• State Verified Answer
  • +1 person also asked this people also asked this
  • Replies 3 replies
  • Subscribers 68 subscribers
  • Views 1756 views
  • Users 0 members are here
Options
Related

Modifying workflow from creating Exchange mailbox to creating a 365 mailbox

brian havey
10 months ago

We have a workflow put in place by a previous administrator that creates an Exchange mailbox when a new hire account is placed in a specific OU.  We have recently migrated over to Microsoft 365 and are looking for a way to modify the workflow to create a remote mailbox for 365 instead of the on-prem Exchange mailbox it is currently creating.

From what i've been able to deconstruct from analyzing the workflow parameters, the workflow currently looks for any user accounts where the msExchRecipientDisplayType is blank and then changes the Create User Mailbox (edsaCreateMsExchMailbox) property to True and somehow it generates the formatted email address of firstname.lastname@<ourdomain>.org.  Has anybody created a workflow that will generate a M365 mailbox?

  • +1 10 months ago

    Because of current Microsoft API functionality and limitations, performing Azure-enablement using an Active Roles Workflow is quite complicated. It is necessary to post licensing GUID values and, as such, there is no way to avoid the need of a custom script module.

    In the vast majority of scenarios, I would suggest leveraging Microsoft-native options to create a new O365 mailbox, if possible.

    Usually, the best option is to leverage Microsoft Entra Connect (aka AADConnect) and group-based licensing to create mailboxes.

    You can add Active Roles functionality into this by turning the on-prem licensing groups into Active Roles Dynamic Groups.

  • 0 8 months ago

    Are you in a hybrid exchange? 

    If so, you probably need to run an "enable-remotemailbox".  I do this by having a custom script to run the command.  In my workflow (pre-action) I look to see if the "Create User Mailbox" from the Requested Changes is True.  If so, I write to a custom virtual attribute (edvsa-CreateRemoteMail) to "user".  I do this because I use the same script to create share/room mailboxes too. I then remove all the mail settings from the request (Create User Mailbox, Alias, homeMDB, edsaEstabilshEmail, recipientType(s), targetAddress, mail).  I then take the samAccountName to look up what the user details are to build the smtp for the user.  Yes it takes a bit of cycles to ensure that smtp is available (even checking soft-deleted mailboxes), but only a few extra seconds.  Once I have that, I have enough information to create the enable-remotemailbox request.

    I know, it seems like a lot, but it works.

  • 0 2 months ago in reply to rob.hager

    Hi Rob,

    I just took over for an admin, and they use Active Roles to allow our service desk to onboard new users. However, when we started using this app, we weren't in a hybrid, and now we've fully migrated. So, all new users get created a new user mailbox and I need to have Active Roles create a -remotemailbox. 

    While my brain understands most of what you state above, it has no understanding of Active Roles. Any other information you can provide or links you can point me to would be great. I'm still digging and doing my own research, and this was the closest result that matched what I'm looking for. 

    TIA!