Updated for exchange 2010. Enumerates all distribution groups, then emails the owner of each group a list of group members per distribution list.
# Enumerates a list of all members of all Distribution Lists
# in Exchange 2010.
# Script will then proceed to email each owner a list of all
# members of each group.
#
# Use PowerShell.exe -command
# ". 'D:\Program Files\Microsoft\Exchange Server\V14
#\bin\RemoteExchange.ps1';
# Connect-ExchangeServer -auto; path_to_your_script"
#
# Updated 5/02/10
# By: Gnawgnu
Add-PSSnapin Microsoft.Exchange.Management.PowerShell.E2010
#first get all distributionlists
$dl = get-distributiongroup
#then enumerate through them all and get all group members.
foreach ($group in $dl) {
#build group data
$groupName = "Group Name: " + $group.name
$groupAddr = "Email Address: " + $group.PrimarySMTPAddress
write-host $groupName -foregroundcolor Green
$dlgm = get-distributionGroupMember $group.name.ToString()
# grab the first owner from the multivalued property
$gOwner = get-user -Identity $group.ManagedBy[0]
#setup email - make sure to add to your whitelist for
#antispam if applicable.
$sender = "PickASMTPSenderEmailAddress"
write-host $sender
#get Email Address of group owner
$recipient = $gOwner.WindowsEmailAddress
write-host $recipient
$server = "YourSMTPServerGoesHere"
write-host $server
$subject = "Monthly Review required - Email Group: " + $group.Name.ToString()
write-host $subject
#Note: `r`n is a carriage return
$bText1 = "`r`nOwner:" + $gOwner.Name + "`r`n"
$bText2 = $groupAddr.ToString() + "`r`n"
$bText3 = "group members: `r`n"
$bText4 = $dlgm | fl Name | out-String
$bText5 = "Please use your Outlook Client to make changes if needed.`r`n"
$bText6 = "If you are no longer the manager of this group, blah.`r`n"
$body = $bText1 + $bText2 + $bText3 +$bText4 +$bText5 +$bText6
write-host $body.ToString()
$msg = new-object System.Net.Mail.MailMessage $sender, `
$recipient, $subject, $body
#send email
$client = new-object System.Net.Mail.SmtpClient $server
$client.credentials = [System.Net.CredentialCache]::DefaultNetworkCredentials
$client.Send($msg)
}
Old post:
http://gnawgnu.blogspot.com/2008/03/exchange-2007-powershell-script-emails.html
Monday, May 3, 2010
Exchange 2010 - email list of all distribution groups, members, and owner
I recently had to update a script that I used to use in exchange 2007 that no longer works in 2010. It's mainly due to powershell changes and a tricky issue with getting the owner field back out. Anyway, this script cycles through all your email distribution groups, then emails a list of all of them, the members of each, and the owner to the email distribution group. It's similar to an old script I had back in 3/08.
Updated Note: You can also use
# grab the first owner from the multivalued property
$gOwner = get-user -Identity $group.ManagedBy[0]
instead to get the group owner property and then just use that .Name property for string ouput.
# Enumerates all members of all Distribution Lists in Exchange 2010.
# Use PowerShell.exe -command ". 'D:\Program Files\Microsoft\Exchange
# Server\V14\bin\RemoteExchange.ps1'; Connect-ExchangeServer
#-auto;replacewithyourscriptfilenameandpath"
# Script will then proceed to email a list of all
# members of each group
# Updated 5/02/10
# By: Gnawgnu
# this part is new for 2010
Add-PSSnapin Microsoft.Exchange.Management.PowerShell.E2010
#first get all distributionlists
$dl = get-distributiongroup
# initialize variables
$recipient = "PickARecipientEmailAddress"
$sender = "PickASMTPSenderEmailAddress"
$subject = "Monthly Summary of Email Groups"
$server = "YourSMTPServerGoesHere"
$gOwner = "blankstring"
#prepare and output file
$currDate = get-date
#path must exist
write-host "Email groups as of: " $currDate | out-file 'c:\temp\emailgroupmembers.txt'
#then enumerate through them all and get all group members.
foreach ($group in $dl) {
$groupName = "-------------" + "`r`n" + "Group Name: " + $group.name
write-host $groupName -foregroundcolor Green
# this part joins the results of that field into one string.
$gOwner = $group.ManagedBy | `
Select @{Name='Name';Expression={[string]::join(";", ($_.Name))}}
write-host "Owner: " $gOwner -foregroundcolor Green
$groupName | out-file -append 'c:\temp\emailgroupmembers.txt'
$group.ManagedBy.Name | out-file -append 'c:\temp\emailgroupmembers.txt'
$groupAddr = "Email Address: " + $group.PrimarySMTPAddress
$dlgm = get-distributionGroupMember $group.name.ToString()
$dlgm | fw | out-file -append 'c:\temp\emailgroupmembers.txt'
#Note: `r`n is a carriage return
$bText0 = "-------------" + "`r`n" + "Group Name: " + $group.Name
$bText1 = "`r`nOwner:" + $gOwner + "`r`n"
$bText2 = $groupAddr.ToString() + "`r`n"
$bText3 = "`r`n" + "group members: `r`n"
$bText4 = $dlgm | fl Name | out-String
$bTextFinal = $bText0 + $bText1 + $bText2 + $bText3 +$bText4
$body = $body + $bTextFinal
}
$msg = new-object System.Net.Mail.MailMessage $sender, $recipient, $subject, $body
#send email
$client = new-object System.Net.Mail.SmtpClient $server
$client.credentials = [System.Net.CredentialCache]::DefaultNetworkCredentials
$client.Send($msg)
To call it from a batch file: (avoid long path names, spaces, etc)
PowerShell.exe -command ". 'D:\Program Files\Microsoft\Exchange Server\V14\bin\RemoteExchange.ps1'; Connect-ExchangeServer -auto; D:\Exch2010enum.ps1"
Updated Note: You can also use
# grab the first owner from the multivalued property
$gOwner = get-user -Identity $group.ManagedBy[0]
instead to get the group owner property and then just use that .Name property for string ouput.
# Enumerates all members of all Distribution Lists in Exchange 2010.
# Use PowerShell.exe -command ". 'D:\Program Files\Microsoft\Exchange
# Server\V14\bin\RemoteExchange.ps1'; Connect-ExchangeServer
#-auto;
# Script will then proceed to email a list of all
# members of each group
# Updated 5/02/10
# By: Gnawgnu
# this part is new for 2010
Add-PSSnapin Microsoft.Exchange.Management.PowerShell.E2010
#first get all distributionlists
$dl = get-distributiongroup
# initialize variables
$recipient = "PickARecipientEmailAddress"
$sender = "PickASMTPSenderEmailAddress"
$subject = "Monthly Summary of Email Groups"
$server = "YourSMTPServerGoesHere"
$gOwner = "blankstring"
#prepare and output file
$currDate = get-date
#path must exist
write-host "Email groups as of: " $currDate | out-file 'c:\temp\emailgroupmembers.txt'
#then enumerate through them all and get all group members.
foreach ($group in $dl) {
$groupName = "-------------" + "`r`n" + "Group Name: " + $group.name
write-host $groupName -foregroundcolor Green
# this part joins the results of that field into one string.
$gOwner = $group.ManagedBy | `
Select @{Name='Name';Expression={[string]::join(";", ($_.Name))}}
write-host "Owner: " $gOwner -foregroundcolor Green
$groupName | out-file -append 'c:\temp\emailgroupmembers.txt'
$group.ManagedBy.Name | out-file -append 'c:\temp\emailgroupmembers.txt'
$groupAddr = "Email Address: " + $group.PrimarySMTPAddress
$dlgm = get-distributionGroupMember $group.name.ToString()
$dlgm | fw | out-file -append 'c:\temp\emailgroupmembers.txt'
#Note: `r`n is a carriage return
$bText0 = "-------------" + "`r`n" + "Group Name: " + $group.Name
$bText1 = "`r`nOwner:" + $gOwner + "`r`n"
$bText2 = $groupAddr.ToString() + "`r`n"
$bText3 = "`r`n" + "group members: `r`n"
$bText4 = $dlgm | fl Name | out-String
$bTextFinal = $bText0 + $bText1 + $bText2 + $bText3 +$bText4
$body = $body + $bTextFinal
}
$msg = new-object System.Net.Mail.MailMessage $sender, $recipient, $subject, $body
#send email
$client = new-object System.Net.Mail.SmtpClient $server
$client.credentials = [System.Net.CredentialCache]::DefaultNetworkCredentials
$client.Send($msg)
To call it from a batch file: (avoid long path names, spaces, etc)
PowerShell.exe -command ". 'D:\Program Files\Microsoft\Exchange Server\V14\bin\RemoteExchange.ps1'; Connect-ExchangeServer -auto; D:\Exch2010enum.ps1"
Thursday, April 22, 2010
Activesync 0x85010014 after moving email mailbox from exchange 2007 to 2010
It's always fun when you run into a problem that only affects one or two users out of a hundred. You can only imagine my joy when I discovered that only my account wasn't working with Exchange Activesync after I moved my mailbox from the old Exchange 2007 server to the new Exchange 2010 one. By the way, I highly recommend using Microsoft's "Exchange Remote Connectivity Analyzer" for externally testing your setup. It's a great diagnostic aid during upgrades and such.
I tested my mailbox against an old windows mobile 6.1 PDA and got the 0x85010014 error, then I used Microsoft's analyzer above and drilled down to "Attempting FolderSync command on ActiveSync session" where it was failing. Then after much searching on the web, I found the clue at http://social.technet.microsoft.com/Forums/en/exchange2010/thread/0cb489da-c490-42ea-91fe-19b8e4de8571 which basically said that Inheritance was turned off on my AD account.
That's when i remembered that during the upgrade I had seen a warning that said some objects in AD had inheritance turned off. I had searched different OUs, etc at that time and hadn't managed to find it. So I opened up ADUC (Active Directory Users and Computers), set the view to Advanced under View so I could see the Security Tab on objects. I checked the "Include inheritable permissions from this object's parent" checkbox and then right afterward I was able to use ActiveSync again.
Updated: I've also found that an attribute flag gets set called "AdminCount" that can also cause that checkbox to reappear. To get rid of it, go under Attributes in the advanced view and clear the AdminCount attribute. You can use a powershell script to find all these affected users and groups here: http://www.shariqsheikh.com/blog/index.php/200908/use-powershell-to-look-up-admincount-from-adminsdholder-and-sdprop/
PS: If the account is a member of a priveleged group, you may find this checkbox unchecks itself after a while. http://msmvps.com/blogs/ulfbsimonweidner/archive/2005/05/29/49659.aspx
I tested my mailbox against an old windows mobile 6.1 PDA and got the 0x85010014 error, then I used Microsoft's analyzer above and drilled down to "Attempting FolderSync command on ActiveSync session" where it was failing. Then after much searching on the web, I found the clue at http://social.technet.microsoft.com/Forums/en/exchange2010/thread/0cb489da-c490-42ea-91fe-19b8e4de8571 which basically said that Inheritance was turned off on my AD account.
That's when i remembered that during the upgrade I had seen a warning that said some objects in AD had inheritance turned off. I had searched different OUs, etc at that time and hadn't managed to find it. So I opened up ADUC (Active Directory Users and Computers), set the view to Advanced under View so I could see the Security Tab on objects. I checked the "Include inheritable permissions from this object's parent" checkbox and then right afterward I was able to use ActiveSync again.
Updated: I've also found that an attribute flag gets set called "AdminCount" that can also cause that checkbox to reappear. To get rid of it, go under Attributes in the advanced view and clear the AdminCount attribute. You can use a powershell script to find all these affected users and groups here: http://www.shariqsheikh.com/blog/index.php/200908/use-powershell-to-look-up-admincount-from-adminsdholder-and-sdprop/
PS: If the account is a member of a priveleged group, you may find this checkbox unchecks itself after a while. http://msmvps.com/blogs/ulfbsimonweidner/archive/2005/05/29/49659.aspx
Saturday, April 17, 2010
Dell Latitude E6400 video artifact problem with the Intel GMA 4500MHD
Ran into a weird video problem with a E6400 recently. I tried updating drivers, changing settings, and all the usual stuff but it would show up again within the first 15 minutes, give or take a few. So I decided to research into the video chipset itself and found that users on multiple laptop makes and models appeared to be suffering the same problem. See example below.
I found the solution on one of the lenovo forums http://forums.lenovo.com/t5/T400-T500-and-newer-T-series/T500-with-intel-gma-4500mhd-increase-system-video-memory/m-p/132267 (See post by dragon-fly). Apparently, there's an issue when there are a unmatched pair of different size memory modules. This particular laptop had a 4GB and 2GB in it so I swapped out the 2GB for a 4GB. And entertainingly enough, the problem went away right after that. It's been a few days now and the problem hasn't reappeared once yet.
I found the solution on one of the lenovo forums http://forums.lenovo.com/t5/T400-T500-and-newer-T-series/T500-with-intel-gma-4500mhd-increase-system-video-memory/m-p/132267 (See post by dragon-fly). Apparently, there's an issue when there are a unmatched pair of different size memory modules. This particular laptop had a 4GB and 2GB in it so I swapped out the 2GB for a 4GB. And entertainingly enough, the problem went away right after that. It's been a few days now and the problem hasn't reappeared once yet.
Thursday, April 15, 2010
Getting around the Windows 2003 P2V Hyper-V Migration via SCVMM blue screen problem
Yeah I know that's one long winded title. Here's the scenario:
1. Used Microsoft System Center Virtual Machine Manager 2008 R2 to do a physical to virtual server conversion for one of my older Windows 2003 x64 servers.
2. Since it was an OEM OS, I had to buy another server license and do a Repair from a Win2k3 R2 CD1 since that's just about the only good way to get around that activation issue.
3. All attempts to boot the VM got me the dreaded Blue Screen with a 07B error code.
Solution:
1. Don't install the integration components during the migration. On the last step of the SCVMM physical to virtual wizard it has an option to View Script.
2. Add -SkipInstallVirtualizationGuestServices to the very last New-P2V command. Then run the "Windows powershell - virtual machine manager" shortcut from the start menu and paste in the script. If you started from an OEM installation, continue to step 3, otherwise jump to step 5.
3. Then after the conversion, boot the VM off a Win2k3 R2 CD1 ISO or real CD and hit Enter for the first screen, then R to repair once it finds the OS.
4. After that's done, install Service Pack 2 for windows 2003 as it's required for the integration components. Then reboot.
5. Install the Integration services but DO NOT REBOOT yet. Check the registry under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Wdf01000
The Group Value should be WdfLoadGroup and NOT "Base" or else bad things will happen.
(Thanks to the guys at this thread: http://social.technet.microsoft.com/Forums/en/winserverhyperv/thread/8c65fc96-f961-41dd-bfa2-8caa852f20c7 )
Now your virtual machine should boot up normally.
1. Used Microsoft System Center Virtual Machine Manager 2008 R2 to do a physical to virtual server conversion for one of my older Windows 2003 x64 servers.
2. Since it was an OEM OS, I had to buy another server license and do a Repair from a Win2k3 R2 CD1 since that's just about the only good way to get around that activation issue.
3. All attempts to boot the VM got me the dreaded Blue Screen with a 07B error code.
Solution:
1. Don't install the integration components during the migration. On the last step of the SCVMM physical to virtual wizard it has an option to View Script.
2. Add -SkipInstallVirtualizationGuestServices to the very last New-P2V command. Then run the "Windows powershell - virtual machine manager" shortcut from the start menu and paste in the script. If you started from an OEM installation, continue to step 3, otherwise jump to step 5.
3. Then after the conversion, boot the VM off a Win2k3 R2 CD1 ISO or real CD and hit Enter for the first screen, then R to repair once it finds the OS.
4. After that's done, install Service Pack 2 for windows 2003 as it's required for the integration components. Then reboot.
5. Install the Integration services but DO NOT REBOOT yet. Check the registry under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Wdf01000
The Group Value should be WdfLoadGroup and NOT "Base" or else bad things will happen.
(Thanks to the guys at this thread: http://social.technet.microsoft.com/Forums/en/winserverhyperv/thread/8c65fc96-f961-41dd-bfa2-8caa852f20c7 )
Now your virtual machine should boot up normally.
Wednesday, April 7, 2010
iTap RDP and group policy
A user recently complained that their iPad device wasn't able to RDP into their workstation. They were using iTap RDP (http://itap.mobi/itap-rdp) which seemed to work fine for old XP boxes and non-domain joined workstations. It would give a NLA error when it tried to connect even though this newest version does support NLA. I knew it had to be group policy related since it only affected domain joined PCs. I wound up having to unconfigure the policy "Always prompt for password upon connection" under Computer Configuration -> Policies -> Admin templates -> Windows Components -> Remote Desktop Services -> Remote Desktop Session Host -> Security. Then gpupdate on my domain controllers, then gpupdate on the host pc and rebooted it for good measure. Afterwards, then the iTap RDP client was able to work properly.
Sunday, March 7, 2010
Dell Powerconnect 6224 slow vlan routing problem
So I noticed that intra-vlan network performance had decreased significantly recently but the effects were sporadic. Wireshark traces showed a lot of traffic bleeding over from multiple vlans and file copy performance between vlans was a staggeringly low. I ran the a cable qualification device on all the links and tested the speed between each switch. Everything was fine as long as I didn't do an inter-vlan activity. So I knew then that the problem was in the 6224 which I use for my layer 3 switching between vlans. While trolling through forums, I noticed someone had recommended STP as a place to start in troubleshooting. I set my 'root' switches priority 8192 (lower is higher in priority) and all the issues disappeared within a few seconds.
As far as I can tell the Multiple STP operation mode was running into problems when a load was applied. Since all the other switches are by default set to 32768 by default, now I shouldn't have this problem again.
As far as I can tell the Multiple STP operation mode was running into problems when a load was applied. Since all the other switches are by default set to 32768 by default, now I shouldn't have this problem again.
Thursday, February 25, 2010
Shrew VPN replacement for Juniper/Watchguard on Windows 7 x64
So I'd been waiting to see if anyone had managed to get the Juniper netscreen vpn client to work on windows 7 x64 and then I just gave up and decided to look for an alternate solution. I really didn't want to keep an XP box around just for the purpose of connecting to this one partner's site. So after digging around I found Shrew (http://www.shrew.net/home) which supports XP/Vista/7 in both 32 and 64 bit. And as an added bonus they have tutorial/howtos for setting it up to work with over a dozen vpn endpoint devices. So I sent the info for the Juniper SSG setup to our partner site and they generated a new client file for us.
Installation of the client went smoothly and it imported the client file with no problems.
Installation of the client went smoothly and it imported the client file with no problems.
Subscribe to:
Posts (Atom)
Posts
