Skip to main content


Showing posts from 2009

Using ADSI to find your CAS or Mailbox Role servers in VBS or PowerShell

While the Exchange Management Shell is a thing of wonder its not always available when your writing a script or piece of real code and you need to do something like finding your Exchange 2007/2010 CAS or Mailbox role servers. The good news is like most of the Exchange configuration information this is stored in Active directory and can be relatively easily queried using LDAP and ADSI. The AD property that holds this information about what particular roles are installed on a Exchange server is the msExchCurrentServerRoles property. This property contain a number of bitwise flags that indicate which roles are installed as per . Server role Role value Mailbox role 2 Client Access role (CAS) 4 Unified Messaging role 16 Hub Transport role 32 Edge Transport role 64 So to query these in ADSI we need to use a Bitwise filter as per http://support.micros

Changing OWA configuration setting with EWS in Exchange 2010

The ability to change and customise the default configuration of OWA is an often sort out and in previous versions of Exchange hard to achieve task. Especially for those with Large Exchange Orgs and standardised training or custom security requirements where the default settings come into conflict with other policies. Underlying a lot of OWA configuration settings are stored in FAI items (folder associated items) in a users mailbox using the Configuration Information Protocol Specification documented in . Along with the ability to access FAI items which was previously not possible in Exchange 2007 using EWS, Exchange 2010 also introduces a new UserConfiguration Operation in EWS that provides some Typed objects the makes dealing with configuration objects a lot easier and safer for those that wish to do so. ( I still wouldn't guarantee the support response you would get if you do use these Operations and stuff your Exch

Using Contact photo's in EWS in Exchange 2010

Contact photo's where a feature first introduced in Outlook 2003 but up until the release on Exchange 2010 not something you could use in EWS. This should not be confused with another new feature in Exchange 2010 which is the ability to upload a picture to the Gal (or the directory to be more precise) if your interested in finding out more about that check out Ilse post . So the Contact photo's I'm talking about are those that are associated with contact Items in your mailbox. About 4 years ago i posted this script (which was rubbish) for doing this with CDO 1.2 importantly in the heady stile of 2005 i pointed out that when using contact photos you need to set some extended properties on the attachment. Now while you still can't do this with EWS :( in 2010 they have added the ability to set the properties of a contact photo(just wish they hadn't stopped there). Further the EWS Managed API actually makes the process of adding a contact photo quite easy. So a very s

Basic Powershell script to show appointments from a calendar using the EWS Managed API

One of the more common tasks you might turn to use one of the Exchange API's for is to enumerate appointments in one or more users calendars. This can be useful for a number of reasons and applications and scripts, the EWS Managed API makes getting calendar appointment pretty easy using a script once you understand a few of the fundamentals around how calendar appointment's are stored. Appointments unlike messages are more complex objects eg where an email would only represent one object in a folder an appointment if its recurring or a recurring exception or a deleted occurrence could represent one more calendar appointments. So its important not just to do a finditems query like you would with Email messages as this will return just the base instances of each appointment object. What you should do when querying for calendar appointments is its important to use a CalendarView, what this means is that when you query for appointments you specify a date range (start and end) f

Changing what OutlookAnywhere proxy a pc is using remotely via a script

During the course of migrating from one version of Exchange to the another version of Exchange or just moving between servers you might come across the need to shift some of your OultookAnywhere users who are proxying through one CAS server to another without taking the existing CAS server offline and letting autodiscover sort it out. Well i did so here's how you can do it First of all this script only works if you can connect to the target pc via WMI remotly and access the registry. If this is all good here's what the script needs to do . First things first is you need to work out the machine name of the PC you want to connect to and the username of the user you want to move. Eg Get-Logonstatitics | select Username,ClientIpAddress should provide that (you may have to use the IISlog files to workout if they are using OutlookAnywhere). Now we have the hostname orIpAddress of the machine we want to target we now need to work out the SID of the user. Why you ask well where going t

Reporting on Outlook Anywhere users from the IIS logs using Powershell

Logs files are great things but as with a lot of things the hidden value of these resources is often hard to see at there face value. I had a very simple problem this week where i needed to know which users where using Outlook Anywhere and what their IPAddress where. For this the IIS logs could more then provide an answer for this but these log files and get quite large and contain a mix of different information not just Outlook http/rpc traffic. One of the main challenges you have when looking at IIS logs files is that depending on who enabled logging the Fields and the order they are being logged in may differ. So a parser/script you write to work against one set of logs might not work against another server. To solve this problem is quite simple when a log file is created at the top of the log file on line 4 is written the field format for the file. So if you first read this line parse it into a Hashtable and index it by the fieldname we then know what the index array value will be

Moving Items into their own folder by a date range using the EWS Managed API and Powershell (attempting to reduce mailbox clutter)

Most people these days are on track to endless mailbox clutter based on an exponentially increasing number of email items that arrive every day. Also Shared mailboxes can soon become an administrative nightmare if mailbox content isn’t actively maintained and archived. One small way of trying to claw back some of this affect is to write a script that can organize messages into their own folder based on certain parameters. In Exchange 2007 (and now 2010) you can use the EWS Managed API to do this reasonably easy. You just need to split this up into some easy chunks of functionality that you can logically splice together. The first chunk is some code that will find the objects in question that you want to move in the EWS Managed API this involves setting up an appropriate search filter. Because I want to use a date range this means I need two search criteria meaning you have to use a searchfiltercollection with an AND logical operator. Sounds a little complicated but not really first we

Exchange 2007 Folder Audit Log Powershell Gui Version 1.0

One of the cool things about new features when they are introduced in Service packs is it gives us all a lot more ways of seeing whats happening day to day within our Email environments and hopefully gives us some windows into miss and poor configuration problems. The folder access audit logs are cool but buried in the windows event logs can be hard to use to gain the clarity that might be useful. The good thing is with a little bit of powershell, a bit of imagination and some time you can bash together something usefull that will extract that information from the logs, parse (or if your using 2008 xpath). Then group that information into a more usable form and present it back into a Winform so you can interact with it. I've put together actually two scripts to do this the main difference between these scripts is the method they use to access the log. The first script uses WMI to access the Exchange Audit logs (a couple of weeks okay i said this wouldn't work which i was comple

Showing information about a Exchange 2003 user in Powershell

Haven't posted any 2003 scripts for a while so here's one that might be useful especially if your looking at doing a bit of documentation before a migration. There are a few tricks when your using ADSI scripts to get information eg if you want to get the OU check the parent object of the userObject. Or if you want to get the Storage Group use the Parent of the MailStore object. If you want to work out quotas check both the mailstore and the user object. To put this all together into a script that takes the username as a parameter it looks like this I've put a download of this code here . param([String] $samaccountname) $root = [ADSI]'LDAP://RootDSE' $dfDefaultRootPath = "LDAP://" + $root.DefaultNamingContext.tostring() $dfRoot = [ADSI]$dfDefaultRootPath $gfGALQueryFilter = "(&(&(&(& (mailnickname=*)(objectCategory=person)(objectClass=user)(samaccountname=" + $samaccountname + ")))))" $dfsearcher = new-object System.Dire

Getting the Exchange Auditing event logs programmatically

With the release of Exchange 2007 SP2 some great new auditing options are now possible to let you see how and when rights are being used within your exchange environment. More importantly in a serious situation you could use these features to provide some forensic auditing of what was being accessed in your exchange store when some suspicious activity may have happened. The first place to start if your looking at auditing in Exchange 2007 SP2 is to read the very detailed white paper that has been published . In this post I'm going to look at the options for reading the new Exchange Auditing event logs where folder access information is written. The Exchange Auditing logs themselves if your using Windows 2008 use the new evtx event log framework and are stored under the Application and Services Logs group With the new .net 3.5 System.Diagnostics.Eventing.Reader class now allows you to easily parse back the information store

Connections Online Exchange Powershell Talk

For those of you who have ever wished to see what it takes to build some of the more advanced scripts that i post on this blog as part of the Connections Online conference I put together the following talk,5789-3.aspx . While i cant promise that this will teach you to be a guru in 60 minutes hopefully it may present a few different idea's and methods you may not have considered before and allow you to bash out a few more of your own scripts. There are also a lot of great videos on various aspects of Exchange posted by other Exchange MVP's that are defiantly worth checking out,390.aspx

Changes to SearchFilters in the EWS Managed API RC

With the recent release of the RC for the EWS Managed API there was one change that affected a lot of the scripts i've posted on this blog. While i will update them all in time if you have created any scripts of your own based on these you will need to look at making the following changes to allows your scripts to function correctly when you update to the RC of the Managed API. The change was In a FindItems call, the search filter now has to be passed as a parameter to FindItems, as opposed to being a property of ItemView So to put that in a powershell sample where before the search filter was a property of the view object you now need to create a seperate searchfilter object and the pass this as a parameter of the finditems overload. eg $Sf = new-object Microsoft.Exchange.WebServices.Data.SearchFilter+IsEqualTo([Microsoft.Exchange.WebServices.Data.EmailMessageSchema]::IsRead, $false) $view = New-Object Microsoft.Exchange.WebServices.Data.ItemView(1) $findResults = $service.FindIte

Setting the Out of Office (OOF) with powershell and the EWS Managed API

Along with the RC of Exchange 2010 this week the RC of the EWS Managed API made its debut. There are a number of changes some of which break a few of the scripts i've posted here there is full list of the changes on . But the good thing is now OOF and Freebusy work and the DNS lookup for autodisover is another major improvement. Setting the OOF is pretty easy with the API lets look at a few examples as before you first need to create a Service object and authenticate if you haven't used the EWS Managed API in Powershell before see this post as a primer. To use this OOF code you first need to download and install the RC version of the ManagedAPI from here . So lets take it as read we have our $service object now to get the Offsettings its just one call with the email address of the Account you want to pull the settings for. $oofSetting = $service.GetUserOofSetting

Phone List AD GAL update utility – An alternate to bulk imports

If you have been administrating mail systems for a while (and then some) then you have probably had to do a bulk update or two of one or more AD properties like phone numbers and address information. Depending on the time you have and your skill at building scripts you may have had some good and not so good experiences at this. The frustrating thing can be a script you build for one problem maybe be completely useless for the next and you may find yourself again spending time you don’t have building another script. Well because I’ve had to do this one too many times I came up with the following little script that allows dynamic matching of columns in a CSV file to import data into Active Directory. The other thing this script does is actually checks the current value within AD as not to update an already existing property and it’s a latched script so doesn’t allow you to update anything without clicking yes. The later could get frustrating but it’s a lot less frustrating then trying to

Twitter your Exchange Calendar reminders using Powershell and the EWS Managed API

As twitter is now more a part of the everyday rather than a flash in the pan it does give some new options for solving those time old problems the annoy us all. One of these is missing your meeting reminders or making sure your team or company don’t forget about any important calendar events if you have a company calendar or mailbox. Exchange and Outlook have always had a good functionality for tracking and setting reminders but human nature has something to do with us ignoring or not receiving them. So how can scripting and a little EWS code solve this well it first has to start with a query of the calendar where the appointments you want to search against are located. Because reminders can be set for 2 weeks before an appointment you need to query for appointments during this time frame. Then filter anything thats set to private and you have some appointments that might have reminders you need to twitter. But before this you first need to use a little maths x = minutesbeforeappointm

Setting single line view in OWA for a folder via Powershell using the EWS Managed API

Early this year i posted a script for turning the reading pain off and on in OWA 2007 using some EWS proxy code in powershell. The same thing can also be done using the EWS Managed API as well as other properties in OWA like the single line view which someone asked about this week. So here is a script that can be used for setting both of these values. Single Line View property, Like the reading pain this OWA setting in controlled by a property that is set on each folder To use this in Powershell in the EWS Managed API you need to define a Extended Property using the Public Strings PropertySet eg $wcmultiline = New-Object Microsoft.Exchange.WebServices.Data.ExtendedPropertyDefinition([Microsoft.Exchange.WebServices.Data.DefaultExtendedPropertySet]::PublicStrings," ", [Microsoft.Exchange.WebServices.Data.MapiPropertyType]::Boolean); 1 = True mean multiline view is On (Default) 0

Creating Sticky Notes in the EWS Managed API from Powershell

I’m a big user of sticky notes in Outlook and I’m always finding different ways to have fun with them. The EWS Managed API makes creating them relatively simply from powershell as long as you have got a handle on the extended properties that are being used to control the Sticky Notes as well the method of creating objects with different Item class in EWS. Because there are no specific objects within EWS Managed API to help create Sticky notes you need to use a EmailMessage object and change the ItemClass to “IPM.StickyNote”. You also need to set a number of Extended property which control the color and size of the sticknote object. The following sample creates a sticky note in the currently logged on users mailbox I’ve put a download of the code here the code itself looks like $dllpath = "C:\Program Files\Microsoft\Exchange\Web Services\1.0\Microsoft.Exchange.WebServices.dll" [void][Reflection.Assembly]::LoadFile($dllpath) $service = New-Object Microsoft.Exchange.WebService

Simple Exchange Email client for Powershell using the EWS Managed API

** Updated download to fix issue with 2010 SP1, self signed certs and search *** One thing that is useful now and again when you are testing different problems and configurations on Exchange is to have a Mail client that isn’t Outlook or OWA. Back in the days there used to be a Simple Mapi client called the Exchange client which disappeared after 5.0. While this isn’t a attempt to replace it or to be an end user mail client at all it’s a great little test bench script that allows you to get in and look at mailbox and the items in that mailbox, Download attachments,export single emails, look at Message headers, search for emails and if there is any particular problem you want to tackle in regards to certain properties it’s something that can be very easily adapted to fit an specific problem. How it works This script presents a Winform GUI that allows you to interact with a mailbox and present it into a displayable view back to a user. Okay I could go on like this all day (seriously!!) t
All sample scripts and source code is provided by for illustrative purposes only. All examples are untested in different environments and therefore, I cannot guarantee or imply reliability, serviceability, or function of these programs.

All code contained herein is provided to you "AS IS" without any warranties of any kind. The implied warranties of non-infringement, merchantability and fitness for a particular purpose are expressly disclaimed.