Mark Minasi's Tech Forum
Sign up Calendar Latest Topics
 
 
 


Reply
  Author   Comment   Page 1 of 2      1   2   Next
meloao

New Friend (or an Old Friend who Built a New Account)
Registered:
Posts: 83
Reply with quote  #1 
I'm trying to figure out to to search the proxyAddresses for SMTP (case sensitive) in AD.

Some users may have multiple proxyAddresses.  One needs to be SMTP and there may or may not be others with smtp (all lowercase).

I wrote a script to get the proxyAddress in assign to a variable "$checkUserProxyAddresses"


From there, I'm thinking I need to go through each address in $checkUserProxyAddresses to see if there is an SMTP.

As an example say a user has the following email addresses:

smtp:john.smith@domain.com, SMTP:jsmith@domain.com, smtp: smith@domain.com


The script should confirm that yes, there is an SMTP address (jsmith@domain.com).

I understand that "-ceq" will check for case sensitivity, but not sure how that will play into the script.   Maybe I could grab the first 4 letters and check for SMTP?
0
meloao

New Friend (or an Old Friend who Built a New Account)
Registered:
Posts: 83
Reply with quote  #2 
I think that will do the trick --- extracting the first 4 letters of the string for each address in proxyAddress.
0
cj_berlin

Avatar / Picture

Senior Member
Registered:
Posts: 362
Reply with quote  #3 
I would use a case sensitive regex like (?-i)SMTP: with Select-String.
__________________
Evgenij Smirnov

My personal blog (German): http://www.it-pro-berlin.de/
My stuff on PSGallery: https://www.powershellgallery.com/profiles/it-pro-berlin.de/
0
Infradeploy

Avatar / Picture

Senior Member
Registered:
Posts: 171
Reply with quote  #4 
You would have to do each address because the value is an array.

 I'd use -clike

$primary = $checkUserProxyAddresses |? -clike "SMTP:*"
if ($Primary.count -eq 1){"Do your thing"};Else {"Panic: $($primary)"}

__________________
Have SpaceSuit, Will Travel

0
cj_berlin

Avatar / Picture

Senior Member
Registered:
Posts: 362
Reply with quote  #5 
Quote:
Originally Posted by Infradeploy
You would have to do each address because the value is an array.

...which is where
Select-String -Pattern "^(?-i)SMTP:"
works exactly like
Where-Object {$_ -clike "SMTP:*"}


Depends on what you're comfortable with.

__________________
Evgenij Smirnov

My personal blog (German): http://www.it-pro-berlin.de/
My stuff on PSGallery: https://www.powershellgallery.com/profiles/it-pro-berlin.de/
0
meloao

New Friend (or an Old Friend who Built a New Account)
Registered:
Posts: 83
Reply with quote  #6 
Thank you both! I will try both methods tomorrow when I return to work and report back. 
0
meloao

New Friend (or an Old Friend who Built a New Account)
Registered:
Posts: 83
Reply with quote  #7 
@Infradeploy

When I enter the code below:

$checkProxyAddress = 'smtp:john.smith@domain.com', 'SMTP:jsmith@domain.com'
$primary = $checkUserProxyAddress |? -clike "SMTP:*"
if ($Primary.count -eq 1){
Write-Host "Primary address is $primary" -ForegroundColor Green
}
Else {
"Panic: $($primary)"
}



I get this error:

? : The specified operator requires both the -Property and -Value parameters. Provide values for both parameters, and then try the command again.
At line:2 char:36
+ $primary = $checkUserProxyAddress |? -clike "SMTP:*"
+ ~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (😉 [Where-Object], PSArgumentException
+ FullyQualifiedErrorId : ValueNotSpecifiedForWhereObject,Microsoft.PowerShell.Commands.WhereObjectCommand

0
meloao

New Friend (or an Old Friend who Built a New Account)
Registered:
Posts: 83
Reply with quote  #8 
@Evgenij

When I put in the following code, it does return the address containing SMTP:

$checkProxyAddress = 'smtp:john.smith@domain.com', 'SMTP:jsmith@domain.com'

foreach ($address in $checkProxyAddress) {

$address | Select-String -Pattern "^(?-i)SMTP:"

}


However, if the none of the addresses in $checkProxyAddress contains SMTP:  then nothing is returned.  Maybe I need an if/else statement?  Something like what Infradeploy has in his code?
 
0
cj_berlin

Avatar / Picture

Senior Member
Registered:
Posts: 362
Reply with quote  #9 
of course you do, if you'd like to take different actions depending on the presence of a default SMTP address.
__________________
Evgenij Smirnov

My personal blog (German): http://www.it-pro-berlin.de/
My stuff on PSGallery: https://www.powershellgallery.com/profiles/it-pro-berlin.de/
0
meloao

New Friend (or an Old Friend who Built a New Account)
Registered:
Posts: 83
Reply with quote  #10 
Ok, I added the regular expression that you recommended Evgenij and it works great.

I want to add the logic to do some task depending on if the SMTP is present or not.  What is happening is that statement in the "IF" parenthesis is displaying the same person's email address.  E.g.  The text "Primary address is $primary" is displaying the same email address.



My code is below:

foreach ($mailAddress in $txtInputO365Users) {

# get samaccountname from email address
$userSAM = Get-ADUser -Filter 'mail -like $mailAddress' -Properties samaccountname| Select-Object -ExpandProperty samaccountname

# get PasswordNeverExpires, PasswordNotRequired, and ProxyAddress attribute
$checkUserPasswordNeverExpires = Get-ADUser -Filter 'mail -like $mailAddress' -Properties mail, passwordneverexpires | Select-Object -ExpandProperty passwordneverexpires
$checkUserPasswordNotRequired = Get-ADUser -Filter 'mail -like $mailAddress' -Properties mail, passwordnotrequired| Select-Object -ExpandProperty passwordnotrequired
$checkUserProxyAddresses = Get-ADUser -Filter 'mail -like $mailAddress' -Properties proxyAddresses | Select-Object -ExpandProperty proxyAddresses
$primaryAddress = $checkUserProxyAddresses | Select-String -Pattern "^(?-i)SMTP:"

# Check for SMTP address
Write-Host "$mailAddress | $checkUserPasswordNeverExpires | $checkUserPasswordNotRequired | $primaryAddress"


if($primaryAddress.count -eq 1) {

write-host "Primary Address is $primary"

}

else {

Write-Host "Primary address does not exist for $mailAddress" -ForegroundColor Red

}

 

}

0
meloao

New Friend (or an Old Friend who Built a New Account)
Registered:
Posts: 83
Reply with quote  #11 
I got it.  I had the wrong variable name.  Instead of $primary it should have been $primaryAddress.
0
cj_berlin

Avatar / Picture

Senior Member
Registered:
Posts: 362
Reply with quote  #12 
Well, actually,


Write-Host "Primary address does not exist for $mailAddress" -ForegroundColor Red

should be

Write-Host "None or multiple primary address entries exist for $mailAddress" -ForegroundColor Red

Both situations indicate that the proxyAddresses attribute has not been managed by Exchange which, strictly speaking, is not supported in an Exchange environment. Of course, identity management or migration tools write to those attributes themselves and obviously yours do not always get it right, or else you wouldn't have this challenge.

In an Exchange environment, not only there has to be exactly one capitalized entry for each address type in proxyAddresses, but also the part after the capital SMTP: has to be identical to the value stored in the mail attribute ("WindowsEmailAddress" in Exchange data model).

__________________
Evgenij Smirnov

My personal blog (German): http://www.it-pro-berlin.de/
My stuff on PSGallery: https://www.powershellgallery.com/profiles/it-pro-berlin.de/
0
meloao

New Friend (or an Old Friend who Built a New Account)
Registered:
Posts: 83
Reply with quote  #13 
Thanks, I corrected the wording.  That makes sense.  


For O365, I believe the mail attribute in AD must match SMTP address in proxyAddress attribute?


0
meloao

New Friend (or an Old Friend who Built a New Account)
Registered:
Posts: 83
Reply with quote  #14 
I want to add another piece to this script ---- date/time the password was last set.

$checkPasswordLastSetDate = Get-ADUser -Filter 'mail -like $mailAddress' -Properties pwdLastSet | Select-Object -ExpandProperty pwdLastSet


$checkPasswordLastSetDate outputs to a string of digits.  I would like to convert this to a human readable date.
0
cj_berlin

Avatar / Picture

Senior Member
Registered:
Posts: 362
Reply with quote  #15 
This is filetime:


[datetime]::FromFileTime($valueFromAD)


But you really should't be asking for the user object multiple times. Do this instead:


$userSAM = Get-ADUser -Filter 'mail -like $mailAddress' -Properties passwordNeverExpires,passwordNotRequired,proxyAddresses,pwdLastSet
$checkUserPasswordNeverExpires = $UserSAM.passwordneverexpires
$checkUserPasswordNotRequired = $UserSAM.passwordnotrequired
$checkUserProxyAddresses = $UserSAM.proxyAddresses
$primaryAddress = $checkUserProxyAddresses | Select-String -Pattern "^(?-i)SMTP:"
$checkPasswordLastSetDate = [datetime]::FromFileTime($UserSAM.pwdLastSet)


You don't have to specify SAMAccountName in the -Properties either because it is in the default set of properties and is always returned, along with distingiushedName and userPrincipalName.

__________________
Evgenij Smirnov

My personal blog (German): http://www.it-pro-berlin.de/
My stuff on PSGallery: https://www.powershellgallery.com/profiles/it-pro-berlin.de/
0
Previous Topic | Next Topic
Print
Reply

Quick Navigation:

Easily create a Forum Website with Website Toolbox.