Powershell – Page 24

IMAP/POP Certificate issue after Install of Ex2013 CU3

Scenario: After the installation of Ex2013 CU3, the certificate that was assigned the POP and IMAP services became unassigned and assigned to another certificate. The error clients were receiving:

“IMAP Error: Server Certificate was rejected by the verifier because the certificate’s common name ‘mail.domain.com’ does not match the hostname ‘imap.domain.com’.

Resolution: From Ex2013 Management Shell, run the following:

1. Determine the thumbprint of the certificate that should have IMAP and POP enabled by running: Get-ExchangeCertificate

2. Then run: Enable-ExchangeCertificate -Thumbprint XXXXXXXXXX -Services POP,IMAP
3. Restart the Imap and Pop frontend and backend services.

Redistribute Exchange Databases

To redistribute Exchange databases so they are mounted on the Mailbox Server that holds the first activation preference, run the following:

1. Open up Exchange Management Shell

2. Change the directory to the Scripts folder located in the Exchange Install Directory;

Example: CD “C:Program FilesMicrosoftExchange ServerV14Scripts”

3. Run the following command:

.RedistributeActiveDatabases.ps1 -DagName <dagname> -BalanceDbsByActivationPreference –ShowFinalDatabaseDistribution –Confirm:$false

Note: To find the DagName, you can run the get-databaseavailabilitygroup powershell command to list your Dags.

Importing pst to mailbox

Scenario: Import pst into a mailbox

Note: Must have mailbox export/import permissions to be able to do this. targetrootfolder is good if you are importing multiple psts into the mailbox. This way content is not merged under existing folders.

From Powershell, type:

New-MailboxImportRequest -Mailbox newmbox -filepath serverpstfilesnewmbox.pst-BadItemLimit 50 -T
argetRootFolder “Mailbox -newmbox”

Allow this website to configure server settings

Issue: Customer gets a prompt while in Outlook saying

“Allow this website to configure user@user.edu server settings ?

https://autodiscover.domain.edu/autodiscover/autodiscover.xml. Your account was redirected to this website for settings. You should only allow settings sources you know and trust

Resolution: Click on Don’t ask me about this website again box. Click on Allow

In some cases, recreating the profile can fix the issue

Working with Recoverable Items Folder

The Recoverable Items folder (known in earlier versions of Exchange as the dumpster) exists to protect from accidental or malicious deletions and to facilitate discovery efforts commonly undertaken before or during litigation or investigations

To retrieve the following quota settings:

* RecoverableItemsQuota

◦ RecoverableItemsWarningQuota

◦ ProhibitSendQuota

◦ ProhibitSendReceiveQuota

◦ UseDatabaseQuotaDefaults

◦ RetainDeletedItemsFor

◦ UseDatabaseRetentionDefaults

use this one liner:

Get-Mailbox “testmbox” | Format-List RecoverableItemsQuota, RecoverableItemsWarningQuota, ProhibitSendQuota, ProhibitSendReceiveQuota, UseDatabaseQuotaDefaults, RetainDeletedItemsFor, UseDatabaseRetentionDefaults

2.To retrieve the current size of the Recoverable items folder:

Get-MailboxFolderStatistics “testmbox” -FolderScope RecoverableItems | Format-List Name,FolderAndSubfolderSize

please note that quota for recoverable items folder can be raised.The default is 30GB

To make sure no items are deleted from the Recoverable Items folder, increase the Recoverable Items quota. You can also increase the Recoverable Items warning quota, and set the deleted item retention period to a value higher than the current size of the user’s Recoverable Items folder. This is particularly important for preserving messages for mailboxes placed on In-Place Hold or litigation hold. It’s recommended to raise these settings to twice their current size.

3. Increase recoverable items quota

Set-Mailbox “testmbox” -RecoverableItemsQuota 80Gb -RecoverableItemsWarningQuota 80Gb -RetainDeletedItemsFor 3650 -ProhibitSendQuota 80Gb -ProhibitSendRecieveQuota 80Gb -UseDatabaseQuotaDefaults $false -UseDatabaseRetentionDefaults $false

4. This example retrieves the size of the Recoverable Items folder and its subfolders and an item count in the folder and each subfolder.

Get-MailboxFolderStatistics -Identity “Mickey Mouse” -FolderScope RecoverableItems | Format-Table Name,FolderAndSubfolderSize,ItemsInFolderAndSubfolders -Auto

Exporting Mailbox to a PST File

Exporting mailbox to a PST File

Note: Must have the “Mailbox Import Export” role assigned

From powershell, type New-MailboxExportRequest -mailbox testmbox -name -filepathservernamepstfilestestmbox.pst

This will export all folders and data in each and export it into the specified PST file. Also note that the dumpster will also be exported by default.

If you want to get additional details about the mailbox export request, you can use the Get-MailboxExportRequest or Get-MailboxExportRequestStatistics cmdlet.

if the export fails to complete, you can add -baditemlimit for eg

New-MailboxExportRequest -mailbox testmbox -name -filepathservernamepstfilestestmbox.pst -baditemlimit 50

Check the Event Viewer from PowerShell

Below are examples of checking the event viewer via PowerShell.

Running local with event id and date range

Get-WinEvent -FilterHashtable @{logname=’application’;id=4107;StartTime=”1/15/11″;EndTime=”1/17/11″}

Running on remote computer with event ID

Get-WinEvent -computername <remote computer> -FilterHashtable @{logname=’application’;id=15006}

Allow Exchange 2013 to accept remote powershell from Orchestrator

Scenario: Orchestrator was not able to connect and run Exchange powershell commands. The error received is:

Error opening remote PowerShell runspace to endpointhttp://exchangeservername/powershell: Connecting to remote server failed with the following error message : The WinRM client cannot process the request.

Resolution:

1. Make sure the Execution Policy on the Exchange Shell is set to RemoteSigned.

a. Use Get-ExecutionPolicy to see what it is.

b. Use Set-ExecutionPolicy RemoteSigned to set it.

2. Enable Basic and Windows Authentication on the Powershell IIS Site.

a. Expand: Default Web siteàPowershell.

b. Click on Authentication

c. Enable Basic and Windows Authentication.

The above steps did the trick for me, but the site below offers a few more steps.

http://systemcentertech.com/2013/08/01/configuring-exchange-for-the-orchestrator-exchange-integration-pack/

Remove stale ActiveSync Devices from Exchange 2010

Scenario: Exchange accounts have a max of 10 ActiveSync devices per account. This script will remove stale devices that are older then 180 days.

The initial report will take hrs to run. the code is listed below. This will run and export the results to a CSV file.

$DevicesToRemove = Get-ActiveSyncDevice -result unlimited | Get-ActiveSyncDeviceStatistics | where {$_.LastSuccessSync -le (Get-Date).AddDays(“-180”)}| Export-CSV C:scriptsstaleeas.csv

The code below will remove the device by pulling the list from the CSV you created above.

import-staleeas.CSV | foreach-object {Remove-ActiveSyncDevice -Identity $_.guid -confirm:$False}

Removing Messages from Shadow Queues

To remove messages from shadow queues, run this command from Exchange Powershell:

Get-Queue -Server servername | Where {$_.Identity -like “*Shadow*”} | Get-Message | Remove-message -confirm:$false

This will remove the messages from any Shadow queue without prompting you for confirmation.