de-DEen-GB
 
rss

Just can't get enough of IT

This blog is about mostly anything in IT. But the primary focuses are Microsoft Technologies like Exchange, Office 365, Azure and Cloud Security.

The PowerShell script to set Client Access mailbox settings based on AD group membership has been updated.

The issue fixed had been registered as issue #1. 

The new release version is v1.1.

Download

 

 

Read More »
On January 13, 2018
0 Comment
114 Views
Last updated: 2018-01-15

Exchange Server 2013Exchange Server 2016Problem

When you migrate messages from alternative email solution (e.g. Lotus Notes) you might migrate sentitive content that must stay private in the new Exchange Server target location. 

So how can you mark such messages as private?

Solution

The privacy level (Sensitivity) of a mailbox item is controlled by MAPI extended property 0x36.

  • 0x36 = 0, sensitivity = normal
  • 0x36 = 2, sensitivity = private

The command line tool searches for messages containing a given text as a subject substring.

The c# code sets the extended property 0x36 to 2.

A mailbox is accessed using Exchange Web Services. The EWS endpoint is discovered using AutoDiscover for the selected mailbox.

The item modificatiuon is handled by the following code segment:

foreach (var extendedProperty in Message.ExtendedProperties)
{
	if (extendedProperty.PropertyDefinition == extendedPropertyDefinition)
	{
		if (log.IsInfoEnabled)
		{
			log.Info(string.Format("Try to alter the message: {0}", Message.Subject));
		}
		else
		{
			Console.WriteLine("Try to alter the message: {0}", Message.Subject);
		}

		// Set the value of the extended property to 0 (which is Sensitivity normal, 2 would be private)
		Message.ExtendedProperties[extendedPropertyindex].Value = 2;

		// Update the item on the server with the new client-side value of the target extended property
		Message.Update(ConflictResolutionMode.AlwaysOverwrite);
	}
	extendedPropertyindex++;
}

Usage

SetPrivateFlags.exe -mailbox user@domain.com -subject "[private]" 

Search the mailbox for all messages having a subject string containing [private] and ask for changing each item if -logonly is not set to true.
If -logonly is set to true only a log will be created.

 

SetPrivateFlags.exe -mailbox user@domain.com -subject "[private]" -noconfirmation

Search the mailbox for all messages having a subject string containing [private] and change all found messages without confirmation.

 

Note

It should be noted that this solution is intended for use in migration scenarios.

When providing access to mailbnox delegates you can enable access to your private elements as well. But access to shared mailboxes is not configured using the delegation workflow.

The code has been tested using Exchange Server 2013 CU15.

The program utilizes log4net to log detailed information to the file system. The configuration is controlled by the application's config file.

Updates

  • 2018-01-13: Release 1.0.0.0

Links

Any issues or feature requests? Use Github.

Like the code? Leave a note.

 

Read More »
On November 29, 2017
0 Comment
159 Views

An update to the PowerShell script (Set-ReceiveConnectorIpAddress) to add or remove remote IP address ranges to/from Exchange Server receive connectors is available.

A new parameter to provide a comment on why an IP address is added or removed has been added to the script.

# EXAMPLE 
.\Set-ReceiveConnectorIpAddress.ps1 -ConnectorName MyConnector -IpAddress 10.10.10.1 -Action Remove -ViewEntireForest $true -Comment 'Personal request of upper management'

Get the most recent version at Github

 

Read More »
On November 17, 2017
0 Comment
249 Views
Last updated: 2017-11-28

Exchange Server 2013Exchange Server 2016Description

This script adds or removes IP addresses or IP address ranges to/from existing Receive Connectors.

The input file can contain more than one IP address (range), one entry per line. The IP address parameter can be used to add a single IP address.

The script creates a new sub directory beneath the current location of the script. The script utilizes the directory as a log directory to store the current remote IP address ranges prior modification.

A log is written to the \log subfolder utilitzing the GlobalFunctions Logger object.

Requirements

  • Registered GlobalModules PowerShell module, http://scripts.granikos.eu
  • Windows Server 2016, Windows Server 2012 R2, Windows Server 2008 R2 SP1
  • Exchange ManagementShell 2013+
  • Optionally, a txt file containing new remote IP address ranges, one per line
    Example:
    192.168.1.1
    192.168.2.10-192.168.2.20
    192.168.3.0/24

 

Examples

# Example 1
# Add all IP addresses stored in D:\Scripts\ip.txt to a receive connector named RelayConnector

.\Set-ReceiveConnectorIpAddress.ps1 -ConnectorName RelayConnector -FileName D:\Scripts\ip.txt -Action Add
# Example 2
# Remove IP address 10.10.10.1 from a receive connector nameds MyConnector from all Exchange Servers in the forest

.\Set-ReceiveConnectorIpAddress.ps1 -ConnectorName MyConnector -IpAddress 10.10.10.1 -Action Remove -ViewEntireForest $true

Version History

  • 1.0, Initial community release
  • 1.1, Comment parameter added

Links

Follow

Read More »
On November 2, 2017
0 Comment
171 Views

You want to know about the right on-premises Exchange Server architecture? A blog post about this topic has been published on the ESE blog yesterday.

The right Exchange Architecture

Read the full blog post at ENow's ESE blog.

Enjoy reading.

Read More »