Category: Powershell

“Can’t remove the access control entry on the object “CN=TestUser,DC=xyz,DC=com” for account “xyzsteve” because the ACE doesn’t exist on the object.”

Scenario:  You are attempting to remove the full access permission on a mailbox by running the remove-mailboxpermission command:

remove-mailboxpermission TestUser -user steve -accessrights Fullaccess -confirm:$False

But you are receiving this error :

Warning= “Can’t remove the access control entry on the object “CN=TestUser,DC=xyz,DC=com” for account “xyzsteve” because the ACE doesn’t exist on the object.”

Clearly the permission exists when you check with the get-mailboxpermission.

 

Solution:  Append the -deny:$True to the end of the powershell command and try it again.

remove-mailboxpermission TestUser -user steve -accessrights Fullaccess -confirm:$False -deny:$True

Get-ADUser to find Exchange Mailboxes

Scenario:  You want to use Get-ADUser to find all Exchange mailboxes in your environment.

Scriptlet:   Running the following will provide you with the detail:

#First, lets store some results into $1 for every mailbox
$1 = Get-ADUser -filter {HomeMDB -ne ‘$null’} -Properties MailNickName, HomeMDB, DisplayName| Select MailNickName, HomeMDB, DisplayName

 

#Now its time to play with your data

#Grab a count of mailboxes Excluding the HealthMailboxes
($1 | Where MailNickName -notlike “HealthMailbox*”).Count

#Grab a count of mailboxes per DB Excluding the HealthMailboxes
$1 | Where MailNickName -notlike “Healthmailbox*” | Group HomeMDB | Sort Name

#Filter mailboxes on a specific database
$1 | Where HomeMDB -like “CN=DB01*”

 

Get a list of all users that have a target address of a specific domain

Scenario:  You wish to see how many remote mailboxes have the correct email domain configured for their remote routing address (TargetAddress).  You want to perform a AD PowerShell query for speed.

Scriptlet:

Get-ADuser -filter {TargetAddress -like “*.mail.onmicrosoft.com”} | Select Name, TargetAddress

OR you just want a count:

(Get-ADuser -filter {TargetAddress -like “*.mail.onmicrosoft.com”} | Select Name, TargetAddress).count

Check MountPoints for Database

Scenario:  You use mountpoints in your Exchange organization and you want to check for specific disk information for your mountpoints by database name.   Note: The label of the mountpoint reflects the database name.

Script:

 

#Enter the DB Variable
$Db = "DB01"
#Script
$Servers = Get-mailboxdatabasecopystatus $DB | Select -ExpandProperty MailboxServer
$1 = @()
$Servers | %{
    "Checking on $_ for $Db"
    $1+= Invoke-Command -Computer $_ -argumentlist $db -ScriptBlock {Get-WmiObject win32_volume | Where label -like $args[0] | Select Name, Label, FreeSpace, FileSystem, SerialNumber}
}
#ViewResults
$1

 

User PowerShell to send a test email that allows you to insert custom header information

Scenario:  You want to test the ability to send a test email that includes custom header information within the message.  You plan on using this custom header information to perform a logical action based off the header value.

Scriptlet:

[string[]] $To = "steve@domain.com","chris@domain.com”
[string] $Subject = "Testing for custom header info"
[string] $Body = "testing 123 "
[string] $SmtpHost = "smtp.domain.com"
[string] $From = steve@domain.com
$email = New-Object System.Net.Mail.MailMessage
foreach($mailTo in $to)
{
    $email.To.Add($mailTo)
}
$email.From = $from
$email.Subject = $subject
$email.Body = [string]::Format("{0}",$body);
$email.Headers.Add("X-Test", "true");
$email.Headers.Add("X-Test2", "false");
## Send the mail
$client = New-Object System.Net.Mail.SmtpClient $smtpHost
$client.UseDefaultCredentials = $true
$client.Send($email)

Cleanup Mobile Devices older than 180 Days

Scenario:  You want a script that will remove all mobile devices older than 180 days.  You also want to report the CAS Mailboxes that have a mobile device partnership and the list of mobile devices removed.

Scriptlets:

Here are the commands broken down by output type:

#Collect CasMailboxes with Mobile Devices
$cas = Get-CASMailbox -ResultSize unlimited –Filter {(HasActiveSyncDevicePartnership -eq $true)} | Select -expandproperty Identity

#Export a List of Cas Mailboxes
$cas | Sort | Export-csv C:tempCASmailbox.csv 

#Collect devices older than 180 days old
$device = @()
$cas | sort | %{
"Checking $_" 
$device += Get-MobileDeviceStatistics -Mailbox $_ | Where-Object {$_.LastSuccessSync -le ((Get-Date).AddDays(“-180”))} 
}

#Export-csv Stale Devices
$Device | Export-csv C:tempStaleDevices.csv

#Remove Mobile Devices
$Device | Remove-mobiledevice -confirm:$false

 

 

 

 

 

 

Outlook’s Autodiscover Redirect Limit – Hybrid Autodiscover Breaking for Exchange Online Mailboxes / Remote On-Premises Mailboxes

Scenario:  After introducing additional Exchange On-Premises servers, we noticed that Autodiscover stopped working for our Exchange Online Hybrid mailboxes that were on computers internal to the domain. Using the ‘Test E-mail AutoConfiguration’ feature in Outlook, it would fail after the SCP/DNS autodiscover lookup.

Reason:  Outlook has an Autodiscover Redirect limit of 8-10 responses.  Being we had more than 10 servers in our Exchange Infrastructure, once it hit the response limit from each SCP lookup for each server, it would then fail all redirects thereafter. You do not need 100 SCP Failures if its going to fail after the first 10 servers.

Solution:  You can reduce the number of SCP lookup’s by performing any of the following.

  1. Set the AutoDiscoverSiteScope value on each Exchange server so it only serves requests for each  AD Site via the following command:  Set-ClientAccessServer ExSrv1 -autodiscoversitescope NewYork   (Or a combination NewYork,Baltimore,Tampa)
  2. Set the AutoDiscoverSiteScope to $null so it does not participate in SCP lookups via the following command: Set-ClientAccessServer ExSrv1 -AutodiscoverSiteScope $null
  3. Set the AutoDiscoverServiceInternalURI to $null so it does not participate in SCP lookups via the following command: Set-ClientAccessServer ExSrv1 -AutodiscoverServiceInternalURI $null

 

Integrating Exchange 2016 Outlook on the Web with Skype/Lync

Scenario:  You want to Integrate Exchange 2016 Outlook on the Web with Skype/Lync.  Run the following:

Script:

Gather the following Variables:

#Variables
$Name = "Skype IM Override"  #Must be Unique
$Pool = "skype.domain.com" #Skype/Lync name
$Cert = "575DEE6AB4F7842A0032FEC45CE5021769A997DE" #Thumbprint of cert with IIS settings assigned to it 
$Override = "Configure IM"

Run the following to configure the integration and check your work:

#Add the Setting Override
New-SettingOverride -Name $Name  -Component OwaServer -Section IMSettings -Parameters @("IMServerName=$Pool","IMCertificateThumbprint=$cert") -Reason $override


#Refresh the IM Settings on the Exchange server 
Get-ExchangeDiagnosticInfo -Server esgmtwex16-1 -Process Microsoft.Exchange.Directory.TopologyService -Component VariantConfiguration -Argument Refresh

#Make sure OWAVirtualDirectory is set properly
get-clientaccessserve Exch* | Get-owavirtualdirectory | Set-owavirtualdirectory -instantmessagingtype OCS


#View the Diagnostic Info to confirm the correct settings
[xml]$diag=Get-ExchangeDiagnosticInfo -Server <ServerName> -Process MSExchangeMailboxAssistants -Component VariantConfiguration -Argument "Config,Component=OwaServer"; $diag.Diagnostics.Components.VariantConfiguration.Configuration.OwaServer.IMSettings

#Restart the WebAppPool Restart-WebAppPool MSExchangeOWAAppPool

 

 

 

PowerShell Script: Combine the Alias and Mailbox Size into a variable and export to a file.

Scenario:  You want a script that will combine the Alias from the get-mailbox command and the Mailbox Size (TotalItemSize and TotalDeletedItemSize) from the get-mailboxstatistics command into a single array variable.  You want to export the Results to a .csv file as well.

Script:

$db = get-mailboxdatabase 
$final = @()
$file = "C:tempAlias_Size.csv"

$db | Select -expandproperty Name | Sort | %{
    Write-Host "DBName:  $_ " -ForegroundColor Cyan
    $mbx = Get-mailbox -database $_ -resultsize unlimited
    $mbx | Select -expandpropert alias | Sort | %{
        Write-Host ".......... Pulling Stats for $_" -ForegroundColor Yellow
        $alias = $_
        $size = Get-mailboxstatistics $alias | Select TotalItemSize,TotalDeletedItemSize
        $TIS = $size.TotalItemSize
        $TDIS  = $size.TotalDeletedItemSize
        $ServerObj = New-Object PSObject
        $ServerObj | Add-member NoteProperty -Name "Alias" -Value $alias
        $ServerObj | Add-Member NoteProperty -name "TIS" -Value $TIS
        $ServerObj | Add-Member NoteProperty -name "TDIS" -Value $TDIS
        $final += $ServerObj
    }
}
$final | Export-csv $file -append

 

Scheduled Task doesn’t allow powershell script to convert/save XLSX file to a CSV file

Scenario:  You have a PowerShell script running that will convert an .XLSX document into a .CSV Document.  When you run it natively in PowerShell, the script works fine and the document converts.  When you attempt to run it in Task Scheduler, it doesn’t convert and  create the new document.

Solution:  Create a Desktop folder in the following two directories and run the scheduled task again.:

  1. C:WindowsSysWOW64configsystemprofile
    C:WindowsSystem32configsystemprofile