piszczynski>Aleks |
|||
(11 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
== Connect to O365 Exchange == | == Connect to O365 Exchange == | ||
<syntaxhighlight lang="powershell" line>$UserCredential = Get-Credential | |||
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection | |||
Import-PSSession $Session -DisableNameChecking</syntaxhighlight> | |||
Then to close the session | Then to close the session | ||
<syntaxhighlight lang="powershell">Remove-PSSession $Session</syntaxhighlight> | |||
Hide O365 group from GAL ( as this cannot be done on admin portal ) | Hide O365 group from GAL ( as this cannot be done on admin portal ) | ||
<syntaxhighlight lang="powershell">Set-UnifiedGroup <group> -HiddenFromAddressListsEnabled $true</syntaxhighlight> | |||
Install the exchange online management module | Install the exchange online management module | ||
<syntaxhighlight lang="powershell">Install-Module -Name ExchangeOnlineManagement -RequiredVersion 2.0.3</syntaxhighlight> | |||
== Handy Commands for Exchange Powershell == | == Handy Commands for Exchange Powershell == | ||
Line 42: | Line 42: | ||
*$dbs = Get-MailboxDatabase; $dbs | foreach {Get-MailboxStatistics -Database $_.DistinguishedName} | where {$_.DisconnectReason -eq "Disabled"} | Format-Table DisplayName,Database,DisconnectDate | *$dbs = Get-MailboxDatabase; $dbs | foreach {Get-MailboxStatistics -Database $_.DistinguishedName} | where {$_.DisconnectReason -eq "Disabled"} | Format-Table DisplayName,Database,DisconnectDate | ||
Reconnect Mailbox: | |||
* | *Connect-Mailbox -Identity "<mailbox name>" -Database <database shown in previous check> -User "<user name>" | ||
Get mailbox sizes | Get mailbox sizes | ||
*Get-Mailbox -ResultSize Unlimited | Get-MailboxStatistics | Sort-Object TotalItemSize -Descending | Select-Object DisplayName,TotalItemSize | *Get-Mailbox -ResultSize Unlimited | Get-MailboxStatistics | Sort-Object TotalItemSize -Descending | Select-Object DisplayName,TotalItemSize | ||
*Get-OutlookProvider | fl | *Get-OutlookProvider | fl | ||
*Get-OutlookAnywhere | fl | *Get-OutlookAnywhere | fl | ||
Line 60: | Line 58: | ||
*Get-WebServicesVirtualDirectory | fl | *Get-WebServicesVirtualDirectory | fl | ||
*Get-SendConnector | Where-Object {$_.Enabled -eq $true} | fl | *Get-SendConnector | Where-Object {$_.Enabled -eq $true} | fl | ||
==Exchange Certificates== | |||
Get and assign exchange certificates | |||
<syntaxhighlight lang="powershell">Get-ExchangeCertificate | Format-List FriendlyName,Subject,CertificateDomains,Thumbprint,Services</syntaxhighlight> | |||
<syntaxhighlight lang="powershell">Enable-ExchangeCertificate -Thumbprint <certificate thumbprint> -Services POP,IMAP,IIS,SMTP</syntaxhighlight> | |||
Update send and receive connector certificates: | |||
Find out what connectors may need updating with new certificate: | |||
<syntaxhighlight lang="powershell">Get-ReceiveConnector | where {$_.TlsCertificateName -like "<certificate name>"}</syntaxhighlight> | |||
<syntaxhighlight lang="powershell">Get-SendConnector | where {$_.TlsCertificateName -like "<certificate name>"}</syntaxhighlight> | |||
Get new certificate: | |||
<syntaxhighlight lang="powershell">$cert = Get-ExchangeCertificate -Thumbprint <NewCertificateThumbprint></syntaxhighlight> | |||
Get details required for send/receive connector format: | |||
<syntaxhighlight lang="powershell">$tlscertificatename = "<i>$($cert.Issuer)<s>$($cert.Subject)"</syntaxhighlight> | |||
Set the certificate for send/receive connector | |||
<syntaxhighlight lang="powershell">Set-ReceiveConnector "<ReceiveConnectorName>" -TlsCertificateName $tlscertificatename</syntaxhighlight> | |||
== Exchange issues Powershell== | == Exchange issues Powershell== | ||
Line 102: | Line 125: | ||
In Office 365: | In Office 365: | ||
1. Get-Mailbox nameofmailbox@domain.com | fl ExchangeGuid | 1. Get-Mailbox nameofmailbox@domain.com | fl ExchangeGuid<syntaxhighlight lang="powershell"> | ||
Get-Mailbox nameofmailbox@domain.com | fl ExchangeGuid | |||
In Exchange on-premise powershell: | </syntaxhighlight>In Exchange on-premise powershell: | ||
2. Enable-RemoteMailbox nameofmailbox@domain.com -RemoteRoutingAddress nameofmailbox@domain.mail.onmicrosoft.com | 2. Enable-RemoteMailbox nameofmailbox@domain.com -RemoteRoutingAddress nameofmailbox@domain.mail.onmicrosoft.com | ||
3. Set-RemoteMailbox nameofmailbox@domain.com -ExchangeGuid <GUID recorded from step 1> | 3. Set-RemoteMailbox nameofmailbox@domain.com -ExchangeGuid <GUID recorded from step 1> | ||
==Exchange online issues== | |||
Clear old problems with hybrid exchange conflicts by removing old mailbox configurations from user objects: | |||
Log into exchange online with connect-exchangeonline: | |||
*'''Set-User <problem user objectid> -PermanentlyClearPreviousMailboxInfo''' |
Latest revision as of 13:22, 31 January 2024
Connect to O365 Exchange
$UserCredential = Get-Credential
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection
Import-PSSession $Session -DisableNameChecking
Then to close the session
Remove-PSSession $Session
Hide O365 group from GAL ( as this cannot be done on admin portal )
Set-UnifiedGroup <group> -HiddenFromAddressListsEnabled $true
Install the exchange online management module
Install-Module -Name ExchangeOnlineManagement -RequiredVersion 2.0.3
Handy Commands for Exchange Powershell
- Add permission to calendar:
- This will give a user permissions to another calendar
- Set-MailboxFolderPermission “CalendarName:\calendar” –User default –AccessRights reviewer
- This will give a user permissions to another calendar
- Send on Behalf
- This will grant Charles permissions to send on behalf of Gert.
- Set-Mailbox gert.mailbox -GrantSendOnBehalfTo charles.surname
- This will grant Charles permissions to send on behalf of Gert.
- Send As
- This will grant Charles permissions to send as Gert.
- Add-ADPermission gert.mailbox -ExtendedRights Send-As -user charles.surname
- This will grant Charles permissions to send as Gert.
- Full Mailbox Access
- This will grant Charles full access to Gert's mailbox.
- Add-MailboxPermission -Identity gert.mailbox -User charles.surname
- This will grant Charles full access to Gert's mailbox.
Add full access permission to all mailboxes to an account:
- Get-Mailbox -ResultSize unlimited -Filter {(RecipientTypeDetails -eq 'UserMailbox') -and (Alias -ne 'Admin')} | Add-MailboxPermission -User UserAccount@domain.com -AccessRights fullaccess -InheritanceType all -AutoMapping:$False
Add Send as permissions to mailboxes:
- $UserMailboxes = Get-Mailbox | Where {$_.RecipientTypeDetails -eq “<Type of mailbox>”}
- $UserMailboxes | Add-RecipientPermission -AccessRights SendAs –Trustee <identity>
Get all disconnected mailboxes:
- $dbs = Get-MailboxDatabase; $dbs | foreach {Get-MailboxStatistics -Database $_.DistinguishedName} | where {$_.DisconnectReason -eq "Disabled"} | Format-Table DisplayName,Database,DisconnectDate
Reconnect Mailbox:
- Connect-Mailbox -Identity "<mailbox name>" -Database <database shown in previous check> -User "<user name>"
Get mailbox sizes
- Get-Mailbox -ResultSize Unlimited | Get-MailboxStatistics | Sort-Object TotalItemSize -Descending | Select-Object DisplayName,TotalItemSize
- Get-OutlookProvider | fl
- Get-OutlookAnywhere | fl
- Get-ClientAccessServer | fl
- Get-ActiveSyncVirtualDirectory | fl
- Get-AutodiscoverVirtualDirectory | fl
- Get-EcpVirtualDirectory | fl
- Get-OabVirtualDirectory | fl
- Get-OwaVirtualDirectory | fl
- Get-PowerShellVirtualDirectory | fl
- Get-WebServicesVirtualDirectory | fl
- Get-SendConnector | Where-Object {$_.Enabled -eq $true} | fl
Exchange Certificates
Get and assign exchange certificates
Get-ExchangeCertificate | Format-List FriendlyName,Subject,CertificateDomains,Thumbprint,Services
Enable-ExchangeCertificate -Thumbprint <certificate thumbprint> -Services POP,IMAP,IIS,SMTP
Update send and receive connector certificates:
Find out what connectors may need updating with new certificate:
Get-ReceiveConnector | where {$_.TlsCertificateName -like "<certificate name>"}
Get-SendConnector | where {$_.TlsCertificateName -like "<certificate name>"}
Get new certificate:
$cert = Get-ExchangeCertificate -Thumbprint <NewCertificateThumbprint>
Get details required for send/receive connector format:
$tlscertificatename = "<i>$($cert.Issuer)<s>$($cert.Subject)"
Set the certificate for send/receive connector
Set-ReceiveConnector "<ReceiveConnectorName>" -TlsCertificateName $tlscertificatename
Exchange issues Powershell
Get active backend components
- Get-ServerComponentState <ServerName> | ft Component,State –Autosize
Get Mail Queue
- Get-Queue
Check event viewer for Backpressure events: 15004 15005 15006 15007
- Get-EventLog -ComputerName <servername> -LogName Application -After (Get-Date).AddDays(-1) | where {$_.EventID -eq "15004"}
Check the Database availability groups cmdlet - use to find out if exchange server is the Primary or Secondary
- Get-DatabaseAvailabilityGroup
You can get all the details you need by using the following command:
- Get-DatabaseAvailabilityGroup | fl
- Get-DatabaseAvailabilityGroup -status
Sometimes the witness will fail, you can check the status of the witness by using the cluster resource cmdlet:
- ipmo failoverclusters
- Get-ClusterResource
This will tell you where the witness stores the file. If the DAG finds the resource unrelibale it might mark it as failed - you can restart this by using start-cluster resource:
- Get-ClusterResource | Start-ClusterResource
Get the log for the cluster
- Get-ClusterLog -Destination <File pathway>
For when there is on-prem and O365 mailboxes
- Need a local user in domain for the shared mailbox for permissions
In Office 365:
1. Get-Mailbox nameofmailbox@domain.com | fl ExchangeGuid
Get-Mailbox nameofmailbox@domain.com | fl ExchangeGuid
In Exchange on-premise powershell:
2. Enable-RemoteMailbox nameofmailbox@domain.com -RemoteRoutingAddress nameofmailbox@domain.mail.onmicrosoft.com
3. Set-RemoteMailbox nameofmailbox@domain.com -ExchangeGuid <GUID recorded from step 1>
Exchange online issues
Clear old problems with hybrid exchange conflicts by removing old mailbox configurations from user objects:
Log into exchange online with connect-exchangeonline:
- Set-User <problem user objectid> -PermanentlyClearPreviousMailboxInfo