shop high quality replique rolex.

discover the luxury rolex imitacion online watch store.

replica watches are the best qulity online.

swiss replica watches owns a high factor within throughout the world watch business sector.

richard mille fakes are the perfect mix between italian design and swiss technology at the service of the passion for the sea.

de-DEen-GB
Search
justcantgetenough
MVP - Most Valuable Professional
rss

Just can't get enough of IT

This blog is about mostly anything in IT. But the primary focuses are Microsoft technologies like Exchange Server, Microsoft 365, Microsoft Teams, and Cloud Security.

Configure Send-As Permission based group membership

On September 12, 2018
Thomas Stensitzki | MVP
0 Comment
CRM, Dynamics, ERP, Send-As
Exchange Server, Microsoft 365
1803 Views

Exchange Server 2016Description

The script can be used to assign an application account (e.g. CRM, ERP) send-as permission to user mailboxes to send emails AS the user and not as the application.

This script loops through a membership list of an Active Directory security group. A single mailbox (CRM/ERP service account mailbox) is added to each mailbox (CRM/ERP user mailbox) of the security group members to provide send-as permission. 

The script has been developed as a solution to enable proper functionality with Dynamics NAV 2016.

 

Examples

 

# Assign Send-As permission to crmapplication@varunagroup.de for all members 
# of 'CRM-FrontLine' security group. The mailboxes as hosted On-Premises!
    
.\Set-SendAsPermission.ps1 -SendAsGroup 'CRM-FrontLine' -SendAsUserUpn 'crmapplication@varunagroup.de'
# Assign Send-As permission to ax@granikoslabs.eu for all members of 'AX-Sales' 
# security group. All mailboxes are hosted in Exchange Online!
    
.\Set-SendAsPermission.ps1 -SendAsGroup 'AX-Sales' -SendAsUserUpn 'ax@granikoslabs.eu' -ExchangeOnline

Requirements

Version History

  • 1.0, Initial community release

Links

Follow

Related Posts

  • Exchange Receive Connector and the Custom Permissions Group

    An Exchange Receive Connector requires a configuration for who can submit messages to the connector. The original TechNet description of the Set-ReceiveConnector cmdlet and the PermissionGroups attribute is as follows:

    "The PermissionGroups parameter specifies the groups or roles that can submit messages to the Receive connector and the permissions assigned to those groups. A permission group is a predefined set of permissions granted to well-known security principals. The valid values for this parameter are as follows: None, AnonymousUsers, Custom, ExchangeUsers, ExchangeServers, ExchangeLegacyServers, and Partners. The default permission groups assigned to a Receive connector depend on the connector usage type specified by the Usage parameter when the Receive connector was created. "

    The description implies that it is possible to set the PermissionGroups attribute to Custom.

    When you try to set the permission group to Custom, you will notice that this results in an error. You will encounter this error especially when you try to copy a receive connector from one Exchange Server to another Exchange Server.

    The attribute itself is being set to Custom by Exchange itself when add AD permission explicitly.

    Example

    The example shows the configuration of a FerrariFax receive connector that needs to be configured across all Exchange 2013 DAG member servers.

    Receice connector set to None

    Receive Connector with PermissionGroups set to None

    Add a dedicated Permission

    Get-ReceiveConnector "SERVER\Connector for UMS (SERVER-FAX)" | Add-ADPermission -User DOMAIN\FaxUser -ExtendedRights ms-Exch-SMTP-Submit,ms-Exch-Bypass-Anti-Spam,ms-Exch-SMTP-Accept-Any-Recipient

    Receive connector set to Custom by Exchange

    Receive Connector with PermissionGroups set to Custom

     

    Note

    You can copy a receive connector across a number of Exchange servers using the PowerShell script Copy-ReceiveConnector.ps1 hat has been published at TechNet Gallery.

    The script has not been modified to handle this situation, yet. The source code repository is available at Github

  • Change CASMailbox protocol settings based on AD group membership
    Last updated: 2018-01-16

    Exchange Server 2013Exchange Server 2016Description

    The community script Update-CASMailbox simplifies the process for enabling or disabling protocols for Exchange mailbox access. Active Directory security groups are used to enable or disable a protocol for the group members.

    Example

    Your Active Directory contains a security group named Exchange_POP_enabled which contains all mailbox users requiring POP3 access to be enabled.

    You can use the following command to have POP3 enabled for all members of the given security group.

    .\Update-CAS-Mailbox.ps1 -POP -FeatureEnabled $true -GroupName Exchange_POP_enabled

    The script does not disable the POP3 for all non-members, as this might not be required as all new mailboxes have POP3 disabled anyway. If there is such a requirement, just let me know.

    The following protocols are currently supported:

    • POP
    • IMAP
    • Outlook on the Web (OWA)
    • ActiveSync

    Links

    Follow

     

    You need assistance with your Exchange Server setup? You have questions about your Exchange Server infrastructure and going hybrid with Office 365? You are interested in what Exchange Server 2016 has to offer for your environment?

  • Set external OOF settings based on AD group membership

    Exchange Server 2013Exchange Server 2016Description

    This script sets the mailbox ExternalOofOptions to 'External' for members of a given security group.

    ExternalOofOptions for users that are NOT a member of the security group will be set to 'InternalOnly'. If required the script will set the ExternalAudience to None and will delete an existing OOF message.

    Controlling the ExternalOofOptions and ExternalAudience settings has been implemented to follow dedicated company compliance rules.

    This is the second of two scripts for the complete solution. Find the first script here.

    Requirements

    Examples

    # EXAMPLE
# Run script with default settings
.\Set-ExternalOOF.ps1

    Version History

    • 1.0, Initial community release

    Links

    Follow

     

  • Create a new Room Mailbox with Security Groups

    Last Updated: 2018-07-06

    Exchange Server 2013Exchange Server 2016Description

    This scripts creates a new room mailbox and security two groups for full mailbox access and and for send-as delegation. The security groups are created using a configurable naming convention. If required by your Active Directory team, you can add group prefixes or department abbreviations as well.

    The script uses a Xml configuration file to simplify changes for variables unique for your environment.

    High level steps executes by the script:

    1. Create a new room mailbox
    2. Create a new mail enabled security group for full access delegation
    3. Assign full access security group for full access to the room mailbox
    4. Create a new mail enabled security group for send-as delegation
    5. Assign send-as permissions to send-as security group
    6. Create a new mail enabled security group for allowed user to book the new room mailbox
    7. Set calendar processing to AutoAccept, if required
    8. Set resource capacity, if rewuired

     

    Examples

    Xml settings file

    Note

    The calendar booking security group feature is currently not available. But will be available in an upcoming release.

    The following example creates a room mailbox for an Conference Room with empty security groups.

    .\New-RoomMailbox.ps1 
  -RoomMailboxName "MB - Conference Room" 
  -RoomMailboxDisplayName "Board Conference Room" 
  -RoomMailboxAlias "MB-ConferenceRoom" 
  -RoomMailboxSmtpAddress "ConferenceRoom@mcsmemail.de" 
  -DepartmentPrefix "C"

    You can simplify the use of the script by using a paramterized helper script named Run-NewRoomMailbox.ps1.

    The following Run-NewRoomMailbox.ps1 script simplifies the process of creating a team mailbox even more.

    $roomMailboxName = 'MB-Conference Room'
$roomMailboxDisplayName = 'Board Conference Room'
$roomMailboxAlias = 'MB-ConferenceRoom'
$roomMailboxSmtpAddress = 'ConferenceRoom@mcsmemail.de'
$departmentPrefix = 'C'
$groupFullAccessMembers = @('JohnDoe','JaneDoe')  # Empty = @()
$groupSendAsMembers = @()
$groupCalendarBookingMembers = @()
$RoomCapacity = 0
$RoomList = 'AllRoomsHQ'
$Language = 'en-GB'


.\New-RoomMailbox.ps1 
  -RoomMailboxName $roomMailboxName 
  -RoomMailboxDisplayName $roomMailboxDisplayName 
  -RoomMailboxAlias $roomMailboxAlias 
  -RoomMailboxSmtpAddress $roomMailboxSmtpAddress 
  -DepartmentPrefix $departmentPrefix 
  -GroupFullAccessMembers $groupFullAccessMembers 
  -GroupSendAsMembers $groupSendAsMembers
  -RoomCapacity $RoomCapacity 
  -AutoAccept 
  -RoomList $RoomList
  -Language $Language

    Version History

    • 1.0, Initial community release
    • 1.1, Some PowerShell hygiene, issue #2 closed
    • 1.2, CalenderBooking, Language added

    Links

    Follow

     

     

  • Create a new Team Mailbox with Security Groups
    Last updated: 2016-12-20

    Exchange Server 2013Exchange Server 2016Description

    This scripts creates a new shared mailbox (aka team mailbox) and security groups for full access and and send-as delegation. The security groups are created using a naming convention. If required by your Active Directory team, you can add group prefixes or department abbreviations as well.

    The script uses a Xml configuration file to simplify changes for variables unique for your environment.

    High level steps executes by the script:

    1. Create a new shared mailbox
    2. Create a new mail enabled security group for full access delegation
    3. Assign full access security group for full access to the shared mailbox
    4. Create a new mail enabled security group for send-as delegation
    5. Assign send-as permissions to send-as security group

     

    Examples

    Xml settings file

    <?xml version="1.0"?>
<Settings>
	<GroupSettings>
		<Prefix>pre_</Prefix>
		<SendAsSuffix>_SA</SendAsSuffix>
		<FullAccessSuffix>_FA</FullAccessSuffix>
		<CalendarBookingSuffix>_CB</CalendarBookingSuffix>
		<TargetOU>mcsmemail.de/IT/Groups/Mail</TargetOU>
		<Domain>mcsmemail.de</Domain>
		<Seperator>-</Seperator>
	</GroupSettings>
	<AccountSettings>
		<TargetOU>mcsmemail.de/IT/SharedMailboxes</TargetOU>
	</AccountSettings>
	<GeneralSettings>
		<Sleep>10</Sleep>
	</GeneralSettings>
</Settings>

    The following example creates an empty shared mailbox for an internal Exchange Admin team with empty security groups.

    .\New-TeamMailbox.ps1 -TeamMailboxName "TM-Exchange Admins" ` 
  -TeamMailboxDisplayName "Exchange Admins" `
  -TeamMailboxAlias "TM-ExchangeAdmins" `
  -TeamMailboxSmtpAddress "ExchangeAdmins@mcsmemail.de" `
  -DepartmentPrefix "IT"

    The following Create-TeamMailbox.ps1 script simplifies the process of creating a team mailbox even more.

    $teamMailboxName = 'TM-Exchange Admin'
$teamMailboxDisplayName = 'Exchange Admins'
$teamMailboxAlias = 'TM-ExchangeAdmin'
$teamMailboxSmtpAddress = 'ExchangeAdmins@mcsmemails.de'
$departmentPrefix = 'IT'
$groupFullAccessMembers = @('exAdmin1','exAdmin2')
$groupSendAsMember = @('exAdmin1','exAdmin2')

.\New-TeamMailbox.ps1 -TeamMailboxName $teamMailboxName ` 
  -TeamMailboxDisplayName $teamMailboxDisplayName `
  -TeamMailboxAlias $teamMailboxAlias `
  -TeamMailboxSmtpAddress $teamMailboxSmtpAddress `
  -DepartmentPrefix $departmentPrefix `
  -GroupFullAccessMembers $groupFullAccessMembers `
  -GroupSendAsMember $groupSendAsMember -Verbose

    Version History

    • 1.0, Initial community release
    • 1.1, Prefix seperator added, PowerShell hygiene

    Links

    Follow

  • Azure Based Group Policy Search

    Simplify your daily work as an IT Administrator by using the Azure based Group Policy Search website. This site helps you to find the GPO settings you are looking for.

    The following screenshot shows an example when search for "Outlook PST"

    Screenshot GP Search Example

    Enjoy GPO Search.

    Links

     

    Are you unsure, if you should migrate to Office 365? You want to know more about security of cloud applications and services? Your Exchange Server infrastructure requires an upgrade? Contact me via email: thomas@mcsmemail.de



Comments are closed.

Showing 0 Comment

Categories

Authors

Cover - Microsoft Exchange Server 2019 - Das Handbuch für Administratoren

Cover - Microsoft 365 Business Premium Migration und Konfiguration

 
0123movie.net