Skip to main content

Articles in this section

See more
Print

Remote Linked Mailboxes | Enforce License rule

  • Updated

Remote Linked Mailboxes | Enforce License rule

Rule description

This hybrid rule must be used together with the New User with Linked Mailbox or New Linked Mailbox web actions in case of a new linked mailbox is being created in the federated domain. This rule queries the specified Active Directory scope and for each recently created user, that satisfies specific query criteria, assigns the Office 365 license plans and options that were specified on the New User with Linked Mailbox or New Linked Mailbox web actions. You should schedule this rule to run it hourly.

For more details please see the Provisioning Linked Mailboxes in Cayosoft Administrator article.

When to use this rule

Use this rule when you create a new linked mailbox in the federated domain and schedule to run it hourly. In this case, when this rule runs, it will check whether the user account was already created in Microsoft Office 365 and if it was, assigns the specified Office 365 license plans and options.

The licenses can be specified in this rule itself or during new user creation. You can specify the way how the Microsoft 365 licenses and options will be assigned in New User with Linked Mailbox or New Linked Mailbox web actions in the Hybrid License Options section.

Rule settings

Query section

Setting name Description
General Settings

Limit AD scope to this domain or OU

This setting defines the search query scope. To improve query performance, limit the scope to a specific OU.

IMPORTANT: To test the rule configuration, limit the rule scope to an OU that contains test accounts or objects and use the Preview feature.

Query criteria

Microsoft 365 query criteria

Query criteria are sent with the query and may improve query performance.

TIP: For different samples on the criteria builder, see the How to use Query Builder dialog for Query Criteria and Filter rule settings.

Apply to users created in last hours

Specify an integer value that is defined the number of hours.

Exclude MS365 disabled users

This setting allows to exclude Microsoft 365 disabled users from the rule scope or to include them.

Exclude AD disabled users

This setting allows to exclude AD-disabled users from the rule scope or to include them.

Filter

Microsoft 365 filter

Set the filtering conditions to hide unwanted data based on criteria not supported in the Query criteria setting.

Example: filter by the found object Distinguished Name.

TIP: For optimal performance, use the Query criteria above to filter objects whenever possible.

Other Query Settings

Properties to display

Each object property defined in this setting matches the column that will be displayed in the Web Portal for this web query.

To display additional columns, add the required properties to the Properties to display list.

To add extension attribute 1 that is synchronized from AD, you need to use a value like:

Copy
"OnPremisesExtensionAttributes/extensionAttribute1~Extension Attribute 1"

Sort by

Sort result object list.

Maximum number of users

By default, all objects that you have provisioned in Microsoft Office 365 are returned.

TIP: It is possible to change the default value in the extension settings.

MS Graph query condition (OData)

By default, Query criteria are used. But when the MS Graph query condition is specified, it overrides the Query criteria setting.

See this article for examples: How to use Query Builder dialog for Query Criteria and Filter rule settings.

Initialization script

Script

Usually, rules use query criteria to limit the query search scope. It improves the performance of the executed rule.

Due to the PowerShell limitations, it is not possible to use calculated expressions in query criteria. That is the point where the initialization script can help. You can initialize a global variable in this setting and then use it in query criteria.

IMPORTANT: To use a variable, declared in the initialization script, in the query scope, it must be global: $global:<variable name>.

Example: Update AD users, created in the last ten days.

  1. Add this initialization script

    Copy
    {$global:DatePeriod = (Get-Date).AddDays(-10)}

  2. Use the $DatePeriod variable in the query criteria builder:

Action section

Setting name Description

IMPORTANT: Microsoft 365 licenses that will be applied by this rule are defined during the creation of the linked mailbox by New User with Linked Mailbox or New Linked Mailbox web actions. You should not configure Microsoft 365 licenses in this section.   

License options

Select which Microsoft 365 licenses and apps/services should be updated for the users.

Change Usage Location only if not set

Specify whether to keep the current user's usage location or change it to a new one.

Usage Location

Select the usage location.

Output section

This section defines the output format of this rule.

To get more information about this section, please see the Rule Output section article.

Enforce/Schedule section

This section defines the schedule for how often to run the rule.

To get more information about this section, please see the Rule Enforce/Schedule section article.

© Copyright 2013-2026 Cayosoft Inc. All rights reserved.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request
Return to top

Related articles

Comments

0 comments

Please sign in to leave a comment.