Last Updated: 2018-07-06
This scripts creates a new room mailbox and security two groups for full mailbox access and and for send-as delegation. The security groups are created using a configurable naming convention. If required by your Active Directory team, you can add group prefixes or department abbreviations as well.
The script uses a Xml configuration file to simplify changes for variables unique for your environment.
High level steps executes by the script:
The calendar booking security group feature is currently not available. But will be available in an upcoming release.
The following example creates a room mailbox for an Conference Room with empty security groups.
.\New-RoomMailbox.ps1 -RoomMailboxName "MB - Conference Room" -RoomMailboxDisplayName "Board Conference Room" -RoomMailboxAlias "MB-ConferenceRoom" -RoomMailboxSmtpAddress "ConferenceRoom@mcsmemail.de" -DepartmentPrefix "C"
You can simplify the use of the script by using a paramterized helper script named Run-NewRoomMailbox.ps1.
The following Run-NewRoomMailbox.ps1 script simplifies the process of creating a team mailbox even more.
$roomMailboxName = 'MB-Conference Room' $roomMailboxDisplayName = 'Board Conference Room' $roomMailboxAlias = 'MB-ConferenceRoom' $roomMailboxSmtpAddress = 'ConferenceRoom@mcsmemail.de' $departmentPrefix = 'C' $groupFullAccessMembers = @('JohnDoe','JaneDoe') # Empty = @() $groupSendAsMembers = @() $groupCalendarBookingMembers = @() $RoomCapacity = 0 $RoomList = 'AllRoomsHQ' $Language = 'en-GB' .\New-RoomMailbox.ps1 -RoomMailboxName $roomMailboxName -RoomMailboxDisplayName $roomMailboxDisplayName -RoomMailboxAlias $roomMailboxAlias -RoomMailboxSmtpAddress $roomMailboxSmtpAddress -DepartmentPrefix $departmentPrefix -GroupFullAccessMembers $groupFullAccessMembers -GroupSendAsMembers $groupSendAsMembers -RoomCapacity $RoomCapacity -AutoAccept -RoomList $RoomList -Language $Language
This scripts creates a new shared mailbox (aka team mailbox) and security groups for full access and and send-as delegation. The security groups are created using a naming convention. If required by your Active Directory team, you can add group prefixes or department abbreviations as well.
<?xml version="1.0"?> <Settings> <GroupSettings> <Prefix>pre_</Prefix> <SendAsSuffix>_SA</SendAsSuffix> <FullAccessSuffix>_FA</FullAccessSuffix> <CalendarBookingSuffix>_CB</CalendarBookingSuffix> <TargetOU>mcsmemail.de/IT/Groups/Mail</TargetOU> <Domain>mcsmemail.de</Domain> <Seperator>-</Seperator> </GroupSettings> <AccountSettings> <TargetOU>mcsmemail.de/IT/SharedMailboxes</TargetOU> </AccountSettings> <GeneralSettings> <Sleep>10</Sleep> </GeneralSettings> </Settings>
The following example creates an empty shared mailbox for an internal Exchange Admin team with empty security groups.
.\New-TeamMailbox.ps1 -TeamMailboxName "TM-Exchange Admins" ` -TeamMailboxDisplayName "Exchange Admins" ` -TeamMailboxAlias "TM-ExchangeAdmins" ` -TeamMailboxSmtpAddress "ExchangeAdmins@mcsmemail.de" ` -DepartmentPrefix "IT"
The following Create-TeamMailbox.ps1 script simplifies the process of creating a team mailbox even more.
$teamMailboxName = 'TM-Exchange Admin' $teamMailboxDisplayName = 'Exchange Admins' $teamMailboxAlias = 'TM-ExchangeAdmin' $teamMailboxSmtpAddress = 'ExchangeAdmins@mcsmemails.de' $departmentPrefix = 'IT' $groupFullAccessMembers = @('exAdmin1','exAdmin2') $groupSendAsMember = @('exAdmin1','exAdmin2') .\New-TeamMailbox.ps1 -TeamMailboxName $teamMailboxName ` -TeamMailboxDisplayName $teamMailboxDisplayName ` -TeamMailboxAlias $teamMailboxAlias ` -TeamMailboxSmtpAddress $teamMailboxSmtpAddress ` -DepartmentPrefix $departmentPrefix ` -GroupFullAccessMembers $groupFullAccessMembers ` -GroupSendAsMember $groupSendAsMember -Verbose
A new PowerShell script to export all mailbox folder permissions has been published to TechNet Gallery and GitHub.
This script exports all mailbox folder permissions for mailboxes of type "UserMailbox". The permissions are exported to a local CSV file.
"Mailbox";"FolderName";"User";"AccessRights" "Mustermann, Max (mmustermann)";"Tasks";"Doe, John";"Editor" "Mustermann, Max (mmustermann)";"Calendar";"Doe, John";"Editor" "Mustermann, Max (mmustermann)";"Inbox";"Doe, John";"Reviewer" "Mustermann, Max (mmustermann)";"Custom Folder";"Doe, John";"Reviewer"
This script is based on Mr Tony Redmonds blog post http://thoughtsofanidlemind.com/2014/09/05/reporting-delegate-access-to-exchange-mailboxes/
.\Get-MailboxPermissionsReport.ps1 -CsvFileName export.csv
Enjoy.
You might encounter a situation when the MSExchangeSA service is stopped and you are not able to start the service.
When you try to start the service the follow event log error is logged:
Log Name: Application Source: MSExchangeSA Date: 08.01.2016 09:40:33 Event ID: 1005 Task Category: General Level: Error Keywords: Classic User: N/A Computer: SERVER01.MCSMEMAIL.DE Description: Unexpected error Access is denied. Facility: Win32 ID no: c0070005 Microsoft Exchange System Attendant occurred.
This issue happens most likely due to an endpoint protection solution (aka AV Scanner) blocking access to the MSExchangeSA executable.
The simple apporach to get the service running is to restart the server.
If you need to run local endpoint protection on your Exchange servers, keep in mind to configure the appropriate scan exclusions:
During DEV/IT Connection the new release of Office 365 for Exchange Professionals has been published.
Personally I recommend this book to every Exchange professional who wants to implement Exchange Hybrid setups or needs to migrate to Office 365. If you want to be successful, read this book and use it as a reference.
The information provided reflects the experience of the authors who contribute to the Exchange community regularly. This has been written without any Office 365 marketing stuff in mind. (As one of the authrors is Tony Redmond).
The chapters provide an overview of the various technologies as well as detailed informations for the day to day work of an Exchange administrator. Notes from the field help to understand the complex (or not so complex at all) requirements of Exchange hybrid configurations.
Due to the nature of "The Service", an Exchange administrators needs to keep up with the changes deployed constantly. This book covers the most recent changes and evolvement to "The Service" like Groups or Delve.
I will kep it short:
Buy It. Read It. Enjoy It.
Not joking...
Buy the Book