Written by fabio
Microsoft Exchange Server is a mail server, calendaring software and contact manager.
It runs on Windows Server and it is one of the main elements present into a Microsoft infrastructure.
It often happens that one of the first requirements of an identity manager project is to integrate Microsoft Exchange in order to manage, into the global/centralized user workflow, mailboxes and mail contacts as well.
Apache Syncope gives you the possbility to integrate Microsoft Exchange via PowerShell scripts by CMD ConnId connector .
The main integration steps are: PowerShell resource configuration (as aleady described into Apache Syncope and PowerShell scripts post) and PowerShell scripts development.
Scripts must have, more or less, the following structure.
# Create MS Exchange PowerShell session
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri ....
if($session) {
# Invoke remote script
Invoke-Command -Session $session -ScriptBlock {
...
} -ArgumentList ...
# Remove session
Remove-PSSession $Session 2>&1> $Null
}
Search for all mailboxes can be done with the following code.
Invoke-Command -Session $session -ScriptBlock {
param($searchDN)
Get-Mailbox -ResultSize Unlimited -OrganizationalUnit $searchDN -WarningAction SilentlyContinue -ErrorAction SilentlyContinue
} -ArgumentList $searchDN | ForEach-Object -Process {
"--- NEW SEARCH RESULT ITEM ---"
"__UID__=" + $_.SamAccountName
"__NAME__=" + $_.SamAccountName
"__ENABLE__=true"
}
A script to search for a specific mailbox can be something like the following.
Invoke-Command -Session $session -ScriptBlock {
param($uid, $domain)
$user=Get-Mailbox -Identity $domain\$uid -ErrorAction SilentlyContinue
if($user){
"--- NEW SEARCH RESULT ITEM ---"
"__UID__=" + $user.SamAccountName
"__NAME__=" + $user.SamAccountName
"__ENABLE__=true"
}
} -ArgumentList $uid, $domain
The next one can be used to create a new mailbox.
Invoke-Command -Session $session -ScriptBlock {
param($uid, $domain)
$user=Get-Mailbox -Identity $domain\$uid -ErrorAction SilentlyContinue
if(!$user){
$user=Enable-Mailbox -Identity $domain\$uid -ErrorAction SilentlyContinue
}
"__UID__=" + $user.SamAccountName
} -ArgumentList $uid, $domain
With the following script you can remove mailbox/mailuser for a certain user.
Invoke-Command -Session $session -ScriptBlock {
param($uid, $domain}
Disable-Mailuser -Identity $domain\$uid -Confirm:$false -WarningAction SilentlyContinue -ErrorAction SilentlyContinue
Disable-Mailbox -Identity $domain\$uid -Confirm:$false -WarningAction SilentlyContinue -ErrorAction SilentlyContinue
} -ArgumentList $uid, $domain
How to configure Apache Syncope to send notification e-mails
Apache Syncope already provides powerful, tunable attribute validators, enforced by the Core back-end: what about customizing front-end validation?
We put the latest Apache Syncope and PostgreSQL on the bench to try and push to the limit: here are the results
Tirasa joins Maggioli, Metron and University of L'Aquila to shepherd the Italian Public Administration towards Cloud services
PlainID and Tirasa announced the release of a PlainID Dynamic Authorization integrate solution, to enhance its Authorization management capabilities
AULSS 6 Euganea of Padua makes standard-based Open Source user management and IT authorization