Script repository
The script cancels the operation if non-primary SMTP address is updated. To execute the script, create a business rule triggering Before modifying Exchange properties of a user.
In the script, the $cancelReason variable specifies the message that will be displays when the operation is cancelled.
$cancelReason = "You are allowed to modify only the primary SMTP address" # TODO: modify me
# Get Exchange properties set by the action.
$modifiedMailboxParams = $Context.Action.MailParameters
if (-not($modifiedMailboxParams.EmailAddressesModificationEnabled))
{
return
}
# Get the modified e-mail addresses.
$modifiedAddressesCollection = $modifiedMailboxParams.EmailAddresses
if (-not($modifiedAddressesCollection.OverrideOldValues))
{
$Context.Cancel($cancelReason)
return
}
$modifiedEmailAddresses = New-Object "System.Collections.Generic.HashSet[System.String]"([System.StringComparer]::OrdinalIgnoreCase)
for ($i = 0; $i -lt $modifiedAddressesCollection.Count; $i++)
{
$operation = "ADS_PROPERTY_NONE"
$modifiedEmailAddress = $modifiedAddressesCollection.GetAddress($i,[ref]$operation)
$modifiedEmailAddresses.Add($modifiedEmailAddress)
}
# Get the current e-mail addresses.
$mailboxParams = $Context.TargetObject.GetMailParameters()
$emailAddresses = $mailboxParams.EmailAddresses
# Compare the number of e-mail addresses.
if ($modifiedAddressesCollection.Count -ne $emailAddresses.Count)
{
$Context.Cancel($cancelReason)
return
}
# Compare the lists of the modified and current e-mail addresses.
for ($i = 0; $i -lt $emailAddresses.Count; $i++)
{
$operation = "ADS_PROPERTY_NONE"
$emailAddress = $emailAddresses.GetAddress($i,[ref]$operation)
$modifiedEmailAddresses.Remove($emailAddress) | Out-Null
}
if ($modifiedEmailAddresses.Count -ne 0)
{
$Context.Cancel($cancelReason)
return
}
Comments 0
You must be signed in to comment.