question

DAAQIN-4981 avatar image
0 Votes"
DAAQIN-4981 asked theLoop-6929 commented

Script to Delete Proxy Addresses from AD

need a script to delete proxy addresses from AD.

The script needs to delete only a specific proxy address from each user.
john.smith.mx360@contoso.com

I have the script to get the information, unfortunately, I was only able to figure out how to output it to a text file, but is hard to read. In any case, I got the info I need and have the email addresses and I've into a spreadsheet and saved it to C:\Tem\proxiestoremove.csv. I could not figure out how to do this as a batch but only one by one. Note am in a hybrid organization and needs to be done from AD as Exchange won't work.

There are 83 emails to remove and they are not all from the same user.

82 users = 83 emails to remove (1 from each user)


 Import-Module ActiveDirectory
 $User = Get-ADUser john.smith -Properties proxyAddresses
 $User.proxyAddresses.Remove("smtp:john.smith.mx360@contoso.com")
 Set-ADUser -instance $User

Thanks

windows-server-powershellwindows-active-directory
· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi, @DAAQIN-4981
Since this question is about AD scripting, I'm in charge of Office General.I will remove the tag office-online-server-exchange.
It is recommended that you wait for a reply from an expert on Windows. Thanks for your understanding.

0 Votes 0 ·
DAAQIN-4981 avatar image DAAQIN-4981 CeasarChenMSFT-3458 ·

respectfully this may be about scripting but has everything to do with exchange. It's about inquiring to remove proxy addresses for email users' accounts. Proxy addresses are listed as "smtp" emails on a users account. Additionally, it was stipulated in my question I was unable to run this through Exchange due to errors.

0 Votes 0 ·
NewbieJones-6218 avatar image
0 Votes"
NewbieJones-6218 answered DAAQIN-4981 edited

This might work. (The first part works, but I haven't tested the remove command).
Just in case you have an account with more than one mx360 address.

 Get-ADUser -Properties proxyaddresses -Filter {ProxyAddresses -like '*mx360@contoso.com'} |
     ForEach { # Account may have more than one email address in scope so need to loop through each one
         ForEach ($proxyAddress in $_.proxyAddresses) {
             If ($proxyAddress -like '*mx360@contoso.com') {
                 # Write-Host $proxyAddress
                 Set-ADUser $_.SamAccountName -Remove @{ProxyAddresses=$proxyAddress}                    
             }
         }      
     }
· 3
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

I ended up using a rendition of this.

 $users = Get-ADUser -Filter * -pr proxyaddresses
 foreach($User in $Users){
     Write-host $user
     Foreach($proxyaddress in $user.proxyaddresses){
         If ($proxyaddress -like "*mx360*"){
             write-host $proxyaddress
             get-aduser -identity $user.distinguishedname -pr proxyaddresses | Set-ADUser -remove @{proxyaddresses = $proxyaddress} -WhatIf
         }
     }
 }


0 Votes 0 ·

The Get-ADUser on line 7 seems superfluous.

Let's see if I can explain this properly.

Identity is a positional parameter on Set-ADUser (and its in position number 1).

You don't even have to include -Identity, the command assumes that the first parameter is going to the the identity.

Identity can accept certain attributes. distinguishedName is one and SamAccountName as exampled in my script is another.

You are already have the distinguishedName in the pipe, so no need to get it again.

You can remove the get-ADuser, and just use...
Set-ADUser $user.distinguishedName -remove @{proxyaddresses = $proxyaddress}

You notice that I didn't specifically get the SamAccountName attribute as alongside distinguishedName, these are default attributes for Get-ADUser. ProxyAddress is not, so you need to include that one.

1 Vote 1 ·
DAAQIN-4981 avatar image DAAQIN-4981 NewbieJones-6218 ·

Thanks that makes a lot more sense now. I was looking over my script and with your recommendation, I now can see how it makes it better.

I did have a working script that I previously modified and had as an answer

 `     $Users = Get-ADUser -Filter * -pr proxyaddresses
      foreach ($User in $Users) {
          $User.proxyaddresses | Where-Object { ($_ -like "*mx360*") } |
          ForEach-Object {
              Get-ADuser $user.DistinguishedName | Set-ADuser  -remove @{proxyaddresses = $_ }
              Write-Host "Removing "$_" from " $User.name "'s Proxy address" -ForegroundColor Green
          }
      }

But I see I can modify it to:

      $Users = Get-ADUser -Filter * -pr proxyaddresses
      foreach ($User in $Users) {
          $User.proxyaddresses | Where-Object { ($_ -like "*mx360*") } |
          ForEach-Object {
              Set-ADuser $user.DistinguishedName -remove @{proxyaddresses = $_ } #or $proxyaddress instead of $_
              Write-Host "Removing "$_" from " $User.name "'s Proxy address" -ForegroundColor Green
          }
      }



0 Votes 0 ·
RichMatheisen-8856 avatar image
0 Votes"
RichMatheisen-8856 answered RichMatheisen-8856 commented

You can try this (I haven't run this code!):

 $User = Get-ADUser ole.roemer -Properties proxyaddresses
 $OldProxies = $User | Select-Object -expand proxyaddresses
 $newproxies = @()
 $OldProxies |
     ForEach-Object{
         if ($_ -notmatch "\.mx360@"){
             $newproxies += $_
         }
     }
 $User | Set-ADUser -Replace @{proxyaddresses = $newproxies}


· 3
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

There are 83 emails to remove and they are not all from the same user.

82 users = 83 emails to remove (1 from each user)

0 Votes 0 ·

also all these users will have other proxy addresses assigned to them that need to remain so we only want to delete the ones that have mx360 in the name.

0 Votes 0 ·

I was only using your script because that's the only detail you provided.

I modified my earlier example to look for a pattern in each proxy address and the not add it to the new set of proxies that would replace the existing ones. But note that I still haven't run that code! And for that reason you shouldn't either, until you're sure it works on the user you've chosen to experiment with.

Once you're convinced the code does what you expect you can enclose the example in a ForEach-Object loop and feed the loop the names of the mailboxes you want to alter.

1 Vote 1 ·
NewbieJones-6218 avatar image
0 Votes"
NewbieJones-6218 answered

Some food for thought.

For your list of users, you can filter directly (server side) on the proxy address.

Get-ADUser -Properties proxyaddresses -Filter {ProxyAddresses -like '*mx360@contoso.com'}

The problem with this is that the proxyAddresses is a collection of strings and you can't directly output this for the next command (unless you are confident is only going to return one address per account).

If you are confident that an account can only have one mx360 email address, then in theory, you should be able to pipe the result of the filter directly into your ForEach loop with the remove command.

SamAccountName and proxyAddresses will be part of the results and can be used directly. ($.SamAccountName\$.proxyAddresses)
No need for select-object for any other client side filtering.

The problem is if the account has more than one mx360 email addresses, which you would then need to deal with and make the script a bit more complex.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

DAAQIN-4981 avatar image
0 Votes"
DAAQIN-4981 answered theLoop-6929 commented

I send up fixing this on my own two scripts worked for this:

     $Users = Get-ADUser -Filter * -pr proxyaddresses
     foreach ($User in $Users) {
         $User.proxyaddresses | Where-Object { ($_ -like "*mx360*") } |
         ForEach-Object {
             Get-ADuser $user.DistinguishedName | Set-ADuser  -remove @{proxyaddresses = $_ } -WhatIf
             Write-Host "Removing "$_" from " $User.name "'s Proxy address" -ForegroundColor Green
         }
     }

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

 $users = Get-ADUser -Filter * -pr proxyaddresses
 foreach($User in $Users){
     Write-host $user
     Foreach($proxyaddress in $user.proxyaddresses){
         If ($proxyaddress -like "*mx360*"){
             write-host $proxyaddress
             get-aduser -identity $user.distinguishedname -pr proxyaddresses | Set-ADUser -remove @{proxyaddresses = $proxyaddress} -WhatIf
         }
     }
 }

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.


I used the top one to clear out old NOTES, X400 & CCMAIL proxy addresses.
Thanks

0 Votes 0 ·