en Passant

With the resource forest model, we need to grant permissions to the client's logon (authentication account) so that they can modify their own delegates. This script takes both a command-line option, or will request one if the cmd-line option is not populated.

It grants the WriteProperty and SendAs which I believe is unnecessary for delegates, but resolved other problems I was having in the environment.

As part of the larger mailbox moves we're doing, I developed this short function to sort an array of mailbox objects by their size. I was hoping that by feeding Move-Mailbox cmdlet a sorted list, it would move mailboxes faster. My theory being that if I started with the Largest mailboxes first, it would only take the longest mailbox time for all the moves. By sorting the list, it appears to have cut down on the doubling up of moves..

For example if my group contains:

• Tom = 5gb
• Lisa = 3gb
• Fred = 2gb
• Bob = 10gb
• Paul = 5mb

We're working on load balancing our mailbox storage groups and needed to thin down a database by about 100gb of data. This simple script will move up to 100gb from one storage group to a specific other storage group.

We're working with a few groups to implement mailbox limits. To assist their users, I've been working on a report that breaks down the users into a few basic size limits. This function takes an array of IDs (Distinguished name field required) and returns a fairly basic HTML report back.

I am using the Quest AR Powershell cmdlet to read a group membership for my source data.

For example:

In order to report on our current load-balancing of our mailbox servers, regularly I run a report on how many mailboxes are on each mailbox server. Typically, I'd simply run a simple one-liner like the following:

This code would take 3 to 5 HOURS to query all 20 Exchange clusters and 80k mailboxes.

The ISO recently found that a number of people had been using their iPhones and connecting to the Email system to check their email. This was quite a surprise and actually caused some surprised screaming by said ISO. The solution was to disable all those users that did not belong to a security group.

This script was designed to detail what groups a mailbox is member of. I didn't necessarily want a flat dump of group membership (i.e. get-qadgroupmember -indirect). I wanted something that would give a detailed break down of what groups a person belonged to, and how it flows up into parent groups.

Script uses Exchange 2007 PowerShell cmdlets + Quest Active Roles Powershell Cmdlets.

Here's what I get back from this script:
----------------
.All Staff List
..Windows Team

I needed to generate a report that detailed 3 things.

1. Which SMTP domains sent the most email through our environment. We support a number of customers and wanted to see our biggest users.
2. What time was our heaviest load for email. Break-down message traffic by the hour.
3. Largest and average size of emails.

This code asks for 2 items, date start and how many days forward. It generates a text file for each HubTransport and each 24 hour period.

We had an independent review of all our Exchange servers and the consultants came back and pointed out that our Checkpoint log location was different than our log files. They wanted us to put the Checkpoint file in the same folder. I did this in 2 parts.

1. Grab all storage groups that currently had different values.

I am working on a project to add members to a series of distribution lists. These lists are nested into various parent lists, sometimes 2-3 layers deep. It's never been updated, but almost all these distribution groups are Mail-enabled Global Security groups. Powershell really, really wants to work with Universal groups. You can't just convert the current DL to Universal, it's parent needs to be Universal also.

The following function recurses a DL's parents and converts them all to Universal DLs using Quest's Set-QADGroup.