-
Notifications
You must be signed in to change notification settings - Fork 10
/
Disable-OriginalDL.ps1
105 lines (72 loc) · 3.98 KB
/
Disable-OriginalDL.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
<#
.SYNOPSIS
This function disabled the on premies distribution list - removing it from azure ad and exchange online.
.DESCRIPTION
This function disabled the on premies distribution list - removing it from azure ad and exchange online.
.PARAMETER parameterSet
These are the parameters that will be manually cleared from the object in AD mode.
.PARAMETER DN
The DN of the group to remove.
.PARAMETER GlobalCatalog
The global catalog server the operation should be performed on.
.PARAMETER UseOnPremisesExchange
If set to true disablement will occur using the exchange on premises powershell commands.
.PARAMETER adCredential
The active directory credential for AD operations.
.OUTPUTS
No return.
.EXAMPLE
Disable-OriginalDL -originalDLConfiguration $configuration -globalCatalogServer $GC -parameterSet $parameterArray -adCredential $cred
#>
Function Disable-OriginalDL
{
[cmdletbinding()]
Param
(
[Parameter(Mandatory = $true)]
$originalDLConfiguration,
[Parameter(Mandatory = $true)]
[string]$globalCatalogServer,
[Parameter(Mandatory = $false)]
[array]$parameterSet="None",
[Parameter(Mandatory = $false)]
[boolean]$useOnPremisesExchange=$FALSE,
[Parameter(Mandatory = $true)]
$adCredential,
[Parameter(Mandatory = $false)]
[ValidateSet("Basic","Negotiate")]
$activeDirectoryAuthenticationMethod="Negotiate"
)
#Output all parameters bound or unbound and their associated values.
write-functionParameters -keyArray $MyInvocation.MyCommand.Parameters.Keys -parameterArray $PSBoundParameters -variableArray (Get-Variable -Scope Local -ErrorAction Ignore)
#Declare function variables.
$functionDLConfiguration=$NULL #Holds the return information for the group query.
[string]$functionCustomAttribute1="MigratedByScript"
[string]$functionCustomAttribute2=$originalDLConfiguration.mail
#Start function processing.
Out-LogFile -string "********************************************************************************"
Out-LogFile -string "BEGIN Disable-OriginalDLConfiguration"
Out-LogFile -string "********************************************************************************"
out-logfile -string ("Disabled DL Custom Attribute 1 = "+$functionCustomAttribute1)
out-logfile -string ("Disabled DL Custom Attribute 2 = "+$functionCustomAttribute2)
#Get the group using LDAP / AD providers.
try
{
set-adgroup -identity $originalDLConfiguration.distinguishedName -server $globalCatalogServer -clear $parameterSet -credential $adCredential -authType $activeDirectoryAuthenticationMethod -errorAction Stop
}
catch
{
out-logfile -string "Unable to mail disable the original distribution group. Failing entire job - manual cleanup required - hybrid mail flow cannot proceed."
Out-LogFile -string $_ -isError:$TRUE
}
#Now that the DL is disabled - use this oppurtunity to write the custom attributes to show it's been migrated.
out-logfile -string "The group has been migrated and is retained - set custom attributes with original information for other migration dependencies."
try {
set-adgroup -identity $originalDLConfiguration.distinguishedName -add @{extensionAttribute1=$functionCustomAttribute1;extensionAttribute2=$functionCustomAttribute2} -server $globalCatalogServer -credential $adCredential -authType $activeDirectoryAuthenticationMethod -errorAction STOP
}
catch {
out-logfile -string $_ -isError:$TRUE
}
Out-LogFile -string "END Disable-OriginalDLConfiguration"
Out-LogFile -string "********************************************************************************"
}