Just can't get enough of IT

When you encounter a situation where the transport queues are filling up or you just want to get messages out of a transport queue for further usage, you have to export the messages to the file system.

With Exchange 2007 you could easily utilize the Export-Message cmdlet to export suspended messages from a transport queue:

Get-Message -Queue MYSERVER\29489 | ?{$_.Status -eq "Suspended"} | Export-Message -Path D:\MessageExport

With Exchange Server 2010 or newer the Path attribute had been removed from the Export-Message cmdlet. The cmdlet now returns a binary object that needs to be assembled to a readable text message.

You can only export suspended messages, as the transport service might take precedence on non suspended messages. You can either suspend the queue or suspend single messages. The following example for Exchange Server 2010 or newer suspends the messages, but not the queue itself.

Identify the queue holding messages to be exported

Beispiel: Auflistung der Warteschlage auf Server MCMEP01

Get-Queue -Server MCMEP01
 
Identity                   DeliveryType Status MessageCount Velocity RiskLevel OutboundIPPool NextHopDomain
--------                   ------------ ------ ------------ -------- --------- -------------- -------------
MCMEP01\18                 SmtpDeliv... Ready  0            0        Normal    0              MXEDB19
MCMEP01\23                 SmtpDeliv... Ready  0            0        Normal    0              MXEDB08
MCMEP01\24                 SmtpDeliv... Ready  0            0        Normal    0              MXEDB01
MCMEP01\25                 SmartHost... Ready  3            0        Normal    0              [10.10.11.1]
MCMEP01\53                 SmtpDeliv... Ready  0            0        Normal    0              MXEDB03
MCMEP01\Submission         Undefined    Ready  512          0        Normal    0              Submission
MCMEP01\Shadow\3           ShadowRed... Ready  2            0        Normal    0              MCMEP04.mcsmemail.de
MCMEP01\Shadow\4           ShadowRed... Ready  2            0        Normal    0              MCMEP03.mcsmemail.de
MCMEP01\Shadow\5           ShadowRed... Ready  3            0        Normal    0              MCMEP02.mcsmemail.de
MCMEP01\Shadow\6           ShadowRed... Ready  2            0        Normal    0              MCMEP07.mcsmemail.de
MCMEP01\Shadow\15          ShadowRed... Ready  1            0        Normal    0              MCMEP08.mcsmemail.de
 

Suspend all Messages in Queue MCMEP01\Submission

Get-Queue MCMEP01\Submission | Get-Message ResultSize Unlimited | Suspend-Message

Fetch all messages to an array and export all messages to the local file system. You can either export all messages by just enumerating the messages or by using the message subject as the file name. Using the message subject posed the risk that the subject might contain a character that is not allowed for file names.

$array = @(Get-Message -Queue MCMEP01\Submission -ResultSize Unlimited | ?{$_.Status -eq "Suspened"})

$array | ForEach-Object {$m++;Export-Message $_.Identity | AssembleMessage -Path ("E:\Export\"+$m+".eml")}

$array | ForEach-Object {$m++;$filename="E:\Export\"+$m+"_"+$_.subject+".eml"; Export-Message $_.identity | AssembleMessage -path $filename}

The messages exported to the local file system can now be copied to the Exchange Transport Replay folder, which exists on each Exchange Server having an Exchange 2010 Hub Transport role or Exchange 2013/2016 Mailbox role.

• $exinstall\TransportRoles\Replay

After successful export of all suspended messages you want to delete the suspended messages from the queue. Ensure to use -WithNDR $false as otherwise all senders will receive a Non Delivery Report (NDR).

Get-Queue MCMEP01\Submission | Get-Message -ResultSize Unlimited | ?{$_.Status -eq "Suspened"} | Remove-Message -WithNDR $false

Messages saved to the Replay folder will be picked up the transport service. When a messages is picked up, the file extension changes to .TMP. You will not be able to delete a file at this point as the file is locked by the transport service. After a message file has been processed successfully, the file is deleted by the transport service. If there is any issue with the message file the file extension will change to .BAD.

This is a wrap-up of an older post that had originally been published on my former website.

Even though that this post focusses on Exchange 2010 transport agents, you will get an understand on what is required to create an Exchange 2013/2016 aka Version 15 transport agent.

Visual Studio Project

Writing your own transport agent for Exchange 2010 is not really complicated. With a Visual Studio C# Class project you are ready to go.

The follow picture shows the Visual Studio Solution as it has been used for the Message Modifier Solution.

Besides the C# class the solution contains the following Powershell script to simplify development and deployment:

• Add-TransportAgent.ps1
  Installs the transport agent on the productive Exchange Server
• Remove-TransportAgent.ps1
  Uninstalls the transport agent on the productive Exchange Server
  See Technet Gallery https://gallery.technet.microsoft.com/Remove-a-custom-Exchange-1cd30e92
• Build-DeploymentPackage.ps1
  Copy all required DLLs, Powershell scripts and the deployment configuration file to a dedicated folder
• install.ps1
  Installs the transport agent on the development Exchange Server
• uninstall.ps1
  Uninstalls the transport agent on the development Exchange Server

The transport agent intercepts a message from a given sender address and performs the following actions:

• If the message has attachments with file names starting with "WORKBOOK_" the attachments are renamed to the following format:
  
  [yyyyMMdd] [EMAIL SUBJECT]-[NUMBER].[ORIGINAL EXTENSION]
   
• The subject is rewritten from the format
  
  [dd.MM.yyyy] [SUBJECT TEXT]
  to
  [yyyyMMdd] [SUBJECT TEXT]

Links

• Remove a custom Exchange 2010 Transport Agent, https://gallery.technet.microsoft.com/Remove-a-custom-Exchange-1cd30e92

Code Sample

// AttachmentModify  
// ----------------------------------------------------------  
// Example for intercepting email messages in an Exchange 2010 transport queue  
//   
// The example intercepts messages sent from a configurable email address(es)  
// and checks the mail message for attachments have filename in to format  
//   
//      WORKBOOK_{GUID}  
//  
// Changing the filename of the attachments makes it easier for the information worker  
// to identify the reports in the emails and in the file system as well.  
// Copyright (c) Thomas Stensitzki
// ----------------------------------------------------------  
  
using System;  
using System.Collections.Generic;  
using System.Diagnostics;  
using System.Globalization;  
using System.IO;  
using System.Reflection;  
using System.Text;  
using System.Text.RegularExpressions;  
using System.Threading;  
using System.Xml;  
  
// the lovely Exchange   
using Microsoft.Exchange.Data.Transport;  
using Microsoft.Exchange.Data.Transport.Smtp;  
using Microsoft.Exchange.Data.Transport.Email;  
using Microsoft.Exchange.Data.Transport.Routing;  
  
namespace SFTools.Messaging.AttachmentModify  
{  
    #region Message Modifier Factory  
  
    /// <summary>  
    /// Message Modifier Factory  
    /// </summary>  
    public class MessageModifierFactory : RoutingAgentFactory  
    {  
        /// <summary>  
        /// Instance of our transport agent configuration  
        /// This is for a later implementation  
        /// </summary>  
        private MessageModifierConfig messageModifierConfig = new MessageModifierConfig();  
  
        /// <summary>  
        /// Returns an instance of the agent  
        /// </summary>  
        /// <param name="server">The SMTP Server</param>  
        /// <returns>The Transport Agent</returns>  
        public override RoutingAgent CreateAgent(SmtpServer server)  
        {  
            return new MessageModifier(messageModifierConfig);  
        }  
    }  
 
    #endregion  
 
    #region Message Modifier Routing Agent  
      
    /// <summary>  
    /// The Message Modifier Routing Agent for modifying an email message  
    /// </summary>  
    public class MessageModifier : RoutingAgent  
    {  
        // The agent uses the fileLock object to synchronize access to the log file  
        private object fileLock = new object();  
  
        /// <summary>  
        /// The current MailItem the transport agent is handling  
        /// </summary>  
        private MailItem mailItem;  
  
        /// <summary>  
        /// This context to allow Exchange to continue processing a message  
        /// </summary>  
        private AgentAsyncContext agentAsyncContext;  
  
        /// <summary>  
        /// Transport agent configuration  
        /// </summary>  
        private MessageModifierConfig messageModifierConfig;  
  
        /// <summary>  
        /// Constructor for the MessageModifier class  
        /// </summary>  
        /// <param name="messageModifierConfig">Transport Agent configuration</param>  
        public MessageModifier(MessageModifierConfig messageModifierConfig)  
        {  
            // Set configuration  
            this.messageModifierConfig = messageModifierConfig;  
  
            // Register an OnRoutedMessage event handler  
            this.OnRoutedMessage += OnRoutedMessageHandler;  
        }  
  
        /// <summary>  
        /// Event handler for OnRoutedMessage event  
        /// </summary>  
        /// <param name="source">Routed Message Event Source</param>  
        /// <param name="args">Queued Message Event Arguments</param>  
        void OnRoutedMessageHandler(RoutedMessageEventSource source, QueuedMessageEventArgs args)  
        {  
            lock (fileLock) {  
                try {  
                    this.mailItem = args.MailItem;  
                    this.agentAsyncContext = this.GetAgentAsyncContext();  
  
                    // Get the folder for accessing the config file  
                    string dllDir = Path.GetDirectoryName(Assembly.GetExecutingAssembly().Location);  
  
                    // Fetch the from address from the current mail item  
                    RoutingAddress fromAddress = this.mailItem.FromAddress;  
  
                    Boolean boWorkbookFound = false;    // We just want to modifiy subjects when we modified an attachement first  
 
                    #region External Receive Connector Example  
  
                    // CHeck first, if the mail item does have a ReceiveConnectorName property first to prevent ugly things to happen  
                    if (mailItem.Properties.ContainsKey("Microsoft.Exchange.Transport.ReceiveConnectorName")) {  
                        // This is just an example, if you want to do something with a mail item which has been received via a named external receive connector  
                        if (mailItem.Properties["Microsoft.Exchange.Transport.ReceiveConnectorName"].ToString().ToLower() == "externalreceiveconnectorname")  
                        {  
                            // do something fancy with the email  
                        }  
                    }  
 
                    #endregion  
  
                    RoutingAddress catchAddress;  
  
                    // Check, if we have any email addresses configured to look for  
                    if (this.messageModifierConfig.AddressMap.Count > 0) {  
                        // Now lets check, if the sender address can be found in the dictionary  
                        if (this.messageModifierConfig.AddressMap.TryGetValue(fromAddress.ToString().ToLower(), out catchAddress)) {  
                            // Sender address found, now check if we have attachments to handle  
                            if (this.mailItem.Message.Attachments.Count != 0) {  
                                // Get all attachments  
                                AttachmentCollection attachments = this.mailItem.Message.Attachments;  
  
                                // Modify each attachment  
                                for (int count = 0; count < this.mailItem.Message.Attachments.Count; count++) {  
                                    // Get attachment  
                                    Attachment attachment = this.mailItem.Message.Attachments[count];  
  
                                    // We will only transform attachments which start with "WORKBOOK_"  
                                    if (attachment.FileName.StartsWith("WORKBOOK_")) {  
                                        // Create a new filename for the attachment  
                                        // [MODIFIED SUBJECT]-[NUMBER].[FILEEXTENSION]  
                                        String newFileName = MakeValidFileName(string.Format("{0}-{1}{2}", ModifiySubject(this.mailItem.Message.Subject.Trim()), count + 1, Path.GetExtension(attachment.FileName)));  
  
                                        // Change the filename of the attachment  
                                        this.mailItem.Message.Attachments[count].FileName = newFileName;  
  
                                        // Yes we have changed the attachment. Therefore we want to change the subject as well.  
                                        boWorkbookFound = true;  
                                    }  
                                }  
  
                                // Have changed any attachments?  
                                if (boWorkbookFound) {  
                                    // Then let's change the subject as well  
                                    this.mailItem.Message.Subject = ModifiySubject(this.mailItem.Message.Subject);  
                                }  
                            }  
                        }  
                    }  
                }  
                catch (System.IO.IOException ex) {  
                    // oops  
                    Debug.WriteLine(ex.ToString());  
                    this.agentAsyncContext.Complete();  
                }  
                finally {  
                    // We are done  
                    this.agentAsyncContext.Complete();  
                }  
            }  
  
            // Return to pipeline  
            return;  
        }  
  
        /// <summary>  
        /// Build a new subject, if the first 10 chars of the original subject are a valid date.  
        /// We muste transform the de-DE format dd.MM.yyyy to yyyyMMdd for better sortability in the email client.  
        /// </summary>  
        /// <param name="MessageSubject">The original subject string</param>  
        /// <returns>The modified subject string, if modification was possible</returns>  
        private static string ModifiySubject(string MessageSubject)  
        {  
            string newSubject = String.Empty;  
  
            if (MessageSubject.Length >= 10) {  
                string dateCheck = MessageSubject.Substring(0, 10);  
                DateTime dt = new DateTime();  
                try {  
                    // Check if we can parse the datetime  
                    if (DateTime.TryParse(dateCheck, out dt)) {  
                        // lets fetch the subject starting at the 10th character  
                        string subjectRight = MessageSubject.Substring(10).Trim();  
                        // build a new subject  
                        newSubject = string.Format("{0:yyyyMMdd} {1}", dt, subjectRight);  
                    }  
                }  
                finally {  
                    // do nothing  
                }  
            }  
  
            return newSubject;  
        }  
  
  
        /// <summary>  
        /// Replace invalid filename chars with an underscore  
        /// </summary>  
        /// <param name="name">The filename to be checked</param>  
        /// <returns>The sanitized filename</returns>  
        private static string MakeValidFileName(string name)  
        {  
            string invalidChars = Regex.Escape(new string(Path.GetInvalidFileNameChars()));  
            string invalidRegExStr = string.Format(@"[{0}]+", invalidChars);  
            return Regex.Replace(name, invalidRegExStr, "_");  
        }  
  
    }  
 
    #endregion  
 
    #region Message Modifier Configuration  
  
    /// <summary>  
    /// Message Modifier Configuration class  
    /// </summary>  
    public class MessageModifierConfig  
    {  
        /// <summary>  
        ///  The name of the configuration file.  
        /// </summary>  
        private static readonly string configFileName = "SFTools.MessageModify.Config.xml";  
  
        /// <summary>  
        /// Point out the directory with the configuration file (= assembly location)  
        /// </summary>  
        private string configDirectory;  
  
        /// <summary>  
        /// The filesystem watcher to monitor configuration file updates.  
        /// </summary>  
        private FileSystemWatcher configFileWatcher;  
  
        /// <summary>  
        /// The from address  
        /// </summary>  
        private Dictionary<string, RoutingAddress> addressMap;  
  
        /// <summary>  
        /// Whether reloading is ongoing  
        /// </summary>  
        private int reLoading = 0;  
  
        /// <summary>  
        /// The mapping between domain to catchall address.  
        /// </summary>  
        public Dictionary<string, RoutingAddress> AddressMap  
        {  
            get { return this.addressMap; }  
        }  
  
        /// <summary>  
        /// Constructor  
        /// </summary>  
        public MessageModifierConfig()  
        {  
            // Setup a file system watcher to monitor the configuration file  
            this.configDirectory = Path.GetDirectoryName(Assembly.GetExecutingAssembly().Location);  
            this.configFileWatcher = new FileSystemWatcher(this.configDirectory);  
            this.configFileWatcher.NotifyFilter = NotifyFilters.LastWrite;  
            this.configFileWatcher.Filter = configFileName;  
            this.configFileWatcher.Changed += new FileSystemEventHandler(this.OnChanged);  
  
            // Create an initially empty map  
            this.addressMap = new Dictionary<string, RoutingAddress>();  
  
            // Load the configuration  
            this.Load();  
  
            // Now start monitoring  
            this.configFileWatcher.EnableRaisingEvents = true;  
        }  
  
        /// <summary>  
        /// Configuration changed handler.  
        /// </summary>  
        /// <param name="source">Event source.</param>  
        /// <param name="e">Event arguments.</param>  
        private void OnChanged(object source, FileSystemEventArgs e)  
        {  
            // Ignore if load ongoing  
            if (Interlocked.CompareExchange(ref this.reLoading, 1, 0) != 0) {  
                Trace.WriteLine("load ongoing: ignore");  
                return;  
            }  
  
            // (Re) Load the configuration  
            this.Load();  
  
            // Reset the reload indicator  
            this.reLoading = 0;  
        }  
  
        /// <summary>  
        /// Load the configuration file. If any errors occur, does nothing.  
        /// </summary>  
        private void Load()  
        {  
            // Load the configuration  
            XmlDocument doc = new XmlDocument();  
            bool docLoaded = false;  
            string fileName = Path.Combine(this.configDirectory, MessageModifierConfig.configFileName);  
  
            try {  
                doc.Load(fileName);  
                docLoaded = true;  
            }  
            catch (FileNotFoundException) {  
                Trace.WriteLine("Configuration file not found: {0}", fileName);  
            }  
            catch (XmlException e) {  
                Trace.WriteLine("XML error: {0}", e.Message);  
            }  
            catch (IOException e) {  
                Trace.WriteLine("IO error: {0}", e.Message);  
            }  
  
            // If a failure occured, ignore and simply return  
            if (!docLoaded || doc.FirstChild == null) {  
                Trace.WriteLine("Configuration error: either no file or an XML error");  
                return;  
            }  
  
            // Create a dictionary to hold the mappings  
            Dictionary<string, RoutingAddress> map = new Dictionary<string, RoutingAddress>(100);  
  
            // Track whether there are invalid entries  
            bool invalidEntries = false;  
  
            // Validate all entries and load into a dictionary  
            foreach (XmlNode node in doc.FirstChild.ChildNodes) {  
                if (string.Compare(node.Name, "domain", true, CultureInfo.InvariantCulture) != 0) {  
                    continue;  
                }  
  
                XmlAttribute domain = node.Attributes["name"];  
                XmlAttribute address = node.Attributes["address"];  
  
                // Validate the data  
                if (domain == null || address == null) {  
                    invalidEntries = true;  
                    Trace.WriteLine("Reject configuration due to an incomplete entry. (Either or both domain and address missing.)");  
                    break;  
                }  
  
                if (!RoutingAddress.IsValidAddress(address.Value)) {  
                    invalidEntries = true;  
                    Trace.WriteLine(String.Format("Reject configuration due to an invalid address ({0}).", address));  
                    break;  
                }  
  
                // Add the new entry  
                string lowerDomain = domain.Value.ToLower();  
                map[lowerDomain] = new RoutingAddress(address.Value);  
  
                Trace.WriteLine(String.Format("Added entry ({0} -> {1})", lowerDomain, address.Value));  
            }  
  
            // If there are no invalid entries, swap in the map  
            if (!invalidEntries) {  
                Interlocked.Exchange<Dictionary<string, RoutingAddress>>(ref this.addressMap, map);  
                Trace.WriteLine("Accepted configuration");  
            }  
        }  
    }  
     #endregion  
} 

Problem

The use of Exchange Edge Transport Servers requires the synchronization of user and configuration data from internal Exchange Servers to the Edge Transport Servers. The synchronization utilizes secure LDAP (EdgeSync) to transmit the data securely and is based on an Edge Subscription.

When you create a new Edge Subscription on your internal Exchange Servers by importing the Edge Subscription XML-file, establishing the EdgeSync-connection might fail.

You will find the following error in the application event log of the internal Exchange Server:

Log Name:      Application
Source:        MSExchange EdgeSync
Event ID:      1035
Task Category: Synchronization
Level:         Error
Keywords:      Classic
Description:
EdgeSync failed to synchronize because it only supports Cryptographic API certificates. 
The local Hub Transport server's default certificate with thumbprint XYZ isn't a 
CAPI certificate. To set a CAPI certificate as the default certificate, use the 
Enable-ExchangeCertificate cmdlet with the Services parameter using the value of SMTP.

Reason

The private key of the current Exchange Transport default certificate of the internal Exchange servers uses a CNG private key. EdgeSync requires a CAPI1 based private key.

• CNG = Cryptography Next Generation
• CAPI1 = Cryptographic API (already deprecated)

This problem occurs primarily when using an Enterprise Certificate Authority using certificate templates with individual template settings. 

How do you determine, if the type of the default transport certificate is a CNG or CAPI1 certificate?

• Log on to the internal Exchange Server where you imported the Edge Subscription file and start a new Exchange Management Shell session
• Query the Transport Service to identify the default certificate thumbprint

Get-TransportService | ft Name,InternalTransportCertificateThumbprint

• Open an administrative command prompt
• Export the certificates information from the certificate store to a text file

certutil -v -store my > cert.txt

• Open the text file using an editor tool of your choice
• Search for the certificate thumbprint identified in step 2
  This thumbprint is the SHA1 certificate hash
• Scroll down to the provider section to find the following two attributes
  • ProviderType
  • KeySpec

If both attribute are of the value 0, the certificate if a CNG certificate.

The section might look like this:

Unique container name: XYZ
    Provider = Microsoft Software Key Storage Provider
    ProviderType = 0
  Flags = 20 (32)
    CRYPT_MACHINE_KEYSET -- 20 (32)
    KeySpec = 0 -- XCN_AT_NONE

Solution

Use OpenSSL to convert the CNG certificate to a CAPI1 certificate.

Using OpenSSL requires the download of the Windows release of OpenSSL. I recommend to not install the software on the Exchange Server but a separate Windows server or your administrative desktop system. Additionally, you need the certificate with its private key as a PFX-file.

Use the following steps to convert the CNG certificate to a CAPI1 certificate.

• Download and install OpenSSL
• Open the OpenSSL Command Prompt
• Navigate to the folder containing the PFX-file
• Convert the PFX-file to a PEM-file
  The tool will query to enter the PFX password

openssl pkcs12 -in CERT.pfx -out cert.pem -nodes

• Convert the PEM-file to a new PFX-file
  The tool will query you to set a PFX password

openssl pkcs12 -export -in cert.pem -out NEWCERT.pfx

The new PFX-file is now a CAPI1 certificate. The new certificate has the same thumbprint. Now you must replace the current certificate used by Exchange Server with the new certificate. 

Replacing the certificate requires a downtime of each Exchange Server requiring the certificate replacement. This is due to the requirement to remove the CNG certificate first, following the import of the CAPI1 certificate. Afterward, you need to enable the required Exchange services.

• Log on to the internal Exchange Server where you imported the Edge Subscription file and start a new Exchange Management Shell session
• Query local Exchange Server certificates and identify the thumbprint of the default Exchange Server self-signed certificate 
  The certificate common name (CN) equals the server name

Get-ExchangeCertificate -Server SERVERNAME

• Change the Exchange Transport default certificate to the self-signed certificate before deleting the CNG certificate

# It is mandatory to answer the query for replacing the default certificate with YES
Enable-ExchangeCertificate -Thumbprint THUMBPRINT -Services SMTP

# Restart the transport service
Restart-Service MSExchangeTransport

• Remove the CNG certificate
  • Use either the certificate store MMC, Exchange Management Shell, or Exchange Admin Center
• Import the CAPI1 certificate
  • Use either the certificate store MMC, Exchange Management Shell, or Exchange Admin Center
• Enable the imported certificate and replace the default transport certificate

# It is mandatory to answer the query for replacing the default certificate with YES
Enable-ExchangeCertificate -Thumbprint NEWCERTTHUMBPRINT -Services SMTP

# Restart the transport service
Restart-Service MSExchangeTransport

• Repeat the certificate replace for each Exchange Server in the same Active Directory site

Now, that you updated the local Exchange Servers there is one more step that needs to be checked on the Edge Transport Servers.

Edge Transport Servers are not domain-joined and therefore do not receive any GPO-based configuration. Each required configuration must be performed locally. To ensure that the default transport certificate of the internal Exchange servers can be used for cryptographic operations we must ensure that the certificate chain of that certificate is present in the certificate store of Edge Transport servers.

Take a look at the certificate chain of the converted CAPI1 certificate and import the Root-CA and Subordinate-CA certificates into the Edge Transport servers local certificate store. You must ensure that the certificates are placed into appropriate stores:

• Root-CA certificate goes into Trusted Root Certification Authorities \ Certificates
• Subordinate-CA certificate goes into Intermediate Certification Authorities \ Certificates

Next, you create a new Edge Subscription on your Edge Transport server and create a new subscription for the Active Directory site on the internal Exchange Server. The internal Exchange Servers are now able to establish an EdgeSync connection and encrypting the data transferred to the Edge Transport servers.

Note

When you receive the TLS certificate as PFX/PKCS12 file, you import the certificate and the private key. The import process itself defines the priavte key Crypto Provider. Using the following command line you ensure that the import process suses the legacy crypto provider.

certutil -csp "Microsoft RSA SChannel Cryptographic Provider" -importpfx my MYCERTpfx

Links

• Exchange Edge Transport Server Role
• Edge Subscriptions
• Cryptography API: Next Generation
• Cryptographic Service Providers
• OpenSSL for Windows

Enjoy Exchange Server and Edge Transport!

Are you located in Germany, Austria, or Switzerland? Join the Exchange User Group DACH to collaborate with other Exchange enthusiasts.
Follow us on Twitter @exusg, join on Meetup, or visit our website. 

Sometimes you might be interested in gathering a list of all computer from an Active Directory domain in preparation for migration.

You can gather a list of all computer objects using the following command.

# Fetch a sorted list of all computer objects
Get-ADComputer -Filter * -Property * | Sort-Object Name 

The wildcard used with the Property parameter fetches all available attributes for a computer object. Check the available attributes in the result set to identify the attributes you are interested in.

# Example output for the first computer object gathered from Active Directory
(Get-ADComputer -Filter * -Property * | Sort-Object Name)[0]

AccountExpirationDate                : 
accountExpires                       : 9223372036854775807
AccountLockoutTime                   : 
AccountNotDelegated                  : False
AllowReversiblePasswordEncryption    : False
BadLogonCount                        : 0
badPasswordTime                      : 0
badPwdCount                          : 0
CannotChangePassword                 : False
CanonicalName                        : DOMAIN.local/Computers/COMPUTER01
Certificates                         : {}
CN                                   : COMPUTER01
codePage                             : 0
CompoundIdentitySupported            : {False}
countryCode                          : 0
Created                              : 9/2/2013 3:01:13 PM
createTimeStamp                      : 9/2/2013 3:01:13 PM
Deleted                              : 
Description                          : 
DisplayName                          : 
DistinguishedName                    : CN=COMPUTER01,CN=Computers,DC=DOMAIN,DC=local
DNSHostName                          : COMPUTER01.DOMAIN.local
DoesNotRequirePreAuth                : False
dSCorePropagationData                : {12/31/1600 7:00:00 PM}
Enabled                              : True
HomedirRequired                      : False
HomePage                             : 
instanceType                         : 4
IPv4Address                          : 
IPv6Address                          : 
isCriticalSystemObject               : False
isDeleted                            : 
KerberosEncryptionType               : {RC4, AES128, AES256}
LastBadPasswordAttempt               : 
LastKnownParent                      : 
lastLogoff                           : 0
lastLogon                            : 130942520427754509
LastLogonDate                        : 12/10/2015 3:02:53 PM
lastLogonTimestamp                   : 130942513734007331
localPolicyFlags                     : 0
Location                             : 
LockedOut                            : False
logonCount                           : 194
ManagedBy                            : 
MemberOf                             : {}
MNSLogonAccount                      : False
Modified                             : 12/10/2015 3:02:53 PM
modifyTimeStamp                      : 12/10/2015 3:02:53 PM
msDS-SupportedEncryptionTypes        : 28
msDS-User-Account-Control-Computed   : 0
Name                                 : COMPUTER01
nTSecurityDescriptor                 : System.DirectoryServices.ActiveDirectorySecurity
ObjectCategory                       : CN=Computer,CN=Schema,CN=Configuration,DC=DOMAIN,DC=local
ObjectClass                          : computer
ObjectGUID                           : da59afcc-e00a-430b-9cbc-01adeed568f3
objectSid                            : S-1-5-21-3143343262-845931634-422089675-1179
OperatingSystem                      : Windows 7 Professional
OperatingSystemHotfix                : 
OperatingSystemServicePack           : Service Pack 1
OperatingSystemVersion               : 6.1 (7601)
PasswordExpired                      : False
PasswordLastSet                      : 12/2/2014 7:21:09 AM
PasswordNeverExpires                 : False
PasswordNotRequired                  : False
PrimaryGroup                         : CN=Domain Computers,CN=Users,DC=DOMAIN,DC=local
primaryGroupID                       : 515
PrincipalsAllowedToDelegateToAccount : {}
ProtectedFromAccidentalDeletion      : False
pwdLastSet                           : 130619964697110685
SamAccountName                       : COMPUTER01$
sAMAccountType                       : 805306369
sDRightsEffective                    : 15
ServiceAccount                       : {}
servicePrincipalName                 : {RestrictedKrbHost/COMPUTER01, HOST/COMPUTER01, 
                                       RestrictedKrbHost/COMPUTER01.DOMAIN.local, HOST/COMPUTER01.DOMAIN.local}
ServicePrincipalNames                : {RestrictedKrbHost/COMPUTER01, HOST/COMPUTER01, 
                                       RestrictedKrbHost/COMPUTER01.DOMAIN.local, HOST/COMPUTER01.DOMAIN.local}
SID                                  : S-1-5-21-3143343262-845931634-422089675-1179
SIDHistory                           : {}
TrustedForDelegation                 : False
TrustedToAuthForDelegation           : False
UseDESKeyOnly                        : False
userAccountControl                   : 4096
userCertificate                      : {}
UserPrincipalName                    : 
uSNChanged                           : 1721509
uSNCreated                           : 45981
whenChanged                          : 12/10/2015 3:02:53 PM
whenCreated                          : 9/2/2013 3:01:13 PM

As a next step, you gather the selected information and 

# Fetch data for an operating system overview, sorted by property Name only
Get-ADComputer -Filter * -Property * | Sort-Object Name | Select Name,OperatingSystem,OperatingSystemServicePack,OperatingSystemVersion 

# Fetch data for an operating system overview, sorted by property OperatingSystem first, then Name 
Get-ADComputer -Filter * -Property * | Sort-Object OperatingSystem,Name | Select Name,OperatingSystem,OperatingSystemServicePack,OperatingSystemVersion 

You can export the gathered information to a comma separated file easily using the Export-Csv cmdlet.

# Export the gathered and sorted information to a CSV file using a semicolon as the delimiter
# Adjust the file path for the CSV file to fit your environment
Get-ADComputer -Filter * -Property * | Sort-Object OperatingSystem,Name | Select Name,OperatingSystem,OperatingSystemServicePack,OperatingSystemVersion | Export-Csv -Path C:\SCRIPTS\ComputerOverview.csv -NoClobber -NoTypeInformation -Delimiter ';' 

Link

• Inventorying Computers with AD PowerShell

Enjoy!

Description

This script removes the proxy address(es) for a selected protocol from mail-enabled public folders.

Any proxy address with a given protocol is removed from the proxy addresses list.

The script can fix the alias of mail-enabled public folders as well. The code used is based upon a blog post by Shay Levy.

Examples

# EXAMPLE 1
# Check mail enabled public folders for proxy addresses having "MS:" as a protocol type.
# Do not remove and update addresses, but log found addresses to RemovedAddresses.txt

.\Clean-MailEnabledPublicFolders.ps1 -ProtocolToRemove "MS:*" 

# EXAMPLE 2
# Check mail enabled public folders for proxy addresses having "MS:" as a protocol type.
# Remove and update addresses and log found addresses to RemovedAddresses.txt

.\Clean-MailEnabledPublicFolders.ps1 -ProtocolToRemove "MS:*" -UpdateAddresses

Version History

• 1.0, Initial community release
• 1.1, FixAlias added, cleanup logic changed
• 1.2, Some minor PowerShell updates

Links

• Download and follow at Github: https://github.com/Apoc70/Clean-MailEnabledPublicFolders
• Download and like at TechNet Gallery: https://gallery.technet.microsoft.com/Script-to-remove-unwanted-9d119c6b

Follow

• Twitter @stensitzki
• LinkedIn
• Xing

Additional Note

This Powershell script has been optimized using the ISESteroids™ add-on. Learn more about ISESteroids™ here.

Description

The script sends a given number of test emails to a configured SMTP host for test purposes (primarily Exchange queues, transport agents, or anti-virus engines).

Do not forget to adjust script variables to suit your local Exchange infrastructure.

Examples

# EXAMPLE 1
# Send 10 normal emails
.\Send-TestMail.ps1 -Normal -MessageCount 10

# EXAMPLE 2
# Send an Eicar test email
.\Send-TestMail.ps1 -Eicar

Version History

• 1.0, Initial community release

Links

• Download and follow at Github: https://github.com/Apoc70/Send-TestMail
• Download and like at TechNet Gallery: https://gallery.technet.microsoft.com/Send-test-emails-to-a98c1ca4

Follow

• Twitter @stensitzki
• LinkedIn
• Xing