New-AADConnectImportRuleDisableExpiredAccounts.TempPoint

2.0

New-AADConnectImportRuleDisableExpiredAccounts.TempPoint.ps1

                                <#PSScriptInfo

.VERSION 2.0

.GUID 02d90a6f-9352-42e8-90e4-6025a16ff117

.DESCRIPTION Create a new AADConnect rule to add a proxy address pattern to on-premises Active Directory objects.

.AUTHOR Aaron Guilmette

.COMPANYNAME Microsoft

.COPYRIGHT 2022

.TAGS Email Address Policy Template

.LICENSEURI 

.PROJECTURI https://www.undocumented-features.com/2016/08/10/use-aadconnect-to-add-a-proxy-address/

.ICONURI 

.EXTERNALMODULEDEPENDENCIES 

.REQUIREDSCRIPTS 

.EXTERNALSCRIPTDEPENDENCIES 

.RELEASENOTES

THIS CODE AND ANY ASSOCIATED INFORMATION ARE PROVIDED "AS IS" WITHOUT WARRANTY 

OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE 

IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A PARTICULAR

PURPOSE. THE ENTIRE RISK OF USE, INABILITY TO USE, OR RESULTS FROM THE USE OF 

THIS CODE REMAINS WITH THE USER.

Author: Aaron Guilmette

        aaron.guilmette@microsoft.com

#>

<#

.SYNOPSIS 

Create a new AADConnect rule to add a new proxy address that 

will synchronized back to on-premises AD objects.

.PARAMETER LowestPrecedence

Automatically create new rule as the lowest precedence rule (highest priority).

.PARAMETER NewProxyAddressDomain

Specify the new proxy address domain, e.g. contoso.com.

.PARAMETER Precedence

Choose a precedence value.

.EXAMPLE

.\New-AADConnectRuleAddProxy.ps1 -NewProxyAddressDomain contoso.com -Lowest

Create a new AAD Connect rule to add the proxy address matching contoso.com

using the lowest available precedence rule.

.LINK

https://aka.ms/aarongallery

.LINK

https://www.undocumented-features.com/2016/08/10/use-aadconnect-to-add-a-proxy-address/

#>

param(

    [switch]$LowestPrecedence,

    [string]$NewProxyAddressDomain,

    [string]$Precedence = "90"

    )

$NewProxy = [scriptblock]::Create("`"$NewProxyAddressDomain`"")

[string]$Identifier = [Guid]::NewGuid().ToString()

[string]$Connector = (Get-ADSyncConnector | ? { $_.ConnectorTypeName -eq "AD" }).Identifier.ToString()

If ($LowestPrecedence)

    {

    [array]$AllRulesPrecedence = (Get-ADSyncRule).Precedence

    $Precedence = (($AllRulesPrecedence | Measure-Object -Minimum).Minimum -1)

    }

New-ADSyncRule  `

-Name 'Out to AD - Add Proxy Address' `

-Identifier $Identifier `

-Description '' `

-Direction 'Outbound' `

-Precedence $Precedence `

-PrecedenceAfter '00000000-0000-0000-0000-000000000000' `

-PrecedenceBefore '00000000-0000-0000-0000-000000000000' `

-SourceObjectType 'person' `

-TargetObjectType 'user' `

-Connector $Connector `

-LinkType 'Join' `

-SoftDeleteExpiryInterval 0 `

-ImmutableTag '' `

-OutVariable syncRule

Add-ADSyncAttributeFlowMapping  `

-SynchronizationRule $syncRule[0] `

-Source @('proxyAddresses','mailNickname') `

-Destination 'proxyAddresses' `

-FlowType 'Expression' `

-ValueMergeType 'MergeCaseInsensitive' `

-Expression "IIF(InStr([proxyAddresses],$NewProxy,1,vbTextCompare)=1,[proxyAddresses],""smtp:"" & [mailNickname] & ""@"" & $NewProxy)" `

-OutVariable syncRule

New-Object  `

-TypeName 'Microsoft.IdentityManagement.PowerShell.ObjectModel.ScopeCondition' `

-ArgumentList 'mailNickname','','ISNOTNULL' `

-OutVariable condition0

Add-ADSyncScopeConditionGroup  `

-SynchronizationRule $syncRule[0] `

-ScopeConditions @($condition0[0]) `

-OutVariable syncRule

Add-ADSyncRule  `

-SynchronizationRule $syncRule[0]

Get-ADSyncRule  `

-Identifier $Identifier