Mailbox Archive Tool for Microsoft Exchange Servers
This is another GUI tool based on PowerShell I’ve written in the past.
A company I worked for needed a tool for Service Desk people to archive users’ mailboxes into PST file. I’m not an Exchange engineer, they told me they used to use ExMerge in Exchange 2003 environment but since upgraded to Exchange 2007, they were no longer able to do so under a GUI interface because ExMerge was replaced by a PowerShell cmdlet “Export-MailBox”.
So I wrote this mailbox archive tool. it basically archives a mailbox into a PST file (with the option to whether delete mailbox after archiving):
This tool has been tested and it is working in both Exchange 2007 and 2010 environment.
Prerequisites:
|
Exchange 2007 |
Exchange 2010 |
| 32 bit Operating System | 64 bit Operating System |
| Outlook 2007 | 64 bit Outlook 2010 |
| 32 bit Exchange 2007 Management Tools | Exchange 2010 Management Tools |
| Windows PowerShell | Windows PowerShell |
Setup operators permissions (Below powershell commands use "Domain\Exchange Operators Group" as an example):
- add-ExchangeAdministrator -Identity "Domain\Exchange Operators Group" -Role ViewOnlyAdmin -confirm:$false
- $mailDBs = Get-MailboxDatabase | where {$_.StorageGroup -match "Storage Group"}
- $mailDBs | add-adpermission -User "Domain\Exchange Operators Group" -AccessRights WriteOwner,WriteDacl -extendedrights ms-Exch-Store-Admin
Instructions:
- Logon to the computer using an account that’s been setup to have the appropriate rights.
- Launch the tool using the shortcut: (Note, I’ve hard coded the path in the shortcut to C:\Scripts\Mail-Archive. please modify the shortcut if required)
- Enter the mailbox and specify PST file location, choose “Delete after export” if desired.
- Click “Run” to begin archiving.
- output and logs are displayed on the output pane.
- Locate the PST file after it’s done
- Logs are also created for each export under the log folder:
- Note if export failed because it has reached bad item limit, you can change the threshold in MailArchiveConfig.ini. I’ve set it to 1000, increase it if you like.
Balancing Number of SCOM Agent Per Management Server using PowerShell
I came across a situation yesterday in one of the clients SCOM environment:
They currently have a single SCOM management group setup as the following:
- all SCOM management servers (including the root management server) are located on the same segment of the network.
- internal agents (from the same forest) are reporting to management server #1 and #2.
- External agents (from different forests) are reporting to management server #3 and #4 through firewall.
- SCOM is not integrated to AD – Therefore primary and failover management servers are not automatically assigned to agents.
I needed to achieve:
- agents are evenly distributed to the Internal and external management servers.
- all other management servers in the same group are assigned as failover management servers.
- For Example, there are 513 agent managed computers in internal network. They need to be evenly spread between management server #1 and #2 (so one management server will have 256 agents and the other will have 257 agents). All agents hanging off management server #1 will have #2 assigned as failover management server and vice versa.
I wrote this PowerShell script for this task. if you create a Windows scheduled task and run it on a regular basis, you’ll ensure all your SCOM agents are evenly assigned to a group of management servers and have correct settings for failover management servers.
The script does so by doing the following:
- Work out total number of agents that are currently hanging off the management servers specified in the script (line 33-37):
- Work out which management servers are over average and which ones are below average
- Go through each one that’s over the average, move agents to another random management server until it reaches the average number.
- after each agent move, check the destination management server, make sure it is still under the average number, otherwise, remove it from the pool of under average management servers.
- Go through the remaining agents on each management server and make sure they are set to use all the other management servers as failover management servers.
Note: PowerShell Version 2 is required to run this script! This script can only run on the root management server. if you want to run it somewhere else, please modify line 15 of the script to have the correct FQDN of your RMS server.
Passed MCTS SCCM exam yesterday
In the last couple of weeks, I’ve been refreshing my memory on SCCM since I haven’t worked on it for almost 4 month… Yesterday, I passed Microsoft 70-401 (SCCM) exam with the score of 976/1000. Pretty disappointed that didn’t get 1000 though…
Oh well, there are some SCCM work coming up at work, can’t wait to get started!
Get Powershell Execution Policy on remote machines
Today I’ve been asked how to inventory PowerShell execution policies on all servers in a domain. I originally thought I can ultilise RemoteIn as PowerShell V2 should be deployed on all servers. then I realised WSMan wasn’t configured on the srevers so I couldn’t use “New-PSSession” cmdlet…
Therefore, I wrote a function called Get-RemoteExecutionPolicy. It retrieves the setting from the remote registry.
The usage is: Get-RemoteExecutionPolicy <machine name>.
Passed MCTS SCOM Exam (70-400) today!
Today I passed Microsoft exam “70-400 Microsoft System Center Operations Manager 2007, Configuring” with a score of 975/1000.
The transcript indicated I answered one question wrong in relation to “Deploying and COnfiguring Management Packs”. I’m wondering which one I answered wrong…
Overall, pretty easy exam. What’s next? Got spend some time to prepare SCCM exam!
ENHANCED SCOM Alerts Notification Emails!
Even though SCOM is a great product, I personally believe that alert notification emails is something that really needs improvements. It is very hard (and almost impossible – according to my standard) to configure a meaningful notification email using the variables SCOM provides.
Most of times, the SCOM administrator would include a URL that takes you straight to the alert using SCOM web console. Web Console is greatly improved in SCOM 2007 R2, and it pretty much contains everything about the alert (such as alert name, description, source, time raised, monitor/rule name, description, knowledge article, etc).
But why can’t we have all this information in the notification email so we don’t have to come to the web console?
This cannot be done natively using SMTP notification channels. I accomplished it almost 2 years ago for my previous employer, using PowerShell and SCOM Command Notification Channel. I wrote a PowerShell script to utilise System.Net.Mail classes to send out HTML formatted email that contains EVERYTHING that you can get from SCOM Operations Console or Web Console.
The following information is included in the notification email:
- - Alert name, description, severity, resolution state, source, path, Time created
- - Monitor / Rule name
- - Knowledge Article for the particular monitor / rule
- - Web console URL link to the alert
- - PowerShell command to retrieve the alert from SCOM command console
I completed forgot about this script until recently one of my customer’s support team asked me if there are any better ways to configure Alert Notification emails in SCOM. Now I’ve decided to post it in my blog so you all can benefit from it.
Below is the email notification for the alert from the above web console screenshot:
OK. if you want to try this out in your SCOM environment, please keep reading. Let’s go through the steps setting this up in SCOM:
1. Download SCOMEnhancedEmailNotification.ps1
2. Modify this section of the script (line 23-49):
- $NotifiedResState – At the end of this script, after the email is sent, it changes the resolution state of the alert to “Notified”. I have manually created such resolution state using SCOM Operations Console with number 85. You can use other number if you wish, just make sure this variable represent the right number of the resolution state you want the script to set the alert to at the end.
- Function getResStateName – Modify function getResStateName to have ALL the resolution states for your SCOM environment.
- $strSMTP – The FQDN of your SMTP server
- $iPort – Port used for SMTP. default is 25. if your SMTP server is not use port 25, please change this variable accordingly.
- $Sender – make sure you have the sender (return address) and the display name set inside the bracket( )
- $ErrRecipient – If the script is running into errors, it will try to email the error message to this recipient. I’d suggest you to set this to your company’s SCOM administrator so they know there is a problem.
3. Once the script is modified, save it to a local folder on your RMS server. In this blog, we will use D:\Scripts\ as an example.
4. Setting up SCOM Command notification channel:
NOTE: Because we are not using SMTP channels, we cannot specify the email addresses in Subscriber’s properties. Instead, we are passing in the email addresses as parameters. So for subscriptions with different subscribers, you will need to create multiple command channels with different email addresses.
Settings:
- Full path of the command file: C:\Windows\System32\WindowsPowerShell\v1.0\Powershell.exe
- Command line parameters: D:\Scripts\SCOMEnhancedEmailNotification.ps1 -alertID “‘$Data/Context/DataItem/AlertId$’” -Recipients @(‘Service Desk;servicedesk@xxxx.com’,'Tao Yang;tao.yang@xxxx.com’,'John Smith;john.smith@xxxx.com‘)
- Note: Recipients are passed into the script as an array variable. make sure you use this format inside the (): ‘Recipient 1 Name;Email’,’Recipient 2 Name;Email’
- Startup folder for the command line: D:\Script
- This is the location of the script
5. Setting up subscribers
Subscriber address:
6. Setting up subscriptions
One last thing to remember: The powerShell execution policy on your RMS needs to set to RemoteSigned or Unrestricted.
This script can be downloaded HERE. Feel free to email me if you are having issues setting this up!
PowerShell Script: Mass-Mailer
Today a colleague asked me to write a script to send out a email to a large group of people but have the phrase “Dear <person’s name”>” in the beginning of email body.
I quickly wrote this script. Here are the steps you need to take before executing it:
1. Zip and place the Mass-Mailer folder somewhere on your computer. There are 3 files in the folder:
2. in Mass-Mailer.ps1 file, modify the highlighted section ( and remove the “<” and “>”brackets):
3. Open recipientsList.txt and enter recipients name and emails, one recipient per line with format Name;Email (i.e. John Smith;John.Smith@xxx.com)
4. Write the email in EmailBody.txt
5. Execute Mass-Mailer.PS1
The email is sent to each recipient individually. it looks like:
How To Write to SCOM Operations Manager Event Log Using PowerShell and MOM.ScriptAPI
The following commands can be executed using the normal PowerShell console. SCOM PowerShell snapin is not required.
$momapi = New-Object -comObject "MOM.ScriptAPI"
$momapi.LogScriptEvent("test",9999,2,"this is a test")
This is the log:
Detailed documentation of MOM.ScriptAPI can be found on MSDN.
Broken SCOM Web Console URLs?
I come across a situation where when i click on the web console URL from a SCOM notification email such as this one: http://<SCOM Web Server>/default.aspx?DisplayMode=Pivot&AlertID=%7b07aac5b0-4cf8-411f-b5a0-cb0075dc0f31%7d
I get a HTTP 500 error:
I had to change the URL from http://<SCOM Web Server>/default.aspx?DisplayMode=Pivot&AlertID=%7b07aac5b0-4cf8-411f-b5a0-cb0075dc0f31%7d to http://<SCOM Web Server>/default.aspx?DisplayMode=Pivot&AlertID={07aac5b0-4cf8-411f-b5a0-cb0075dc0f31} to make it work. It’s quiet painful as %7b and %7d comes as a part of SCOM WebConsole Link variable…
For this particular environment, I found out it was caused by Forefront TMG server was blocking encoded URLs for this website.
After unticking Verify normalization and Block high bit characters in the TMG rule, the encoded URL started working!
SCOM Console Crashes
When I connect SCOM console to one of my clients SCOM 2007 R2 environment, under Authoring Pane, if I change the display scope of Monitors or Rules to “View all target” and select everything:
the console crashes. – Maybe there are too many objects for it to handle.
After the crash, when I re-launch the console, I cannot go back into Authoring Pane. It crashes everytime I click on “Authoring”.
To fix it so I can go back to Authoring Pane, I had to delete this registry key:
HKEY_CURRENT_USER\Software\Microsoft\Microsoft Operations Manager\3.0\Console\Navigation\MonitoringConfigNavSettings\ScopedClasses
I started the console again after the deletion and I could go back in with the default setting!