Tuesday, January 28, 2014

Copy and Paste New ActiveSync Mailbox Policy

I am working on setting up a bunch of new ActiveSync mailbox policies for my office. Each department is wanting to have an individual policy setup with their own settings. Using my previously posted script to activate mailboxes based on group membership it's rather easy to assign individual policies to mailboxes (via group name matching up to activesync mailbox policy name).

To create new polices, I have been working on this script. It takes a list of settings like:

Name :                   Test Policy (HR)
AllowNonProvisionableDevices             : False
AlphanumericDevicePasswordRequired       : False
AttachmentsEnabled                       : True
DeviceEncryptionEnabled                  : False
RequireStorageCardEncryption             : False
AllowCamera                              : True

and then creates or modifies the policy, when I simply paste the notes into the script when prompted.



Some things I worked on with this script:

  1. Using the Invoke-Expression option to run the command numerous times without coding for each option. This assumes that the input is valid (and not for a different version of Exchange). 
  2. Reading the built-in $ERROR logs to find specific entries with the script. Sometimes people give you values that the Set-ActiveSyncMailboxPolicy do not accept. I wanted the script to return those values. When complete, you should get a breakdown of each entry that returned an error. 



<#
.SYNOPSIS
   Configure ActiveSync Mailbox Policy
.DESCRIPTION
   Copy and Paste description of ActiveSync Policy into Script and it will create/modify policy. 
#>
Write-Host "Paste in your AS Policy settings:"
$s=@();do {$r=Read-Host "+";if($r -ne ""){$s+=$r.trim()}} while ($r -ne "")

if (($s -match "Name").count -eq 0) {
 $asPolicyName = Read-Host "Policy Name" 
}

$ExistingPolicy = Get-ActiveSyncMailboxPolicy $asPolicyName  -ErrorAction SilentlyContinue
if ($ExistingPolicy -eq $null) {
 New-ActiveSyncMailboxPolicy -Name $asPolicyName 
}

$CapturedErrors = @()

ForEach ($value in $s) {
 $sp = $value.split(":")
 $Prop = $sp[0].trim()
 [string]$PVstr = $sp[1].trim()
 if ($PVstr -eq "True") {
  $pvstr = "1"
 } elseif ($pvstr -eq "false") {
  $pvstr = "0"
 } elseif ($pvstr -eq "{}") {
  $pvstr = "$null"}
  
 $execStr = "Set-ActiveSyncMailboxPolicy -identity '"+$asPolicyName+"' -"+$Prop +" "+ $PVstr +" -erroraction silentlyContinue"
 Invoke-Expression $execStr -ErrorAction SilentlyContinue  
 $E = $Error
 $FoundError = $e | ?{$_ -like "*"+$prop+"*" -and $_  -like "*"+$pvstr +"*" }
 if ($FoundError -is [array]) {
  [array]$CapturedErrors += $FoundError[0]
  write-host $FoundError[0]
 } else {
  Write-Host $FoundError
  [array]$CapturedErrors += $FoundError
 }
}

No comments:

Post a Comment