Category Archives: Exchange 2003

Script to disable Exchange ActiveSync for unauthorized users

Posted on by 1 Comment ↓

By default, users have all mobile services enabled (OMA, EAS including AUTD/DP).  This is a pain in my environment because only authorized users are allowed to use EAS (to ensure only approved devices procured through proper channels are used).  OMA, being similar to OWA, is allowed for everyone.

I had written a batch file long ago to change the bitmask attribute for users whose mobile services are enabled for everything (0) and are not in the appropriate DL of authorized users to disable only EAS (5).  It was an inefficient script that required explicit permissions for each domain, called a command-line regex tool to format the ldifde export, and was prone to errors.

This updated script accomplishes the same thing, but more efficiently.  It processes all users at one time (inside a for loop) and uses implicit permissions.  It even emails the results of the number of users modified.  The script is customized for my environment, but you can tweak it as necessary. 

I have five user domains, but the DLs for authorization are in one domain.  I wanted it to be as dynamic as possible, but balancing that with all the extra code necessary to make every piece not rely on hard-coded information.  So you need to provide mail config information, the NetBIOS domain names you want to loop through, and the dn of the groups for each user domain.  The GC to search and the DC to make the change to will be determined automatically.

Download it here or copy below.

Company name change and email addresses

Posted on by No Comments ↓

My company changed its name a couple weeks ago and so I needed to add a new primary address for those who had the old domain as a primary, and move the old primary to a secondary. I was surprised that I couldn’t hardly find any existing scripts to accommodate such an endeavor so I had to resort to doing it myself.

This script goes through all accounts in a given AD domain and whose primary email address is the "old" SMTP domain name, makes the primary a secondary, takes the username portion of the address and appends the new domain and makes it the new primary. I log all of the old address and new addresses to the screen, so redirect the output to a file to capture that. It doesn’t check for preexisting addresses so conflicts can occur. I had previously done my own extract to look for those, so dealing with them manually was easier and faster than coding for that.

I modified the script each time I ran it to change the AD domain I wanted to search (though I could have just defined an array of domain names and looped through each of them), and ran it against DLs and public folders, too, adjusting the filter to return the different object types. You will need to do the same.

Download the code here, or copy below.

SMTP protocol logs are a pain to sift through

Posted on by No Comments ↓

Whenever I have to resort to parsing SMTP protocol logs I am reminded of how inefficient MS made the logging.  There are no conversation/queue/message IDs logged for each line.  So if there are five connections happening at once there is no obvious distinction between each connection.  You have the commands and responses of all them intertwined with one another, forcing you to narrow down the exact time a message is sent/received and then look through each line deducing which ones are for the message you are interested in.  Ugh.

The UNIX guys here like to give me grief about it because their Postfix logs contain the conversation/message ID on each line.  So they just do a quick grep for it and get each line that applies only to the message in question.  Figures.

Use Outlook rules to delete public folder conflict messages

Posted on by No Comments ↓

I am in a DL that has explicit ownership permissions on all public folders in my org (all 22,881 of them).  And since Exchange sends public folder conflict messages to the owner(s) of a folder, I get quite a few of them.  At one time I thought I had a rule to move or delete them, but I couldn’t get it to work when I tried to set it up again.  Because the message class is different (IPM.Conflict.Folder) you don’t get to see the same fields as a regular message.  Rules to delete them based on words in the sender’s address, etc., had no effect, partly because the sender is the name of the folder that has the conflict, so it is a dynamic value.

Using MFCMapi to look at the properties of a conflict message, there are several properties that you’d think you could use, but when setting up a rule to use properties of the conflict message form, none of he properties are available.  And if you manually type in property name it gives you an error.

In the end, I tried setting the rule again to fire on subject contains "Conflict Message:" and it worked.  Huh.  So who knows what I was doing wrong before?  You can also have the rule fire if the message form is "Conflict Message."

Move (or rename) a mailbox’s system folders with WebDAV

Posted on by No Comments ↓

For some time, my Junk E-mail folder has been under the Journal folder.  I have no idea how I moved it there or when, especially since the Junk E-[M]ail Folder (JMF) is a system folder and thus can’t be renamed or moved through conventional means in Outlook and OWA.  I had tried several Outlook startup switches (like /resetfolders) to no avail.  I gave up long ago, but today a request came in from a user who somehow had done the same thing.  So I took another stab at finding a solution.

I happened to be messing around with WebDAV as a means of displaying a group schedule.  (Still haven’t found a way to do that.  If anyone knows of a way to create a shortcut directly to a group schedule item, which itself is a hidden appoinment item in a mailbox or public folder calendar, let me know.  An Outlook shortcut would be best, but I will take an OWA link, too.)

Long story short, you can use WebDAV to manipulate system folders with ease.  I use an excellent freeware tool called Mistaya to browse all WebDAV properties of any item/folder in Exchange.  Among the plethora of properties, the href property is the URL to the folder/item in question.  Take that URL and plug it into the Exchange SDK‘s “WebDAV Sample Application” Source URL field.  Paste it into the Destination URL field, too, but modify the URL so the location is where you want.  In my case, it meant change the relative URL from /Journal/Junk%20E-mail to just /Junk%20E-mail.  Then click the Move Resource button.  If successful, the status field will display code 201.

Query for a mailbox’s size and quota

Posted on by 6 Comments ↓

There are a lot of scripts out there to report a mailbox’s current size and others to report the quota for a mailbox.  And some might even do both, but for an entire domain, server, etc.  I wanted one that I could use to list a single mailbox’s current size and where it falls within its quota.

This script allows you to find a user based on login name (samAccountName) or email address.  If multiple matches are found it will report on all of them.  It uses WMI to query Exchange for the mailbox’s current size and then uses LDAP to determine the quota.  Since there are multiple places a quota can be set (system policy, server, mailbox), the script factors those in and backtracks to the resulting quota in effect.

The results are output to the screen and to a popup window.  And since it is nice to know, it also will display if default or custom limits are in use.  This script is nice because you don’t have to customize anything.  Just download\copy it and run it.