Php
交換屬性以創建分發列表
我目前正在開展一個有關通過 Web 界面創建分發列表的項目。我選擇為此使用 PHP,因為它是我精通的語言。
我知道如何在 PHP 中添加 LDAP 帳戶,但我的問題是我不確定需要哪些 AD 屬性才能將組轉換為分發列表。我知道我可以使用 powershell,但我更願意以我熟悉的方式執行此操作。
我用來編譯分發列表屬性的程式碼如下:
$attDist = array( "managedBy" => $secGroupDn, "groupType" => "8", // This number denotes a universal distribution group "cn" => $dlName, "samaccountname" => $dlName, "displayname" => $dlName, "objectClass" => "Group", "legacyexchangeDN" => "/o=First Organization/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=". substr($dlName, 0, 4) . time(), "proxyaddresses" => array("SMTP:". $dlName ."@testdomain.local"), "showinaddressbook" => array( "CN=Groups(VLV),CN=All System Address Lists,CN=Address Lists Container,CN=First Organization,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=testdomain,DC=local", "CN=All Groups(VLV),CN=All System Address Lists,CN=Address Lists Container,CN=First Organization,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=testdomain,DC=local", "CN=All Recipients(VLV),CN=All System Address Lists,CN=Address Lists Container,CN=First Organization,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=testdomain,DC=local", "CN=Default Global Address List,CN=All Global Address Lists,CN=Address Lists Container,CN=First Organization,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=testdomain,DC=local", "CN=All Groups,CN=All Address Lists,CN=Address Lists Container,CN=First Organization,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=testdomain,DC=local", ), "mail" => $dlName . "@testdomain.local", "msexchversion" => "44220983382016", "msexcharbitrationmailbox" => "CN=SystemMailbox{1f05a927-ccef-4207-91c0-7550cb8790db},CN=Users,DC=testdomain,DC=local", "msexchrequireauthtosendto" => "TRUE", "mailnickname" => $dlName, "msexchpoliciesincluded" => array( "bcdf8b57-a774-4d82-980a-68f7f7d9f54d", "{26491cfc-9e50-4857-861b-0cb8df22b5d7}", ), "msexchrecipientdisplaytype" => "1", "description" => "Managed by: Someone", "info" => "Created by ". $creatorName ." on ". date("d/M/Y") .". CA ". $caTicket .". Managed by: TBD",);
我無法用 PHP 專門解決這個問題,但我可以告訴你,我通過 perl 使用 LDAP 創建了啟用通用郵件的安全組/DL,並通過以下呼叫:
$res = $ldap->add( dn => $dn, attr => [ sAMAccountName => $group, name => $group, displayName => $dname, displayNamePrintable => $pdname, objectclass => [ 'top', 'group' ], groupType => -2147483640 ] );然後,您需要為“mail”、“mailNickname”、“proxyAddresses”添加屬性,並且根據您的環境,您可能需要填充“legacyExchangeDN”。