Weekend Scripter: Create Proxy Addresses in Active Directory with PowerShell

Doctor Scripto

Summary: Microsoft Scripting Guy, Ed Wilson, shows how to automatically create proxy addresses in Active Directory Domain Services by using Windows PowerShell.

Microsoft Scripting Guy, Ed Wilson, is here. So I have been talking back and forth with one of the members of the Charlotte Windows PowerShell Users group since my presentation to the group on the first Thursday of the month. One of the questions he has is related to the ProxyAddresses attribute in Active Directory Domain Services (AD DS).

As you are probably aware, Microsoft Exchange Server (including in Office 365) uses ProxyAddresses as a way to send email to a user if it is addressed to another domain. There is an easy cmdlet that permits one to do this. But because my premises Exchange server is currently turned off, and I do not want to power it back up only for this, I decided to use the Set-ADUser cmdlet to modify the attribute instead. This is because the ProxyAddresses attribute is stored directly in AD DS. It is a multi-valued attribute, which means that it will accept an array of email addresses.

Today I am going to add two values to the ProxyAddresses attribute for each user in a specific organizational unit. I am not even going to write a script—it is a one-liner.

Query for existing values

I first use the Get-ADUser cmdlet to look for existing values for the ProxyAddress attribute. I am specifically targeting all users in the testou organizational unit from the iammred.net domain. The ProxyAddress attribute is not returned by default; therefore, I need to use the Properties parameter of the Get-ADUser cmdlet to return the ProxyAddress attribute. I use the Select-Object cmdlet to return only the name of the user and any proxy addresses. Here is the command (this is a one-line command that I broke at the pipe character for formatting on the blog page).

Get-ADUser -Filter * -SearchBase ‘ou=testou,dc=iammred,dc=net’ -Properties proxyaddresses |

Select-object  name, proxyaddresses

There are two reasons that I create this command. The first is so I can ensure that I have the Property (attribute) names correct, and I can see sample data from AD DS. The second reason is I use it to check my results to ensure that the command to modify the values of the attributes completes successfully.

Modify the ProxyAddresses attribute values

Groovy. I know that I can get access to the data. I know how to report the values that are stored in AD DS. Therefore, it is now time to modify the ProxyAddresses attribute values. To do this, I will use the Set-ADUser cmdlet. For this example, I am creating two new proxy addresses. Each will take the following form: UserName@Iammred.org and UserName@Iammred.com. Therefore, I can create these proxy addresses on the fly in my command. I use the following command to make the changes:

Get-ADUser -Filter * -SearchBase ‘ou=testou,dc=iammred,dc=net’ -Properties proxyaddresses |

Foreach {Set-ADUser -identity $_ -Add `

@{‘ProxyAddresses’=@((“{0}@{1}”-f $_.name, ‘Iammred.com’),(“{0}@{1}” -f $_.name, ‘Iammred.org’))} }

Note  The previous command is a single logical line. I broke it at the pipe character, and I added a line continuation character ( ` ) after the –Add parameter. When typing the command into the Windows PowerShell console, it is not necessary to break the command; but instead, you can permit it to wrap.

The command produces no output. Therefore, I use the Up arrow and retrieve my earlier search command. The commands and associated output are shown in the following image.

Image of command output

I invite you to follow me on Twitter and Facebook. If you have any questions, send email to me at scripter@microsoft.com, or post your questions on the Official Scripting Guys Forum. See you tomorrow. Until then, peace.

Ed Wilson, Microsoft Scripting Guy 

0 comments

Discussion is closed.

Feedback usabilla icon