Wednesday, July 20, 2011

Using Autodiscover in powershell with the EWS Managed API and Exchange 2010 and hosted Orgs

When it comes to scripting Exchange autodiscover can be a great source for all types of configuration information about an Exchange mailbox and in 2010 it now returns a lot more information about a users mailbox. The EWS Managed API 1.1 provides some new objects that allows a more granular use of Autodiscover which can be helpful in different situations for example during migrations where DNS records for autodiscover may not exist or point to different server etc.

To look at one example lets take Office365 if you want to connect to mailboxes in the Exchange Online cloud using EWS but DNS isn't setup your hosted domain for autodiscover you could use the following script to discover the EWS URL to use.

$mailbox = ""
[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true }
$dllpath = "C:\Program Files\Microsoft\Exchange\Web Services\1.1\Microsoft.Exchange.WebServices.dll"
$adAutoDiscoverService = New-Object Microsoft.Exchange.WebServices.Autodiscover.AutodiscoverService([Microsoft.Exchange.WebServices.Data.ExchangeVersion]::Exchange2010);
$uri=[system.URI] ""
$adAutoDiscoverService.Url = $uri
$adAutoDiscoverService.Credentials = New-Object System.Net.NetworkCredential("username","password")
$adAutoDiscoverService.EnableScpLookup = $false;
$adAutoDiscoverService.RedirectionUrlValidationCallback = {$true};
$adAutoDiscoverService.PreAuthenticate = $true;
$UserSettings = new-object Microsoft.Exchange.WebServices.Autodiscover.UserSettingName[] 1
$UserSettings[0] = [Microsoft.Exchange.WebServices.Autodiscover.UserSettingName]::ExternalEwsUrl
$adResponse = $adAutoDiscoverService.GetUserSettings($mailbox , $UserSettings);

A few things to note about this script is first the hardcoded URL to autodiscover this means no autodiscover DNS records are needed for the email your looking up.

$uri=[system.URI] ""
$adAutoDiscoverService.Url = $uri

But as I've said the Autodiscover service isn't just not limited to retrieving URL's have a look at the usersettingname enumeration . With this you can do things such as use Alternate mailboxes to see if an online archive is configured.

$UserSettings[0] = [Microsoft.Exchange.WebServices.Autodiscover.UserSettingName]::AlternateMailboxes
$adResponse = $adAutoDiscoverService.GetUserSettings($mailbox , $UserSettings);

$adAutoDiscoverService.EnableScpLookup = $false;

Which means that the Managed API won't try an Active Directory look up of SCP records for autodiscover which can be very useful to speed up on the discovery process and help during migrations or other AD config issues.

Sunday, July 10, 2011

Running Exchange Online and Office365 Powershell cmdlets in C# and managed code

When you’re looking at automating Office365 and Exchange Online from managed code you need to be aware of the 2 sets of cmdlets that you may need to use depending on the tasks that your trying to perform. Most of the administration of ExchangeOnline is done using remote powershell where Exchange Online provides a subset of the normal on-premise Exchange 2010 SP1 cmdlets. The other cmdlet set to be aware of is the MSOnline powershell module which you need download and install The MSOnline module contains cmdlets to allow administration of the wider Office365 service and perform more of the directory/service and service provider functions more akin to Active directory management in a on premise environment (eg adding users to groups etc).

So when using this from Managed code to use Remote powershell against Exchange Online you use the standard code you would use against an on-premise Exchange 2010 deployment against the endpoint With the Office365 MSOnline module you need to load this into a runspace and then firstly use the Connect-MsolService cmdlet to connect to and authenticate against Office365. Then you execute as per normal the desired cmdlets.

Here's some sample code the first sample uses remote powershell to connect to ExchangeOnline.

System.Security.SecureString secureString = new System.Security.SecureString();
string myPassword = "password";
foreach (char c in myPassword)
PSCredential credential = new PSCredential("", secureString);
WSManConnectionInfo connectionInfo = new WSManConnectionInfo(new Uri(""), "", credential);
connectionInfo.AuthenticationMechanism = AuthenticationMechanism.Basic;
connectionInfo.SkipCACheck = true;
connectionInfo.SkipCNCheck = true;

connectionInfo.MaximumConnectionRedirectionCount = 4;
Runspace runspace = System.Management.Automation.Runspaces.RunspaceFactory.CreateRunspace(connectionInfo);
// Make a Get-Mailbox requst using the Server Argument
Command gmGetMailbox = new Command("get-mailbox");
gmGetMailbox.Parameters.Add("ResultSize", "Unlimited");
Pipeline plPileLine = runspace.CreatePipeline();
Collection RsResultsresults = plPileLine.Invoke();
Dictionary gmResults = new Dictionary();
foreach (PSObject obj in RsResultsresults)
gmResults.Add(obj.Members["WindowsEmailAddress"].Value.ToString(), obj);

This second example loads the MSOnline powershell module into a runspace

InitialSessionState iss = InitialSessionState.CreateDefault();
iss.ImportPSModule(new[] { "MSOnline" });
using (Runspace psRunSpace = RunspaceFactory.CreateRunspace(iss))
using (System.Management.Automation.PowerShell powershell = System.Management.Automation.PowerShell.Create())
powershell.Runspace = psRunSpace;
Command connect = new Command("Connect-MsolService");
System.Security.SecureString secureString = new System.Security.SecureString();
string myPassword = "password";
foreach (char c in myPassword)

connect.Parameters.Add("Credential", new PSCredential("", secureString));
Collection results = null;
Collection errors = null;
results = powershell.Invoke();
errors = powershell.Streams.Error.ReadAll();
Command getuser = new Command("Get-MsolUser");
getuser.Parameters.Add("MaxResults", 100);
results = null;
errors = null;
results = powershell.Invoke();