This requirement can be met attaching below script to the ERFM policy:
function onPostCreate($Request)
{
if ($Request.Class -ne "user") {
$EventLog.ReportEvent(2, $Request.DN + " is not a user account objectClass, exiting...")
return }
else {
$mailboxGUID = Get-QADUser -Identity $Request.DN -IncludedProperties adminDescription | select -ExpandProperty adminDescription
if (!$mailboxGUID) {return}
$mailboxDetails = Get-QADUser -Identity $mailboxGUID -IncludedProperties edsaDnsName, DN | select DN, edsaDnsName, samAccountName
if (($mailboxDetails.edsaDnsName) -and ($mailboxDetails)) {
$UPN = $mailboxDetails.samAccountName + "@" + $mailboxDetails.edsaDnsName
try {Set-QADUser -Identity $mailboxDetails.DN -ObjectAttributes @{'userPrincipalName' = $UPN }}
catch {$EventLog.ReportEvent(1, $mailboxDetails.DN + " had error(s) in setting UPN attribute, exit code was " + $Error[0])}
}
else {
$EventLog.ReportEvent(1, "User " + $Request.DN + " mailbox not found. Exiting... ")
return}
$verification = Get-QADUser -Identity $mailboxDetails.DN -IncludedProperties userPrincipalName | select -ExpandProperty userPrincipalName
if ($verification -eq $UPN) {$EventLog.ReportEvent(4, "Successfully set UPN attribute for linked mailbox " + $mailboxDetails.DN) }
else {$EventLog.ReportEvent(1, $mailboxDetails.DN + " had error(s) in setting UPN attribute, exiting...")}
}
}
© ALL RIGHTS RESERVED. Feedback Terms of Use Privacy Cookie Preference Center