0 votes

When creating an user I want to give the user full access rights to another mailbox. I,ve searched for some code but have no documentation about the correct syntax. How can I accomplish this (below partial code I think I must use...)

[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi")

$admNS = New-Object "Softerra.Adaxes.Adsi.AdmNamespace"
$admService = $admNS.GetServiceDirectly("Adaxes01")

$admProp = Get-AdmUser [user]-AdaxesService "Adaxes01"
$DN = $admProp | Select-Object -ExpandProperty DistinguishedName

# Bind to user object
$userDN = "$DN"
$user = $admService.OpenObject("Adaxes://$userDN", $NULL, $NULL, 0)

$userparams = {}
$userParams = New-Object "Softerra.Adaxes.Adsi.Exchange.AdmExchangeMailboxParameters"

Thnx Remco

by (780 points)

1 Answer

0 votes
by (216k points)

Hello Remco,

The following script will do the job. In the script, $mailboxDN specifies the Distinguished Name (DN) of the mailbox, full access to which will be granted. Modify it to your requirements.

$mailboxDN = "CN=John Doe,OU=Users,DC=example,DC=com" # TODO: Modify me

# Create a reference to the new user
$userReference = New-Object "Softerra.Adaxes.Adsi.AdmObjectReference"
$userReference.ObjectDN = "%distinguishedName%"

# Create the Allow Full Mailbox Access permission for the user
$permission = New-Object "Softerra.Adaxes.Adsi.Exchange.AdmExchangeMailboxPermission"(
    "ADM_EXCHANGE_MAILBOX_RIGHTS_FULL_ACCESS",
    0,
    $userReference)

# Create an empty instance of mailbox parameters and add the permission to the instance
$mailboxParams = New-Object "Softerra.Adaxes.Adsi.Exchange.AdmExchangeMailboxParameters"
$permissionModification = New-Object "Softerra.Adaxes.Adsi.Exchange.AdmExchangeMailboxRightsModification"
$permissionModification.Operation = "ADS_PROPERTY_APPEND"
$permissionModification.Permission = $permission
$mailboxRights = $mailboxParams.MailboxRights
$mailboxRights.AddModification($permissionModification)
$mailboxParams.MailboxRights = $mailboxRights

# Bind to the mailbox
$mailbox = $Context.BindToObjectByDN($mailboxDN)

# Save the new permission to the mailbox
$mailbox.SetMailParameters($mailboxParams, "ADM_SET_EXCHANGE_PARAMS_FLAGS_NONE")

For instructions on how to automatically run the script upon creation of each new user, see Run PowerShell Script after Creating a User.

Related questions

0 votes
1 answer

We have multiple business rules related to the modification of user properties which are specifically tailored for certain tasks. I'm trying to add another business rule which ... want the first rule to trigger. Hopefully this makes sense. Thanks in advance!

asked Apr 14, 2023 by Homelander90 (350 points)
0 votes
1 answer

This is more a general question to the community not a support request - What tools or products have you integrated into your Adaxes workflows? One example that I did was ... calling a custom command to pass user properties to Adaxes. What are your ideas? :)

asked Apr 4, 2023 by GronTron (320 points)
0 votes
1 answer

We want to automate the provisioning of skype users with adaxes. Therefore we installed the Skype module onto the adaxer server. Then we tried to utilise some commands in a ... . How can the Skype module be integrated for Adaxes? Thank you for your help.

asked Apr 23, 2020 by PGstoehl (100 points)
0 votes
1 answer

Is there a way to use the built-in "Modify Exchange Properties" action to add a mailbox delegate that only resides in the cloud? We can do it via a powershell script, but I ... action. For example, I want to add "Company Administrator" to a user via the GUI:

asked Sep 14, 2015 by yourpp (540 points)
0 votes
1 answer

We need to run a scheduled task twice a year, so I chose every 182 days like it's suggested in here, only problem is that there is no way to change the next run ... really don't want these tasks to be triggered again if they've already been executed this year.

asked May 8 by boing (20 points)
3,549 questions
3,240 answers
8,232 comments
547,814 users