Skip empty fields in CSV Import-CSV provision mailboxes Exchange 2010

I was working on a small program to provision mailboxes in a lab Enviroment using the import-csv cmd-let and a CSV file that was generated to meet a customers naming provision.

This particular naming provision requires Firstname M. Lastname. However, some accounts have no middle name meaning that there would be an uncessary whitespace in the Display Name.

To solve this I used an IF statement to vary my code during the conidtion of a CSV record having no middle name.


CSV File:
firstname,middle,lastname
Jonathan,M,Test
Jonathan2,,Test2


The key to this is using an IF statement on the CSV

if($_.csvfield){perform action with data in field} else {perform all actions without including any data from empty field}

The program using myorg.com domain FQDN and default "Users" OU:


$password = Read-Host "Enter password" -AsSecureString;
Import-Csv -Path C:\CSV\newtestaccounts.csv | ForEach-Object{
$_.firstname;
$firstNameTemp = $_.firstName;
$lastNameTemp = $_.lastname;
$middle = $_.middle;
if($_.middle)
{
$userPrin = $firstNameTemp.substring(0,1) + $middle + $lastNameTemp + "@myorg.com";
$displayName = $firstnameTemp + " " + $middle + "." + " " + $lastNameTemp;
$alias = $firstNameTemp.substring(0,1) + $middle + $lastNameTemp + "qa";

$userPrin = $userPrin.tolower()
$alias = $alias.tolower()

New-Mailbox -UserPrincipalName $userPrin -Alias $alias -Database "TempDB" -Name $displayName -OrganizationalUnit "myorg.com/Users" -Password $password -FirstName $firstName -LastName $lastName -DisplayName $displayName -ResetPasswordOnNextLogon $false
$alias
}
$userPrin = $firstNameTemp.substring(0,1)+ $lastNameTemp + "@myorg.com";
$displayName = $firstnameTemp + " " + $lastNameTemp;
$alias = $firstNameTemp.substring(0,1) + $lastNameTemp + "qa";

$userPrin = $userPrin.tolower()
$alias = $alias.tolower()

New-Mailbox -UserPrincipalName $userPrin -Alias $alias -Database "TempDB" -Name $displayName -OrganizationalUnit "myorg.com/Users" -Password $password -FirstName $firstName -LastName $lastName -DisplayName $displayName -ResetPasswordOnNextLogon $false
$alias

}


Creating some test mailboxes in Exchange 2010 SP1

[PS] C:\Windows\system32>$password = Read-Host -AsSecureString
********

[PS] C:\Windows\system32>for ($i = 1; $i -lt 11; $i++){$name = "MyOrg Test" +
$i; $lastname = "Test " + $i; $userp = $name + "@mydomain.com"; New-Mailbox -Nam
e $name -database "TempDB" -password $password -firstname "MyOrg" -lastname $
lastname -UserPrincipalName $userp}

A simple for loop used to create unquie names for test accounts to use during pre-production testing of the system.

I noticed that this creates the SAM name with spaces so using this .PS1 you can remove spaces from the SAM account name of a mailbox:


Function Remove-Spaces {
param($target)

begin {
filter Do-RemoveSpaces { $_ -replace " ", "" }
}

process { if($_) { $_ Do-RemoveSpaces } }

end { if($target) {$target Do-RemoveSpaces} }
}

for ($i = 1; $i -lt 11; $i++){

$mbx = "MyOrg*" + $i

$samtemp = Get-Mailbox where {$_.name -like $mbx}
$samtempname = $samtemp.SamAccountName

$samtempname = remove-spaces $samtempname

set-mailbox -identity $samtemp -samaccountname $samtempname


That is all for now...

Windows Admin Duties: automate reboot of the server

I needed to come up with a way to reboot the server over night on a one off occasion.

Well I already knew what to do, but I could not remember it so I am documenting this for later.

The following can be executed at the CMD prompt & the syntax below is exact.

at 1:00am cmd /c shutdown -r -t 120 /c "Server will shutdown in 2 min; use shutdown /a in the cmd prompt to stop this action" /f /d p:4:1

This cmd will /f force application shutdown & /c provide an event viewer comment & /d log an event into the event log that is p or planned and reason code 4 (application maintenance) & 1 (planned). Addtionally I am rebooting the server or shutdown -r(reboot) -t(time) 120 (seconds). I cannot run commands directly with at so I must have at load the CMD prompt or cmd & tell the CMD prompt to run a command once loaded /c.

Reason codes: http://ss64.com/nt/shutdown.html
Cmd ref on Tech-net: http://technet.microsoft.com/en-us/library/cc732503%28WS.10%29.aspx

ADFS: A good blog on the processes of setting up

http://krva.blogspot.com/2008/11/setting-up-federation-services-fs-in.html

Exchange coexistense with MSOL (Microsoft Online) O365 and Exchange on primis and the cloud requers federation between your onsite Acitive Directory and the O365 service directory service. Limited to 10K user objects without MS consistent on a per case basis.

This blog gives greater insite to the setting up of the process and allows you to see in screen shots the process.

Exchange 2003 performance and disk partitions

Because exchange 2003 will read/write in 4k chunks have a default offset of 63 sectors will cause the occational read from the uneven partition size to result in 2 IOPS. This over time will create a measurable, and in large enviroments, unwanted read performance.

Dispar.exe has been integrated into Diskpart.exe (Sever 2003 sp1+?)
diskpart.exe
diskpart> select disk 1 (1 or other disk # obtained from diskmgmt.msc)
diskpart> create partition primary align = 32

There is a good technet blog on this issue: http://blogs.technet.com/b/exchange/archive/2005/08/10/408950.aspx

Event ID 123 Exchange 2010 SP1 DAG

So I have multiple Exchange 2010 mailbox servers in a DAG configuration. After setting up the passive copies and letting the equipment run for a little while I started getting event id 123 on some of the mailbox servers.

So on "exchmbx01" I have a database mbdb01.

Update-mailboxdatabasecopy –sourceserver exchmbx01 –identity mbdb01\exchmbx01 –network “DagNetwork01” –catalogonly

If you don't specify the identity fully of the database copy Exchange will not know which DB copy you are attempting to update the catalog of.

Just because MS says Exchange 2010 uses the CAS for MAPI communications doesn't mean this is always the case

I recently had to upgrade to Exchange 2010 sp1 in a complex environment. I thought that as tech-net states http://technet.microsoft.com/en-us/library/ee332317.aspx outlook clients with Exchange 2010 mailboxes will always use the CAS server to communicate via MAPI (Mail RPC) traffic. In our case we found outlook communicating with the Mailbox servers directly. Specifically mailboxes servers with public folder databases. I suspect that there is a great deal that occurs with Exchange that Microsoft never publishes.

Corrupt exchange 2003 conference room mailboxes

I recently started moving mailboxes from 2003 to 2010 SP1. When it came time to move the conference room mailboxes it was a no go.

Specifically Exchange 2010 SP1 states that these mailboxes are in an inconsistent state because validation can not be performed upon on the the attributes.

The attribute in question was the "mailNickname" attribute. It turns out that my conference room mailboxes have whitespace and a trailing decimal or period. Both of these character uses are illegal in Exchange 2010 SP1.

The solution?

Luckly all of the conference room mailboxes are in a single OU in AD.

I wrote a script to perform the actions of replacing whitespace with an underscore and removing any number of trailing period characters.

Function Remove-Spaces {

param($target)

begin {

filter Do-RemoveSpaces { $_ -replace "\s *", "_" }

}

process { if($_) { $_ | Do-RemoveSpaces } }

end { if($target) {$target | Do-RemoveSpaces} }

}

#$objArray = get-mailbox -identity "QuandaryPeak"

#$objArray = get-mailbox -organizationalunit "hq.corp.viasat.com/ViaSat West/Resource Mailboxes/Conference Rooms"

foreach($obj in $objArray)

{

$tempstring = $obj.alias

$tempstring = remove-spaces $tempstring

$tempstring = $tempstring.trimend(".")

set-mailbox -identity $obj -alias $tempstring

}

You must uncomment, remove '#' char, to make the program work. You use get-mailbox to gather the objects you want to process.

One odd side affect I found was that it sets the new alias as the primary SMTP reply address in hour system. I don't have access to 2003 so this is probably to be expected via the 2003 configuration. I alternatively looked at writing a similar program using get-ADObject and set-ADObject modifying the property directly without using the set-mailbox cmd-let would prevent setting the primary SMTP reply address to the alias.

References: http://msdn.microsoft.com/en-us/library/system.string_methods.aspx

References: http://powershell.com/cs/blogs/tips/archive/2009/09/14/trap-and-try-catch.aspx

The case of missing distribution group members in users Outlook GAL / OAB

I recently ran into a very peculiar issue. I had users on outlook 2007 & complaining about missing entries for distribution groups. Now keep in mind that until now we have been using Exchange 2003 w/ Outlook 2003, 2007, and 2010 and no issues at all.

So we start migration of some 2003 mailboxes to 2010. Keep in mind 2010 SP1 has been configured for weeks with no 2003 mailboxes showing signs of this issue...

So I go to test this in OWA with a test 2010 mailbox. Well I don't see anything wrong every user that should be there according to get-distributiongroupmember -identity "DL-AllHandsNYC" is there? What are the users smoking? OK I pull up Outlook 2010 and yep they are right missing entries. Now normally I would send a test email and see if the missing members get the mail and stop there, but I must make them viewable.

So maybe an issue with 2010 sp1 OAB distribution? Nope!

There are massive numbers of objects with the "hiddenfromaddresslistsenabled" attribute set to $true!!! How has this not been an issue until now?

The behavior was only noticed when our 2010 mailboxes started beta testing the system.

Long story short the fix is easy:

The solution: set "hiddenfromaddresslistenabled" to $false

get-recipient -recipienttype MailContact -resultsize unlimited -filter {HiddenFromAddressListsEnabled -eq $true} | set-contact -HiddenFromAddressListsEnabled $false

get-recipient -recipienttype UserMailbox -resultsize unlimited -filter {HiddenFromAddressListsEnabled -eq $true} | set-mailbox -HiddenFromAddressListsEnabled $false

get-recipient -recipienttype DistributionGroup -resultsize unlimited -filter {HiddenFromAddressListsEnabled -eq $true} | set-distributiongroup -HiddenFromAddressListsEnabled $false

get-recipient -recipienttype PublicFolder -resultsize unlimited -filter {HiddenFromAddressListsEnabled -eq $true} | set-publicfolder -HiddenFromAddressListsEnabled $false

Some objects were corrupt and get-recipient -resultsize unlimited -filter {HiddenFromAddressListsEnabled -eq $true} will show you any left over items that need repair/conversion.

Issues with OAB after applying URL simplification: Exchange 2010 SP1

Arriving at work I found out that OAB was giving some users issues. Specifically they are stuck at "Offline Address Book is connecting to Exchange Server".

A little research led me to discover others have had this behavior. http://social.technet.microsoft.com/forums/en-US/exchangesvrgeneral/thread/548f2ecc-faae-4744-8b33-7de536196d7d/?prof=required

Looking at C:\program files\Microsoft\exchange\v14\clientaccess\oab\ the permissions are set correctly. However, looking at the parent folder of \oab\ I discovered that there are not enough necessary permissions established to complete the permissions chain and give the desired effective permissions on the subfolder.

http://technet.microsoft.com/en-us/library/dd535384(EXCHG.80).aspx

I am still in testing on this one. I noticed that the CAS servers that did not have redirection performed upon them had the same /oab/ permissions structure so if this fixes the issue I am really confused. Alternatively, I am seeing some issue with permissions for the "authenticated users" on the web.config file that is generated by the redirection process. I have noticed that "authenticated users" have only read permissions on the web.config file and I am testing to see if https://mail.myorg.com/oab/yourguid/oab.xml returns an http 500 error code.

Well instead of http 500 I get 403; enalbed directory listing for the oab dir and now I can list the oab.xml. I have a new issue which is that using owa all distribution group members show up. Using outlook.exe only specific members of the groups show up. There is not a consistent listing of distribution group members between owa's oab and that of outlook.exe 2k7/2k10.

Still working on this issue; will update.

Dreaded 0x8004010f & OAB

I have recently deployed an Exchange 2010 SP1 system and a small percentage of users were getting this when accessing the system remotely.

Client Details

outlook 2010

Fix

I enabled the web-distribution on all of the CAS servers in the CAS array.

There appear to be a multitude of issues associated with this very generic MAPI error. http://blogs.technet.com/b/exchange/archive/2007/04/19/3401966.aspx

Get-Mailbox queries and -filter {}

I tried doing some get-mailbox queries recently with the -filter {property -like "*this*"} business, but could not get things going. I come to find out that the -organizationalunit and -recipientypedetails are not available in the -filter {} argument code block. This is because they are their own special purpose arguments. For instance get-mailbox -organziationalunit "corp.pvt/NorthAmerica/Accounts/General/" will get all the mailboxes in the North American General Accounts OU structure.

-recipienttypedetails legacymailbox; is how you find the 2003 mailboxes in your system during co-existence.

Somethings like DistinguishedName work fine with the -filter{} argument.

Any of these methods are preferred over get-mailbox | where {$_.attribute -like "*String*"}

I should mention my environment is entirely SP1 2010.

http://technet.microsoft.com/en-us/library/bb124268.aspx
http://exchangepedia.com/blog/2007/02/opath-filterable-properties-that-can-be.html

Exchange 2010 sp1 / 2003 Co-Existence Event ID 4003 & 4004

http://social.technet.microsoft.com/Forums/en-US/exchange2010/thread/3203b390-d52a-4e81-8a7e-c2266d909589/

I have unchecked SSL required on the "/public" virtual directory in IIS on the for all of my CAS servers.

Update: The issues have mostly gone away after opening ports between my 2010 CAS servers and the Exchange 2003 servers hosting the public folder databases. Specifically ports 80, 135, and dynamic RPC ports were opened.

Exchange 2010 SP1 CAS server event ID 1033

After moving into the testing phase of the 2010 sp1 deployment I have started noticing a multitude of 1033 errors on the four CAS servers in the CAS array.

Source service is MSExchActiveSync


It turns out that the web.config file is missing an entry for the "ExternalProxy" setting. Which is fine if you don't use it.

To make the error go away add this entry to your web.config file and do a iisreset /noforce; which make take a while in a production enviroment. In fact you may need to drainstop the particular CAS sever from in the NLB service first to get the active connections to 0 and thus iisrest /noforce works.

For the code to insert in the web.config file see this thread:

http://social.technet.microsoft.com/Forums/en-US/exchange2010/thread/7a308dcc-56b2-4c29-a586-7b476b913998

Passive Database Copies Event ID 123

Starting getting errors in the event log for some passive copies of databases. Not sure why yet there doesn't seem to be a pattern. Get-MailboxDatabaseCopyStatus shows everything being fine, but there are errors being generated in the log on the server hosting the passive copy.

Event ID 123 search catalog corrupt
http://technet.microsoft.com/en-us/library/ee633475.aspx

This command should ensure all the parameters are correct in generating a new search catalog:

update-mailboxdatabasecopy -SourceServer Exch03 -Identity "MBDB03\Exch01" -Network DagReplicationNetwork -CatalogOnly

In this scenario Exch03 has active db MBDB03, and Exch01 holds a passive copy. There are four DAG networks only one is replication "DagReplicationNetwork".

New Exchange 2010 sp1 Learning Links

http://technet.microsoft.com/en-us/ff871920
http://www.microsoft.com/events/series/tnexchangeserver.aspx?tab=webcasts&id=43235

Exchange 2010 SP1 routing: pickup directory

In addition to processing mail via SMTP and the Store driver (Think Get/Push mail from mailbox databases) Exchange will process mail messages placed in a folder on the hard disk of a HubTransport server. Known as the "pickup folder" it is not configured by default in Exchange 2010 sp1.

Set-TransportServer -identity ExchHub01 -pickupfolder "C:\incomingMail\"

For more information on configuration of the pick up folder see:

http://technet.microsoft.com/en-us/library/bb124549.aspx

Exchange 2010 SP1 routing: auditing current mail routing

The get-adsitelink cmd-let allows you to view the cost metrics associated with AD sites in your organization. You can use this information to determine how mail is routed within your organization. Keep in mind that if you only a select number of internet facing hub transport servers all mail routing to the internet goes through them. Therefore, you must calculate the cost from any given hub transport server to these servers to determine which one will be used for internet bound email. Hub transport servers with a send connector namespace of * will be "catch-all" send connectors matching all destination email domain namespaces not specified by any other connector in the Exchange Organization.

http://technet.microsoft.com/en-us/library/bb123486.aspx

You could override the AD site cost to manipulate the way exchange routes using:

Set-ADSiteLink –Identity 'Atl-Nyc' –ExchangeCost 10

If you decide to remove this Exchange specific configuration for Site link Cost you can do so:

Set-ADSiteLink -Identitiy ' Atl-Nyc' -ExchangeCost $null

For a list of all of the "Sites" in active directory use get-adsite

http://technet.microsoft.com/en-us/library/bb124239.aspx

A bit simplistic, but viewing all of the hub transport servers in your Exchange organization is important be sure to use get-transportserver

http://technet.microsoft.com/en-us/library/bb125246.aspx

Exchange 2003 to 2010 migration: Moving the OAB generation server

This one was very easy. I used the following tech-net article as a reference: http://technet.microsoft.com/en-us/library/bb125184.aspx

get-offlineaddressbook

Ok I only have the Default-OfflineAddressBook

get-offlineaddressbook | fl name, PublicFolderdatabase

Ok I can see the Exchange 2003 server is hosting the OAB.

get-offlineaddressbook | move-offlineaddressbook -server "Exchange2010mbx1"

This gives you a warning in Exchange 2010 SP1 stating that you should wait until this finishing occurring in the background before changing the PublicFolder distribution point. I will give it a couple of days and change this to 2010.

I now perform a get-offlineaddressbook | ft name, Server, PublicFolderDatabase

I can see the Exchange 2010 server is the OAB generating server, but the Exchange 2003 server is still publishing the OAB through public folders.

Not a very command intensive move and so far no issues with AD/Exchange 2003 compatibility.

Found a good screen shot blog with issues while performing these actions: http://blog.ronnypot.nl/?p=212

For a better understanding of OAB's in Exchange 2010 SP1 go here: http://technet.microsoft.com/en-us/library/bb232155.aspx

Issues sending mail to Exchange 2003 mailboxes during Exchange 2003/2010 co-existence

Shortly after upgrading some mailboxes to 2010 it became apparent that when sending emails to Exchange 2003 distribution list. Some of the Exchange 2003 mailbox recipients specified by the distribution list were bouncing with a 5.2.1 NDR message:

"There's a problem with the recipient's mailbox. Please try resending this message. If the problem continues, please contact your helpdesk."

After a some searching I found a great fact finding post on the technet forums: http://social.technet.microsoft.com/Forums/en-US/exchange2010/thread/552513a7-c70b-4c52-b208-173751d393e8/

Further inquiry resulted in these links:

http://social.technet.microsoft.com/Forums/en-US/exchange2010/thread/be90453d-c028-4a02-a5d3-f4eaa1a7556e/

http://technet.microsoft.com/en-us/library/bb851493%28EXCHG.80%29.aspx

This is one of the less common experiences I have had during Co-Existence.