no need to use scheduled tasks and perform all these checks. You can simply assign a Microsoft 365 license with access to Exchange Online in a business rule triggering After creating a user. And in the same rule, right after the action that assigns the license, you can add the action that modifies the Exchange properties of the user mailbox. In this case, Adaxes will periodically check in the background if the mailbox already exists, and will perform the specified modification automatically once the mailbox actually exists.