Posted on

Find mailboxes that are set to automatically forward email in Exchange 2010

Every time someone leaves your organisation, you’ll probably need to forward their mail to another mailbox, but over time this can get disorganised and messy. Use the below command to extract a .csv formatted table of mailboxes that have a forwarding address:

Get-Mailbox -resultsize 6000 | Where {$_.ForwardingAddress -ne $null} | Select Name, ForwardingAddress, organizationalunit, whencreated, whenchanged, DeliverToMailboxAndForward | export-csv E:\forwardedusers.csv

I set a limit of 6000 because we have almost that many mailboxes, and the limit in this case is the number of mailboxes this will query, rather than the number of actual results. I’m sure this means that there’s a more efficient way of running this query, but it’s not like you’re doing this every day, so it doesn’t really matter.

Once you’ve got this information, you might want to match this up with further details about the users that own these mailboxes. Use the Active Directory powershell tools with Server 2008 to extract this information.

Fire up a powershell on a domain controller (or remotely), and run “import-module activedirectory”.

Then execute:

Get-Aduser -SearchBase "DC=yourdomain,DC=local" -properties SamAccountName,description | export-csv c:\allusers.csv

At the “Filter:” prompt, type:

name –like “*”

Than get this data into excel in two different worksheets.

Use the VLOOKUP tool to compare the two worksheets (in a third one), and collate the fields for the user’s name, forwarding address, and description:

In your “working worksheet” make the first column pull the display name from the mail worksheet, then name the second column “description” (this is what I’m looking for, anyway), and the third columns can be any other data you’d like to show, such as OU, modified dates, or suchlike.

In the description column, enter:

=VLOOKUP(mail!A2,allusers!$D:$E,2,FALSE)

“mail” refers to the worksheet containing data extracted from Exchange, and A2 should be the first user’s Name field (copy this downwards to that you’re looking up A3, A4, A5, etc.

“allusers” refers to the Active directory information worksheet – so in this case it will attempt to match the mail A2 field with anything in the D column in allusers (this being the first column in the $D:$E array, and will then return the corresponding value from the E column in allusers (because I’ve specified “2”, which in my case is the description field.) The FALSE bit at the end ensures that you’re searching for an exact match.

Copy this formula down along with the list of users that have email forwarding enabled, and you’ll have a list of forwarded users along with their names, descriptions, modified dates, OUs, and any other data you like.



Posted on

Find out which security group members are in one or more Exchange 2010 databases

First, run this command on a domain controller to extract the members of a security group:

net group "Security group name" >c:\groupmembership.csv

Then run this in an Exchange 2010 shell to extract the mailbox names from the database:

Get-Recipient -PropertySet ConsoleLargeSet  -ResultSize '9000' -SortBy DisplayName -RecipientType 'UserMailbox' -Filter '((Database -eq ''CN=DATABASENAME,CN=Databases,CN=Exchange Administrative Group (YOURADMINGROUP),CN=Administrative Groups,))' | Export-csv C:\userslist.csv

Then paste your names lists into excel in two columns, one named group membership, and one database users. Use the below formula in the third column to find the names that occur in both columns of data.

=VLOOKUP([first column entry,[Range E.G. A:A],1,FALSE)

 

 



Posted on

Why you should be using Open DNS

 

What is OpenDNS?

Open DNS is a free DNS lookup service, provided as an alternative to using your ISP’s DNS service. It provides additional features for filtering, web security, statistics, and speed improvements. The business collects revenue from adverts served from search pages, and from the enterprise products they offer, which provide more detailed reporting and more granular features. It’s suitable for use by home users and businesses.

  1. Features
    1. Web content filtering by category
    2. Malware url blocking by default
    3. Phishing website protection
    4. Statistics of DNS resolution
    5. Blocking of malware infected devices “phoning home”
    6. Notification of above devices attempting to phone home
    7. Typo correction (e.g. yaho.co.uk will resolve to yahoo.co.uk)
    8. Custom URL whitelists and blacklists
    9. DNS caching – if authoritative DNS fails, requests will resolve to the last good IP address.
    10. Multiple networks on one account
    11. Potential speed improvements
    12. Zero cost
  1. Benefits
    1. An extra layer of web access filtering can block access to websites by category, such as pornography, malware, adware, and others.
    2. Where your web filtering application or server may fail, Open DNS will pick up the slack, and block inappropriate sites, malware, or phishing attacks. This should result in significantly fewer virus infections.
    3. Where a machine is infected, it will not be able to contact malware servers to update itself or spread further (assuming the malware uses DNS to lookup the home servers). Statistics will show you when devices do attempt to contact malware servers, highlighting potential problems with infection.
    4. Staff will be further protected from online scams and phishing attempts, protecting both them and the business.
    5. Easy-to-read and access statistics will show us which domain names are requested most frequently, and at what times of day. It also highlights where local addresses are being incorrectly forwarded, and may aid fault resolution or identification of previously unknown faults.
    6. Typo correction improves the safety of online activity for users, and improves the user experience, potentially resulting in fewer helpdesk calls.
    7. Where an authoritative DNS server fails to resolve a request, Open DNS will use the last known good IP address. This should also protect against malicious DNS attacks, such as that against NetNames earlier this month.
    8. OpenDNS is usually faster than ISP DNS servers, resulting in an improved user experience.
Posted on

Opening multiple calendars with Outlook 2003 and Exchange 2010

Due to the way Outlook 2003 interacts with Exchange 2010, if a user on outlook 2003 tries to open multiple shared calendars, they may receive an error:

The action could not be completed. The connection to the Microsoft Exchange Server is unavailable. Outlook must be online or connected to complete this action.

This is because outlook 2003 has to open multiple mapi connections to exchange 2010 for each calendar, and in doing so, hits the default limit of concurrent connections set in the default throttling policy (20). This problem occurs due to Outlook 2003 dependencies on reference Mailbox Database support, which is not supported in Exchange Server 2010. Outlook 2003 clients must now reference the Exchange Server 2010 Address Book service when they open shared calendars.

Usually, restarting outlook provides a temporary fix, but as more mapi connections are created, the limit is reached again.

Using Exchange Shell, I created a new throttling policy with a maximum of 40 concurrent connections.

To create a new policy:

  • New-ThrottlingPolicy <policyname> -RCAMaxConcurrency 40

Check the details of the policy:

  • get-throttlingpolicy <policyname>

Check the user has the default policy applied already:

  • Get-Mailbox -Identity <username> | fl

To apply it to a user:

  • set-mailbox -identity <username> -throttlingpolicy <policyname>

Then test opening multiple calendars.

There is actually a registry key that sets a limit on the Exchange Information store, at 32 connections, so without changing this, clients will still be limited in the number of calendars they can open, but it looks like 32 connections is enough to open 5-6 calendars.

If you were to change these registry keys, they are:

  • Maximum Allowed Sessions Per User
  • Maximum Allowed Service Sessions Per User



Posted on

Worldcard mobile iphone app review

Having been to a few shows and conferences recently, and acquiring a number of business cards that inevitably end up loose in my pocket, bag, or on my desk, I decided I’d better have a look for an iphone app that could read and OCR business cards and import the data into my contacts.

So, I downloaded and installed Worldcard mobile from the app store (£3.49), and tried it out.

worldcard mobile

It works pretty well, you fire it up and are presented with a screen where you can choose to photograph a business card, use an existing photo, or use copied text from an email signature (which is a nice addition). Using the taking a photo option then simply gives you a screen with some border edges to get the image straight, and you take the picture. You need fairly decent light for this, and if the business card is laminated, you’ll need to be careful to angle it so you don’t get any glare. If mistakes are made, you can easily correct them in the app itself.

With almost all business cards, it works superbly, reading the text accurately, and placing the data in the correct fields (mobile, email, name, etc). The only issues it seems to have is with particularly colourful and strangely designed business cards. Once you’ve pulled the data out, Worldcard mobile will export it into your contacts, or you can choose to update an existing contact.

Ultimately, a very useful app. The text recognition isn’t perfect, but is good enough in 90% of cases.