en Passant

I have a number of scheduled tasks. One of those tasks queries a remote AD domain and pulls the members of a security group. These accounts would be considered the LinkedMasterAccounts for mailboxes homed on my server. I want to quickly find the mailbox for each of these remote IDs and disable/enable the activesync functionality.

The fastest command would be something like:

I am working on a script to modify all new mailboxes created within the last X days. Plan to use this to apply mailbox retention policies to these new mailboxes each evening with a scheduled script. After watching a short web seminar on powershell.com, I thought I'd create it as a function that has some required parameters.

Reference: http://www.wisesoft.co.uk/scripts/powershell_search_for_all_users_by_the...

We lock down our SMTP relays (i.e. Edge Servers) to only accept incoming email messages from specific server IP adresses. At the moment, our server is home to over 2100 different IP addresses. To consolidate the list, I considered trying to find similar CIDR notation subnets, but that turned to difficult and opened too many holes.

What I found is Exchange 2007 allows you to define ranges. From that I defined the attached script to sort, then consolidate the list into a single series of IPs. This process has reduced the single IPs into 1100 IP ranges.

A few months ago, I posted a script that I wrote to break down the "Allowed Senders to this DL" . This revised code works a little faster as it reads the current collapsed DL membership for the mailbox in question. Then just needs to compare with what is out there for permissions. Last release, collapsed the accept permissions, and check against membership of the user.

Asked to get the physical sizes of each db in an Exchange environment. Most of our exchange servers are CCR clusters. This script connects to the $ admin share on the active node and pulls the file size of each DB. Since we name our databases from our CCR names, that was sufficient data.

Name, Length
CCR01-SG1-DB1, 12345678

We maintain an Exchange EDGE server on our perimeter as SMTP relay. Application servers can use this server to relay email out (to internal recipients or the Internet). To keep this server from being an open relay, we maintain a list of valid IP addresses that can relay through this server. To update the the relay, we run my script below to import the IPs. On our first attempt, we found that MS Edge 2007 - Receive Connectors have a limit on allowed RemoteIPRanges values. After approximately 1100 individual IPs, it would quit accepting any additional IP addresses. Unfortunately, we have over 1300 current application servers running currently.

We are set to finish our migration of several email domains over to our Exchange 2007 environment. One of the last issues to migrate across is the Exchange 2003 Recipient Update Policies, into the Exchange 2007 Email Address Policies.

Our current e2k3 RUP is a fine-tuned LDAP query:

(mailnickname=*)
(|(extensionattribute3=EXAMPLE*)(department=EXAMPLE*))
(|(objectCategory=group)(&(objectCategory=person)(objectClass=user)))

We have been working to synchronize our GAL through non-technical means with another remote company. We don't actively have a connection to this other environment so sneaker-net is the solution.

I currently get a CSV from this company with the following columns.

• Mode (A for Add, D for Delete, C for Change)
• FirstName
• LastName
• DisplayName
• EmailAddress

Recently one of our executives received an odd email message. Initial review of the message shown that her name was in the FROM field, an external recipient was in the TO field, the subject was something like "Request Update: Original Meeting Subject" and to top it off, it shown up as unread in her Inbox.

Initial analysis suggested that the message was a spam or spoofed message, but the subject was deceiving. OK, if that were so, then someone has been infected with a virus or spam-bot. Not good. This required further investigation.

In Exchange 2007, they have finally done resources correct. Using Powershell, you can define a mailbox specifically as a conference room, laptop, projector or other resource. As a resource it will appear differently in Outlook 2007 and OWA. These resources can be defined to automagically accept meeting requests using specific permissions on these resources. No longer will you need to use the flaky AAA as in Exchange 2003.

The attached script is my very detailed, all-in-one convert a standard/migrated mailbox to a conference room resource in Exchange 2007.