Zach Butler’s Blog

Just another IT Management weblog

Archive for the ‘Exchange 2010’ Category

Enable Admin Audit Logging Exchange 2010

leave a comment »

Exchange 2010 allows auditing of administrative actions. All actions can be audited or just specific cmdlets and parameters. To enable Audit Logging open the Exchange Management Shell and run the following commands.

Audit All cmdlets
Set-AdminAuditLogConfig -AdminAuditLogCmdlets *
or
Only audit New-Mailbox, all transport rules, all management, all set-transport cmdlets
Set-AdminAuditLogConfig -AdminAuditLogCmdlets New-Mailbox, *TransportRule, *Management, Set-Transport*

Set-AdminAuditLogConfig -AdminAuditLogParameters *

or

Set-AdminAuditLogConfig -AdminAuditLogParameters Database, *Address*, Custom*, *Region
Audits just the parameters that have Database, all parameters with *Address*, begins with Custom, ends with Region.

Set-AdminAuditLogConfig -AdminAuditLogMailbox AdminAudit@adatum.com
All auditing is sent to the mailbox of AdminAudit.

Set-AdminAuditLogConfig -AdminAuditLogEnabled $True

SetAdminAuditLogEMS

All of the commands can be run on a single line if you prefer.

After creating a new mailbox by either using the EMC or the EMS, an email is sent to the AdminAudit Mailbox. Make sure the Mailbox is secured appropriately and archive or delete the mail after a specified amount of time. A command Set-AdminAuditLogConfig –AdminAuditLogAgeLimit DD.HH:MM:SS is not available for the RTM release of 2010 so be sure to watch the size of the mailbox.

Below is a screenshot of the message sent to the AdminAudit Mailbox after creating a new Mailbox and User.

AdminAuditLogEmail

Advertisements

Written by Zach Butler

March 18, 2010 at 4:16 am

Enable Admin Audit Logging Exchange 2010

leave a comment »

Exchange 2010 allows auditing of administrative actions. All actions can be audited or just specific cmdlets and parameters. To enable Audit Logging open the Exchange Management Shell and run the following commands.

Audit All cmdlets
Set-AdminAuditLogConfig -AdminAuditLogCmdlets *
or
Only audit New-Mailbox, all transport rules, all management, all set-transport cmdlets
Set-AdminAuditLogConfig -AdminAuditLogCmdlets New-Mailbox, *TransportRule, *Management, Set-Transport*

Set-AdminAuditLogConfig -AdminAuditLogParameters *

or

Set-AdminAuditLogConfig -AdminAuditLogParameters Database, *Address*, Custom*, *Region
Audits just the parameters that have Database, all parameters with *Address*, begins with Custom, ends with Region.

Set-AdminAuditLogConfig -AdminAuditLogMailbox AdminAudit@adatum.com
All auditing is sent to the mailbox of AdminAudit.

Set-AdminAuditLogConfig -AdminAuditLogEnabled $True

All of the commands can be run on a single line if you prefer.

After creating a new mailbox by either using the EMC or the EMS, an email is sent to the AdminAudit Mailbox. Make sure the Mailbox is secured appropriately and archive or delete the mail after a specified amount of time. A command Set-AdminAuditLogConfig –AdminAuditLogAgeLimit DD.HH:MM:SS is not available for the RTM release of 2010 so be sure to watch the size of the mailbox.

Below is a screenshot of the message sent to the AdminAudit Mailbox after creating a new Mailbox and User.

Written by Zach Butler

March 18, 2010 at 2:13 am

Posted in Exchange 2010

Exchange 2010 Modify Details Template to Include Custom Resource Properties

leave a comment »

After creating the Custom Resource Mailbox Properties that I showed in a previous blog, users need to open the address book and select the All Rooms address list, scroll to the right to find the description. There they will be able to see the custom resources of the conference room or piece of equipment.

Another option that may make it easier on your users is to create a custom details template from Exchange 2010. To do that we need to open the Toolbox on the bottom of the Exchange Management Console.

EMCToolbox

Open the Details Template Editor.

 

 

EnglishUserTemplate

Locate the language of your users (English)and open the User Template Type

 

 

AddTab

On the Edit drop down menu select Add Tab.

 

 

ResourcePropertiesTab

In the Appearance | Text section, type the name you want to use for the new tab (Resource Properties).

 

 

AddLabel

Drag the Label option to where you want to display it on the new Tab. In the Appearance | Text section type the text you want to use for the Label (Resource Mailbox Properties)

 

 

AddEditBox

Drag the Edit option next to the label you created. In the Misc | Attribute Name field, type the following ms-Exch-Resource-Display

AddressBookWithResourceProperties

Open Outlook 2007, open the Address Book, find the Conference Room created earlier with added Custom Resource Properties, Right click and choose properties. The new tab with the appropriate Resource Mailbox Properties should be listed.

Written by Zach Butler

March 17, 2010 at 10:41 pm

Adding Additional Properties to Resource Mailboxes – Exchange 2010

with 2 comments

Create a new Resource Mailbox by using the Exchange Management Console. Right click the new resource mailbox and choose properties. On the Resource General tab, notice there are not any custom properties. 

Resource Properties

To add custom properties, open the Exchange Management Shell. We will be adding properties for the following custom entries.

Custom Room Properties AV, TV, Whiteboard, Projector, and WIFI                                          

Custom Equipment Properties Car, Van

$ResourceConfiguration = Get-ResourceConfig

$ResourceConfiguration.ResourcePropertySchema+=("Room/AV")
$ResourceConfiguration.ResourcePropertySchema+=("Room/TV")
$ResourceConfiguration.ResourcePropertySchema+=("Room/Whiteboard")

$ResourceConfiguration.ResourcePropertySchema+=("Room/Projector")

$ResourceConfiguration.ResourcePropertySchema+=("Equipment/Car")
$ResourceConfiguration.ResourcePropertySchema+=("Equipment/Van")

Set-ResourceConfig -ResourcePropertySchema $ResourceConfiguration.ResourcePropertySchema

 EMSResourceConfiguration

Go back to the Exchange Management Console and the properties of the conference room that was created earlier. On the Resource General tab click the add button.

Resource Properties

Select the appropriate properties for this resource.

SelectResourceCustomProperty

Click OK.

ConferenceRoomProperties

Users can now see these properties in the Address Book when they are booking the resource for their meetings. Make sure to select ALL Rooms from the drop down list.

AddressBookAllRooms

AllRoomsResourceProperties

 

Written by Zach Butler

March 17, 2010 at 4:39 am

Adding Additional Properties to Resource Mailboxes – Exchange 2010

leave a comment »

Create a new Resource Mailbox by using the Exchange Management Console. Right click the new resource mailbox and choose properties. On the Resource General tab, notice there are not any custom properties. 

To add custom properties, open the Exchange Management Shell. We will be adding properties for the following custom entries.

Custom Room Properties AV, TV, Whiteboard, Projector, and WIFI                                          

Custom Equipment Properties Car, Van

$ResourceConfiguration = Get-ResourceConfig

$ResourceConfiguration.ResourcePropertySchema+=("Room/AV")
$ResourceConfiguration.ResourcePropertySchema+=("Room/TV")
$ResourceConfiguration.ResourcePropertySchema+=("Room/Whiteboard")

$ResourceConfiguration.ResourcePropertySchema+=("Room/Projector")

$ResourceConfiguration.ResourcePropertySchema+=("Equipment/Car")
$ResourceConfiguration.ResourcePropertySchema+=("Equipment/Van")

Set-ResourceConfig -ResourcePropertySchema $ResourceConfiguration.ResourcePropertySchema

 

Go back to the Exchange Management Console and the properties of the conference room that was created earlier. On the Resource General tab click the add button.

Select the appropriate properties for this resource.

Click OK.

Users can now see these properties in the Address Book when they are booking the resource for their meetings. Make sure to select ALL Rooms from the drop down list.

Written by Zach Butler

March 17, 2010 at 2:39 am

Posted in Exchange 2010

MailTips

leave a comment »

MailTips are enabled by default on a new installation of Exchange 2010, MailTips must be configured in the EMS.

Set-OrganizationConfig -MailTipsAllTipsEnabled $true

Set-OrganizationConfig -MailTipsAllTipsEnabled $false

The Following are types of MailTips used by Exchange 2010


Invalid Internal Recipient – sender adds a recipient that appears to be internal to the organization but doesn’t exist in Active Directory


Mailbox Full – sender adds a recipient whose mailbox is full


Automatic Replies – sender adds a recipient who has turned on automatic replies – displays the first 250 characters of the automatic reply configured by the recipient


Custom – sender adds a recipient for whom a customized MailTip is configured. Custom MailTips can include HTML links, but not scripts. The length of a custom MailTip can’t exceed 250 characters

The following commands can be used to create custom MailTips

Set-Mailbox
Set-MailContact
Set-MailUser
Set-DistributionGroup
Set-DynamicDistributionGroup
Set-MailPublicFolder

Examples for custom MailTips

Set-Mailbox -Identity "Help Desk" -MailTip "A Help Desk representative will contact you within 2 hours."
Set-DistributionGroup -Identity "HR" -MailTip "This distribution group is used for Human Resources departmental communications. If you want to contact an HR representative, please e-mail HRQuestions@contoso.com."


Restricted Recipient – sender adds a recipient for which delivery restrictions are configured prohibiting this sender from sending messages


External Recipients – sender adds a recipient that’s external, or adds a distribution group that contains external recipients, disabled by default. To turn on, run the following command

Set-OrganizationConfig -MailTipsExternalRecipientsTipsEnabled $true

The External Recipients MailTip relies on Group Metrics data. If you enable the External Recipients MailTip, make sure that you enable the Group Metrics MailTip.     To Enable Group Metrics. MailTips that provide information about the size of distribution groups and dynamic distribution groups rely on Group Metrics data. Group Metrics data is generated on designated Mailbox servers and is copied to Client Access servers using the Microsoft Exchange File Distribution Service.

Set-OrganizationConfig -MailTipsGroupMetricsEnabled $true

Set-MailboxServer MBX1 -GroupMetricsGenerationEnabled $true

Set-MailboxServer MBX1 -GroupMetricsGenerationEnabled $false

Set-MailboxServer MBX1 -GroupMetricsGenerationTime 23:30


Large Audience – messages to distribution groups that have more than 25 members –customizable by using the following EMS command

Set-OrganizationConfig -MailTipsLargeAudienceThreshold 50


Moderated Recipient – sender adds a recipient that’s moderated


Reply-All on Bcc – sender receives a Bcc copy of a message and selects Reply to All


Oversize Message – the message the sender is composing is larger than configured message size limits in your organization, the message size limits on the connectors in your organization aren’t taken into account


Outlook Web App and Outlook 2010 support MailTips

Written by Zach Butler

February 24, 2010 at 3:56 am

Posted in Exchange 2010

Remote Powershell Connection to Exchange 2010

leave a comment »

A user must be enabled for a Remote Shell before they can use it.
Set-User David -RemotePowerShellEnabled $True
 
Open Remote Exchange Management Shell
————————————————————–
To connect as currently logged on user
Set-ExecutionPolicy Unrestricted
 
$EMS = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri http://van-ex1.adatum.com/powershell/ -Authentication Kerberos
Import-PSSession $EMS
 
————————————————————–
To connect as different User Account
Set-ExecutionPolicy Unrestricted
$UserCredential = Get-Credential
 
$EMS = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri http://van-ex1.adatum.com/powershell -Authentication Kerberos -Credential $UserCredential
 
Import-PSSession $EMS
————————————————————–
 
To Disconnect from the Remote Powershell Console correctly
Remove-PSSession $EMS
 
Failure to disconnect will result in the session needing to timeout before the connection is released. By default, Exchange allows 18 concurrent powershell connections
Use Get-ThrottlingPolicy or Set-ThrottlingPolicy to view or change these defaults.
 
 

Written by Zach Butler

February 23, 2010 at 9:38 pm

Posted in Exchange 2010