Skip to main content


Showing posts from September, 2006

Enumerating the devices registered via ActiveSync on all mailboxes on a server via a script

There are a bunch of tools around to get information about devices that are in use via Active sync such as the ActiveSync administration tool and also this method of using the logs that was blogged about on the Exchange Team blog. But if your after another method of enumerating all the devices in all mailboxes on a server here's something that might help out. The script works by using WebDAV and the Exadmin virtual directory (which means you won’t need full rights to everybody’s mailbox to run this script just delegated Exchange administration rights). To work out what path to use the script first queries for the default recipient policy in a domain and retrieves the default SMTP address within that policy. This is used to build the path for the Exadmin virtual directory. Another ADSI query then queries for all mailboxes on a server and then feeds the name of these mailboxes into a function those queries for the ActiveSync folder within each mailbox. The script first searches the

Doing a RBL or MultiRBL check in a Powershell script

[Updated Script to work with RC2 of powershell] A couple of weeks ago I blogged this script that allowed DNS operations like MX , PTR and SPF queries from a powershell script based on a C# class from Peter Bromberg. Since then I’ve added some more functionality to the code to give the ability to look up DNS RBL lists. A lot of people use DNSBL’s as a way of fighting SPAM but every now and again you may find a legitimate server that has been blacklisted on one of the many lists around for some reason. Wikipedia has a great entry that describes what RBL’s are and how they work essentially they are just another DNS zone that you query using a normal DNS A record lookup. So for example say you want to look up the IP address to see if this is listed in the RBL list from SpamHaus you basically need to first reverse the IP address bytes to and append the name of the RBL list you want to search which in this case would be So you then do an A record loo

Doing a SMTP telnet test with a Powershell script

One of the array of diagnostic tests you may find yourself doing when you’re trying to fix a problem sending and receiving messages to a domain is to do a telnet on Port 25 to a mail server you maybe having a problem with and then trying to run though manually issuing the SMTP commands to send a message to this server so you can see what the responses are. A description of this process can be found in this KB there is also a great tool called SMTPDiag which will run this type of test and more. If you want to do the same thing from a Powershell script well your in luck because the .Net framework makes this process pretty easy. Lee Holmes posted this great script for replacing the missing Telnet on Vista. What I’ve done is rework this script so instead of being an interactive telnet script it’s a script that connects to port 25 on a mail server and then runs through issuing Mail FROM and RCPT TO commands and shows the responses back to the command-line. The script itself takes three co

Get a Quick Status of IMF perf counters with Powershell (Exchange 2003)

Sometimes a quick way to check how effective your IMF gateway SCL configuration is s to look at the IMF performance counters which tell you how many messages are being assigned certain SCL levels. This can also give you a little insight into how all those spammers are going about trying to crack the algorithms the IMF uses to determine the SCL of a message. To show the perfmon counters for IMF with powershell you can use the Win32_PerfRawData_MSExchangeUCF_MSExchangeIntelligentMessageFilter WMI class via the get-wmiobject cmdlet. The following is a very simple script that shows formatted in a table the number of message that have been received and assigned a specific SCL as well as the total number of message processed by the IMF and the total number that the Gateway action has been performed on. To run the script it takes on command line parameter which is the name of the server you wish to run it against eg C:\imfperf.ps1 servername I’ve put a downloadable copy of the code here the

Showing the Path to a public folder based on the Email address

This was another one from the mailbag this week somebody asked if it was possible to display the path to a public folder based on the SMTP address. There are a few approaches you could take for this one method is to use ADSI and WMI to do this. On exchange 2003 the Exchange_PublicFolder WMI class can be used to display a lot of information about public folders on an Exchange server (such as folder path etc). But one thing that isn’t stored is the smtp email address assigned to that folder these are stored on the AD object for that folder stored in the Microsoft Exchange System Objects container. So if you want to find the path to a folder using the WMI Exchange_Public folder class from a SMTP address you first want to use ADSI to query the Proxyaddresses AD attribute to find the AD object for that public folder. Then you can use one of two attributes to find the folder using a WMI query the first attribute you could use is the legacyExchangeDN which should correspond to the TargetAddre

Reporting on the number of Users, Contacts and Groups in a OU and sub OU’s

Somebody asked how to do this last week and I’ve had a few other question’s lately on reporting based on Sub Ou’s so I thought I’d put together a sample to show one method of doing this. The method I’ve used is to create a data-shape of all the objects with a Ou and its Sub Ou’s and then relate this information to an enumeration of the OU tree. What this script does is takes the name of the OU where you want to start the query at as a command-line parameter. It then does an ADSI query to find the distinguished name of the first OU that matches the text entered. It then does 3 separate subtree queries of all the Users, contacts and group objects that are located under the root OU. To group the information that is returned this is where the ADO datashaping provider is used. The information is then stored temporary in a multi dimensional array and then used to finally build a HTM report called “c:\temp\report.htm” which has a table that shows the OU Name, Description, Path and the numbe

Powershell DNS Utility script for querying MX, PTR and SPF records

One thing as an email administrator that I find myself doing a lot is using nslookup to track down various problems with receiving and sending email. Whether its using it to look up a MX record , or to see if someone has a reverse DNS entry or maybe look at a SPF record if I’m looking at a sender ID issue. Now while I like nslookup I do find this utility a little cumbersome and slow to use at times so I started looking into seeing if I could automate this a little with a script. Doing this from a script isn’t the easiest thing in the world Peter Bromberg and Bill Jamieson came up with a great C# class for doing DNS queries which I’ve adapted and modified to do the particular things that I wanted. Because this class uses some Win32 API functions I’ve used Jeffrey Snovers method from here to make use of these functions in Powershell. So the code is a compilation of bits and pieces from the sources above with some of my own touches. I’ve added an extra A record lookup for each of the hos
All sample scripts and source code is provided by for illustrative purposes only. All examples are untested in different environments and therefore, I cannot guarantee or imply reliability, serviceability, or function of these programs.

All code contained herein is provided to you "AS IS" without any warranties of any kind. The implied warranties of non-infringement, merchantability and fitness for a particular purpose are expressly disclaimed.