ALERT! The community will be read-only starting on April 19, 8am Pacific as the migration begins. Read more for important details.
ALERT! The community will be read-only starting on April 19, 8am Pacific as the migration begins.Read more for important details.
Captain
Captain
443 views

AD Driver - Exchange Provisioning - Specify mail Alias

Jump to solution

 

Hi!

According to AD Driver documentation, during Exchange account provisioning, the driver uses the following cmdlets & parameters:

Enable-Mailbox*: -Identity, -Alias, -Database –DomainController

By default, the email account provided by Exchange uses the Exchange Email Address Policies to define its value (localPart@domain).

Is it possible from a policy in AD Driver to specify/overwrite the “Alias” parameter (localPart)?

Thanks in advance,  

Labels (1)
0 Likes
1 Solution

Accepted Solutions
Captain
Captain

Hi!

Below you can find the solution. Just 

- Replace <Attribute(CN)> with the alias you want to set.

- Set the GCV drv.exchange.server.fqdn with the FQDN of the exchange server. For example: srvexchange.acme.com

<rule>
	<description>sub-ctp-User-mailAlias - Generate mail with alias</description>
	<conditions>
		<and>
			<if-class-name mode="nocase" op="equal">User</if-class-name>
		</and>
	</conditions>
	<actions>
		<do-for-each>
			<arg-node-set>
				<token-added-entitlement name="ExchangeMailbox"/>
			</arg-node-set>
			<arg-actions>
				<do-set-local-variable name="v_exchange_storage" scope="policy">
					<arg-string>
						<token-text xml:space="preserve"> -Database "</token-text>
						<token-xpath expression="es:getEntParamField($current-node,'ID')"/>
						<token-text xml:space="preserve">"</token-text>
					</arg-string>
				</do-set-local-variable>
				<do-set-local-variable name="v_exchange_dc" scope="policy">
					<arg-string>
						<token-text xml:space="preserve"> -DomainController "</token-text>
						<token-global-variable name="drv.exchange.server.fqdn"/>
						<token-text xml:space="preserve">"</token-text>
					</arg-string>
				</do-set-local-variable>
				<do-set-local-variable name="v_user_adcontext" scope="policy">
					<arg-string>
						<token-text xml:space="preserve"> -Identity "</token-text>
						<token-attr name="DirXML-ADContext"/>
						<token-text xml:space="preserve">"</token-text>
					</arg-string>
				</do-set-local-variable>
				<do-set-local-variable name="v_user_mailAlias" scope="policy">
					<arg-string>
						<token-text xml:space="preserve"> -Alias "</token-text>
						<token-attr name="CN"/>
						<token-text xml:space="preserve">"</token-text>
					</arg-string>
				</do-set-local-variable>
				<do-strip-op-attr name="homeMDB"/>
				<do-strip-op-attr name="mailNickname"/>
				<do-set-dest-attr-value name="PSExecute">
					<arg-value type="string">
						<token-text xml:space="preserve">Enable-Mailbox</token-text>
						<token-local-variable name="v_user_adcontext"/>
						<token-local-variable name="v_user_mailAlias"/>
						<token-local-variable name="v_exchange_storage"/>
						<token-local-variable name="v_exchange_dc"/>
					</arg-value>
				</do-set-dest-attr-value>
			</arg-actions>
		</do-for-each>
	</actions>
</rule>

 

Cheers,

View solution in original post

3 Replies
Knowledge Partner Knowledge Partner
Knowledge Partner

Pretty sure that alias is taken from sAMAccountName (normally mapped from IDM CN)

Did play with this many years back, recall you could do some trickery with calling other parameters by abusing the value as supplied to the Database field, but seeing as it is so (deliberately) limited, we generally use the scripting driver for all these PowerShell managed things that sit on top of AD (Exchange, Skype for Business, etc)

Alex McHugh - Knowledge Partner - Stavanger, Norway
Who are the Knowledge Partners
If you appreciate my comments, please click the Like button.
If I have resolved your issue, please click the Accept as Solution button.
Knowledge Partner Knowledge Partner
Knowledge Partner

Alex is right!

Alias use Samaccountname (by default) mapped to CN.

In theory, it can be "overwritten" by injecting to this policy PSEXEC "pseudo-attributes".

I never see proper documentation of using these pseudo attributes, but you can try to play around...

https://www.netiq.com/documentation/identity-manager-47-drivers/ad/data/implementing-powershell-cmdlets-in-active-directory-driver.html

0 Likes
Captain
Captain

Hi!

Below you can find the solution. Just 

- Replace <Attribute(CN)> with the alias you want to set.

- Set the GCV drv.exchange.server.fqdn with the FQDN of the exchange server. For example: srvexchange.acme.com

<rule>
	<description>sub-ctp-User-mailAlias - Generate mail with alias</description>
	<conditions>
		<and>
			<if-class-name mode="nocase" op="equal">User</if-class-name>
		</and>
	</conditions>
	<actions>
		<do-for-each>
			<arg-node-set>
				<token-added-entitlement name="ExchangeMailbox"/>
			</arg-node-set>
			<arg-actions>
				<do-set-local-variable name="v_exchange_storage" scope="policy">
					<arg-string>
						<token-text xml:space="preserve"> -Database "</token-text>
						<token-xpath expression="es:getEntParamField($current-node,'ID')"/>
						<token-text xml:space="preserve">"</token-text>
					</arg-string>
				</do-set-local-variable>
				<do-set-local-variable name="v_exchange_dc" scope="policy">
					<arg-string>
						<token-text xml:space="preserve"> -DomainController "</token-text>
						<token-global-variable name="drv.exchange.server.fqdn"/>
						<token-text xml:space="preserve">"</token-text>
					</arg-string>
				</do-set-local-variable>
				<do-set-local-variable name="v_user_adcontext" scope="policy">
					<arg-string>
						<token-text xml:space="preserve"> -Identity "</token-text>
						<token-attr name="DirXML-ADContext"/>
						<token-text xml:space="preserve">"</token-text>
					</arg-string>
				</do-set-local-variable>
				<do-set-local-variable name="v_user_mailAlias" scope="policy">
					<arg-string>
						<token-text xml:space="preserve"> -Alias "</token-text>
						<token-attr name="CN"/>
						<token-text xml:space="preserve">"</token-text>
					</arg-string>
				</do-set-local-variable>
				<do-strip-op-attr name="homeMDB"/>
				<do-strip-op-attr name="mailNickname"/>
				<do-set-dest-attr-value name="PSExecute">
					<arg-value type="string">
						<token-text xml:space="preserve">Enable-Mailbox</token-text>
						<token-local-variable name="v_user_adcontext"/>
						<token-local-variable name="v_user_mailAlias"/>
						<token-local-variable name="v_exchange_storage"/>
						<token-local-variable name="v_exchange_dc"/>
					</arg-value>
				</do-set-dest-attr-value>
			</arg-actions>
		</do-for-each>
	</actions>
</rule>

 

Cheers,

View solution in original post

The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.