Search code examples
c#powershellactive-directoryexchange-serverexchange-management-shell

Set the Active Directory account properties during a New-Mailbox creation with PowerShell


I am using Exchange 2010. I am currently creating a new mailbox account with the PowerShell cmdlet New-Mailbox in c#.

It is possible to create a new mailbox dynamically (c#)? Here's the code I am using:

// Prepare the credentials that will be used when connecting
// to the server. More info on the user to use on the notes
// below this code snippet.
string runasUsername = @"xxxxx";
string runasPassword = "xxxxx";
SecureString ssRunasPassword = new SecureString();
foreach (char x in runasPassword)
    ssRunasPassword.AppendChar(x);
PSCredential credentials =
    new PSCredential(runasUsername, ssRunasPassword);

// Prepare the connection
var connInfo = new WSManConnectionInfo(
    new Uri("http://yourip/PowerShell"),
    "http://schemas.microsoft.com/powershell/Microsoft.Exchange",
    credentials);
connInfo.AuthenticationMechanism =
    AuthenticationMechanism.Basic;

// Create the runspace where the command will be executed
var runspace = RunspaceFactory.CreateRunspace(connInfo);

// generate the command parameters
var testNumber = 18;
var firstName = "Test";
var lastName = "User" + testNumber;
var username = "tuser" + testNumber;
var domainName = "dom.dom.ca";
var password = "qwerty123";
var ssPassword = new SecureString();
foreach (char c in password)
    ssPassword.AppendChar(c);

// create the PowerShell command
var command = new Command("New-Mailbox");
command.Parameters.Add("Name", firstName + " " + lastName);
command.Parameters.Add("Alias", username);
command.Parameters.Add(
    "UserPrincipalName", username + "@" + domainName);
command.Parameters.Add("SamAccountName", username);
command.Parameters.Add("FirstName", firstName);
command.Parameters.Add("LastName", lastName);
command.Parameters.Add("Password", ssPassword);
command.Parameters.Add("ResetPasswordOnNextLogon", false);
command.Parameters.Add("OrganizationalUnit", "NeumontStudents");

// Add the command to the runspace's pipeline
runspace.Open();
var pipeline = runspace.CreatePipeline();
pipeline.Commands.Add(command);

// Execute the command
var results = pipeline.Invoke();

runspace.Dispose();

if (results.Count > 0)
    MessageBox.Show("SUCCESS");
else
    MessageBox.Show("FAIL");

(Source) Here's the complete tutorial

My goal is to set the account properties during the mailbox creation :

  1. Adress (Street, City, etc)
  2. Phone number
  3. Description
  4. Fax
  5. Etc

But it looks like the command cmdlet New-Mailbox missing all these parameters. New-Mailbox documentation

Is this possible to set these parameters during the creation of the mailbox ?


Solution

  • I don't know C#, but I can tell you how to do it from the Exchange Management Shell, and leave it to you to invoke the commands from C#, which it appears you have no problem with.

    The easiest way is to use Exchange Management Shell's Set-User cmdlet:

    Set-User -Identity barack.obama -StreetAddress '1600 Pennsylvania Ave NW' -City 'Washington' -StateOrProvince 'D.C.' -PostalCode '20500' -Phone '202-456-1111' -Fax '202-456-2461'
    

    -Identity can be any identity parameter that you can use with Get-Mailbox, including SamAccountName, UserPrincipalName, SmtpAddress, Identity, Alias, a few otehrs. You can also pipe mailbox objects to Set-User and leave out -Identity. In fact, you can pipe the New-Mailbox cmdlet directly to Set-User, because it returns the mailbox object it creates:

    New-Mailbox [...] | Set-User -StreetAddress [...]
    

    The parameter names don't always match the AD attribute names. For example, -Phone maps to the officePhone AD attribute; there's also a -HomePhone parameter, which maps to the homePhone attribute.

    However, Set-User is limited to a certain subset of Active Directory properties. It will do most of what you want, but description is not exposed through this cmdlet. There may be some other attributes in your "Etc" that aren't exposed. To set other attributes, you'll need to use some other method of updating Active Directory.

    However, it's not difficult to integrate that into an EMS script. You'll always have the AD management tools available on an Exchange Server, so you can use dsmod, which can update a different subset of attributes, including description:

    dsmod user (Get-Mailbox barack.obama).DistinguishedName -desc 'Description'
    

    The first parameter after the object type (user) is the distinguished name, which you can read from the mailbox with (Get-Mailbox barack.obama).DistinguishedName.

    Again, the parameter names don't match the AD attributes, but you can get a full list by typing dsmod user /?. To pipe directly from New-Mailbox:

    New-Mailbox [...] | select -ExpandProperty DistinguishedName | %{dsmod user $_ -desc 'Description'}
    

    Other options:

    • PowerShell's ADSI provider. A little clunkier, because you can't set multiple attributes with one command, and you have to commit the changes at the end, but it does enable you to modify any settable attribute. Here's an example:

      $user = [adsi]("LDAP://" + (Get-User barack.obama).DistinguishedName)
      $user.telephoneNumber = '202-456-1111'
      $user.streetAddress = '1600 Pennsylvania Avenue NW'
        [etc...]
      $user.SetInfo()
      
    • The Set-ADUser cmdlet. This one can modify any attribute you'll want to set and can set multiple attributes in a single command, and is probably the easiest to use, but of course there's a catch: You need to import the ActiveDirectory module, which won't be available out of the box on an Exchange 2010 server.