Hello
I have a strange problem, with a Workflow.
The Idea behinde the Workflow is
- We have SharedMailboxes
- For Each SharedMailboxe we built a FullAccess and SendAs Group
- If user is added to the group the workflow starts and we are adding the SendAs Permission for the User via Powershell Script
The problem is that the Add-Permission command is executed according to the debug log, but the SendAs command is not set on the mailbox in the end. If I run the code outside of AR, with the Admin user for AR, by hardcoding a test object, setting the SendAs permission on the mailbox works fine.
Is there any reason why an Exchange Powershell command would not run within a workflow?
function SendAsAdd ($Request) { #Var $ExchangeURL = "https://mail/PowerShell" $domainDN = "DC=XX,DC=CCC,DC=EEE" $Group = $workflow.SavedObjectProperties("Group").get("samAccountName") $Mail = $Group.Replace("_SENDAS", "") # Exchange Connection $SkipCertificate = New-PSSessionOption -SkipCACheck -SkipCNCheck -SkipRevocationCheck $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri $ExchangeURL -Authentication Basic -SessionOption $SkipCertificate -credential $DomainOverrideCredentials.get($domainDN) Import-PSSession -Session $Session -AllowClobber # Get Member of SendAs Group $SendASGroup = @() Get-ADGroupMember $Group | foreach { $SendASGroup += $_.SamAccountName } # Get Users that have send as permission on Mailbox $SendAS = @() Get-Mailbox -Identity $Mail | Get-ADPermission | ? { ($_.ExtendedRights -like "*send*") -and ($_.User -like "*ADDOMAIN*") } | foreach { $user = $_.User.split("\")[1] $SendAS += $user } # Compare Members of Group and User that have permission and if not entitled foreach ($MBXMember in $SendASGroup) { if ($SendAS -match $MBXMember) { } else { $UserToAdd = Get-ADUser -Identity $MBXMember -Properties distinguishedName $MailboxUser = Get-ADUser -Identity $Mail -Properties distinguishedName Add-ADPermission -Identity $MailboxUser -User $UserToadd -AccessRights ExtendedRight -ExtendedRights "Send As" } } Remove-PSSession -Session $Session }