Find mailboxes that are set to automatically forward email in Exchange 2010

Every time someone leaves your organisation, you’ll probably need to forward their mail to another mailbox, but over time this can get disorganised and messy. Use the below command to extract a .csv formatted table of mailboxes that have a forwarding address:

Get-Mailbox -resultsize 6000 | Where {$_.ForwardingAddress -ne $null} | Select Name, ForwardingAddress, organizationalunit, whencreated, whenchanged, DeliverToMailboxAndForward | export-csv E:\forwardedusers.csv

I set a limit of 6000 because we have almost that many mailboxes, and the limit in this case is the number of mailboxes this will query, rather than the number of actual results. I’m sure this means that there’s a more efficient way of running this query, but it’s not like you’re doing this every day, so it doesn’t really matter.

Once you’ve got this information, you might want to match this up with further details about the users that own these mailboxes. Use the Active Directory powershell tools with Server 2008 to extract this information.

Fire up a powershell on a domain controller (or remotely), and run “import-module activedirectory”.

Then execute:

Get-Aduser -SearchBase "DC=yourdomain,DC=local" -properties SamAccountName,description | export-csv c:\allusers.csv

At the “Filter:” prompt, type:

name –like “*”

Than get this data into excel in two different worksheets.

Use the VLOOKUP tool to compare the two worksheets (in a third one), and collate the fields for the user’s name, forwarding address, and description:

In your “working worksheet” make the first column pull the display name from the mail worksheet, then name the second column “description” (this is what I’m looking for, anyway), and the third columns can be any other data you’d like to show, such as OU, modified dates, or suchlike.

In the description column, enter:

=VLOOKUP(mail!A2,allusers!$D:$E,2,FALSE)

“mail” refers to the worksheet containing data extracted from Exchange, and A2 should be the first user’s Name field (copy this downwards to that you’re looking up A3, A4, A5, etc.

“allusers” refers to the Active directory information worksheet – so in this case it will attempt to match the mail A2 field with anything in the D column in allusers (this being the first column in the $D:$E array, and will then return the corresponding value from the E column in allusers (because I’ve specified “2”, which in my case is the description field.) The FALSE bit at the end ensures that you’re searching for an exact match.

Copy this formula down along with the list of users that have email forwarding enabled, and you’ll have a list of forwarded users along with their names, descriptions, modified dates, OUs, and any other data you like.



Find out which security group members are in one or more Exchange 2010 databases

First, run this command on a domain controller to extract the members of a security group:

net group "Security group name" >c:\groupmembership.csv

Then run this in an Exchange 2010 shell to extract the mailbox names from the database:

Get-Recipient -PropertySet ConsoleLargeSet  -ResultSize '9000' -SortBy DisplayName -RecipientType 'UserMailbox' -Filter '((Database -eq ''CN=DATABASENAME,CN=Databases,CN=Exchange Administrative Group (YOURADMINGROUP),CN=Administrative Groups,))' | Export-csv C:\userslist.csv

Then paste your names lists into excel in two columns, one named group membership, and one database users. Use the below formula in the third column to find the names that occur in both columns of data.

=VLOOKUP([first column entry,[Range E.G. A:A],1,FALSE)

 

 



Opening multiple calendars with Outlook 2003 and Exchange 2010

Due to the way Outlook 2003 interacts with Exchange 2010, if a user on outlook 2003 tries to open multiple shared calendars, they may receive an error:

The action could not be completed. The connection to the Microsoft Exchange Server is unavailable. Outlook must be online or connected to complete this action.

This is because outlook 2003 has to open multiple mapi connections to exchange 2010 for each calendar, and in doing so, hits the default limit of concurrent connections set in the default throttling policy (20). This problem occurs due to Outlook 2003 dependencies on reference Mailbox Database support, which is not supported in Exchange Server 2010. Outlook 2003 clients must now reference the Exchange Server 2010 Address Book service when they open shared calendars.

Usually, restarting outlook provides a temporary fix, but as more mapi connections are created, the limit is reached again.

Using Exchange Shell, I created a new throttling policy with a maximum of 40 concurrent connections.

To create a new policy:

  • New-ThrottlingPolicy <policyname> -RCAMaxConcurrency 40

Check the details of the policy:

  • get-throttlingpolicy <policyname>

Check the user has the default policy applied already:

  • Get-Mailbox -Identity <username> | fl

To apply it to a user:

  • set-mailbox -identity <username> -throttlingpolicy <policyname>

Then test opening multiple calendars.

There is actually a registry key that sets a limit on the Exchange Information store, at 32 connections, so without changing this, clients will still be limited in the number of calendars they can open, but it looks like 32 connections is enough to open 5-6 calendars.

If you were to change these registry keys, they are:

  • Maximum Allowed Sessions Per User
  • Maximum Allowed Service Sessions Per User