New-AADConnectRuleAddProxy

2.0

New-AADConnectRuleAddProxy.ps1

                                <#PSScriptInfo

.VERSION 2.0

.GUID 02d90a6f-9352-42e8-90e4-6025a16ff117

.DESCRIPTION Create a new AADConnect rule to add a proxy address pattern to on-premises Active Directory objects.

.AUTHOR Aaron Guilmette

.COMPANYNAME Microsoft

.COPYRIGHT 2022

.TAGS Email Address Policy Template

.LICENSEURI 

.PROJECTURI https://www.undocumented-features.com/2016/08/10/use-aadconnect-to-add-a-proxy-address/

.ICONURI 

.EXTERNALMODULEDEPENDENCIES 

.REQUIREDSCRIPTS 

.EXTERNALSCRIPTDEPENDENCIES 

.RELEASENOTES

#>

<# 

THIS CODE AND ANY ASSOCIATED INFORMATION ARE PROVIDED "AS IS" WITHOUT WARRANTY 

OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE 

IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A PARTICULAR

PURPOSE. THE ENTIRE RISK OF USE, INABILITY TO USE, OR RESULTS FROM THE USE OF 

THIS CODE REMAINS WITH THE USER.

Author: Aaron Guilmette

        aaron.guilmette@microsoft.com

#>

<#

.SYNOPSIS 

Create a new AADConnect rule to add a new proxy address that 

will synchronized back to on-premises AD objects.

.PARAMETER LowestPrecedence

Automatically create new rule as the lowest precedence rule (highest priority).

.PARAMETER NewProxyAddressDomain

Specify the new proxy address domain, e.g. contoso.com.

.PARAMETER Precedence

Choose a precedence value.

.EXAMPLE

.\New-AADConnectRuleAddProxy.ps1 -NewProxyAddressDomain contoso.com -Lowest

Create a new AAD Connect rule to add the proxy address matching contoso.com

using the lowest available precedence rule.

.LINK

https://aka.ms/aarongallery

.LINK

https://www.undocumented-features.com/2016/08/10/use-aadconnect-to-add-a-proxy-address/

#>

param(

    [switch]$LowestPrecedence,

    [string]$NewProxyAddressDomain,

    [string]$Precedence = "90"

    )

$NewProxy = [scriptblock]::Create("`"$NewProxyAddressDomain`"")

[string]$Identifier = [Guid]::NewGuid().ToString()

[string]$Connector = (Get-ADSyncConnector | ? { $_.ConnectorTypeName -eq "AD" }).Identifier.ToString()

If ($LowestPrecedence)

    {

    [array]$AllRulesPrecedence = (Get-ADSyncRule).Precedence

    $Precedence = (($AllRulesPrecedence | Measure-Object -Minimum).Minimum -1)

    }

New-ADSyncRule  `

-Name 'Out to AD - Add Proxy Address' `

-Identifier $Identifier `

-Description '' `

-Direction 'Outbound' `

-Precedence $Precedence `

-PrecedenceAfter '00000000-0000-0000-0000-000000000000' `

-PrecedenceBefore '00000000-0000-0000-0000-000000000000' `

-SourceObjectType 'person' `

-TargetObjectType 'user' `

-Connector $Connector `

-LinkType 'Join' `

-SoftDeleteExpiryInterval 0 `

-ImmutableTag '' `

-OutVariable syncRule

Add-ADSyncAttributeFlowMapping  `

-SynchronizationRule $syncRule[0] `

-Source @('proxyAddresses','mailNickname') `

-Destination 'proxyAddresses' `

-FlowType 'Expression' `

-ValueMergeType 'MergeCaseInsensitive' `

-Expression "IIF(InStr([proxyAddresses],$NewProxy,1,vbTextCompare)=1,[proxyAddresses],""smtp:"" & [mailNickname] & ""@"" & $NewProxy)" `

-OutVariable syncRule

New-Object  `

-TypeName 'Microsoft.IdentityManagement.PowerShell.ObjectModel.ScopeCondition' `

-ArgumentList 'mailNickname','','ISNOTNULL' `

-OutVariable condition0

Add-ADSyncScopeConditionGroup  `

-SynchronizationRule $syncRule[0] `

-ScopeConditions @($condition0[0]) `

-OutVariable syncRule

Add-ADSyncRule  `

-SynchronizationRule $syncRule[0]

Get-ADSyncRule  `

-Identifier $Identifier