Skip to content
Development
Exchangepowershell

Exchangepowershell

Connect to O365 Exchange 

1
2
3

$UserCredential = Get-Credential
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection
Import-PSSession $Session -DisableNameChecking

Then to close the session

1

Remove-PSSession $Session

Hide O365 group from GAL ( as this cannot be done on admin portal )

1

Set-UnifiedGroup  -HiddenFromAddressListsEnabled $true

Install the exchange online management module

1

Install-Module -Name ExchangeOnlineManagement -RequiredVersion 2.0.3

Connect to Remote Exchange Shell

Use the following commands to connect to an exchange server using powershell:

1
2
3

$UserCredential = Get-Credential
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri http:///PowerShell/ -Authentication Kerberos -Credential $UserCredential
Import-PSSession $Session -DisableNameChecking

Handy Commands for Exchange Powershell

  • Add permission to calendar:
    • This will give a user permissions to another calendar
1

Set-MailboxFolderPermission CalendarName:\calendar User default AccessRights reviewer
  • Send on Behalf
    • This will grant Charles permissions to send on behalf of Gert.
1

Set-Mailbox gert.mailbox -GrantSendOnBehalfTo charles.surname
  • Send As
    • This will grant Charles permissions to send as Gert.
1

Add-ADPermission gert.mailbox -ExtendedRights Send-As -user charles.surname
  • Full Mailbox Access
    • This will grant Charles full access to Gert’s mailbox.
1

Add-MailboxPermission -Identity gert.mailbox -User charles.surname

Add full access permission to all mailboxes to an account:

1

Get-Mailbox -ResultSize unlimited -Filter {(RecipientTypeDetails -eq 'UserMailbox') -and (Alias -ne 'Admin')} | Add-MailboxPermission -User UserAccount@domain.com -AccessRights fullaccess -InheritanceType all -AutoMapping:$False

Add Send as permissions to mailboxes:

1
2

$UserMailboxes = Get-Mailbox | Where {$_.RecipientTypeDetails -eq “”}
$UserMailboxes | Add-RecipientPermission -AccessRights SendAs Trustee

Get all disconnected mailboxes:

1

$dbs = Get-MailboxDatabase; $dbs | foreach {Get-MailboxStatistics -Database $_.DistinguishedName} | where {$_.DisconnectReason -eq "Disabled"} | Format-Table DisplayName,Database,DisconnectDate

Reconnect Mailbox:

1

Connect-Mailbox -Identity "" -Database   -User ""

Get mailbox sizes

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12

Get-Mailbox -ResultSize Unlimited | Get-MailboxStatistics | Sort-Object TotalItemSize -Descending | Select-Object DisplayName,TotalItemSize
Get-OutlookProvider | fl
Get-OutlookAnywhere | fl
Get-ClientAccessServer | fl
Get-ActiveSyncVirtualDirectory | fl
Get-AutodiscoverVirtualDirectory | fl
Get-EcpVirtualDirectory | fl
Get-OabVirtualDirectory | fl
Get-OwaVirtualDirectory | fl
Get-PowerShellVirtualDirectory | fl
Get-WebServicesVirtualDirectory | fl
Get-SendConnector | Where-Object {$_.Enabled -eq $true} | fl

==Exchange Certificates== Get and assign exchange certificates

1

Get-ExchangeCertificate | Format-List FriendlyName,Subject,CertificateDomains,Thumbprint,Services
1

Enable-ExchangeCertificate -Thumbprint  -Services POP,IMAP,IIS,SMTP

Update send and receive connector certificates:

Find out what connectors may need updating with new certificate:

1

Get-ReceiveConnector | where {$_.TlsCertificateName -like ""}
1

Get-SendConnector | where {$_.TlsCertificateName -like ""}

Get new certificate:

1

$cert = Get-ExchangeCertificate -Thumbprint

Get details required for send/receive connector format:

1

$tlscertificatename = "$($cert.Issuer)$($cert.Subject)"

Set the certificate for send/receive connector

1

Set-ReceiveConnector "" -TlsCertificateName $tlscertificatename

== Exchange issues Powershell==

Get active backend components

1

Get-ServerComponentState  | ft Component,State Autosize

Get Mail Queue

1

Get-Queue

Check event viewer for Backpressure events: 15004 15005 15006 15007

1

Get-EventLog -ComputerName  -LogName Application -After (Get-Date).AddDays(-1) | where {$_.EventID -eq "15004"}

Check the Database availability groups cmdlet - use to find out if exchange server is the Primary or Secondary

1

Get-DatabaseAvailabilityGroup

You can get all the details you need by using the following command:

1
2

Get-DatabaseAvailabilityGroup | fl
Get-DatabaseAvailabilityGroup -status

Sometimes the witness will fail, you can check the status of the witness by using the cluster resource cmdlet:

1
2

ipmo failoverclusters
Get-ClusterResource

This will tell you where the witness stores the file. If the DAG finds the resource unrelibale it might mark it as failed - you can restart this by using start-cluster resource:

1

Get-ClusterResource | Start-ClusterResource

Get the log for the cluster

1

Get-ClusterLog -Destination

Set remote mailbox for hybrid / shared mailboxes

For when there is on-prem and O365 mailboxes

  • Need a local user in domain for the shared mailbox for permissions

In Office 365:

1
2

Get-Mailbox nameofmailbox@domain.com | fl ExchangeGuid
Get-Mailbox nameofmailbox@domain.com | fl ExchangeGuid

In Exchange on-premise powershell:

1

Enable-RemoteMailbox nameofmailbox@domain.com -RemoteRoutingAddress nameofmailbox@domain.mail.onmicrosoft.com
1

Set-RemoteMailbox nameofmailbox@domain.com -ExchangeGuid

Add O365 mailbox to local exchange

When a hybrid deployment has shared mailboxes created in O365 there can be issues if on-prem devices try to use the mailboxes. This is because there is no AD object for the mailbox on the local exchange. You will need to create a new remote mailbox object in the on-prem exchange server:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11

New-RemoteMailbox -Shared -Name "sharedmailboxname" `

-Firstname "sharedmailboxname" `

-LastName "sharedmailboxname" `

-UserPrincipalName "sharedmailboxname@domain.org" `

-OnPremisesOrganizationalUnit "OU=users,DC=domain,DC=local" `

-RemoteRoutingAddress "sharedmailboxname@domain.mail.onmicrosoft.com"

==Exchange online issues==

Clear old problems with hybrid exchange conflicts by removing old mailbox configurations from user objects:

Log into exchange online with connect-exchangeonline:

1

Set-User  -PermanentlyClearPreviousMailboxInfo

Exchange message tracking logs

on the on prem exchange server you can use the following cmdlet to check the exchange message logs for the last two hours:

1

Get-MessageTrackingLog  -start (get-date).AddHours(-2) | ? {$_.recipients -eq ""}
JenkinsCardano