Fortytwo.ChangeEmail.Agent

1.1.0

Public/Start-ChangeEmailAgentActiveDirectoryListener.ps1

                                <#

.DESCRIPTION

    Starts the ChangeEmailAgent listener. The listener continuously checks for password reset requests and processes them.

.SYNOPSIS

    Starts the ChangeEmailAgent listener.

.EXAMPLE

    Start-ChangeEmailAgentActiveDirectoryListener -Sleep 5

#>

function Start-ChangeEmailAgentActiveDirectoryListener {

    [CmdletBinding()]

    Param(

        # Sleep interval in seconds between checks for new requests

        [Parameter(Mandatory = $false)]

        [ValidateRange(1, 10)]

        [int] $Sleep = 60,

        [Parameter(Mandatory = $false)]

        [scriptblock] $RunBlockAfterChange = $null

    )

    process {

        if (!(get-command Set-ADUser* | ? Name -eq Set-ADUser)) {

            Write-Error -Message "Set-ADUser cmdlet is not available. Please ensure the Active Directory module is installed and imported."

            Write-EventLog -LogName "Application" -Source "ChangeEmailAgent" -EventId 1210 -EntryType Error -Message "Set-ADUser cmdlet is not available. Please ensure the Active Directory module is installed and imported." -ErrorAction Continue

            return

        }

        Write-Verbose "Starting ChangeEmailAgent listener with a sleep interval of $Sleep seconds"

        Write-EventLog -LogName "Application" -Source "ChangeEmailAgent" -EventId 1006 -EntryType Information -Message "Starting ChangeEmailAgent listener with a sleep interval of $Sleep seconds" -ErrorAction Continue

        while ($true) {

            $requests = Receive-ChangeEmailAgentRequests

            if ($requests) {

                foreach ($request in $requests) {

                    Write-Verbose "Processing request: $($request | ConvertTo-Json -Depth 5)"

                    if(!$request.onPremisesImmutableId) {

                        Write-Warning "Request does not contain onPremisesImmutableId: $($request | ConvertTo-Json -Depth 5)"

                        Write-EventLog -LogName "Application" -Source "ChangeEmailAgent" -EventId 1008 -EntryType Warning -Message "Request does not contain onPremisesImmutableId: $($request | ConvertTo-Json -Depth 5)" -ErrorAction Continue

                        $request | Complete-ChangeEmailAgentRequest -Status "Failed" -ErrorMessage "Request does not contain onPremisesImmutableId"

                        continue

                    }

                    $immutableid = [System.Convert]::FromBase64String($request.onPremisesImmutableId)

                    $matchingusers = Get-ADUser -Filter { ms-Ds-ConsistencyGuid -eq $immutableid } -Properties mail,proxyAddresses,userPrincipalName

                    if (!$matchingusers) {

                        Write-Warning "No matching user found in Active Directory for request $($request | ConvertTo-Json -Depth 5)"

                        Write-EventLog -LogName "Application" -Source "ChangeEmailAgent" -EventId 1009 -EntryType Warning -Message "No matching user found in Active Directory for request $($request | ConvertTo-Json -Depth 5)" -ErrorAction Continue

                        $request | Complete-ChangeEmailAgentRequest -Status "Failed" -ErrorMessage "No matching user found in Active Directory"

                        continue

                    }

                    if ($matchingusers.Count -gt 1) {

                        Write-Warning "Multiple matching users found in Active Directory for request $($request | ConvertTo-Json -Depth 5)"

                        Write-EventLog -LogName "Application" -Source "ChangeEmailAgent" -EventId 1010 -EntryType Warning -Message "Multiple matching users found in Active Directory for request $($request | ConvertTo-Json -Depth 5)" -ErrorAction Continue

                        $request | Complete-ChangeEmailAgentRequest -Status "Failed" -ErrorMessage "Multiple matching users found in Active Directory"

                        continue

                    }

                    $user = $matchingusers | Select-Object -First 1

                    $proxyaddresses = @(

                        "SMTP:$($request.emailAddress)"

                    )

                    if ($user.proxyAddresses) {

                        $user.proxyAddresses | 

                        Where-Object { $_ -like "smtp:*" } | 

                        Where-Object { $_ -notin $proxyaddresses } | 

                        ForEach-Object {

                            $proxyaddresses += $_ -replace "^SMTP", "smtp"

                        }

                        $user.proxyAddresses | 

                        Where-Object { $_ -notlike "smtp:*" } | 

                        Where-Object { $_ -notin $proxyaddresses } | 

                        ForEach-Object {

                            $proxyaddresses += $_

                        }

                    }

                    $user | Set-ADUser -UserPrincipalName $request.emailAddress -EmailAddress $request.emailAddress -Replace @{

                        proxyAddresses = $proxyaddresses

                    }

                    $request | Complete-ChangeEmailAgentRequest

                }

                if($RunBlockAfterChange) {

                    Write-Verbose "Running custom script block after processing changes"

                    & $RunBlockAfterChange

                }

            }

            else {

                Write-Verbose "No requests found, sleeping for $Sleep seconds"

                Write-EventLog -LogName "Application" -Source "ChangeEmailAgent" -EventId 1007 -EntryType Information -Message "No requests found, sleeping for $Sleep seconds" -ErrorAction Continue

            }

            Start-Sleep -Seconds $Sleep

        }

    }

}