This script connects either to Exchange Online or to a dedicated on-premises Exchange Server to export configured mailbox delegates and SMTP forwarding configurations.
The SMTP forwarding configurations are gathered from inbox rules and from mailbox forwarding settings.
# Example 1 # Connect to the on-premises Exchange Server mx01.varunagroup.de and export delegation and SMTP forwarding information .\Get-DelegatesAndForwardingRules.ps1 -ExchangeHost mx01.varunagroup.de # Example 2 # Connect to the on-premises Exchange Server mx01.varunagroup.de, export delegation and SMTP forwarding information and get verbose information on the objects worked on .\Get-DelegatesAndForwardingRules.ps1 -ExchangeHost mx01.varunagroup.de -Verbose # Example 3 # Connect to Exchange Online and export delegation and SMTP forwarding information .\Get-DelegatesAndForwardingRules.ps1 -ExchangeOnline
Use GitHub Issues to leave comments, requests, end even bugs or issues.
The script is based on the O365-InvestigationTooling script DumpDelegatesandForwardingRules.ps1 by Brandon Koeller Find more Office 365 investigation tooling scripts at https://github.com/OfficeDev/O365-InvestigationTooling.
Sometimes you might be interested in gathering a list of all computer from an Active Directory domain in preparation for migration.
You can gather a list of all computer objects using the following command.
# Fetch a sorted list of all computer objects Get-ADComputer -Filter * -Property * | Sort-Object Name
The wildcard used with the Property parameter fetches all available attributes for a computer object. Check the available attributes in the result set to identify the attributes you are interested in.
# Example output for the first computer object gathered from Active Directory (Get-ADComputer -Filter * -Property * | Sort-Object Name)[0] AccountExpirationDate : accountExpires : 9223372036854775807 AccountLockoutTime : AccountNotDelegated : False AllowReversiblePasswordEncryption : False BadLogonCount : 0 badPasswordTime : 0 badPwdCount : 0 CannotChangePassword : False CanonicalName : DOMAIN.local/Computers/COMPUTER01 Certificates : {} CN : COMPUTER01 codePage : 0 CompoundIdentitySupported : {False} countryCode : 0 Created : 9/2/2013 3:01:13 PM createTimeStamp : 9/2/2013 3:01:13 PM Deleted : Description : DisplayName : DistinguishedName : CN=COMPUTER01,CN=Computers,DC=DOMAIN,DC=local DNSHostName : COMPUTER01.DOMAIN.local DoesNotRequirePreAuth : False dSCorePropagationData : {12/31/1600 7:00:00 PM} Enabled : True HomedirRequired : False HomePage : instanceType : 4 IPv4Address : IPv6Address : isCriticalSystemObject : False isDeleted : KerberosEncryptionType : {RC4, AES128, AES256} LastBadPasswordAttempt : LastKnownParent : lastLogoff : 0 lastLogon : 130942520427754509 LastLogonDate : 12/10/2015 3:02:53 PM lastLogonTimestamp : 130942513734007331 localPolicyFlags : 0 Location : LockedOut : False logonCount : 194 ManagedBy : MemberOf : {} MNSLogonAccount : False Modified : 12/10/2015 3:02:53 PM modifyTimeStamp : 12/10/2015 3:02:53 PM msDS-SupportedEncryptionTypes : 28 msDS-User-Account-Control-Computed : 0 Name : COMPUTER01 nTSecurityDescriptor : System.DirectoryServices.ActiveDirectorySecurity ObjectCategory : CN=Computer,CN=Schema,CN=Configuration,DC=DOMAIN,DC=local ObjectClass : computer ObjectGUID : da59afcc-e00a-430b-9cbc-01adeed568f3 objectSid : S-1-5-21-3143343262-845931634-422089675-1179 OperatingSystem : Windows 7 Professional OperatingSystemHotfix : OperatingSystemServicePack : Service Pack 1 OperatingSystemVersion : 6.1 (7601) PasswordExpired : False PasswordLastSet : 12/2/2014 7:21:09 AM PasswordNeverExpires : False PasswordNotRequired : False PrimaryGroup : CN=Domain Computers,CN=Users,DC=DOMAIN,DC=local primaryGroupID : 515 PrincipalsAllowedToDelegateToAccount : {} ProtectedFromAccidentalDeletion : False pwdLastSet : 130619964697110685 SamAccountName : COMPUTER01$ sAMAccountType : 805306369 sDRightsEffective : 15 ServiceAccount : {} servicePrincipalName : {RestrictedKrbHost/COMPUTER01, HOST/COMPUTER01, RestrictedKrbHost/COMPUTER01.DOMAIN.local, HOST/COMPUTER01.DOMAIN.local} ServicePrincipalNames : {RestrictedKrbHost/COMPUTER01, HOST/COMPUTER01, RestrictedKrbHost/COMPUTER01.DOMAIN.local, HOST/COMPUTER01.DOMAIN.local} SID : S-1-5-21-3143343262-845931634-422089675-1179 SIDHistory : {} TrustedForDelegation : False TrustedToAuthForDelegation : False UseDESKeyOnly : False userAccountControl : 4096 userCertificate : {} UserPrincipalName : uSNChanged : 1721509 uSNCreated : 45981 whenChanged : 12/10/2015 3:02:53 PM whenCreated : 9/2/2013 3:01:13 PM
As a next step, you gather the selected information and
# Fetch data for an operating system overview, sorted by property Name only Get-ADComputer -Filter * -Property * | Sort-Object Name | Select Name,OperatingSystem,OperatingSystemServicePack,OperatingSystemVersion # Fetch data for an operating system overview, sorted by property OperatingSystem first, then Name Get-ADComputer -Filter * -Property * | Sort-Object OperatingSystem,Name | Select Name,OperatingSystem,OperatingSystemServicePack,OperatingSystemVersion
You can export the gathered information to a comma separated file easily using the Export-Csv cmdlet.
# Export the gathered and sorted information to a CSV file using a semicolon as the delimiter # Adjust the file path for the CSV file to fit your environment Get-ADComputer -Filter * -Property * | Sort-Object OperatingSystem,Name | Select Name,OperatingSystem,OperatingSystemServicePack,OperatingSystemVersion | Export-Csv -Path C:\SCRIPTS\ComputerOverview.csv -NoClobber -NoTypeInformation -Delimiter ';'
Enjoy!
The PowerShell script New-RoomMailbox has been updated and release v1.2 has been published to GitHub and TechNet Gallery.
The script now creates a third mail-enabled security group to limit the set of users which are allowed to book the resource. The group itself is created (prepared) only, but not assigned to the room resource.
Additionally, the default language (locale) is configured. This prohibits the "Set locale" - dialogue when accessing the room mailbox using Outlook on the Web.
Read more here: https://www.granikos.eu/en/justcantgetenough/PostId/337/create-a-new-room-mailbox-with-security-groups
Enjoy Exchange.
This script reads the Exchange schema version from the Active Directory schema partition.
The Exchange organization name is fetched from Active Directory automatically. The script fetches at forest level:
The script fetches at domain level:
Code Samples
# Fetch all version information in the Active Directory forest .\Get-ExchangeServerVersionInfo.ps1
Sample Output:
PS D:\Scripts> .\Get-ExchangeServerVersionInfo.ps1 Exchange Server Schema and Object Information for forest [VARUNA.ROOT] Exchange Organization Name : VARUNA-GROUP Active Directory Schema rangeUpper: 15332 Working on VARUNA.ROOT MESO Container objectVersion : 13236 Exchange Configuration msExchProductId : 15.01.1466.003 Exchange Configuration objectVersion : 16213 Working on VARUNAGROUP.DE MESO Container objectVersion : 13236
Enjoy Exchange Server!
When migrating to new version of Exchange Servers you must move your internal SMTP relay endpoints. This can be a challeging tasks as application owners mostly ignore your requests for such changes.
You can use the information provided in the receive connector log files to identify remote clients (MTAs / MTUs) connecting to the legacy infrastructure. The assumption is that protocol logging is enabled. You can easily active protocol logging across all receive connector fo a single server using the following EMS PowerShell one-liner:
Get-ReceiveConnector -Server EX01 | Set-ReceiveConnector -ProtocolLoggingLevel Verbose
The scripts searches the log files for the connection's EHLO response which containes the remote name or remote IP-address of the system connecting to the receive connector.
You can either search
For more information read the readme.md file at Github.
You need to adjust the log file path to suit your IT infrastructure. A next releas will contain a more automatic solution.
# Search legacy Exchange servers SMTP receive log files for the last 4 days and save search results in a single CSV file .\Get-RemoteSmtpServers.ps1 -Servers SRV01,SRV02 -LegacyExchange -AddDays -4 -ToCsv