A few days ago, we posted blog The new Exchange 2007 Management Console overview and Recipient Management in Exchange 2007 - Overview giving an overview of the completely updated GUI management console and recipient management in Exchange 2007.
This blog post covers common recipient management scenarios in Exchange Server 2007 using Exchange Management Console ("console"), and the one-liners behind the scenes - single-line commands in Exchange Management Shell ("shell" or "EMS based on Windows PowerShell") executed to achieve the thing. Now the console exposes one-liners for each wizard after successful completion.
As detailed in the above two blogs, the console organizes the left navigation tree into four work centers. The Recipient Configuration work center node is used for recipient management. Underneath which you will see various recipient type nodes: mailbox, distribution group, mail contact, and disconnected mailbox.
Below sections illustrate console GUI walk through and one-liners for common scenarios, which are categorized into provisioning, change management, bulk management and reporting.
Mailbox
Scenario: Create a new mailbox
Mailbox types include MailboxUser, ConferenceRoomMailbox, EquipmentMailbox, SharedMailbox, LinkedMailbox and LegacyMailbox. Except mailboxes of type SharedMailbox which can be managed only in the shell and LegacyMailbox which is for interoperability with Exchange 2000/2003 and has limited management in Exchange 2007, other mailbox types can be managed through both the console GUI and shell command line.
Administrators can create a new mailbox by creating a new user and mailbox-enabling it in one step, or by mailbox-enabling an existing user. The GUI walk through below illustrates the experience of creating a new mailbox using the "New Mailbox" wizard.
GUI walk through:
Select the "New Mailbox..." option from the context menu or action pane of the Recipient Configuration node to launch the "New Mailbox" wizard.
In the wizard pages, administrators can select to create a new user and mailbox-enable it in one step, or mailbox-enable an existing user, specifying any necessary mailbox information including mailbox type during the process.
Note that in this first example you can see two great tips on using the powershell:
1) You can enter less than the full parameter name, so long as it's unique (ie - "org" parameter actually is used to specify "OrganizationalUnit" in this example)
2) Any parameters you don't enter in the commandline, but which are required for the cmdlet to complete, will be prompted for (ie - "Password" in this example).
Shell one-liners:
# Create a new mailbox-enabled user
new-Mailbox -alias testmbx -name TestMailbox -database "Mailbox Database" -org Users -UserPrincipalName testmbx@example.com
Password: <userpassword>
# Create a new resource mailbox (Conference Room or Equipment)
New-Mailbox -alias testresmbx -name TestResourceMailbox -database "Mailbox Database" -org Users <-Room | -Equipment> -UserPrincipalName testresourcembx@example.com
# Create a shared mailbox
new-Mailbox -alias testsharedmbx -name TestSharedMailbox -database "Mailbox Database" -org Users -shared -UserPrincipalName testsharedmbx@example.com
# Create a new linked mailbox
New-Mailbox -alias testlinkedmbx -name TestLinkedMailbox -database "Mailbox Database" -org Users -LinkedMasterAccount account@userdomain.com -LinkedDomainController userdomain-dc-01 -UserPrincipalName testmbx@example.com
# Mail-enable an existing user as a user mailbox
Enable-Mailbox logondisableduser -database "Mailbox Database"
# Mail-enable an existing (AD logon-disabled) user as a resource mailbox (Conference Room or Equipment)
Enable-Mailbox logondisableduser <-Room | -Equipment> -database "Mailbox Database"
#
Mail-enable an existing (AD logon-disabled) user as a linked mailbox
Enable-Mailbox logondisableduser -database "Mailbox Database" -LinkedMasterAccount account@userdomain.com -LinkedDomainController userdomain-dc-01
Note that for both of these linked mailbox examples (new and enable), it is quite likely you will also require the "-LinkedCredential" parameter to specify a credential to be used to do the lookup in the user domain.
Change Management
Administrators can move, enable/disable, remove or change mailbox settings for an existing mailbox through the console or the shell. Below section illustrates the GUI walk through and one-liners for common scenarios of change management.
Scenario: Move / Disable / Remove mailboxes
GUI walk through:
There is a context menu for each mailbox to move, disable or remove the mailbox.
Shell one-liner:
# Move an individual mailbox
Move-Mailbox testmbx -targetdatabase "Mailbox Database"
# Move all mailboxes stored on a server to a target mailbox database
Get-Mailbox -server testserver | Move-Mailbox -targetdatabase "Mailbox Database"
# Disable one individual mailbox
Disable-Mailbox testmbx
# Disable all mailboxes stored on a server
Get-Mailbox -server testserver | Disable-Mailbox
# Remove one individual mailbox-enabled user
Remove-Mailbox testmbx
# Remove all mailbox-enabled users stored on a server
Get-Mailbox -server testserver | Remove-Mailbox
Scenario: Set storage quotas on a mailbox
GUI walk through:
Shell one-liner:
# Set storage quotas
Set-Mailbox testmbx -UseDatabaseQuotaDefaults:$False -IssueWarningQuota 90MB -ProhibitSendQuota 95MB -ProhibitSendReceiveQuota 100MB
Scenario: Set delivery options on a mailbox
GUI walk through:
Shell one-liner:
# Set a mailbox to forward mail to another recipient and recipients limits
Set-Mailbox testmbx -DeliverToMailboxAndForward:$True -ForwardingAddress jaredz@example.com -RecipientLimits 10
Scenario: Add a new e-mail address to a mailbox
GUI walk through:
Shell one-liner:
$mbx = get-Mailbox testmbx;
$mbx.EmailAddresses += "newaddr@example.com";
$mbx | set-Mailbox
Note that since this mailbox in the image above is configured to "Automatically Update" based on E-mail Address Policy (recipient policy), you will not be able to modify the primary SMTP e-mail address or replace all configured e-mail addresses on the object. You can, however, add additional SMTP secondary e-mail addresses.
Scenario: Configure mailbox permissions
Permission settings are advanced user cases which are available only at the shell command line, except "Send on behalf" permission which can be granted in the console (in the Mail Flow Setting tab of the mailbox property pages).
Shell one-liner:
# Grant "Send on behalf" permission
Set-Mailbox testmbx -GrantSendOnBehalfTo jaredz
# Grant "Send-As" permission
Add-ADPermission testmbx -ExtendedRights Send-As -user jaredz
# Grant full mailbox access permission
Add-MailboxPermission testmbx -AccessRights FullAccess -user jaredz
Scenario: Enable ActiveSync, OWA, MAPI, UM, IMAP and POP features on a mailbox
ActiveSync, OWA, MAPI and UM features can be enabled/disabled and configured through the console or the shell. IMAP and POP features can be enabled/disabled in the shell command line. The GUI below indicates the location in the GUI to enable/disable and configure ActiveSync, OWA, and MAPI features. Although UM properties are available in this location, enable/disable of UM for a mailbox is available as an wizard launched from an action in the mailboxes recipient workcenter.
GUI walk through:
Shell one-liner:
set-CASMailbox testmbx -MobileSyncEnabled:$True -OWAEnabled:$True -MAPIEnabled:$True -PopEnabled:$True -ImapEnabled:$True
Enable-UMMailbox testmbx -UMMailboxPolicy testumpolicy -Extensions 12345
Scenario: Policy support for a mailbox
Policies allow administrators to apply the same settings to all recipients associated with a respective policy. There are Unified Messaging, Managed Folder, and ActiveSync mailbox policies. Recipient policies used in Exchange 2003 still exist but are now called E-mail Address Policy (and which will be covered in other blog posts rather than here). The GUI below illustrate settings the Managed Folder Mailbox policy for a mailbox.
GUI walk through:
Shell one-liner:
set-Mailbox testmbx -ManagedFolderMailboxPolicy "Inbox JunkEmail Policy" -RetentionHoldEnabled:$True -StartDateForRetentionHold "6/1/2006 2:37:06 AM" -EndDateForRetentionHold "6/2/2006 2:37:06 AM"
Bulk Management
Bulk management includes bulk provisioning, change management and reporting. Though the console is straightforward for individual object management, the shell enables powerful and flexible bulk management using one-liners.
Scenario: Bulk create mailboxes based on a CSV file
Shell one-liner:
The following one-liner creates mailboxes for all team members listed in an Avalanche.csv file, which contains NHL Avalanche team roster information with the following column format:
Pos,No,Player,Age,Ht,Wt,Born,Exp,Birth City
$password = Read-Host "Enter password" -AsSecureString
import-csv Avalanche.csv | foreach {new-mailbox -alias "avalanche$($_.No)" -Name $_.Player -password $password -database "Mailbox Database" -org Users -UserPrincipalName "avalanche$($_.No)@example.com"}
Scenario: Bulk create a number of (nn) storage groups with one message database for each storage group
Shell one-liner:
1..<nn> | foreach {new-StorageGroup SG_$_ -server <server> | new-MailboxDatabase MBDB}
Scenario: Bulk create a number of (nn) mailboxes for a mailbox database
Shell one-liner:
$password = Read-Host "Enter password" -AsSecureString
1..<nn> | foreach { new-Mailbox -alias "user$_" -name "User $_" -password $password -database "Mailbox Database" -org Users -UserPrincipalName "user$_@example.com" }
Scenario: Bulk change mailbox settings
Shell one-liner:
# Change the department name on all mailboxes
Get-Mailbox | Set-User -department "New Dept"
# Change the department name on mailboxes where the user's name contains string "jared"
Get-Mailbox *jared* | Set-User -department "New Dept"
# Change the department name on mailboxes stored on the specified database
Get-Mailbox -database "Mailbox Database" | Set-User -department "New Dept"
# Set storage quota for all mailboxes in an office (using $OfficeName variable)
$OfficeName = "Boston"
get-mailbox -filter {office -eq $OfficeName } | set-Mailbox -UseDatabaseQuotaDefaults:$false -IssueWarningQuota 800MB -ProhibitSendQuota 900MB -ProhibitSendReceiveQuota 1GB
Reporting
Scenario: Export Get-* cmdlet output to a CSV file
Shell one-liner:
# Export information of all mailboxes to a CSV file
get-mailbox | export-csv export.csv
# Export storage quota of all mailboxes in an office (using $OfficeName variable)
$OfficeName = "Boston"
get-mailbox -filter {Office -eq $OfficeName } | select name,office, *quota | sort name | export-csv export.csv
Scenario: View mailbox statistics for all mailboxes on the current server, including storage size
Shell one-liner:
get-MailboxStatistics | select DisplayName, TotalItemSize, TotalDeletedItemsize, DatabaseName | format-table