WIXLIB

Table of ContentsMessage tracking logsWorking with messages in transport queuesSearching anti-spam agent logsImplementing a header firewall260264269273Chapter 9: High Availability275Chapter 10: Exchange Security303Chapter 11: Compliance and Audit Logging331IntroductionBuilding a Windows NLB cluster for CAS serversCreating a Database Availability GroupAdding mailbox servers to a DatabaseAvailability GroupConfiguring Database Availability Group network settingsAdding mailbox copies to a DatabaseAvailability GroupActivating mailbox database copiesWorking with lagged database copiesReseeding a database copyPerforming maintenance on DatabaseAvailability Group membersReporting on database status, redundancy, and replicationIntroductionGranting users full access permissions to mailboxesFinding users with full access to mailboxesSending e-mail messages as another user or groupWorking with Role Based AccessControl (RBAC)Creating a custom RBAC role for administratorsCreating a custom RBAC role for end usersTroubleshooting Role Based Access ControlGenerating a certificate requestInstalling certificates and enabling servicesImporting certificates on multiple exchange serversIntroductionManaging archive mailboxesConfiguring archive mailbox quotasCreating retention tags and policiesApplying retention policies to mailboxesPlacing mailboxes on retention holdPerforming a discovery 9341342

Table of ContentsPlacing mailboxes on litigation holdEnabling mailbox audit loggingGenerating mailbox audit log reportsConfiguring Administrator Audit LoggingSearching administrator audit logsChapter 12: Server Monitoring and TroubleshootingIntroductionManaging and monitoring servicesVerifying server connectivityWorking with the event logsReporting on disk usageChecking CPU utilizationMonitoring memory utilizationReporting on Exchange Server uptimeTroubleshooting the Mailbox roleTroubleshooting the Client AccessServer roleTroubleshooting Transport serversVerifying certificate 0381381383384Chapter 13: Scripting with the Exchange Web Services Managed API 389IntroductionGetting connected to EWSSending e-mail messages with EWSWorking with impersonationSearching mailboxesRetrieving the headers of an e-mail messageDeleting e-mail items from a mailboxCreating calendar itemsExporting attachments from a mailboxExchange Management Shell referenceAdvanced Query SyntaxAppendix AAppendix BIndex389391393397400405409413418423437423437443

PrefaceThe book is full of immediately-usable task-based recipes for managing and maintainingyour Microsoft Exchange 2010 environment with Windows PowerShell 2.0 and the ExchangeManagement Shell. The focus of this book is to show you how to automate routine tasksand solve common problems. While the Exchange Management Shell provides hundredsof cmdlets, we will not cover every single one of them individually. Instead, we'll focus oncommon, real-world scenarios. You'll be able to use these recipes right away, allowing you toget the job done quickly, and the techniques that you'll learn will allow you to write your ownamazing one-liners and scripts with ease.What this book coversChapter 1, PowerShell Key Concepts, introduces several PowerShell core concepts such ascommand syntax and parameters, working with the pipeline, and flow control with loops andconditional logic. The topics covered in this chapter lay the foundation for the code samples inthe following chapters.Chapter 2, Exchange Management Shell Common Tasks, covers day-to-day tasks and generaltechniques for managing Exchange from the command line. Topics include configuring manualremote shell connections, exporting reports to external files, sending e-mail messages fromscripts, and scheduling scripts to run with the Task Scheduler.Chapter 3, Managing Recipients, demonstrates some of the most common recipient-relatedmanagement tasks, such as creating mailboxes, distribution groups, and contacts. You'll alsolearn how to manage server side inbox rules, Out of Office settings, and import user photosinto Active Directory.Chapter 4, Managing Mailboxes, shows how to perform various mailbox management tasksthat include moving mailboxes, importing and exporting mailbox data, and detecting andrepairing corrupt mailboxes. In addition, you'll learn how to delete and restore items from amailbox and generate some basic reports.

PrefaceChapter 5, Distribution Groups and Address Lists, takes you deeper into distribution groupmanagement. Topics include distribution group reporting, distribution group naming policies,and allowing end users to manage distribution group membership. You'll also learn how tocreate Address Lists and Hierarchal Address Books.Chapter 6, Mailbox and Public Folder Databases, shows how to set database settings andlimits and configure Public Folder replication. Report generation for mailbox database size,average mailbox size per database, and backup status are also covered in this chapter.Chapter 7, Managing Client Access, introduces the concept of Client Access Arrays and coversthe creation and configuration of this key component in Exchange 2010. We'll also take a lookat controlling connections from various clients, including ActiveSync devices.Chapter 8, Managing Transport Servers, explains various methods used to control mail flowwithin your Exchange organization. You'll learn how to create send and receive connectors,allow application servers to relay mail, and manage transport queues.Chapter 9, High Availability, covers the implementation and management tasks related toDatabase Availability Groups (DAGs). Topics include creating DAGs, adding mailbox databasecopies, and performing maintenance on DAG members.Chapter 10, Exchange Security, introduces the new Role Based Access Control (RBAC)permissions model. You'll learn how to create custom RBAC roles for administrators and endusers, and also how to manage mailbox permissions and implement SSL certificates.Chapter 11, Compliance and Audit Logging, covers the new compliance and auditing featuresincluded in Exchange 2010. Archive mailboxes and Discovery Search are covered here, as wellas administrator and mailbox audit logging.Chapter 12, Server Monitoring and Troubleshooting, shows you how to monitor and report onservice availability and resource utilization using PowerShell core cmdlets and WMI. Event logmonitoring and Exchange server role troubleshooting tactics are also covered.Chapter 13, Scripting with the Exchange Web Services Managed API, introduces advancedscripting topics that leverage Exchange Web Services. In this chapter, you'll learn how towrite scripts and functions that go beyond the capabilities of the Exchange ManagementShell cmdlets.Appendix A, provides a list of commonly-used automatic shell variables and type accelerators,along with a listing of scripts that are installed with Exchange 2010.Appendix B, includes additional information about Advanced Query Syntax (AQS),which is used to perform queries when performing discovery searches, item restores,and item removal.

PrefaceWhat you need for this bookTo complete the recipes in this book, you'll need the following: PowerShell v2, which is already installed by default on Windows 7 and WindowsServer 2008 R2. A fully operational lab environment with an Active Directory forest andExchange organization. Ideally, your Exchange Servers will run Windows Server 2008 R2, but they can runWindows Server 2008 SP2, if needed. You'll need to have at least one Microsoft Exchange 2010 SP1 server. To work with the recipes in this book, you should be logged on with an account that isa member the Organization Management role group. The user account used to installExchange 2010 SP1 is automatically added to this group. If possible, you'll want to run the commands, scripts, and functions in this book froma client machine. The 64-bit version of Windows 7 with the Exchange 2010 SP1Management Tools installed is a good choice. You can also run the tools on WindowsVista. Each client will need some additional prerequisites in order to run the tools;see Microsoft's TechNet documentation for full details. If you don't have a client machine, you can run the management shell from anExchange 2010 SP1 server. Chapter 13 requires the Exchange Web Services Managed API version 1.1, which canbe downloaded from the following spx?id 13480The code samples in this book should be run in a lab environment and should be fully testedbefore deployed into production. If you don't have a lab environment set up, you can downloada pre-configured Hyper-V virtual hard disk (VHD) from Microsoft. It includes a fully-functioningvirtual environment with Exchange 2010 SP1 that can be evaluated for 180 days. You candownload the files from the following spx?id 5002Who this book is forThis book is for messaging professionals who want to learn how to build real-world scriptswith Windows PowerShell 2.0 and the Exchange Management Shell. If you are a network orsystems administrator responsible for managing and maintaining the on-premise version ofExchange Server 2010, then this book is for you.The recipes in this cookbook touch on each of the core Exchange 2010 server roles andrequire a working knowledge of the supporting technologies, such as Windows Server 2008or 2008 R2, Active Directory, and DNS.

PrefaceAll of the topics in the book are focused on the on-premise version of Exchange 2010 SP1,and we will not cover Microsoft's hosted version of Exchange Online through Office 365.However, the concepts you'll learn in this book will allow you to hit the ground running withthat platform since it will give you an understanding of PowerShell's command syntax andobject-based nature.ConventionsIn this book, you will find a number of styles of text that distinguish between different kinds ofinformation. Here are some examples of these styles and an explanation of their meanings.Code words in text are shown as follows: "We can read the content of an external file into theshell using the Get-Content cmdlet."Commands and blocks of code are set as follows:Get-Mailbox –ResultSize Unlimited Out-File C:\report.txtCommands like this can be invoked interactively in the shell, or from within a scriptor function.Most of the commands you'll be working with will be very long. In order for them to fit into thepages of this book, we'll need to use line continuation. For example, here is a command thatcreates a mailbox-enabled Active Directory user account:New-Mailbox -UserPrincipalName jsmith@contoso.com -FirstName John -LastName Smith -Alias jsmith -Database DB1 -Password passwordNotice that the last character on each line is the backtick ( ) symbol, also referred to as thegrave accent. This is PowerShell's line continuation character. You can run this command asis, but make sure there aren't any trailing spaces at the end of each line. You can also removethe backtick and carriage returns and run the command on one line. Just ensure the spacesbetween the parameters and arguments are maintained.You'll also see long pipeline commands formatted like the following example:Get-Mailbox -ResultSize Unlimited Select-Object DisplayName,ServerName,Database Export-Csv c:\mbreport.csv -NoTypeInformation

PrefacePowerShell uses the pipe character ( ) to send objects output from a command down thepipeline so it can be used as input by another command. The pipe character does not need tobe escaped. You can enter the previous command as is, or you can format the command sothat everything is on one line.Any command-line input or output that must be done interactively at the shell console iswritten as follows:[PS] C:\ Get-Mailbox administrator ft ServerName,Database -AutoServerName Database---------- -------mbx1DB01New terms and important words are shown in bold. Words that you see on the screen,in menus or dialog boxes for example, appear in the text like this: "Open the ExchangeManagement Shell by clicking on Start All Programs Exchange Server 2010."Warnings or important notes appear in a box like this.Tips and tricks appear like this.Reader feedbackFeedback from our readers is always welcome. Let us know what you think about thisbook—what you liked or may have disliked. Reader feedback is important for us to developtitles that you really get the most out of.To send us general feedback, simply send an e-mail to feedback@packtpub.com, andmention the book title via the subject of your message.If there is a book that you need and would like to see us publish, please send us a note inthe SUGGEST A TITLE form on www.packtpub.com or e-mail suggest@packtpub.com.If there is a topic that you have expertise in and you are interested in either writing orcontributing to a book, see our author guide on www.packtpub.com/authors.

PrefaceCustomer supportNow that you are the proud owner of a Packt book, we have a number of things to help you toget the most from your purchase.Downloading the example codeYou can download the example code files for all Packt books you have purchased fromyour account at http://www.PacktPub.com. If you purchased this book elsewhere, youcan visit http://www.PacktPub.com/support and register to have the files e-maileddirectly to you.ErrataAlthough we have taken every care to ensure the accuracy of our content, mistakes dohappen. If you find a mistake in one of our books—maybe a mistake in the text or the code—wewould be grateful if you would report this to us. By doing so, you can save other readers fromfrustration and help us improve subsequent versions of this book. If you find any errata,please report them by visiting http://www.packtpub.com/support, selecting your book,clicking on the errata submission form link, and entering the details of your errata. Onceyour errata are verified, your submission will be accepted and the errata will be uploaded onour website, or added to any list of existing errata, under the Errata section of that title. Anyexisting errata can be viewed by selecting your title from http://www.packtpub.com/support.PiracyPiracy of copyright material on the Internet is an ongoing problem across all media. At Packt,we take the protection of our copyright and licenses very seriously. If you come across anyillegal copies of our works in any form on the Internet, please provide us with the locationaddress or website name immediately so that we can pursue a remedy.Please contact us at copyright@packtpub.com with a link to the suspectedpirated material.We appreciate your help in protecting our authors, and our ability to bring you valuable content.QuestionsYou can contact us at questions@packtpub.com if you are having a problem with anyaspect of the book, and we will do our best to address it.

1PowerShell KeyConceptsIn this chapter, we will cover the following: Understanding command syntax and parameters Using the help system Understanding the pipeline Working with variables and objects Formatting output Working with arrays and hash tables Looping through items Using flow control statements Creating custom objects Creating PowerShell functions Creating and running scripts Setting up a profile

PowerShell Key ConceptsIntroductionSo, your organization has decided to move to Exchange Server 2010 to take advantage of themany exciting new features such as integrated e-mail archiving, discovery capabilities, andhigh availability functionality. Like it or not, you've realized that PowerShell is now an integralpart of Exchange Server management and you need to learn the basics and have a point ofreference for building your own scripts. That's what this book is all about. In this chapter, we'llcover some core PowerShell concepts that will provide you with a foundation of knowledge forusing the remaining examples in this book. If you are already familiar with PowerShell,you may want to use this chapter as a review or as a reference for later after you've startedwriting scripts.If you're completely new to PowerShell, the concept may be familiar if you've worked with UNIXcommand shells. Like UNIX-based shells, PowerShell allows you to string multiple commandstogether on one line using a technique called pipelining. This means that the output of onecommand becomes the input for another. But, unlike UNIX shells that pass text output fromone command to another, PowerShell uses an object model based on the .NET Framework,and objects are passed between commands in a pipeline, as opposed to plain text. Froman Exchange perspective, working with objects gives us the ability to access very detailedinformation about servers, mailboxes, databases, and more. For example, every mailbox youmanage within the shell is an object with multiple properties, such as an e-mail address,database location, or send and receive limits. The ability to access this type of informationthrough simple commands means that we can build powerful scripts that generate reports,make configuration changes, and perform maintenance tasks with ease.Performing some basic stepsTo work with the code samples in this chapter, follow these steps to launch the ExchangeManagement Shell:1. Log onto a workstation or server with the Exchange Management Tools installed.2. Open the Exchange Management Shell by clicking on Start All Programs Exchange Server 2010.3. Click on the Exchange Management Shell shortcut.Understanding command syntaxand parametersWindows PowerShell provides a large number of built-in cmdlets (pronounced command-lets)that perform specific operations. The Exchange Management Shell adds an additional set ofPowerShell cmdlets used specifically for managing Exchange. The Exchange ManagementConsole, which is the graphical management tool for Exchange 2010, is built completely

Chapter 1on top of these cmdlets and any operations performed within this tool are translated intoPowerShell commands. We can also run these cmdlets interactively in the shell, or throughautomated scripts. When executing a cmdlet, parameters can be used to provide information,such as which mailbox or server to work with, or which attribute of those objects shouldbe modified. In this recipe, we'll take a look at basic PowerShell command syntax and howparameters are used with cmdlets.How to do it.When running a PowerShell command, you type the cmdlet name, followed by any parametersrequired. Parameter names are preceded by a hyphen (-) followed by the value of theparameter. Let's start with a basic example. To get mailbox information for a user namedtestuser, use the following command syntax:Get-Mailbox –Identity testuserDownloading the example codeYou can download the example code fles for all Packt books you havepurchased from your account at http://www.PacktPub.com. If youpurchased this book

specializing in VMware and Exchange. Robert has achieved several certifications over the years, demonstrating his commitment to the industry. Among others, his certifications include VCP3, VCP4, MCSA, CCNA, CNA, CCA, A , and HP Accredited Platform Specialist. Robert dedicates much of his time to automating daily tasks and tasks of his peers in