Written by
Fabio Martelli
  • email
  • twitter
  • linkedin
  • linkedin

Microsoft Exchange Server is a mail server, calendaring software and contact manager. It runs on Windows Server and it is one of the main elements present into a Microsoft infrastructure. It often happens that one of the first requirements of an identity manager project is to integrate Microsoft Exchange in order to manage, into the global/centralized user workflow, mailboxes and mail contacts as well.

Microsoft Exchange Server is a mail server, calendaring software and contact manager.

It runs on Windows Server and it is one of the main elements present into a Microsoft infrastructure.

It often happens that one of the first requirements of an identity manager project is to integrate Microsoft Exchange in order to manage, into the global/centralized user workflow, mailboxes and mail contacts as well.

 

Apache Syncope gives you the possbility to integrate Microsoft Exchange via PowerShell scripts by CMD ConnId connector .

The main integration steps are: PowerShell resource configuration (as aleady described into Apache Syncope and PowerShell scripts post) and PowerShell scripts development.

Scripts must have, more or less, the following structure.

# Create MS Exchange PowerShell session
              $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri ....

              if($session) {
              # Invoke remote script
              Invoke-Command -Session $session -ScriptBlock {
              ...
              } -ArgumentList ...

              # Remove session
              Remove-PSSession $Session 2>&1> $Null
              }

Search for all mailboxes can be done with the following code.

Invoke-Command -Session $session -ScriptBlock {
              param($searchDN)

              Get-Mailbox -ResultSize Unlimited -OrganizationalUnit $searchDN -WarningAction SilentlyContinue -ErrorAction SilentlyContinue

              }  -ArgumentList $searchDN | ForEach-Object -Process {
              "--- NEW SEARCH RESULT ITEM ---"
              "__UID__=" + $_.SamAccountName
              "__NAME__=" + $_.SamAccountName
              "__ENABLE__=true"
              }

A script to search for a specific mailbox can be something like the following.

Invoke-Command -Session $session -ScriptBlock {
              param($uid, $domain)

              $user=Get-Mailbox -Identity $domain\$uid -ErrorAction SilentlyContinue

              if($user){
              "--- NEW SEARCH RESULT ITEM ---"
              "__UID__=" + $user.SamAccountName
              "__NAME__=" + $user.SamAccountName
              "__ENABLE__=true"
              }
              } -ArgumentList $uid, $domain

The next one can be used to create a new mailbox.

Invoke-Command -Session $session -ScriptBlock {
              param($uid, $domain)

              $user=Get-Mailbox -Identity $domain\$uid -ErrorAction SilentlyContinue

              if(!$user){
              $user=Enable-Mailbox -Identity $domain\$uid -ErrorAction SilentlyContinue
              }

              "__UID__=" + $user.SamAccountName
              } -ArgumentList $uid, $domain

With the following script you can remove mailbox/mailuser for a certain user.

 Invoke-Command -Session $session -ScriptBlock {
              param($uid, $domain}

              Disable-Mailuser -Identity $domain\$uid -Confirm:$false -WarningAction SilentlyContinue -ErrorAction SilentlyContinue
              Disable-Mailbox -Identity $domain\$uid -Confirm:$false -WarningAction SilentlyContinue -ErrorAction SilentlyContinue
              } -ArgumentList $uid, $domain
1 VOTIYes, Excellent!Yes, Excellent!
Ti è stato utile questo articolo?
From Tirasa's Blog
The place where we share what we do, learn and discover day by day.
Go to blog >