Archive for the ‘PowerShell’ Category

Script to automatically assign Archive users to a retention policy

August 18, 2011 Leave a comment


Quick script that will assign all archive users (i.e. people with an Exchange archive) to a retention policy (that you have created to archive email, obviously). Then runs a “start-managedfolderassistant” to apply.


Obviously “Move after 90 days” is the retention policy name. Tested with 2010 SP1.




$mailboxes = get-mailbox | where-Object ({$_.ArchiveDatabase -ne $null})

$mailboxes | foreach-object {

if ($_.RetentionPolicy -eq "Move after 90 days") {

write-output ("User " + $_.Name + " already assigned, skipping")


else {

set-mailbox $_ -RetentionPolicy "Move after 90 days"

write-output ("User " + $_.Name + " set correctly")



write-output "Users assigned, starting Managed Folder Assistant"

get-mailbox | Where-Object ({$_.ArchiveDatabase -ne $null}) | start-managedfolderassistant


Retention Policies not applying? Update them then!

August 17, 2011 Leave a comment


When applying a new Retention Policy (or tag) in Exchange 2010 SP1 you may wonder why it doesn’t apply immediately.


In short, Exchange is configured by default to cycle all mailboxes in a 24 hour period. This can be seen (and therefore changed) by looking at the “ManagedFolderWorkCycle” attribute against each Mailbox Server;


get-mailboxserver | select-object Name,ManagedFolderWorkCycle


(obviously, set-mailboxserver to set it – though I believe it only takes day’s as its input value)


If this isn’t good enough – then you can force this on an individual mailbox (or all if you wanted) using the command;


start-managedfolderassistant USERID


(or get-mailbox | start-managedfolderassistant for all)


Happy PowerShelling Smile

Powershell Command to find component version for Lync and OCS

August 10, 2011 Leave a comment

Gotcha when assigning Certificate to Exchange 2010 SP1

July 14, 2011 2 comments


Quick one;


Quite often I will enable HTTP (i.e. disable the SSL requirement of IIS 7.5 in 2008 R2) access within IIS to allow me to do a neat HTTP to HTTPS redirect on the root folder.


This allows silly users to do the old “” syntax in their browser of choice and still get them to the /owa virtual directory.


However when you go to assign a certificate to this using EMC a warning is flagged;


Do you want to enforce SSL communication on the root web site? If not, rerun the cmdlet with the –DoNotRequireSSL parameter.


I clicked “no” (obviously) and the EMC process completed Successfully – i.e. with a nice big fat green tick Smile


However upon further inspection it appeared that it hadn’t completed – in fact the certificate hadn’t applied at all.


Running it from the EMS with the –DoNotRequireSSL parameter sorted me out, but surely if you answer no and therefore exit out of the process it should pass through an error output rather than a success?


Never mind Smile

Balance mailbox count over Databases in Exchange 2007 and 2010

July 13, 2011 Leave a comment

Quick one;


Has a fab little script that will generate you a PS1 script to automate the mailbox count over multiple databases.


It only works with count so far – but the author says they will eventually re-write it to count size distribution also.


Handy as hell when mass-provisioning mailboxes using, oh I don’t know, Quest tools.

Getting Lync pre-requisites right–the PowerShell way!

July 6, 2011 Leave a comment


Found a fab script the other day for installing the pre-requisites for Lync – its all menu driven and allows you to get the right pre-reqs for the Role/s required;


Enjoy Smile

Cleaning up Distribution Lists after a Quest migration

April 19, 2011 Leave a comment

I noticed the other day that the Quest imported DL’s are a tad messy – lots of “userid.postoffice.domain” references.


Wrote the following to clean it up – should work without too much butchering into your own environment (but test first!)


$list=get-distributiongroup -ResultSize Unlimited
$global:progress = $list.count
foreach($line in $list){
$groupname = get-group $line
$emailaddress = $groupname.DisplayName
$emailaddress = $emailaddress.replace(" ","")

set-distributiongroup -Identity $line.DisplayName -EmailAddressPolicyEnabled $false
set-distributiongroup -Identity $line -SamAccountName $emailaddress -WindowsEmailAddress "$emailaddress@domain.local" -EmailAddresses "$"
set-distributiongroup -Identity $line.DisplayName -EmailAddressPolicyEnabled $true
Write-Progress -activity "Changing DL’s" -status "Percent complete: " -percentComplete (($i / $progress)  * 100)