The end goal would be to have the Active Directory User's account email field update whenever a user were to register or update their profile within the Password Manager site. This is the field that is used to send out email notifications to each user and I would prefer to allow our external client's manage that instead of having to update each one manually. At the very least, would there be a way to export all the registered email accounts to at least have a bulk file to perform this update via powershell as a scheduled task?
Based on this KB article:
I can assume this feature was avoided for security reasons. However, we use this password manager to manage hosted clients that access our datacenter servers. These accounts are already very limited in their access and are also disabled whenever a company leaves our services. The clients using their personal email would be of no concern. Also, our password manager site does not allow account recovery through email so the security concern is minimal.
I have the Active Directory module installed on the server that hosts the password manager and I can run the powershell scripts that update the EmailAddress field of a user account successfully but I'm not exactly sure where to start when it comes to pulling that user specific "Personal Contact Information" from the password manager system. I want user's to be in charge of keeping their emails updated within the system so that they receive the email notifications regarding password expiration. Inputting each email manually in Active Directory has proven inefficient. Any help or direction would be greatly appreciated.