BLOG.ELIEB.INFO

Monitor your Connectivity through Windows PowerShell

In this article, we'll go over a script I wrote to help you check VPN connectivity between connected sites.

The script will read the IP addresses for the different branch offices’ gateway from a .txt file and then check for connectivity by running a Ping function.

The script consists of two functions. The first one is the Ping function shown below:


function ping { 

BEGIN {}
PROCESS {
$results = gwmi -Query "SELECT * FROM Win32_PingStatus WHERE Address = '$_'"

$PingObject = New-Object PSObject 
$PingObject | Add-Member NoteProperty Server $_
$PingObject | Add-Member NoteProperty ResponseTime ($results.responsetime)
$PingObject | Add-Member NoteProperty InconsistentReply ($results.ReplyInconsistency)

if ($results.statuscode -eq 0)  {
$PingObject | Add-Member NoteProperty Responding $true
} else {
 
$PingObject | Add-Member NoteProperty Responding $false
}
 Write-Output $PingObject
}
END {} 
}

In this function, we are calling the"Win32_PingStatus" WMI class and outputting the IP address followed by the response time, the inconsistent reply data, and finally the ping status code (success or failure).

For a complete list of properties, you can check Win32_PingStatus Class on MSDN.

The second function is SendMail, which will actually send a log file as an attachment.

The function is shown below:

function SendMail  {

BEGIN {}
PROCESS {
$file = "C:\logs.txt"
$SmtpClient = new-object system.net.mail.smtpClient
$MailMessage = New-Object system.net.mail.mailmessage
$attachment = New-Object system.Net.Mail.Attachment($file) 
$SmtpClient.Host = "smtp.elieb.info"
$mailmessage.from = "user1@elieb.info "
$mailmessage.To.add("user2@elieb.info")
$mailmessage.CC.add("user3@elieb.info")
$mailmessage.Subject = “Connectivity Status availability”
$mailmessage.IsBodyHtml = 1
$MailMessage.Body = "Please find attached Connectivity status log"
$mailmessage.Attachments.Add($attachment) 
$MailMessage.Priority="High"
$smtpclient.Send($mailmessage)
}
END {} 
}

The above function will send an E-mail while attaching the file “logs.txt.” 

Now that we have both functions ready, let's use some WindowsPowerShell cmdlet to call both functions:

To keep track of history logs, we're adding the date and time each time the script will run.


get-date | Out-File -Append C:\logs.txt
Get-Content C:\servers.txt | ping | select * | sort Responding | FT -AutoSize  | Out-File -Append  C:\logs.txt
SendMail 

Once these are all set, you can save the script to a .ps1 extension file and schedule it to run at a specific custom time.

The output will look like the below figure:




Cheers!!

Posted by Elie B. at 3/31/2010 2:15 PM | Add Comment

Install Exchange 2010 with UR2 in Unattended Mode

If you are planning to install a new Microsoft Exchange Server 2010, you should probably consider installing the latest update before configuring any of the server roles.
In the below scenario, we are installing the Mailbox role, the Client Access role and the Hub Transport role along with Update Rollup 2 in unattended mode. 
The exchange installation root folder is called exch and the Update Rollup 2 is placed under C:\Exchange2010\Patches.

To install the exchange prerequisites, run "Exchange-Typical.xml" from the Scripts folder found in the installation directory.
 

After successfully installing the prerequisites, set the NetTcpPortSharing service startup type to automatic by running the below command


Now, it is time to run the setup in unattended mode.
To do that, run the following command from the exchange installation directory:

Setup.com /m:Install /r:M,C,H /OrganizationName:Name of the Organization /UpdatesDir: Updates path 



If you wish to check the different options for unattended setup, you can refer to Install Exchange 2010 in Unattended Mode

After completing the installation, you can check the product version by clicking Help-> About from the Exchange Management Console as shown below:


Cheers!!

Posted by Elie B. at 3/6/2010 6:50 PM | Add Comment

Certificates in Exchange Server 2010

Exchange Server uses Certificates to secure in the internal and external traffic. Mainly, we can differentiate three types of Certificates.
The Self-signed certificate is issued and signed by the owner hence the Exchange server.
The Private certificates are issued by private CAs, and it can be created on a Windows Server 2003 or on a Windows Server 2008.
The Public certificate are trusted by most of the operating systems, and browsers. An example of a public CA provider is VeriSign.

As a quick comparison between the above type of certificates, the self-signed certificate is the less secured to use, whereas the private certificate is trusted by the private network and doesn't impact any cost. Public CA will require additional fees each time a certificate will need to be created or renewed.

In the below article, we will focus on how to create private certificate in Exchange Server 2010.

Before proceeding with that, a small note that unlike previous versions of Exchange, the lifetime of the self-signed certificate in Exchange 2010 is now 5 years.


The first step for creating a private certificate will be to launch the New Exchange Certificate Wizard which will guide us on providing all needed information.
To identify the steps:
  • Open the Exchange Management Console and click on Server Configuration
  • Select your Client Access Server and from the Actions pane, click on "New Exchange Certificate"
  • On the introduction page, enter a friendly name for the certificate as show below, and click Next

  • On the Domain Scope, leave the checkbox empty click Next as we do not need to enable wildcard certificate
  • On the Exchange Configuration page, fill in the needed information:
    • Domain name for the Outlook Web App on the intranet and internet
    • Domain name for the Exchange ActiveSync
    • External host name for the organization
    • Domain Name for POP and IMAP
    • FQDN for the Unified Messaging server
    • FQDN for the Hub Transport Server connector
    • Domain Name for the Legacy Exchange Server 

  • On the Certificate Domains, review the list and select the default common name
  • On the Organization and Location, make sure to fill all the needed information and browse for the location where the request file will be created

  • Wait for the Completion of the Certificate and click on Finish


In the following step, we will create the certificate ".cer" file and complete the certificate pending request.
  • Open the .req from your specified location using notepad
  • Submit the Certificate request by browsing to your Certificate Authority
  • Copy the content of the .req file and paste it on the Base-64-encoded certificate request 
  • On the Certificate template, select Web Server, and click Submit

  • If you are using CA on a Windows Server 2003, you might get a Certificate Request Denied

  • In order to solve this issue, you need to download the hotfix KB922706
  • Once the hotfix is installed, click to Refresh the Submit page, or submit the request again 
  • Download the certificate file 
  • From the Exchange Management Console, highlight the private certificate, and click to complete the pending request
  • Click on Browse, select the certificate file, and click Next

  • Once the wizard shows Completion, click Finish


The final step will be to assign services to the certificate
  • Highlight the private certificate, and click Assign Services to Certificate
  • Select servers that already have the certificate

  • Check to assign the appropriate services to the certificate

  • On the Completion page, click to Finish
If you would like to check that the certificate is being applied, you can run the get-exchangecertificate from the Management Shell.

From the client side, you can make sure it is being applied on the OWA:
  • From the default browser, browse the Outlook Web App
  • On the default page, click Safety and Security report (in IE8)
  • As shown below, the new certificate is being applied to the OWA


Posted by Elie B. at 12/29/2009 1:57 PM | Add Comment

Enabling Online Archive

In the below article, we will be covering how to enable online archive for mailboxes.
Most of the steps covered can be done either through the Management Console or Management Shell.

First, you will need to create an archive mailbox for the desired mailbox.
This can be achieved either on the creation of the mailbox as shown below


or it can be done by enabling the archive from Exchange Management console 



After enabling the archive, you can check that Archive has been enabled from the Mailbox Features, also you have the option to change the name of the online archive that will appear on the user's mailbox. For our scenario, we will leave the name as it is

and YES, we're done

Now, from the client side, he will be able to check the archive mailbox either from the OWA or from the outlook 2010.
This feature is not supported for previous versions of outlook. 

If you'd like to check the archive properties for specific archive enabled users; go to your Management Shell and type:
get-mailbox -Identity MailboxName | fl *archive*
All archived properties will be displayed as shown below:

By default, archive mailbox doesn't have quota limits; but you can still set quota limit by typing:
set-mailbox -Identity MailboxName -ArchiveQuota Size
In the size property you can type 2GB for example or 2,000,000,000


As well, to set Archive Warning Quota, you can type:
set-mailbox -Identity MailboxName -ArchiveWarningQuota Size

By checking again the archive quota, we can see the new quota limits


On another note, you can set the archive warning quota from the Exchange Management Console by going to the Mailbox Settings of the desired mailbox and than to the Archive quota:




Posted by Elie B. at 12/17/2009 5:55 PM | Add Comment

MS. Exchange 2010 Update Rollup 1

Update Rollup 1 for Exchange Server 2010 fixes the issues that are described in the following Microsoft Knowledge Base articles:
977439  Exchange Server 2010 users cannot open certain attachments when they access their mailboxes by using Outlook Web App
977551  Meeting requests that are sent to a room mailbox are not processed in Exchange Server 2010
977552  Exchange RPC Client Access service crashes in the Handler.dll that is located on an Exchange 2010 Client Access service server
977553  Exchange RPC Client Access service crashes in Parser.dll on the Exchange Server 2010 CAS server
977554  The subject or body of a message that is hosted in an Exchange Server 2010 mailbox is not set as expected
977555  The message body is inaccessible when the property conversion from PR_BODY_HTML to PR_BODY fails
977556  The body text of an e-mail message is invisible after you create exceptions for a recurring appointment or for a recurring meeting by using a CDO application together with Exchange Server 2010
977557  An E_FAIL error occurs when you create an exception to a meeting request by using a CDO application for a Microsoft Exchange Server 2010 mailbox
977558  A folder name is not changed when you try to move and then rename the folder in an Exchange Server 2010 mailbox by using the CopyFolder method of the IMAPIFolder interface
977559  The location of a meeting or an appointment is not updated on an Exchange Server 2010 mailbox
977560  Update fails when you use a CDO application to update a recurrence task on Exchange Server 2010
977561  VSS backup process stops responding when you try to perform a Volume Shadow Copy Service (VSS) backup for Exchange Server 2010 databases
The above article was provided from Microsoft Support. The knowledgebase article can be found here.
To download the Exchange 2010 Update Rollup1, click here.

Posted by Elie B. at 12/10/2009 8:28 AM | Add Comment

Working with Groups using Exchange Control Panel

In this scenario, an employee named Jessy wants to self-join the IT group.
  • Log in to exchange1.elieb.info/ecp
  • Go to Groups and click Join
  • Select IT group, and click to join


OUPSS!!
By default, Exchange doesn't allow users to join any group. To change how such requests behave.
  • Log on to the Exchange control panel using domain administrator username
  • Go to Public Groups, select IT and click Details
  • Go to Membership Approval

  • Select Owner Approval and click to Save the changes
  • Go back, and log in to the Control Panel of Jessy and repeat same steps to join the IT group
An approval request will be sent to the owner of the group.
  • Log on to the administrator Control Panel
  • In the Inbox, click to Approve the Request

             

Posted by Elie B. at 12/8/2009 7:32 PM | Add Comment

How to set MailTips

To configure MailTips using the Exchange Management Shell:
  • On your Exchange Server, go to the Management Shell
  • Type Get-OrganizationConfig

The default value of MailTipsExternalRecipientsTipsEnabled is set to false, we need to switch that to true
  • Type Set-OrganizationConfig -MailTipsExternalRecipientsTipsEnabled $true
  • Type Get-OrganizationConfig and make sure that the value is switched to true as shown below
  • At the PS Prompt, type Set-DistributionGroup IT -MailTip "The IT department will be OFF this weekend, for URGENT requests, kindly contact the operations department"
  • To ensure the previous action is applied, type Get-DistributionGroup 'IT' | fl MailTip*


You can configure the MailTips from the Exchange Control Panel:
  • Go to the ECP home page, in this scenario it is https://exchange1.elieb.info/ecp
  • Log in as administrator
  • Go to Public Groups and click on IT
  • Click on Details and go to MailTip
  • Fill in the mail tip as shown below

Now, it is time to check the new mail tips on the client side when trying to send an email to the IT distribution list

Posted by Elie B. at 12/8/2009 6:27 PM | Add Comment

Working with the Active Mailbox Database

I- Check which server has the active mailbox database copy:
  • Go to Exchange Management Shell
  • At the PS Prompt, type 
             Get-MailboxDatabase -Identity ElieB*

You should get the active mailbox database for each database 


  • To check the copy status and queue lengths, run the following cmdlet
             Get-MailboxDatabaseCopyStatus -Identity ElieB*
  • Make sure that the copy queue length and replay queue length are both at zero. If this is not the case, run again the cmdlet till the values read zero as shown below


II- Move the active mailbox database copy:
  • From Exchange, go to the PS Prompt and type:
             Move-ActiveMailboxDatabase ElieB01 -ActivateOnServer Exchange1 -Confirm:$False

  • Check the active mailbox database for ElieB01:
             Get-MailboxDatabase -Identity ElieB01


III- Restore the active mailbox database copy:
  • At the PS Prompt, type:
             Move-ActiveMailboxDatabase ElieB01 -ActivateOnServer Exchange -Confirm:$False
  • Type the below to confirm the move of the database:
             Get-MailboxDatabase | FL Server, Name

  • Check the copy status and queue lengths by running:
              Get-MailboxDatabaseCopyStatus -Identity ElieB*

Posted by Elie B. at 12/6/2009 9:30 AM | Add Comment

Add Mailbox Database to the DAG

  • Open Exchange Management Console
  • Expand Microsoft Exchange On-Premises -> Organization Configuration -> Mailbox
  • Under Database Management, click the database you want to add, in this example it is ElieB01

  • Click Browse to select a Mailbox Server

  • Click OK to add the mailbox server, and than click on Finish
  • In the work pane, verify that the status of the mailbox database is Healthy
To add a mailbox db using Exchange Management Shell:
  • At the PS Prompt, type the below and press Enter:
               "Exchange" | Add-MailboxDatabaseCopy -Identity ElieB02 (ElieB02 is the name of your database)
  • Switch to the Exchange Management Console
  • In the result pane, click ElieB02
  • In the work pane, verify that the copy status of ElieB02 is healthy 

Posted by Elie B. at 12/5/2009 12:00 AM | Add Comment

Database Availability Group Creation in Exchange 2010

In this scenario, we already have in place two Exchange Mailbox servers: Exchange and Exchange1 and we already have created MailboxDatabase ElieB01 on Exchange and ElieB02 on Exchange2.

This guide will help go over the required steps which willallows you to create DAG for your organization

 

Step 1:

Go to ExchangeServer àGo to Exchange Management Shell à type the below

New-DatabaseAvailabilityGroup-Name DAG01 -WitnessServer DC -DatabaseAvailabilityGroupIPAddresses192.168.2.15  

Read the warning message. In a production environment,it is recommended to use an available server that is a member of the ExchangeServers Group. For the purpose of this lab, it is acceptable to use DC.

Tip: In order to fix the error,put the computer (DC) in the Exchange Trusted Subsystem security group and put that group in the local administrators group account


Step 2:

Now that you’ve created the DAG, you can add servers to it by typing:

Add-DatabaseAvailabilityGroupServer-Identity DAG01 -MailboxServer Exchange

Note: FailoverClustering will be installed automatically on the server when it is added tothe DAG. After the command completes successfully, verify that the ClusterService has started by using the Services management console.

Step 3:

You have the option to add Exchange1 through GUI.

A-      Open the ExchangeManagement Console à Database Availability Group à DAG01

B-     Click on ManageDatabase Availability Group Membership and click to add Exchange 1

C-     Click OK and than Next to add the DAG

Step 4:

After adding both servers, you can check the status of the DAG.

Go back to Exchange à Exchange Management Shell and type the cmdlet:

Get-DatabaseAvailabilityGroup–Identity DAG01 –Status

Step 5:

Now, you are ready to start distributing mailboxes between both Mailbox Databases

To do so using PowerShell:

A-                   Go to Exchange Management Shell and type the below:

“elie@dc1.elie.org”,“lea@dc1.elieb.org”| New-MoveRequest -TargetDatabase ElieB01

B-            To check the status of the move, type Get-MoveRequest

Step 6:

To distribute mailboxes using the GUI interface:

A-      Go to Exchange Management Console

B-     In the Navigation pane, expand MicrosoftExchange On-Premises >Recipient Configuration >Mailbox

C-     Select the mailboxes you want to move and click on New Local Move Request

 

D-    Click on Browse to choose the target mailbox database

E-     Click Next to start the process and wait for the process completion

 

Posted by Elie B. at 12/2/2009 12:00 AM | View Comments (1) | Add Comment
Older Entries
Copyright 2009. All rights reserved.