Script repository

Check e-mail domains

February 18, 2021 Views: 3518
Exchange Property Validation User Accounts

The script can be used to check whether e-mail addresses that users are trying to assign to a mailbox belong to accepted e-mail domains in Exchange. If any of the addresses do not belong to the accepted domains, the script will stop the operation.

To verify e-mail domains with the help of Adaxes, you need to create a business rule triggered before modifying Exchange properties of a User that runs the script using the Run a program or PowerShell script action.

Parameter:

  • $exchangeServer - Specifies the fully qualified domain name or IP address of your Exchange Server.
Edit Remove
PowerShell
$exchangeServer = "exchangeserver.domain.com" # TODO: modify me

function VerifyMailAddress ($emailAddress, $acceptedDomainNames, [ref]$needCancelOperation)
{
    # Get domain part of the email address
    $emailAddress = $emailAddress.ToString()
    
    $emailAddressDomainPart = $emailAddress.SubString($emailAddress.IndexOf("@") + 1)
    
    # Verify domain part
    foreach ($domainName in $acceptedDomainNames)
    {
        if ($emailAddressDomainPart -eq $domainName)
        {
            return
        }
    }
    
    $Context.LogMessage("Email address '$emailAddress' not allowed" , "Error") # TODO: modify me
    $needCancelOperation.Value = $True
    return
}

try
{
    # Get all accepted domains
    $session = New-PSSession -connectionURI "http://$exchangeServer/powershell" -ConfigurationName Microsoft.Exchange -Authentication Kerberos
    Import-PSSession -session $session
    $acceptedDomains = Get-AcceptedDomain | Where {$_.Name -like "%adm-ParentName%*"}
}
finally
{
    Remove-PSSession -Session $session
}

# Exit the script if no accepted domains found
if ($acceptedDomains -eq $NULL)
{
    $Context.LogMessage("No accepted domains found for %cn%", "Warning") # TODO: modify me
    return
}

$acceptedDomainNames = @()
foreach ($domain in $acceptedDomains)
{
    $acceptedDomainNames += $domain.DomainName.ToString()
}

# Get email addresses
$mailParams = $Context.Action.MailParameters
$emailAddresses = $mailParams.EmailAddresses
$needCancelOperation = $False
$operation = "ADS_PROPERTY_NONE"
for ($i = 0; $i -lt $emailAddresses.Count; $i++)
{
    $emailAddress = $emailAddresses.GetAddress($i, [ref]$operation)

    # Verify email addresses
    if ($emailAddress.OverrideOldValues)
    {
        VerifyMailAddress $emailAddress $acceptedDomainNames ([ref]$needCancelOperation)
    }
    elseif (!($emailAddress.OverrideOldValues) -and ($operation -eq "ADS_PROPERTY_APPEND"))
    {
        VerifyMailAddress $emailAddress $acceptedDomainNames ([ref]$needCancelOperation)
    }
}

# Cancel operation if there any invalid email addresses
if ($needCancelOperation)
{
    $Context.Cancel("You are trying to add invalid email addresses!") # TODO: modify me
}
Comments 0
Leave a comment
Related Scripts

Got questions?

Support Questions & Answers