piszczynski>Aleks |
piszczynski>Aleks |
||
| Line 59: | Line 59: | ||
*Get-SendConnector | Where-Object {$_.Enabled -eq $true} | fl | *Get-SendConnector | Where-Object {$_.Enabled -eq $true} | fl | ||
==Exchange Certificates== | |||
Get and assign exchange certificates | Get and assign exchange certificates | ||
*Get-ExchangeCertificate | Format-List FriendlyName,Subject,CertificateDomains,Thumbprint,Services | *Get-ExchangeCertificate | Format-List FriendlyName,Subject,CertificateDomains,Thumbprint,Services | ||
Revision as of 13:37, 18 July 2023
Connect to O365 Exchange
- $UserCredential = Get-Credential
- $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection
- Import-PSSession $Session -DisableNameChecking
- $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection
Then to close the session
- Remove-PSSession $Session
Hide O365 group from GAL ( as this cannot be done on admin portal )
- Set-UnifiedGroup <group> -HiddenFromAddressListsEnabled $true
Install the exchange online management module
- Install-Module -Name ExchangeOnlineManagement -RequiredVersion 2.0.3
Handy Commands for Exchange Powershell
- Add permission to calendar:
- This will give a user permissions to another calendar
- Set-MailboxFolderPermission “CalendarName:\calendar” –User default –AccessRights reviewer
- This will give a user permissions to another calendar
- Send on Behalf
- This will grant Charles permissions to send on behalf of Gert.
- Set-Mailbox gert.mailbox -GrantSendOnBehalfTo charles.surname
- This will grant Charles permissions to send on behalf of Gert.
- Send As
- This will grant Charles permissions to send as Gert.
- Add-ADPermission gert.mailbox -ExtendedRights Send-As -user charles.surname
- This will grant Charles permissions to send as Gert.
- Full Mailbox Access
- This will grant Charles full access to Gert's mailbox.
- Add-MailboxPermission -Identity gert.mailbox -User charles.surname
- This will grant Charles full access to Gert's mailbox.
Add full access permission to all mailboxes to an account:
- Get-Mailbox -ResultSize unlimited -Filter {(RecipientTypeDetails -eq 'UserMailbox') -and (Alias -ne 'Admin')} | Add-MailboxPermission -User UserAccount@domain.com -AccessRights fullaccess -InheritanceType all -AutoMapping:$False
Add Send as permissions to mailboxes:
- $UserMailboxes = Get-Mailbox | Where {$_.RecipientTypeDetails -eq “<Type of mailbox>”}
- $UserMailboxes | Add-RecipientPermission -AccessRights SendAs –Trustee <identity>
Get all disconnected mailboxes:
- $dbs = Get-MailboxDatabase; $dbs | foreach {Get-MailboxStatistics -Database $_.DistinguishedName} | where {$_.DisconnectReason -eq "Disabled"} | Format-Table DisplayName,Database,DisconnectDate
Reconnect Mailbox:
- Connect-Mailbox -Identity "<mailbox name>" -Database <database shown in previous check> -User "<user name>"
Get mailbox sizes
- Get-Mailbox -ResultSize Unlimited | Get-MailboxStatistics | Sort-Object TotalItemSize -Descending | Select-Object DisplayName,TotalItemSize
- Get-OutlookProvider | fl
- Get-OutlookAnywhere | fl
- Get-ClientAccessServer | fl
- Get-ActiveSyncVirtualDirectory | fl
- Get-AutodiscoverVirtualDirectory | fl
- Get-EcpVirtualDirectory | fl
- Get-OabVirtualDirectory | fl
- Get-OwaVirtualDirectory | fl
- Get-PowerShellVirtualDirectory | fl
- Get-WebServicesVirtualDirectory | fl
- Get-SendConnector | Where-Object {$_.Enabled -eq $true} | fl
Exchange Certificates
Get and assign exchange certificates
- Get-ExchangeCertificate | Format-List FriendlyName,Subject,CertificateDomains,Thumbprint,Services
- Enable-ExchangeCertificate -Thumbprint 434AC224C8459924B26521298CE8834C514856AB -Services POP,IMAP,IIS,SMTP
Exchange issues Powershell
Get active backend components
- Get-ServerComponentState <ServerName> | ft Component,State –Autosize
Get Mail Queue
- Get-Queue
Check event viewer for Backpressure events: 15004 15005 15006 15007
- Get-EventLog -ComputerName <servername> -LogName Application -After (Get-Date).AddDays(-1) | where {$_.EventID -eq "15004"}
Check the Database availability groups cmdlet - use to find out if exchange server is the Primary or Secondary
- Get-DatabaseAvailabilityGroup
You can get all the details you need by using the following command:
- Get-DatabaseAvailabilityGroup | fl
- Get-DatabaseAvailabilityGroup -status
Sometimes the witness will fail, you can check the status of the witness by using the cluster resource cmdlet:
- ipmo failoverclusters
- Get-ClusterResource
This will tell you where the witness stores the file. If the DAG finds the resource unrelibale it might mark it as failed - you can restart this by using start-cluster resource:
- Get-ClusterResource | Start-ClusterResource
Get the log for the cluster
- Get-ClusterLog -Destination <File pathway>
For when there is on-prem and O365 mailboxes
- Need a local user in domain for the shared mailbox for permissions
In Office 365:
1. Get-Mailbox nameofmailbox@domain.com | fl ExchangeGuid
In Exchange on-premise powershell:
2. Enable-RemoteMailbox nameofmailbox@domain.com -RemoteRoutingAddress nameofmailbox@domain.mail.onmicrosoft.com
3. Set-RemoteMailbox nameofmailbox@domain.com -ExchangeGuid <GUID recorded from step 1>
Exchange online issues
Clear old problems with hybrid exchange conflicts by removing old mailbox configurations from user objects:
Log into exchange online with connect-exchangeonline:
- Set-User <problem user objectid> -PermanentlyClearPreviousMailboxInfo