grahamr975
commented
5 months ago @swilly23
You could update the Get-Mailboxes.ps1 function to something like this:
Connect-ExchangeOnline -CertificateFilePath $CertificatePath -CertificatePassword $CertificatePassword -AppId $ClientID -Organization $ExchangeOrg
$ExcludedUsers = @(
'john.doe@mycompany.com',
'jane.doe2@mycompany.com'
)
$DirectoryList = $(Get-Mailbox -ResultSize unlimited | Where-Object {$_.HiddenFromAddressListsEnabled -Match "False" -and $_.CustomAttribute2 -ne "GAL_SYNC_EXCLUDED"}).PrimarySMTPAddress
$DirectoryList = $DirectoryList | Where-Object {$_ -notin $ExcludedUsers }
Disconnect-ExchangeOnline -Confirm:$false
)There's cleaner ways to do it, like pulling the excluded users from a CSV or text file, but this should be a good start.
Classic situation of having this setup and working for the organization and then one user requests this be disabled for them.
The BAT file is running with the 'DIRECTORY' parameter. I'd like to exclude specific accounts from this sync.
Hardcoding addresses into the script is not viable due to the number of users that are added and removed from the directory.
Ideally, we would use a dynamic group as the target for this script. I saw another post about editing this in the PowerShell script vs. the bat file, but I'm not sure what to change/where to change it.
If we can't use a different group type, would it be possible to list the exclude accounts anywhere while using 'DIRECTORY'?