This script helps to create ceritifcate requests (CSR) based on hostnames used for internal and external Urls of Exchange Server virtual directories.
The script queries Exchange Server 2013+ virtual directory hostnames to create a certificate request.
The request is created using an inf file template. You can prepare multiple template files to choose from. Template files are supposed to be stored in the same folder as the PowerShell script.
The resulting inf file used to create the certificate request is stored on the same directory as the PowerShell script. The script queries for the certificate's common name (CN).
If created, the certificate request is stored in the same directory as the PowerShell script. The content of the certificate request file is the CSR to be submitted to a Certificate Authority.
Copy the following content to a text file, name it Default-Template.inf and save it to the same directory as the Create-CertificateRequest.ps1 file. Aternatively, download the template as a zipped archive file.
[Version] Signature="$Windows NT$" [NewRequest] Subject = "CN=##COMMONNAME##" Exportable = TRUE ; TRUE = Private key is exportable KeyLength = 2048 ; Valid key sizes: 1024, 2048, 4096, 8192, 16384 KeySpec = 1 ; Key Exchange – Required for encryption KeyUsage = 0xA0 ; Digital Signature, Key Encipherment MachineKeySet = True ProviderName = "Microsoft RSA SChannel Cryptographic Provider" RequestType = PKCS10 ; or CMC. HashAlgorithm = sha256 SMIME = FALSE [Strings] szOID_SUBJECT_ALT_NAME2 = "2.5.29.17" szOID_ENHANCED_KEY_USAGE = "2.5.29.37" szOID_PKIX_KP_SERVER_AUTH = "1.3.6.1.5.5.7.3.1" szOID_PKIX_KP_CLIENT_AUTH = "1.3.6.1.5.5.7.3.2" [Extensions] %szOID_SUBJECT_ALT_NAME2% = "{text}##DNSSAN##" %szOID_ENHANCED_KEY_USAGE% = "{text}%szOID_PKIX_KP_SERVER_AUTH%,%szOID_PKIX_KP_CLIENT_AUTH%"
# EXAMPLE 1 # Create a new certificate request inf file used dedicated organizational information. The common name will be determined seperately. .\Create-CertificateRequest.ps1 -ModernExchangeOnly -Country DE -State NW -City Hueckelhoven -Organisation Varuna -Department IT # EXAMPLE 2 # Create a new certificate request for Exchange 2013+ using the common name only. The common name will be determined seperately. .\Create-CertificateRequest.ps1 -ModernExchangeOnly -CreateRequest
The script gathers a lot of Exchange organizational configuration data for documentation purposes.
The data is stored in separate log files. The log files are stored in a separate subfolder located under the script directory.
An exisiting subfolder will be deleted automatically.
Optionally, the log files can automatically be zipped. The zipped archive can be sent by email as an attachment.
When the script runs, a progress bar informs about the current step being executed.
All files are stored in a dedicated subfolder (default name: ExchangeOrgInfo)
The hash table $infoSources defines the following
# EXAMPLE 1 # Gather all data using MYCOMPANY as a prefix .\Get-ExchangeOrganizationDetails.ps1 -Prefix MYCOMPANY # EXAMPLE 2 # Gather all data using MYCOMPANY as a prefix and save all files as a compressed archive .\Get-ExchangeOrganizationDetails.ps1 -Prefix MYCOMPANY -Zip
When you delete a mailbox or an Active Directory account, the soft-deleted or disconnected mailbox won't show up in the list of disconnected mailboxes immediately. The mailbox status is updated as part of a mailbox store maintenance task.
When you query a mailbox database for disconnected mailboxes you will find a mailbox having the DisconnectReason and DisconnectDate attribute empty.
# Query the mailbox using the original user display name Get-MailboxDatabase | Get-MailboxStatistics | Where { $_.DisplayName -eq "LASTNAME, FIRSTNAME" } | fl DisconnectReason,DisconnectDate,MailboxGuid,Database # Use wildcards if the correct display name is unknown Get-MailboxDatabase | Get-MailboxStatistics | Where { $_.DisplayName -like "*LASTNAME*" } | fl DisconnectReason,DisconnectDate,MailboxGuid,Database DisconnectReason : DisconnectDate : MailboxGuid : a04a8aab-c360-406b-a194-8c290d56668b Database : MBXDB34
You can find disonnected mailboxes by
The following PowerShell cmdlet updates the mailbox state of a single mailbox using the MailboxGuid as an identifier.
Update-StoreMailboxState -Database MBXDB34 -Identity a04a8aab-c360-406b-a194-8c290d56668b
After updating the mailbox state the DisconnectReason and DisconnectDate attributes are properly set.
Get-MailboxDatabase | Get-MailboxStatistics | Where { $_.DisplayName -eq "LASTNAME, FIRSTNAME" } | fl DisconnectReason,DisconnectDate,MailboxGuid,Database DisconnectReason : Disabled DisconnectDate : 01.01.2017 15:02:59 MailboxGuid : a04a8aab-c360-406b-a194-8c290d56668b Database : MBXDB34
The disconnected mailbox is now visible in Exchange Administrative Center (EAC) and can be reconnected using EAC or Exchange Management Shell.
By default a disconnected mailbox is supposed to be connected it's original account having a matching LegacyExchangeDN attribute. Connecting the mailbox to a different Active Directory account requires the use of the AllowLegacyDNMismatch parameter.
# Connect a mailbox to the original AD account having a matching LegacyExchangeDN Connect-Mailbox -Database MBXDB34 -Identity "Doe, John" # Connect a mailbox to a different AD account Connect-Mailbox -Database MBXDB34 -Identity "Doe, John" -User "Jane Doe" -AllowLegacyDNMismatch
Examples for room and shared mailboxes are described in the Connect-Mailbox documentation.
When you are dealing with legacy public folders and you are still using Exchange Server 2007 you might be interested in the overall size of the data hosting in your public folder hierarchy.
The following script calculates the public folder size based on the public folder statistics output provided by Exchange Server 2007.
# Server name hosting legacy public folders $Server = 'PUBLICFOLDERSERVER' # Fetch legacy public folder statistics $Folders = Get-PublicFolderStatistics -server $Server | Where-Object {($_.TotalItemSize -ne "0B")} $TotalBytes = 0 # Let's do some string manipulation stuff ForEach ($Item in $Folders) { $TotalItemSize = $Item.TotalItemSize $TotalItemSize = [string]$TotalItemSize if ( ($TotalItemSize.contains('KB')) ) { $TotalItemSize = $TotalItemSize -Replace ('KB','') $TotalItemSize = [int]$TotalItemSize * 1024 } $TotalItemSize = $TotalItemSize -Replace ('B','') $TotalBytes = [long]$TotalItemSize + [long]$TotalBytes } # Output as GB [math]::round($TotalBytes/1Gb, 2)
Enjoy.
This scripts helps to suspend all messages in an Exchange transport queue and to export all suspended messages to a given target folder.
The script uses the AssembleMessage cmdlet to properly export queued messages as .eml files.
Optionally, all exported messages can be removed from the transport queue.
This script requires the GlobalFunctions module for logging.
# EXAMPLE 1 # Export messages from queue MCMEP01\45534 to D:\ExportedMessages and do not delete messages after export .\Export-MessageQueue -Queue MCMEP01\45534 -Path D:\ExportedMessages # EXAMPLE 2 # Export messages from queue MCMEP01\45534 to D:\ExportedMessages and delete messages after export .\Export-MessageQueue -Queue MCMEP01\45534 -Path D:\ExportedMessages -DeleteAfterExport
As always: Test and familiarize yourself with the script in a test or development environment.