Skip to main content

EWS-FAI Module for browsing and updating Exchange Folder Associated Items from PowerShell

Folder Associated Items are hidden Items in Exchange Mailbox folders that are commonly used to hold configuration settings for various Mailbox Clients and services that use Mailboxes. Some common examples of FAI's are Categories,OWA Signatures and WorkHours there is some more detailed documentation in the https://msdn.microsoft.com/en-us/library/cc463899(v=exchg.80).aspx protocol document. In EWS these configuration items can be accessed via the UserConfiguration operation https://msdn.microsoft.com/en-us/library/office/dd899439(v=exchg.150).aspx which will give you access to either the RoamingDictionary, XMLStream or BinaryStream data properties that holds the configuration depending on what type of FAI data is being stored.

I've written a number of scripts over the years that target particular FAI's (eg this one that reads the workhours http://gsexdev.blogspot.com.au/2015/11/finding-timezone-being-used-in-mailbox.html is a good example ) but I didn't have a generic script that could allow you to browse and read the data from any FAI in a Mailbox which would be useful when you are trying to peer into FAI's when debugging or reporting on different clients and services that use these FAI's.

So what I've done for this post in publish a really basic Powershell Module to the PowerShell Gallery https://www.powershellgallery.com/packages/EWS-FAI that can do this. The script requires that you have the EWS Managed API installed and then it has two Cmdlets. The source for the module can be found on GitHub here https://github.com/gscales/Powershell-Scripts/tree/master/EWS-FAI/Module

Invoke-ListFAIItems

The cmdlet will browse and display a list of any configuration FAI Items in a Folder eg to show the Items in the Non_IPM_SubTree use


Invoke-ListFAIItems -MailboxName mailbox@domain.com -Folder Root 


it will produce an output such as


Other folders such as the Inbox and Calendar contain some of the more useful FAI's eg


A quick rundown on these

AvailiablityOptions is a newie
Calendar Contains the calendar processing information more of intrest when looking at a room mailbox
CategoryList Is the Master Cateogry List of a Mailbox (XML)
WorkHours Is the workhours setting for a Mailbox (XML)
Get-FAIItem

If you see an FAI that you want to view the contents of for example the OWA.UserOptions this the cmdlet you can use to do this


Get-FAIItem -MailboxName mailbox@domain.com -Folder Root -ConfigItemName OWA.UserOptions
eg


Because this FAI is a Roaming Directory this is what is returned to the pipeline.

If you have an FAI the contains XML like the Category list the cmdlet will return XML back to you which you may or may not be able to work with depending on your skill level in PowerShell. But if you just want to look at the Content in plain text at the cmdlet line you can do the following



Get-FAIItem -MailboxName mailbox@domain.com -Folder Calendar -ConfigItemName CategoryList | Select-Object InnerXML | FL

The other optional parameter for this cmdlet is the -ReturnConfigObject switch which will return the actual UserConfiguration Typed object from the EWS Managed API which is useful if you want to update the FAI in question or your dealing with the BinaryStream which this module doesn't handle. Eg you can use the following script to turn off the FocusedInbox in OWA for a user


$OwaOptions = Get-FAIItem -MailboxName user@domain.com -Folder Root -ConfigItemName OWA.UserOptions -ReturnConfigObject



if($OwaOptions.Dictionary.ContainsKey("IsFocusedInboxEnabled")){
 $OwaOptions.Dictionary["IsFocusedInboxEnabled"] = $false
 $OwaOptions.Update()
}
One last one because it was the topic of a recent conversation is if you want to look to see the user configuration status for the  Focused Inbox in Outlook you can use the following to read the FAI that stores this information.



Get-FAIItem -MailboxName mailbox@domain.com -Folder Inbox -ConfigItemName AccountPrefs
eg this will return something like



Labels:

Popular posts from this blog

Testing and Sending email via SMTP using Opportunistic TLS and oAuth in Office365 with PowerShell

As well as EWS and Remote PowerShell (RPS) other mail protocols POP3, IMAP and SMTP have had OAuth authentication enabled in Exchange Online (Official announcement here ). A while ago I created  this script that used Opportunistic TLS to perform a Telnet style test against a SMTP server using SMTP AUTH. Now that oAuth authentication has been enabled in office365 I've updated this script to be able to use oAuth instead of SMTP Auth to test against Office365. I've also included a function to actually send a Message. Token Acquisition  To Send a Mail using oAuth you first need to get an Access token from Azure AD there are plenty of ways of doing this in PowerShell. You could use a library like MSAL or ADAL (just google your favoured method) or use a library less approach which I've included with this script . Whatever way you do this you need to make sure that your application registration  https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-register-
Read more

How to access and restore deleted Items (Recoverable Items) in the Exchange Online Mailbox dumpster with the Microsoft Graph API and PowerShell

As the information on how to do this would cover multiple posts, I've bound this into a series of mini post docs in my GitHub Repo to try and make this subject a little easier to understand and hopefully navigate for most people.   The Binder index is  https://gscales.github.io/Graph-Powershell-101-Binder/   The topics covered are How you can access the Recoverable Items Folders (and get the size of these folders)  How you can access and search for items in the Deletions and Purges Folders and also how you can Export an item to an Eml from that folder How you can Restore a Deleted Item back to the folder it was deleted from (using the Last Active Parent FolderId) and the sample script is located  https://github.com/gscales/Powershell-Scripts/blob/master/Graph101/Dumpster.ps1
Read more

Using the MSAL (Microsoft Authentication Library) in EWS with Office365

Last July Microsoft announced here they would be disabling basic authentication in EWS on October 13 2020 which is now a little over a year away. Given the amount of time that has passed since the announcement any line of business applications or third party applications that you use that had been using Basic authentication should have been modified or upgraded to support using oAuth. If this isn't the case the time to take action is now. When you need to migrate a .NET app or script you have using EWS and basic Authentication you have two Authentication libraries you can choose from ADAL - Azure AD Authentication Library (uses the v1 Azure AD Endpoint) MSAL - Microsoft Authentication Library (uses the v2 Microsoft Identity Platform Endpoint) the most common library you will come across in use is the ADAL libraries because its been around the longest, has good support across a number of languages and allows complex authentications scenarios with support for SAML etc. The
Read more
All sample scripts and source code is provided by for illustrative purposes only. All examples are untested in different environments and therefore, I cannot guarantee or imply reliability, serviceability, or function of these programs.

All code contained herein is provided to you "AS IS" without any warranties of any kind. The implied warranties of non-infringement, merchantability and fitness for a particular purpose are expressly disclaimed.