ActiveRoles 7.4.1 - restricting email addresses to allowed domains

ActiveRoles Server 7.4.1 WebUI - 

I have sysadmins who are testing ARS, and they pointed out that any email address for any domain (gmail, whatever) can be added to the list of email addresses on the Exchange Properties tab for users.

Obviously this is an issue. Is there a way to restrict email addresses to a list of approved domains?

  • You can definitely setup a change workflow that would intercept proxyaddress updates and then using a simple PoSh script, "filter out" any entries with domains that are not acceptable.

    However, this may be a moot point if you have Exchange addressing policies in place because I believe they will scan proxy addresses too and only allow specific addresses (assuming that the "apply address policy..." checkbox is on).