Exchange 2013 Rocks and its unfair from my part if I don’t talk about it. Please find some of the below link which has some high-level overview on Exchange 2013
Regards,
Krishna
Tag Archives: Powershell
Powershell to get the complete Exchange Database Name,Edb filepath and log file path into a Single file Report
Powershell to get the complete Exchange Database Name,Edb filepath and log file path into a Single file Report
$exchangeservers = Get-ExchangeServer |where-object {$_.admindisplayversion.major -eq 8 -and $_.IsMailboxServer -eq $true }$result = "Servername | Database Name | EDB file Path | Log files Path"$result > DBresultfile.txtforeach ($server in $exchangeservers){ $db = Get-MailboxDatabase -server $server $servername = $server.name foreach ($objItem in $db) { $result = $servername + " | " + $objItem.Name + " | " + ($objItem.EdbFilePath).pathname + " | " + ((Get-StorageGroup $objItem.StorageGroup | select LogFolderPath).LogFolderPath).pathname $result $result >> DBresultfile.txt }}PowerShell to Configure not to prompt open file security Warning
Exchange 2010 Automation Tip 2
PowerShell is automation when I ever I say this I feel that I have the Power in me and that’s automation power… Whenever you try double clicking on exe you will prompted for the open file security warning. This does happen when you try to do the same using PowerShell cmdlets. When you trying to automate this on 100 are of server then you need to find some solution. Here is one from me. You need to add the required files into the registry as low risk files. Same can be configured using local Group policy. When configure the GPO, it also edit the values into the registry J . Below PowerShell can use us to add and remove the low risk registry files
$Lowriskregpath ="HKCU:\Software\Microsoft\Windows\Currentversion\Policies\Associations"$Lowriskregfile = "LowRiskFileTypes"$LowRiskFileTypes = ".exe,.msp"Function Addlowriskfiles() { New-Item -Path $Lowriskregpath -erroraction silentlycontinue |out-null New-ItemProperty $Lowriskregpath -name $Lowriskregfile -value $LowRiskFileTypes -propertyType String -erroraction silentlycontinue |out-null }Function removelowriskfiles() { remove-itemproperty -path $Lowriskregpath -name $Lowriskregfile -erroraction silentlycontinue }Low risk files you are very important…!!!
Powershell to query Adsites and Domain Controllers Details
Below powershell command helps to get the list of all the Sites in Active directory and domain controller in each domain. We can filter this to find the dc on specific domain controller
[system.directoryservices.activedirectory.domain]::GetCurrentDomain().domainControllers | select sitename,name
If you wanted to perform specific operation and it has to run on all the domain controllers in every site then we can filter this out. Below powershell will get one DC on each site. Its simple logic but worth it..
[system.directoryservices.activedirectory.domain]::GetCurrentDomain().domainControllers | foreach {
$Sitename = $_.sitename
$dcname = $_.name
$repSite = “”
if($Sitename -ne $repSite)
{
Write-host $Sitename $dcname
}
}
Powershell to Query Active directory
Powershell to Query Active directory and get the list of Domain controllers in the current AD Site which you server is located
%{[System.DirectoryServices.ActiveDirectory.ActiveDirectorySite]::GetComputerSite().Servers | % { $_.Name} }
Powershell to Query Active directory to get the current AD sites
[System.DirectoryServices.ActiveDirectory.ActiveDirectorySite]::GetComputerSite().name
Powershell to work on Remote Registery
Working on Remote Registry is always challenging. If you are administrator, I am sure you would have come across various times that you wanted to update registry of the computer and you have to login to the each server and apply the registry. Powershell has made most of our administrator’s life easier. Let’s understand how we can access and edit registry of remote computer using powershell
Let’s understand code with example. Below Script take the list of server name in CSV file and reads each server name one by one and opens the registry Key and prints the value. In this fashion you can get any key and get the value. In the below script I am trying to get the value of HKEY_CurrentUsers. This is the reason current in OpenRemoteBaseKey. If you Access keys of HKEY_Localmachine and use LocalMachine
$csv = Import-Csv "C:\Server.csv"foreach($line in $csv){ $strComputer = $line.CMSName $curreg = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey('CurrentUser', $strComputer) $curkey="Software\Microsoft\Windows\CurrentVersion\Wintrust\Trust Providers\Software Publishing" $curregKey = $curreg.OpenSubKey($curkey) $curregkey.GetValue('State')} If you wanted to get the list of subfolder under the folder in the registry then use the below code. This will get list of all the subfolder MSExchangeIS\Clustername. Getsubkeynames() does this.
<strong>$csv = Import-Csv "C:\Server.csv"foreach($line in $csv) { $cmsName = $line.Node $reg = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey('LocalMachine', $strComputer) $key="SYSTEM\CurrentControlSet\Services\MSExchangeIS\$cmsName" $regKey = $reg.OpenSubKey($key) foreach($Rkey in $regKey.getsubkeynames()) { $Rkey } }If you wanted to write or edit the remote registry then below code will help. This code will create the new key if the key does not exist else it will edit the existing key to the required value. Below code will create the Dword key if key does not exit there else it will edit the existing key to the required value on the entire computer mentioned in the CSV file.
$csv = Import-Csv "C:\Server.csv"foreach($line in $csv){ $strComputer = $line.Node $curreg = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey('CurrentUser', $strComputer) $curkey="Software\Microsoft\Windows\CurrentVersion\Wintrust\Trust Providers\Software Publishing" $curregKey = $curreg.OpenSubKey($curkey,$True) $curregkey.SetValue('State','100234','Dword')}Powershell to Delete log from the remote Computer Share folder
Below powershell helps to delete log from the remote computer which is older than specific date
$Now = Get-Date$days = 1$TargetFolder = "\\servername\Directory1"$LastWrite = $Now.AddDays(-$days)$Files = get-childitem $TargetFolder -include *.Log -recurse |Where {$_.LastWriteTime -le "$LastWrite"}Remove-Item $FilePowershell to get list of Exchange Storage Group if Circular logging is enabled
Powershell command to get list of storage groups which has Circularlogging enabled
Get-StorageGroup |?{$_.CircularLoggingEnabled -eq $True}| select server,AdminDisplayName,CircularLoggingEnabled
Powershell to check check user Security Permission using Dscals
Powershell to check if set of users for security security permission. Below script helps to check if users has Account Operators listed in security permission
$csv = Import-csv -path "D:\Krishna\dsacls\user.csv"foreach($line in $csv){$input = "\\Servername\" + $line.DN$K = .\dsacls.exe $input$i = 1foreach ($service in $K){$Status = $service -like "Allow BUILTIN\Account Operators*"if ($status -eq $true){i= 0}}if($i -eq 1){$line.mailnickname >> dcalsresult.txt}You can also find the copy in the below link
http://powershell.com/cs/members/smtpport25.wordpress/files/UserSecurityPermission.ps1.aspx
Windows Powershell Scripting – Presentation
Please find my Presentation file on Windows Powershell scripting presented Community Tech Days 2010
Shameless Null Neutrality