Exchange PowerShell Scripts for Migration

I am using the following scripts to extract Exchange info in readiness for migration to Office 365 as a lot of info does not get transferred.  This is only export as not had time to look at automating the import yet.

# Export User Mailboxes and Permissions
Get-Mailbox -ResultSize Unlimited -RecipientTypeDetails UserMailbox | Select-Object DisplayName,PrimarySmtpAddress, @{Name=”EmailAddresses”;Expression={$_.EmailAddresses | Where-Object {$_.PrefixString -cne “SMTP”} | ForEach-Object {$_.SmtpAddress}}} | Export-CSV -NoTypeInformation ex-UserMailbox.csv
Get-Mailbox -ResultSize Unlimited -RecipientTypeDetails UserMailbox | Get-MailboxPermission | Select-Object identity,user,@{Name=”AccessRights”;Expression={$_.”AccessRights”}},IsInherited | Where-Object {$_.User -notlike “NT AUTHORITY\SELF” -and $_.IsInherited -eq $false} | Export-CSV -NoTypeInformation ex-UserMailboxPermissions.csv

# Export Shared Mailboxes and Permissions
Get-Mailbox -ResultSize Unlimited -RecipientTypeDetails SharedMailbox | Select-Object DisplayName,PrimarySmtpAddress, @{Name=”EmailAddresses”;Expression={$_.EmailAddresses | Where-Object {$_.PrefixString -cne “SMTP”} | ForEach-Object {$_.SmtpAddress}}} | Export-CSV -NoTypeInformation ex-SharedMailbox.csv
Get-Mailbox -ResultSize Unlimited -RecipientTypeDetails SharedMailbox | Get-MailboxPermission | Select-Object identity,user,@{Name=”AccessRights”;Expression={$_.”AccessRights”}},IsInherited | Where-Object {$_.User -notlike “NT AUTHORITY\SELF” -and $_.IsInherited -eq $false} | Export-CSV -NoTypeInformation ex-SharedMailboxPermissions.csv

# Export Equipment Mailboxes and Permissions
Get-Mailbox -ResultSize Unlimited -RecipientTypeDetails EquipmentMailbox | Select-Object DisplayName,PrimarySmtpAddress, @{Name=”EmailAddresses”;Expression={$_.EmailAddresses | Where-Object {$_.PrefixString -cne “SMTP”} | ForEach-Object {$_.SmtpAddress}}} | Export-CSV -NoTypeInformation ex-EquipmentMailbox.csv
Get-Mailbox -ResultSize Unlimited -RecipientTypeDetails EquipmentMailbox | Get-MailboxPermission | Select-Object identity,user,@{Name=”AccessRights”;Expression={$_.”AccessRights”}},IsInherited | Where-Object {$_.User -notlike “NT AUTHORITY\SELF” -and $_.IsInherited -eq $false} | Export-CSV -NoTypeInformation ex-EquipmentMailboxPermissions.csv

# Export Room Mailbxes and Permissions
Get-Mailbox -ResultSize Unlimited -RecipientTypeDetails RoomMailbox | Select-Object DisplayName,PrimarySmtpAddress, @{Name=”EmailAddresses”;Expression={$_.EmailAddresses | Where-Object {$_.PrefixString -cne “SMTP”} | ForEach-Object {$_.SmtpAddress}}} | Export-CSV -NoTypeInformation ex-RoomMailbox.csv
Get-Mailbox -ResultSize Unlimited -RecipientTypeDetails RoomMailbox | Get-MailboxPermission | Select-Object identity,user,@{Name=”AccessRights”;Expression={$_.”AccessRights”}},IsInherited | Where-Object {$_.User -notlike “NT AUTHORITY\SELF” -and $_.IsInherited -eq $false} | Export-CSV -NoTypeInformation ex-RoomMailboxPermissions.csv

# Export Mail Contacts
Get-Mailcontact -ResultSize Unlimited | Select-Object DisplayName,PrimarySmtpAddress | Export-CSV -NoTypeInformation ex-Mailcontact.csv

# Export User Mailbox Calendar/Contacts/Tasks Permissions
$r = foreach ($m in (get-mailbox -resultsize unlimited)) {Get-MailboxFolderPermission ($m.samaccountname+”:\calendar”) | select @{Name=’Name’;Expression={$m.Name}}, FolderName,Identity,Accessrights;Get-MailboxFolderPermission ($m.samaccountname+”:\contacts”) | select @{Name=’Name’;Expression={$m.Name}}, FolderName,Identity,Accessrights;Get-MailboxFolderPermission ($m.samaccountname+”:\tasks”) | select @{Name=’Name’;Expression={$m.Name}}, FolderName,Identity,Accessrights;}
$r | where-object {$_.Identity -notlike “Anonymous” -and $_.Identity -notlike “Default”} | select @{Name=”Identity”;Expression={$_.Name+”:\”+$_.FolderName}},@{Name=”User”;Expression={$_.Identity}},@{Name=”AccessRights”;Expression={$_.AccessRights}} | Export-CSV -NoTypeInformation ex-UserMailboxFolderPermissions.csv

# Export User Mailbox Forwarders
Get-Mailbox -ResultSize Unlimited -RecipientTypeDetails UserMailbox | Select-Object DisplayName,ForwardingAddress,ForwardingSmtpAddress,DeliverToMailboxAndForward | Where-Object {$_.ForwardingAddress -ne $null -or $_.ForwardingSMTPAddress -ne $null} | Export-CSV -NoTypeInformation ex-UserMailboxForwarders.csv

# Export User Mailboxes with Archives
Get-Mailbox -ResultSize Unlimited | where {$_.ArchiveDatabase -ne $null} | Select-Object name, archivedatabase | Export-CSV -NoTypeInformation ex-UserMailboxArchives.csv

# Export Distribution Lists and Members
Get-DistributionGroup -ResultSize Unlimited | Select-Object DisplayName,PrimarySmtpAddress, @{Name=”EmailAddresses”;Expression={$_.EmailAddresses | Where-Object {$_.PrefixString -cne “SMTP”} | ForEach-Object {$_.SmtpAddress}}},RequireSenderAuthenticationEnabled | Export-CSV -NoTypeInformation ex-DistributionLists.csv
foreach ($g in Get-DistributionGroup) { get-distributiongroupmember $g | ft @{expression={$_.displayname};Label=”$g” } | out-file -append ex-DistributionListsMembers}

Advertisements

Convert Exchange Mailboxes to Mail Enabled Remote users

This script was used as part of Exchange 2010 migration to Office 365.  No hybrid was used and mailboxes had already been created in 365.  This script creates another powershell script that can be examined and executed.  The Powershell script removes the on premise mailbox, takes note of the SMTP addresses and re-creates as a remote user.  To run this in manageable batches set the Exchange CutomAttribute1 field to “migrate” no quotes.

$mailboxes = Get-mailbox | where {$_.CustomAttribute1 -eq "migrate"}
  $file = "c:\temp\run.ps1"

out-file $file

foreach ($mailbox in $mailboxes) {

$alias = $mailbox.alias
  $samaccountname = $mailbox.samaccountname
  $emailaddresses = $mailbox.emailaddresses -split ","
  $primarysmtpaddress = $mailbox.primarysmtpaddress

"disable-mailbox $alias -Confirm:`$true" | out-File $file -append

foreach ($emailaddress in $emailaddresses) {

if ($emailaddress.contains("companyabc.onmicrosoft.com") ) {

$email = ($emailaddress.replace("smtp:","")).replace("SMTP:","")
  "enable-remotemailbox $samaccountname -primarySmtpAddress $primarysmtpaddress -remoteroutingaddress $email" | out-File $file -append

}

}

foreach ($emailaddress in $emailaddresses) {

if ( $emailaddress.toupper().contains("SMTP:") -and !$emailaddress.contains("onmicrosoft.com") ){

$email = ($emailaddress.replace("smtp:","")).replace("SMTP:","")
  "set-remotemailbox $samaccountname -emailaddresses @{add='$email'}" | out-File $file -append
  }
  }

}

Using Outlook Anywhere with multiple domains and a single SSL certificate

I had a customer with a primary SMTP domain but a couple others for certain individuals within the business. The SSL cert was a wildcard bound to the primary SMTP domain and Autodiscover/ Outlook configuration would fail for other SMTP domain logons.

I read various articles on changing IIS for redirects etc
http://www.msexchange.org/articles-tutorials/exchange-server-2010/management-administration/exchange-autodiscover.html
http://www.msexchange.org/articles-tutorials/exchange-server-2010/mobility-client-access/using-autodiscover-large-numbers-accepted-domains-part1.html

However I found the simplest solution was to remove the autodiscover A record for the secondary domains (internal & external) and replace with a single SRV record pointing back to the primary domain.

Service: _autodiscover
Protocol: _tcp
Port Number: 443
Host: mail.primary.com
Priority: 0
Weight: 0

http://markgossa.blogspot.co.uk/2015/11/exchange-2013-2016-autodiscover-with-multiple-domains-and-single-name-certificate.html

 

Exchange 2016 – Adding an internal relay

This is different process than Exchange 2013 and earlier;

How to Configure Exchange Server 2016 for SMTP Application Relay