Skip to main content


Showing posts from November, 2005

Using Monad and WMI with Exchange 2003

I’ve been playing around a bit more this week with the MSH beta and decided I’d share some of the stuff you can do using the WMI functionality in Monad. To start off here’s some one-liners that can be used to get information from the Exchange 2003 WMI classes. Learning how to do things in monad is a little tricky at the moment other peoples blog’s tend to be the best source of information I worked out the one-liners using a post from Adam Barr’s blog /2005/08/monad_and_wmi.html also the following blog was really useful as well as it has a whole bunch of samples that helped when I got stuck. Display the SMTP Message Queues get-wmiobject -class Exchange_SMTPQueue -Namespace ROOT\MicrosoftExchangev2 -ComputerName servername | select-object LinkName,MessageCount,Size Display Mailbox sizes get-wmiobject -class Exchange_Mailbox -Namespace ROOT\MicrosoftExchangev2 -ComputerName servername | select-object MailboxDisplayName,To

Sending a SysLog Message using Monad

I’m a bit fan on using Syslog for monitoring and logging and after putting the new version of MSH on my machine that works with the release version of 2.0 .NET framework (make sure you uninstall any old versions of the monad beta before you install the new framework or your going to be in for some problems) I thought I’d have a go at seeing if I could use my C# code from this post in a monad script. After a little bit of translating and lot of learning I managed to get something that works. It’s about six lines so it’s nice and lean. The good part is you could throw it into a command-let and then use it as a one-liner in another script. The code itself looks like this. This sample sends a USER:Warning Priorty message $SL = New-Object System.Net.Sockets.UdpClient("", 514) $Message = "<12>date=" + [DateTime]::get_Now().tostring("yyyy-MM-dd") + ",time=" + [DateTime]::get_Now().tostring("hh:mm:ss") $Message = $Message +

Building a Better Link Monitor using WMI – Exchange 2003

Someone asked me a question last week about using the Queue class’s in Exchange 2003 and this got me thinking about link monitors. Link monitors are a little bit old terminology these days although I really used to like the old site and link monitors in Exchange 5.5 especially the visual representation. Now there are monitors on Exchange 2003 and while useful they are really lacking in being able to tell you if there actually is a problem and what that problem might be. So I decided to see if I could build a better link monitor that would one tell me when there is a problem and also let me know in the warning email what that problem might be. Eg if there are lot of messages queuing up send me a dump of what the message queues looks like and tell me what messages are in the queue. Then with any luck I can tell from the email if there really is a problem that I might need to look at or if its just a temporarily large volume of email being sent. Eg the first thing you do when you get a wa

Allowing someone to update their own Active Directory Contact details via OWA

Modifying your own user details via GALMOD or one of it derivates has been around for sometime. I wrote this little app a few years ago at the bequest of a secretary to allow users with non admin rights to modify other people’s details using a WSC Com object. A question came up last week about being able to do this in OWA via a public folder for those users that might be outside your network that may only have access to OWA though a front backend setup etc. Exchange does give you the ability in OWA to register and run your own custom forms (do a search on WSS.forms in the Exchange SDK for more details). So one way of achieving what this person asked to do was to register a custom ASP WSS form and include some ADSI to do the work of modifying the user’s account and phone details. If you’re not running Exchange on a Domain controller (which should be the case for most people bar SBS users) you have to consider delegation issues when your page is going to request the changes be made on

Show which users have been delegated an Exchange Administrator role via the ESM delegation wizard by script.

When users are delegated exchange Administrator rights via Exchange System Manager’s delegation wizard these users are assigned specific rights depending on the role that is selected in Active Directory to Exchange objects that are in the configuration partition and the Exchange System objects container in the domain partition. If you want to show which users have been delegated rights via this method its a matter of checking the Access Control Entries in one of the DACL’s associated with one of these containers. Because these are defined roles the accessmask on the ACE will be consistent depending on the role you select. So after a little trial and error the following script can be used to check and display the users that have been assigned rights via the ESM delegation wizard. This script checks the root of the Exchange configuration container in the Active directory Configuration partition Set iAdRootDSE = GetObject("LDAP://RootDSE") strNameingContext = iAdRootDSE.Get(&qu

Displaying a Public Folders Creator and Folder Contacts via WebDAV

It seems I’m on a bit of a public folder theme of late. This script came up when I was working on the public folder audit log script unfortunately it was a little wasted but its still a useful sample of how you might go about finding the creator and public folder contacts of a public folder via WebDAV (or it should also work with Exoledb) using the XML security descriptors provided though the namespace. Documentation for the XML security descriptor can be found here . Also the appendix of the documentation that comes with Pfdavadmin is also very good if you trying to decode the descriptor. Getting the Folder Creator To get the folder creator via webdav this involves doing a propfind on the property. You should then be able to parse the nt4_compatible_name from the XML that is returned to display the account that created the public folder. If you can’t get the nt4_compatible_name the

Firing an event whenever a new Public folder is created

I was talking with someone this week about an issue where they wanted to maintain the functionality that existed pre going into native mode on Exchange 2003 that would allow public folders to be mail enabled and hidden from the Address list by default. Now there are a lot of good reasons why this is no longer the default action within Exchange but there are also some reasons why you may want this to still happen on a branch of your public folder tree. An event sink might be an obvious way to go about this but because an event sink can only have a shallow match scope on the default public folder tree there not a good choice for this job unless you only want this to work on one folder and not child folders. What you can do however using the Exchange_PublicFolder WMI class is setup something that will listen for Instance creation events which will happen when a new public folder is created then check the path where the folder is being created and then if you want to have that folder mail

Displaying deleted public folder tracking information via script in Exchange 2003 sp2 – Extended Edition

Last week I posted this script that displayed the deleted public folder audit logs. At the time I was working on a extended version that would also show information about the size of the folder that was deleted and number of items, who owned it and who the folder contacts where. I’ve had a little bit of mixed success with this script I was able to do a shallow deleted traversal query using webdav to show the size and number of items of a deleted public folder based on the information in the event log. But this only worked if the parent of the deleted folder still existed. Further more when I tried to do a propfind to work out the owner and folder contacts using the xml descriptors. (even though I spent a fair bit of time coming up with some script to work out the contacts) this didn't work. It seems that you can't access the soft deleted folder item directly with a propfind but you can delete and copy them. So the final result wa

Displaying deleted public folder tracking information via script in Exchange 2003 sp2

One of the new features introduced in ex 2003 sp2 is the ability to track public folder deletes. To turn this on you need to turn diagnostic logging on the public store general category to at least medium. For more details on this see the F1 help and look for the topic “Track Public Folder Deletions”. Once this option is turned on, when someone deletes a public folder Exchange then logs an event of type 9682 into the Application log on the server which tells you which folder was deleted and by whom it was deleted. Having this information in the event log is useful but for reporting purposes and proactive management (eg tracking folders that shouldn’t have been deleted) it’s a little impractical. So what I’ve come up with is a script that queries the eventlog on a server for a specified number of days retrieves any public folder delete entries parses all the values out and creates a CSV file with the result. It also outputs the result to the command line The script itself is very simp
All sample scripts and source code is provided by for illustrative purposes only. All examples are untested in different environments and therefore, I cannot guarantee or imply reliability, serviceability, or function of these programs.

All code contained herein is provided to you "AS IS" without any warranties of any kind. The implied warranties of non-infringement, merchantability and fitness for a particular purpose are expressly disclaimed.