MVP - Most Valuable Professional
rss

Just can't get enough of IT

This blog is about mostly anything in IT. But the primary focuses are Microsoft Technologies like Exchange, Office 365, Azure and Cloud Security.
On February 13, 2017
0 Comment
1346 Views

Exchange Server 2013Exchange Server 2016Description

This script helps administrators and support desk personnel to connect an Exchange Server 2013+ using remote PowerShell. You can either connect to a dedicated Exchange Server or connect to a randomly selected Exchange Server.

You can implement the function in your own scripts to connect to Exchange remotely. David Lee has written an excellent post about how to use saved credentials with PowerShell scripts.

Examples

# EXAMPLE
# Connect to the specified server EX01
./Connect-ToExchange.ps1 -Server EX01

# EXAMPLE
# Connect to a randomly selected server
./Connect-ToExchange.ps1

Version History

  • 1.0, Initial community release

Links

Follow

Read More »

Exchange Server 2013Exchange Server 2016Description

This script helps to create ceritifcate requests (CSR) based on hostnames used for internal and external Urls of Exchange Server virtual directories.

The script queries Exchange Server 2013+ virtual directory hostnames to create a certificate request.

The request is created using an inf file template. You can prepare multiple template files to choose from. Template files are supposed to be stored in the same folder as the PowerShell script.

The resulting inf file used to create the certificate request is stored on the same directory as the PowerShell script. The script queries for the certificate's common name (CN).

If created, the certificate request is stored in the same directory as the PowerShell script. The content of the certificate request file is the CSR to be submitted to a Certificate Authority.

INF Template file

Copy the following content to a text file, name it Default-Template.inf and save it to the same directory as the Create-CertificateRequest.ps1 file. Aternatively, download the template as a zipped archive file.

[Version]
Signature="$Windows NT$"

[NewRequest]
Subject = "CN=##COMMONNAME##" 

Exportable = TRUE ; TRUE = Private key is exportable
KeyLength = 2048 ; Valid key sizes: 1024, 2048, 4096, 8192, 16384
KeySpec = 1 ; Key Exchange – Required for encryption
KeyUsage = 0xA0 ; Digital Signature, Key Encipherment
MachineKeySet = True
ProviderName = "Microsoft RSA SChannel Cryptographic Provider"
RequestType = PKCS10 ; or CMC.
HashAlgorithm = sha256
SMIME = FALSE 

[Strings]
szOID_SUBJECT_ALT_NAME2 = "2.5.29.17"
szOID_ENHANCED_KEY_USAGE = "2.5.29.37"
szOID_PKIX_KP_SERVER_AUTH = "1.3.6.1.5.5.7.3.1"
szOID_PKIX_KP_CLIENT_AUTH = "1.3.6.1.5.5.7.3.2"

[Extensions]
%szOID_SUBJECT_ALT_NAME2% = "{text}##DNSSAN##"
%szOID_ENHANCED_KEY_USAGE% = "{text}%szOID_PKIX_KP_SERVER_AUTH%,%szOID_PKIX_KP_CLIENT_AUTH%"

Examples

# EXAMPLE 1
# Create a new certificate request inf file used dedicated organizational information. The common name will be determined seperately.
    
.\Create-CertificateRequest.ps1 -ModernExchangeOnly -Country DE -State NW -City Hueckelhoven -Organisation Varuna -Department IT

# EXAMPLE 2
# Create a new certificate request for Exchange 2013+ using the common name only. The common name will be determined seperately.
    
.\Create-CertificateRequest.ps1 -ModernExchangeOnly -CreateRequest

Version History

  • 1.0, Initial community release

Links

Follow

 

Read More »

Exchange Server 2007Exchange Server 2010Exchange Server 2013Exchange Server 2016Description

The script gathers a lot of Exchange organizational configuration data for documentation purposes.

The data is stored in separate log files. The log files are stored in a separate subfolder located under the script directory.

An exisiting subfolder will be deleted automatically.

Optionally, the log files can automatically be zipped. The zipped archive can be sent by email as an attachment.

 

When the script runs, a progress bar informs about the current step being executed.

Script progress bar

All files are stored in a dedicated subfolder (default name: ExchangeOrgInfo)

Example of exported files

The hash table $infoSources defines the following

  • Types of Exchange configuration data to be gathered
  • Output type for each configuration data entity
  • Optional paramaters for each configuration data entity
  • Attribute name for object sorting within an entity
  • The order of the data to be gathered (long running tasks are at the end)

 

Examples

# EXAMPLE 1
# Gather all data using MYCOMPANY as a prefix
    
.\Get-ExchangeOrganizationDetails.ps1 -Prefix MYCOMPANY

# EXAMPLE 2
# Gather all data using MYCOMPANY as a prefix and save all files as a compressed archive
    
.\Get-ExchangeOrganizationDetails.ps1 -Prefix MYCOMPANY -Zip

Version History

  • 1.0, Initial community release
  • 1.1, Updated and some PowerShell hygiene

Links

 

Follow

 

 

Read More »
On December 16, 2016
0 Comment
1268 Views

When migrating Html content from a CMS database or other sources you might find the Html as an Html encoded string.

Example:

<p><strong>Some Text</strong></p>

But you want to have the string look like this:

<p><strong>Some Text</strong></p>

Script

The following script is a simple PowerShell script to convert an exisiting file containing the Html encoded text and save the decoded string to a new output file.

param(
 [string]$InputFile,
 [string]$OutputFile
)
Add-Type -AssemblyName System.Web

Write-Output "Fetching $($InputFile)"

$fileContent = Get-Content $InputFile

Write-Output "Converting"

[System.Web.HttpUtility]::HtmlDecode($fileContent) | Out-File -FilePath $OutputFile -Encoding utf8 -Force

 

Usage

.\Convert-ToHtml.ps1 -InputFile '.\InputFile.txt' -OutputFile '.\Output.html'

 

Enjoy!

 

Read More »

Exchange Server 2007Exchange Server 2010Description

This scripts removes or updates users in legacy public folder ACLs. This reduces the likelihood of legacy public folder migration errors due to corrupted ACLs.

When you perform a migration from legacy public folders to modern public folders, you might see the following error as part of the migration reports.

A corrupted item was encountered: Folder ACL

Corrupted items count towards the bad item limit and will not be migrated.

When you take a closer look at the public folder ACLs, you'll see that there will be orphaned users and even users that have not been properly converted during past legacy replications.

In preparation for a modern public folder migration you should cleanup the public folder ACLs from so called zombie users.

Tasks performed by the script:

  • Remove orphaned users listed with SIDs, e.g. NT User:S-1-*
  • Identify ACL user/group with notation NT User:DOMAIN\samAccountName
    • Remove user/group, if object cannot be found in Active Directory
    • Replace user/group, if object can be found in Active Directory

Examples

# EXAMPLE 1
# Validate ACLs on public folder \MYPF and all of it's child public folders on Exchange server EX200701
.\Clean-PublicFolderACL.ps1 -RootPublicFolder "\MYPF" -PublicFolderServer EX200701 -ValidateOnly

# EXAMPLE 2
# Clean ACLs on public folder \MYPF and all of it's child public folders on Exchange server EX200701
.\Clean-PublicFolderACL.ps1 -RootPublicFolder "\MYPF" -PublicFolderServer EX200701

Version History

  • 1.0, Initial community release
  • 1.1, Fixed group replacement logic
  • 1.2, Script optimzation

Links

Last updated: 2016-12-01

Follow

 

Read More »