The PowerShell script to Set mailbox quotas at database or mailbox level the simple way has been updated to Version 1.4.
The code has been refactored to functions and has received some PowerShell hygiene patters.
Please report any issues directly at Github.
If you like the script, please rate the script at TechNet Gallery.
Enjoy!
As an Exchange administrator you normally perform tasks by executing PowerShell scripts. Some of these scripts are executed automatically, some are run manually as these scripts require more attention.
Think about a completely different approach. Have you ever thought about administrating Exchange Server or your Exchange Online instance using your voice?
Thanks to Alexa skills we can do something like
"Alexa, ask Exchange Assistant to create a new mailbox for John Doe" "Alexa, is the CEO's mailbox in good shape?"
"Alexa, ask Exchange Assistant to create a new mailbox for John Doe"
"Alexa, is the CEO's mailbox in good shape?"
Or run something more complicated
"Alexa, start Exchange to setup 5 new Exchange servers, please"
Sounds like magic, right?
As a solution we use the following technologies:
The Azure Hybrid Runbook Worker enables you to execute PowerShell runbooks in your local infrastructure to manage local ressources.
The solution consists of a Visual Studio Solution acting as an Alexa skill endpoint. The configured intents connect to your Azure Automation webhooks and trigger the execution of preconfigured PowerShell automation runbooks.
These runbooks can either run againt Azure resources or against your local infrastructure. Automation of your local infrastructure requires the setup of the Azure Hybrid Runbook Worker components.
The following diagram illustrates the functionality.
The solution utilizes the Azure4Alexa and AlexaSkillsSet.NET projects available on Github. Currently the approach requires some manual steps and Visual Studio knowledge, as you want to deploy your own Alexa custom application. This is primarily driven due to security demands. The Hybrid Runbook Worker can access your local infrastructure. So you went to be in charge of the credentials used to access your infrastructure.
Start enjoying how your administrator's can orchestrate your Exchange Server environment.
Enjoy your wonderful life with Exchange :-)
You implement shared mailboxes as part of a legacy public folder migration. Access to the shared mailbox provided by dedicated security groups which, in this case, provide access to dedicated sub folders within the mailbox.
The migrated legacy public folder content contained items marked as private.
When you access a shared mailbox as a group member you are not able to see or access private items.
The following two screenshots are used to demontraste the issue:
The Inbox node shows three unread items:
The Inbox detail pane just shows a single read message:
So how to access items marked as private?
The privacy level (Sensitivity) of a mailbox item is controlled by MAPI extended property 0x36.
When an item does have an extended property 0x36, the value is set to 0.
A mailbox is accessed using Exchange Web Services. The EWS endpoint is discovered using AutoDiscover for the selected mailbox.
The item modificatiuon is handled by the following code segment:
var extendedPropertyDefinition = new ExtendedPropertyDefinition(0x36, MapiPropertyType.Integer); int extendedPropertyindex = 0; foreach (var extendedProperty in Message.ExtendedProperties) { if (extendedProperty.PropertyDefinition == extendedPropertyDefinition) { if (log.IsInfoEnabled) { log.Info(string.Format("Try to remove private flag from message: {0}", Message.Subject)); } else { Console.WriteLine("Try to remove private flag from message: {0}", Message.Subject); } // Set the value of the extended property to 0 (which is Sensitivity normal, 2 would be private) Message.ExtendedProperties[extendedPropertyindex].Value = 0; // Update the item on the server with the new client-side value of the target extended property. Message.Update(ConflictResolutionMode.AlwaysOverwrite); } extendedPropertyindex++; }
RemovePrivateFlags.exe -mailbox user@domain.com [-logonly] [-foldername "Inbox"]
Search through the mailbox and ask for changing a item if -logonly is not set to true. If -foldername is given the folder path are compared to the folder name. If -logonly is set to true only a log will be created.
RemovePrivateFlags.exe -mailbox user@domain.com [-foldername "Inbox"] [-noconfirmation]
Search through the mailbox, if -noconfirmation is set to true all items will be altered without confirmation.
It should be noted that this solution is intended for use in migration scenarios.
When providing access to mailbnox delegates you can enable access to your private elements as well. But access to shared mailboxes is not configured using the delegation workflow.
The code has been tested using Exchange Server 2013 CU15.
The program utilizes log4net to log detailed information to the file system. The configuration is controlled by the application's config file.
Any issues or feature requests? Use Github.
Like the code? Leave a note.
This script removes Active Directory objects for HealthMailboxes or SystemMailboxes in the Microsoft Exchange System Objects (MESO) container that do not have a homeMDB attribute set.
It is highly recommended to run the script with -WhatIf parameter to check objects first.
Information about accounts deleted or supposed to be deleted are written to a log file.
# EXAMPLE # Perform a WhatIf run in preparation to removing SystemMailboxes having an empty database attribute .\Remove-OrphanedMailboxAccounts.ps1 -SystemMailbox -WhatIf # EXAMPLE # Remove HealthMailbox(es) having an empty database attribute .\Remove-OrphanedMailboxAccounts.ps1 -HealthMailbox
2017-02-10 10:18: 11488 - Info - Script started 2017-02-10 10:18: 11488 - Info - WhatIf Preference: True 2017-02-10 10:18: 11488 - Info - Cleaning HealthMailboxes | 10 objects found 2017-02-10 10:18: 11488 - Info - Cleaning HealthMailboxes | Delete CN=HealthMailboxd32b165a6adf45518c8498fba3c7c93a,CN=Monitoring Mailboxes,CN=Microsoft Exchange System Objects,DC=granikoslabs,DC=de 2017-02-10 10:18: 11488 - Info - Cleaning HealthMailboxes | Delete CN=HealthMailbox6b66930902d8430e831df7b086bfd49b,CN=Monitoring Mailboxes,CN=Microsoft Exchange System Objects,DC=granikoslabs,DC=de 2017-02-10 10:18: 11488 - Info - Cleaning HealthMailboxes | Delete CN=HealthMailbox6bf99bdc31474217a6fdc4cd83260e88,CN=Monitoring Mailboxes,CN=Microsoft Exchange System Objects,DC=granikoslabs,DC=de 2017-02-10 10:18: 11488 - Info - Cleaning HealthMailboxes | Delete CN=HealthMailboxd4410bf131b34907b6a96a7e65263db1,CN=Monitoring Mailboxes,CN=Microsoft Exchange System Objects,DC=granikoslabs,DC=de 2017-02-10 10:18: 11488 - Info - Cleaning HealthMailboxes | Delete CN=HealthMailbox98f334580dbf457ca2a6d1a19fdf49d1,CN=Monitoring Mailboxes,CN=Microsoft Exchange System Objects,DC=granikoslabs,DC=de 2017-02-10 10:18: 11488 - Info - Cleaning HealthMailboxes | Delete CN=HealthMailboxc16704bf98c94f5e8453c7955d7897b5,CN=Monitoring Mailboxes,CN=Microsoft Exchange System Objects,DC=granikoslabs,DC=de 2017-02-10 10:18: 11488 - Info - Cleaning HealthMailboxes | Delete CN=HealthMailboxa64fe085bdff46a786d68782c5070bf1,CN=Monitoring Mailboxes,CN=Microsoft Exchange System Objects,DC=granikoslabs,DC=de 2017-02-10 10:18: 11488 - Info - Cleaning HealthMailboxes | Delete CN=HealthMailbox6c56f94506974a1183c6b71eebb63406,CN=Monitoring Mailboxes,CN=Microsoft Exchange System Objects,DC=granikoslabs,DC=de 2017-02-10 10:18: 11488 - Info - Cleaning HealthMailboxes | Delete CN=HealthMailbox9b6666d46aa746e3848f3240e418d731,CN=Monitoring Mailboxes,CN=Microsoft Exchange System Objects,DC=granikoslabs,DC=de 2017-02-10 10:18: 11488 - Info - Cleaning HealthMailboxes | Delete CN=HealthMailboxb2bd3d4725b249bab81eeed35666de0f,CN=Monitoring Mailboxes,CN=Microsoft Exchange System Objects,DC=granikoslabs,DC=de 2017-02-10 10:18: 11488 - Info - Script finished
This script helps to create ceritifcate requests (CSR) based on hostnames used for internal and external Urls of Exchange Server virtual directories.
The script queries Exchange Server 2013+ virtual directory hostnames to create a certificate request.
The request is created using an inf file template. You can prepare multiple template files to choose from. Template files are supposed to be stored in the same folder as the PowerShell script.
The resulting inf file used to create the certificate request is stored on the same directory as the PowerShell script. The script queries for the certificate's common name (CN).
If created, the certificate request is stored in the same directory as the PowerShell script. The content of the certificate request file is the CSR to be submitted to a Certificate Authority.
Copy the following content to a text file, name it Default-Template.inf and save it to the same directory as the Create-CertificateRequest.ps1 file. Aternatively, download the template as a zipped archive file.
[Version] Signature="$Windows NT$" [NewRequest] Subject = "CN=##COMMONNAME##" Exportable = TRUE ; TRUE = Private key is exportable KeyLength = 2048 ; Valid key sizes: 1024, 2048, 4096, 8192, 16384 KeySpec = 1 ; Key Exchange – Required for encryption KeyUsage = 0xA0 ; Digital Signature, Key Encipherment MachineKeySet = True ProviderName = "Microsoft RSA SChannel Cryptographic Provider" RequestType = PKCS10 ; or CMC. HashAlgorithm = sha256 SMIME = FALSE [Strings] szOID_SUBJECT_ALT_NAME2 = "2.5.29.17" szOID_ENHANCED_KEY_USAGE = "2.5.29.37" szOID_PKIX_KP_SERVER_AUTH = "1.3.6.1.5.5.7.3.1" szOID_PKIX_KP_CLIENT_AUTH = "1.3.6.1.5.5.7.3.2" [Extensions] %szOID_SUBJECT_ALT_NAME2% = "{text}##DNSSAN##" %szOID_ENHANCED_KEY_USAGE% = "{text}%szOID_PKIX_KP_SERVER_AUTH%,%szOID_PKIX_KP_CLIENT_AUTH%"
# EXAMPLE 1 # Create a new certificate request inf file used dedicated organizational information. The common name will be determined seperately. .\Create-CertificateRequest.ps1 -ModernExchangeOnly -Country DE -State NW -City Hueckelhoven -Organisation Varuna -Department IT # EXAMPLE 2 # Create a new certificate request for Exchange 2013+ using the common name only. The common name will be determined seperately. .\Create-CertificateRequest.ps1 -ModernExchangeOnly -CreateRequest