Tag : exchange

Exchange 2010 Anti-Spam modules install

  1. Run the following command from the C:Program FilesMicrosoftExchange ServerV14Scripts folder.


2. After the script has run, restart the Microsoft Exchange Transport service by running the following command.

Restart-Service MSExchangeTransport

For all anti-spam features to work correctly, you must have at least one IP address of an internal SMTP server set on the InternalSMTPServers parameter on the Set-TransportConfig cmdlet. If the Hub Transport server on which you’re running the anti-spam features is the only SMTP server in your organization, enter the IP address of that computer.

Set-TransportConfig -InternalSMTPServers IP_address

Exchange 2007 Powershell commands

Receive Connector


Define the FQDN:

Set-ReceiveConnector “<Connector-Name>” –Fqdn:name.company.ca

Set up Anonymous Authentication:

(take a note of the current groups)

Get-ReceiveConnector “<Connector-Name>” | Select PermissionsGroups

(use the current value plus the new value)

Set-ReceiveConnector “<Connector-Name>” –PermissionGroups:<AnonymousUsers, ExchangeUsers, ExchangeServers, ExchangeLegacyServers, Partners>



New Mailbox User:

New-Mailbox -Name “<name>” -Alias <alias> -Database “<mailboxdatabasename>” -UserPrincipalName <alias>@<domain.local> -OrganizationalUnit <domain.local>/OU/OU -Password “<password>”

Move all users from one server to another:

Get-Mailbox -Server SRV1 | Move-Mailbox -TargetDatabase SRV2



Exchange Organization Name:

Get-OrganizationConfig | select name



Mailbox Sizes in MB:

Get-MailboxStatistics | Sort-Object TotalItemSize -Descending | ft DisplayName,@{expression={$_.TotalI

Find account with SMTP address:

Get-Mailbox | where {$_.emailAddress -contains “emailaddress@domain.com”} | select name

Get-Recipient -identity emailaddress@domain.com

Current connections to Exchange Server:

get-logonstatistics -server <servername> | select username,clientversion

Count of mailboxes per database:

Get-MailboxDatabase | Get-MailboxStatistics | Group-Object -property:database | Sort-Object -property:count | Format-Table count, name -AutoSize

Count of mailboxes per server:

Get-MailboxDatabase | Get-MailboxStatistics | Group-Object -property:serverName | Sort-Object -property:count | Format-Table count, name -AutoSize

Count of mailboxes in entire Exchange Org:

Get-MailboxDatabase | Get-MailboxStatistics | Group-Object

count of mailboxes grouped by Email Address Policy enabled/ disabled:

Get-Mailbox | Group-Object -property:emailaddresspolicyenabled | Sort-Object -property:count | Format-Table count, name -Autosize



Generate Certificate Request:

New-ExchangeCertificate -GenerateRequest -Path <pathforcsrfilecertname.csr> -KeySize 1024 -SubjectName “c=GB, s=<County>, l=<town>, o=<companyname>, cn=<commoncertname/externalfqdn>” -DomainName <autodiscover.domain.com, servernetbiosname, serverfqdn> -PrivateKeyExportable $True

Import Certificate:

Import-ExchangeCertificate –Path <drive:pathcertfilename.cer>

Find Thumbprint for Imported Certificate:

Dir cert:LocalMachineMy | fl

Bind Certificate to Exchange Services:

Enable-ExchangeCertificate -Thumbprint <thumbprint> –Services “SMTP,IIS”

Get Certificate Status:


Export Certificate:

$password = Read-Host “Enter Password” -AsSecureString

Export-ExchangeCertificate -Thumbprint <certthumbprint> -Password $password -Path <pathtoexportcert.pfx>

Import PFX Certificate with Public Key:

Import-ExchangeCertificate -Path c:certificatesimport.pfx -Password:(Get-Credential).password

[Anything can be entered in username, enter public key in password]

SCR (Standby Continuous Replication)


Enable SCR on Storage Group:

enable-storagegroupcopy -identity <storagegroupGUID> -standbymachine exch1b -ReplayLagTime 0.1:0:0

Disable SCR on Storage Group:

disable-storagegroupcopy -identity <storagegroupGUID> -standbymachine exch1b

Get SCR Status of Storage Group:

get-storagegroupcopystatus -identity <storagegroupGUID> -standbymachine exch1b



Suspend replication:

suspend-storagegroupcopy -identity <clusternamestoragegroupname>

Resume replication:

Resume-storagegroupcopy -identity <clusternamestoragegroupname>

Reseed passive node:

– suspend-storagegroupcopy -identity <clusternamestoragegroupname>

– Remove all database, transaction log and checkpoint files from passive node

– Update-StorageGroupCopy <clusternamestoragegroupname>

– Get-Storage
GroupCopyStatus (to check replication after copy resumed)



Which node is the active/ passive node:

Get-ClusteredMailboxServerStatus -Identity <ClusteredMailboxServerName>

ClusteredStorageType for all Mailbox Servers (Shared-SCC, Non-Shared-CCR, None-Mailbox)


Manually Switch Active Node:

Move-ClusteredMailboxServer -Identity:<ClusteredMailboxServerName> -TargetMachine:<NodeName> -MoveComment:”<comment>”



Check which users logged onto which CAS server:

Get-LogonStatistics -Server <CASServerName>

Enable Outlook Anywhere:

Enable-OutlookAnywhere -Server <CASServerName> -SSLOffloading:$false -ExternalHostname <externalFQDN> -ClientAuthenticationMethod basic -IISAuthenticationMethods basic



Specify -Password option as secure string:

$password = Read-Host “Enter password” -AsSecureString

Create New Mailbox:

New-Mailbox -Name “<name>” -Database “<First Storage GroupMailbox Database>” -OrganizationalUnit domain.local/OU/OU -Alias <alias> -UserPricipalName <user>@<domain.local> -FirstName Chris -LastName Ashton -DisplayName “Chris Ashton” -Password $password



Check if mailbox still in dumpster (mailbox retention period expired):

Get-MailboxStatistics | where { $_.DisconnectDate -ne $null } | select DisplayName,DisconnectDate



Test Outlook Anywhere:

Test-WebServicesConnectivity | fl

Test OWA:

Test-OwaConnectivity | fl

Test AutoDiscover:

Test-OutlookWebServices | fl

The counter Processor%Processor Time should not be consistently over 75%. Although spikes will regularly occur, if the processor is being so heavily utilized, you should consider upgrading. On an Edge Transport server, this can happen if Forefront for Exchange is deployed and the antivirus scanning engines are taking up too many of the processor’s cycles. On a server that is not under duress, the Logical DiskQueue Length counter should be 4 or lower, MemoryPages/Sec should not be regularly higher than 10, and Network InterfaceOutput Queue Length should not be higher than 5.

Mailbox servers rely heavily on the disk subsystem. On a server that is coping well with its load, the Logical DiskQueue Length counter should be 4 or lower. A rating of 15 would suggest that the volume is being used so heavily that the entire server is crawling to a halt. In this situation, you’d want to move some mailboxes off this server or put in faster disks, such as those in a striped volume. On a server that is not under duress, the counter Processor%Processor Time should not be consistently over 75%, MemoryPages/Sec should not be regularly higher than 10, and Network InterfaceOutput Queue Length should not be higher than 5.

Exchange 2003 to 2010 Transition guide

This is a guide for transitioning Exchange 2003 to 2010 in the same domain.

n.b (An Exchange migration is from one Active Directory forest to a different Active Directory forest.)

  1. Bring the Exchange organization to Exchange Native Mode.
  2. Upgrade all Exchange 2003 Servers to Exchange Server 2003 Service Pack 2.
  3. Bring the AD forest and domains to Windows Server 2003 Functional (or higher) levels.
  4. Upgrade at least one Global Catalog domain controller in each AD Site that will house Exchange Server to Windows Server 2003 SP2 or greater.
  5. Run ServerManagerCmd -i NET-Framework from 2008 R2 server.
  6. (only run if setup is not run by Schema, Enterprise and Domain Admin)Prepare a Windows Server 2008 (RTM or R2) x64 edition server for the first Exchange 2010 server.
  7. Install the AD LDIFDE tools on the new Exchange 2010 server (to upgrade the schema). ServerManagerCmd -i RSAT-ADDS
  8. Install Web Server role on the CAS server and any necessary prerequisites. (If additional Exchange servers are on the network)
  9. Set the Net.Tcp Port Sharing service to automatic
  10. Install the Office 2007 converter filter Pack http://go.microsoft.com/fwlink/?LinkId=123380
  11. Run setup on the Exchange 2010 server, upgrade the schema, and prepare the forest and domains. (Setup runs all in one step or separate at the command line.)
  12. Install CAS server role servers and configure per 2010 design. (If required)
  13. Install Mailbox servers and configure Databases (DAG if needed)
  14. Install Hub Transport role and configure per 2010 design.
  15. Create public folder replicas on Exchange 2010 servers using shell. Run cd <Exchange Installation Path>Scripts then run.AddReplicatoPFRecursive.ps1 -TopPublicFolder -ServerToAdd Servername in Exchange Shell, or Exchange 2010 Public Folder tool.
  16. Transfer inbound and outbound mail traffic to the HT servers.
  17. Rehome the Offline Address Book (OAB) generation server to Exchange Server 2010.
  18. Transfer OWA, ActiveSync, and Outlook Anywhere traffic to new CAS servers.
  19. Move mailboxes to Exchange Server 2010 using Move Mailbox Wizard or Powershell.

    Indivdual users:New-MoveRequest -Identity “someuser@corp.local” -DomainController DC02 -TargetDatabase “Mailbox Database 01”

    Entire mailboxes: .MoveMailbox.ps1 -MailboxDatabase “SRV-01First Storage GroupMailbox Store (SRV-01)” -TargetDatabase “Mailbox Database” (note: ps1 scripts must be run from ExchsvrScripts location in Management Shell)

  20. Run Get-MoveRequest –MoveStatus Completed | Remove-MoveRequest to remove Move requests otherwise mailboxes can’t be moved again.
  21. Update Email address policy to Exchange 2010

    Get-EmailAddressPolicy | where {$_.RecipientFilterType –eq “Legacy”} | Set-EmailAddressPolicy –IncludedRecipients AllRecipients

  22. Update Address Lists

Set-AddressList “All Users” -IncludedRecipients MailboxUsers

Set-AddressList “All Groups” -IncludedRecipients MailGroups

Set-AddressList “All Contacts” -IncludedRecipients MailContacts

Set-AddressList “Public Folders” -RecipientFilter { RecipientType -eq ‘PublicFolder’ }

Set-GlobalAddressList “Default Global Address List” -RecipientFilter {(Alias -ne $null -and (ObjectClass -eq ‘user’ -or ObjectClass -eq ‘contact’ -or ObjectClass -eq ‘msExchSystemMailbox’ -or ObjectClass -eq ‘msExchDynamicDistributionList’ -or ObjectClass -eq ‘group’ -or ObjectClass -eq ‘publicFolder’))}

  1. Rehome Public Folder Hierarchy on new Exchange Server 2010 Admin Group.
  2. Transfer all Public Folder Replicas to Exchange Server 2010 Public folder store(s).
  3. Delete Public and Private Information Stores from Exchange 2003 server(s).
  4. Delete Routing Group Connectors to Exchange Server 2003.

    Get-RoutingGroupConnector | Remove-RoutingGroupConnector

  5. Delete Recipient Update Service agreements using ADSIEdit

    “CN=Recipient Update Services,CN=Address Lists Container,CN=Commonname, CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=domain,DC=local”

  6. Uninstall all Exchange 2003 servers through add/remove programs