Exchange 2010 - Deny User from distribution list to send mails to other distribution list.

This probably sounds crazy but I was asked to do this.

Basically they wanted to stop a users to send emails to all distribution list. Usually used when terminating a user or if the user is being retarded and sending personal emails to all DL's. Whatever it might be I just had to come up with a script to do it to all over 150 DL. I wasn't going to do it one by one from EMC so I made a cmdlet.

Below is the powershell script for exchange 2010 probably works on 2013 as well.

Make a DL called "Denied Users" and add users or user to that DL if you want to block him from sending emails to DL. Please note that this script will only add the Denied User DL in block list once. So if you create a new DL after running this script. Then that DL will not have Denied users in rejected user and hence you will have to re-run the script.

$temp = Get-DistributionGroup -ResultSize Unlimited

foreach($group in $temp)



{
 Set-DistributionGroup -Identity $group -RejectMessagesFromDLMembers "Denied Users"



}
 #Remove the above setting incase they change their mind.

#Set-DistributionGroup -Identity $group -RejectMessagesFromDLMembers $null    

Outlook 2010 forward emails after specific time.

Source: http://danfolkes.com/2011/02/18/outlook-rule-only-at-specific-times/

I wanted to create a forward so that helpdesk email gets forwarded to my phone on my personal email. Setting up helpdesk email was the easy way but it gets 20+ emails every hour during work time. After work hours its pretty much quite. So for those times I wanted the rule.

Rules which needs to be created :-

Quoted from the post below :-

"
The Rule that will check email header* for UTC times. Make sure it’s assigned to the FWD category. And then FWD it:

Apply this rule after the message arrives
with '2011 23:' or '2012 18:,2012 19:.....2012 11:' in the message header
    and assigned to 'FWD' category
forward it to 'email@example.com'

"

Seach for this string in header.

2012 18:,2012 19:,2012 20:,2012 21:,2012 22:,2012 23:,2012 24:,2012 01:,2012 02:,2012 03:,2012 04:,2012 05:,2012 06:,2012 07:,2012 08:,2012 09:,2012 10:,2012 11:

DPM 2010 - Script to export all recoverable item to drive

Ok so I finished writing my script for exporting recovery data to f: drive (local to DPM 2010 server) for all the servers (DPM 2010 Agents) I have 4 of them.
If any of you had the pleasure of doing this through GUI knows how painful it is... I fortunately was very lucky to be assigned to export (recover to network folder) 16 datasources from 4 different servers. After doing this for couple of days I started looking at cmdlets and found some scripts and hints on how to do this. and then...

This scripts loops through all the servers and all the datasource protected and recovers them to f: drive then it 7z the files and put in 7z folder it also date stamps folders and 7z files. You have to download 7za and place it in system32 folder in order for it to 7z the folders.

I am posting this script to that it might come handy to someone else out there.

I use this in production environment and it works fine but doesn’t mean it might work for you. So standard disclaimer use it at your own risk! ( I did not write some of the code and copied it from other user posts from this forum. Hopefully they won’t mind). You are free to modify and use the script.

It recovers SQL, System Protection and Exchange 2010. Please note I only export exchange recovery on 15th of every month you can change that. Search for “#Only run Exchange Recovery on 15th of every month. Otherwise Skip” and change the days below that.

# ====================================
# = DPM 2010 Recover to Drive looped =
# = for all servers and datasource.  =
# ====================================
# Created: [01/12/12]
# By EvilWasp

#0 Time Stamp folders
$date = get-date
$TimeStamp = $date.ToShortDateString()
#Replace / as folder name cannot contain it.
$time = $TimeStamp.Replace("/", "-") 

#1 You have to modify the below varibles to make it work for you.
#Below varibles
$DPMServerName = "Krait"
$DestinationLocation = "F:\Recovered\$time"
$Destination7z = "F:\7z\$time"

#2 Import DPM Shell if its not loaded.
If((Get-PSSnapIn -Name "Microsoft.DataProtectionManager.PowerShell" -ErrorAction SilentlyContinue) -eq $null)
    {
  Add-PSSnapIn "Microsoft.DataProtectionManager.PowerShell"
  Start-Sleep 5
    }

#3 Get list of DPM Agents - Protected Group
$pg = Get-ProtectionGroup -DPMServerName $DPMServerName
#Count how many servers!
$pgc = $pg.count

#4 Start Function Recover it needs $i from $pg.
Function Recover ($i)
{
  #if $i is not null then do the loop.
  If ($i -ne $null) 
  {
    $dsc = $ds.count #Counting how many datasource is available in array
    #Loop through all the servers with ForLoop
    For ($d=0; $d -le $dsc; $d++) #looping datasource for each servers
    {
    $dsn = $ds[$d]
    #8 If & ElseIf Statments to find the write command for each recovery.
    #Three different types -SQL, -SystemProtectionDataSource and -E14datasource for exchange 2010 (Use -Exchange) for older versions. 
    #There's -FileSystem as well which I havent used.
    #-like is used with wildcard(*) to accomodate different versions of SQL i.e 2005, 2008 extra.
        
        #find SQL server in each server
        If ($dsn.Type.Name -like "SQL Server*") 
            {
            #Recovery Options - Where to place recovered files - for SQL
            $rop = New-RecoveryOption -TargetServer $DPMServerName -TargetLocation $DestinationLocation -RecoveryLocation CopyToFolder `
            -SQL -RecoveryType restore
            }
        #find System Protection server
        ElseIf ($dsn.Type.Name -like "System Protection*") 
            {
            #Recovery Options - Where to place recovered files - for System Protection
            $rop = New-RecoveryOption -TargetServer $DPMServerName -TargetLocation $DestinationLocation -RecoveryLocation CopyToFolder `
            -SystemProtectionDataSource -RecoveryType restore
            }
        #find Exchange server
        ElseIf ($dsn.Type.Name -like "Exchange Mailbox Database*") 
            {
            #Only run Exchange Recovery on 15th of every month. Otherwise Skip.
            If ($date.Day -eq 15) 
                {
            #Recovery Options - Where to place recovered files - for Exchange 2010
            $rop = New-RecoveryOption -TargetServer $DPMServerName -TargetLocation $DestinationLocation -RecoveryLocation CopyToFolder `
            -E14datasource -ExchangeOperationType NoOperation -RecoveryType restore
                }
                #If its not the 15th of month then skip
                Else
                {
                Continue
                }
            }
        #If $dsn.Type.Name is nothing/null skip
        Else
         {
         Continue
         }
        #Sort by latest on top Recovery Points.
        $recoveryPoints = @(Get-RecoveryPoint -datasource $dsn | sort -property RepresentedPointInTime -Descending)
            If ($recoveryPoints.Length -eq 0)
                {
                 Write-Host "No recovery point available for" $dsn.Name -ForeGroundColor Yellow
                 }
            Else
                {
        #Select the latest recovery point found on Array [0]
        $latestRecoveryPoint = $RecoveryPoints[0]
        #Recovering
        Write-Host "Recovering" $dsn.Name
        #Run Recovery Job
        $recoveryJob = Recover-RecoverableItem -RecoverableItem $latestRecoveryPoint -RecoveryOption $rop -JobStateChangedEventHandler $jobStateChangeHandler
                }
        #If it failed!
        If(!$recoveryJob)
            {
        Write-Host "Failure on invoking Recover-RecoverableItem" -ForeGroundColor Red
        Continue
            }        
        #Wait till the recovery job completes
        while (! $recoveryJob.hasCompleted )
        { 
        # Show a progress bar
        Write-Host "." -NoNewLine
        Start-Sleep 5
        }
        if($recoveryJob.Status -ne "Succeeded")
        {
        Write-Host "Recovery failed" -ForeGroundColor Red
        }
        else
        {
        Write-Host "Recovery successful" -ForeGroundColor Green
        }
    
    }
  }    
}
#End Function

#5 Count Servers in $pg array
for ($i=0; $i -le $pgc; $i++)
{
#Selecting server and displaying datasource
$ds = Get-Datasource $pg[$i] 
#Call Recover function with $i (server) from #5
Recover $i
}

#6 Once all of recovery is exported 7z these.
cd\ #Ensure its on root
cd $DestinationLocation
$dir = pwd
If ($dir.path -eq  $DestinationLocation)
    {
#7 "&" is required before calling external file.
#Call 7za.exe to compress the whole folder. 7za command line tool needs to be downloaded and placed in system32 folder b4 hand
Write-host "Starting compressiong phase. At $date ....."
Write-host "Compressing Recovered files from DPM Server. This will take time!" -ForeGroundColor Green
& 7za a -t7z "$Destination7z DPM.7z" * 
Write-host "Compression done At $date"    
    }
Else 
    {
Write-host "Something went wrong. You have to run 7z manually!"  -ForeGroundColor Red
    }
#All done exit
Exit

You can download the ps1 version from Google Docs here's the link.

Exchange 2010 Gal Picture Upload Script.

Alright I been working on migrating to Exchange 2010 from Exchange 2007.  Once moved we wanted to upload the pictures for users. You can do this on Exchange 2007 not covered here though.

I made the below script by using multiple source to compile this. Some script I found did something I liked but lacked few things so I went ahead and made my own with all thse things I needed. I am pretty new to Powershell so if you find I can improve then do let me know :)

I added option to check if the picture is already on the user ad attribute to save time. You can disable it if you dont want that. I also used hashtable to keep a log file for successful or failed uploads of pics.

If you have any suggestions to add to this script do let me know :)

You probably need to change Pickup folder location which is $PicFolder

=============Update: 10/11/11===========

I did not explain what this script does cause I thought it was pretty much straight forward cause of comments I added. But anyways I looked at the post today and thought hell it doesn't really say that this can do.

So here it is :- (I listed it in way of execution)

1- Gets users from exchange with get-mailbox | foreach

2- Create and datestamp log files with start of script. (I didnt know how to datestamp each line so had to create it head of execution of script. Maybe someone can help me out with this.

3- Initiate Hashtables for Success Log (Slist) and Failed Log (Flist).

4- For each users found with get-mailbox fetch $alias from it and check $alias.jpg file in pickup folder. If the pic is not there for $alias skip user.

5- Function ChkPic is to check if user has picture already assigned if so skip the user. This is usefull if want to re-run this script with new pictures added to pickup folder. Method used here is Export-RecipientDataProperty with username to see if it shows something. Usually if pic is there it will show RunspaceID in the result. I using that as my ref for pic is there.

6- Check picture file size if its less then or equal to 10k. If bigger than 10k skip user. Otherwise go ahead.

7- So finally we reached here after all that checks YAY. Go ahead and import picture.

8- So you remember that ChkPic (Step 5) I created? we are going to use it again to check if it uploaded the picture successfully. Does the same thing but after uploading. If it finds the pic it says all good otherwise logs it to Flist and displays error.

9- Display information about the logs and location to user.

10- End Script

Please leave a comment cause sometimes I feel that no one is reading this LOL. :p anyways it comes handy for me :)

================ImporToExCh2010=====================
#Pickup folder for pictures.
$PicFolder = "c:\pics"

#Fetch users from Exchange
$results = Get-Mailbox | Foreach {$_.alias}

#DateStamp
$Date=$(Get-Date -format g) | add-content c:\ExPicSuccess.log, c:\ExPicFailed.log

#Using hashtable for logs.
$Slist=@{} #Successful Log file
$Flist=@{} #Failed Log File

#Function to check if pic is in user ad attr
Function ChkPic {
Param ($alias)

#Try to see if user already has pic uploaded
$ChkUpload = Export-RecipientDataProperty -Identity $alias -Picture | out-string

#Match for RunspaceId in result string
$RChk = $ChkUpload -match "RunspaceId"                            }
#End Function ChkPic

Foreach ($alias in $results)
{
$FileLoc = "$PicFolder\$alias.jpg"
$FileExists = Test-path $FileLoc

If ($FileExists -eq $True){
Write-host -f green "`nPicture found for $alias....checking size..."

#Check photo size if its less than 10k
$PhotoSize = Get-ChildItem $FileLoc | select Length

If ($PhotoSize.Length -le 10000) { Write-Host "[Size OK]" -ForeGroundColor Green }
Else {
$Flist.Add($alias, "Pic Size Exceeded 10k - Skipped!")
Write-Host "[Pic Size more than 10Kb..Skipping User!]" -ForeGroundColor Red; Continue}

#Precheck to make sure pic is not assigned. If assigned skip user. (You can disable this)
ChkPic $alias

If ($RChk -eq $True) { Write-Host "User already has picture assigned. Skipping User! `n" -f red;Continue}

#All good going ahead with uploading..
Write-host -f yellow "Uploading..."

#Import Picture to user ad attr
Import-RecipientDataProperty -Identity "$alias" -Picture -FileData `
([Byte[]]$(Get-Content -Path "$FileLoc" -Encoding Byte -ReadCount 0))

Write-Host -f green "Uploaded picture for $alias"
Write-host -f yellow "Checking if uploaded successfully..."

#Calling ChkPic Function
ChkPic $alias
#If statement to see if value is true which means successful and false means pic attr not found.
If ($RChk -eq $True) {
Write-Host -f green "[Uploaded Successfully] `n"

If ($alias) {$Slist.Add($alias, "Successful")}
}
Else {
Write-Host -f red "[Upload Failed]"

$Flist.Add($alias, "Upload Failed.")
}
                          }

Else{
Write-host -f red "Picture not found for $alias in $PicFolder"

If ($alias) {$Flist.Add($alias, "Picture not found.")}
    }
}

Write-Host -f yellow "#Note: Logs files can be found in C: with name of ExPicSuccess.log & ExPicFailed.log `n"

#Add Successful list to log file
$Slist | out-string | add-content c:\ExPicSuccess.log
Write-host -f green "`n Displaying Successful Upload Userlist `n"
$Slist

#Add Failed to log
$Flist | out-string | add-content c:\ExPicFailed.log
Write-host -f red "`n Displaying Failed Upload Userlist `n"
$Flist
=======================================================

Download ps1 from Google Docs

You can download the ps1 incase the copy paste doesnt work. Link provided above

PowerShell print server inventory script by Michel Stevelmans

Scripts looks very interesting. I haven't tried it but will do that in awhile :)
--------------------------------------------------------------------------------------------
PowerShell script which lists all installed printers and gathers information like the printer name, driver, share name, location and the IP address (the actual IP address, not the portname without the “IP” prefix).

# Print server inventory script
# Created by Michel Stevelmans - http://www.michelstevelmans.com

# Set print server name
$Printserver = "PRINTSERVER"

# Create new Excel workbook
$Excel = new-Object -comobject Excel.Application
$Excel.visible = $True
$Excel = $Excel.Workbooks.Add()
$Sheet = $Excel.Worksheets.Item(1)
$Sheet.Cells.Item(1,1) = "Printer Name"
$Sheet.Cells.Item(1,2) = "Location"
$Sheet.Cells.Item(1,3) = "Comment"
$Sheet.Cells.Item(1,4) = "IP Address"
$Sheet.Cells.Item(1,5) = "Driver Name"
$Sheet.Cells.Item(1,6) = "Shared"
$Sheet.Cells.Item(1,7) = "Share Name"
$intRow = 2
$WorkBook = $Sheet.UsedRange
$WorkBook.Font.Bold = $True

# Get printer information
$Printers = Get-WMIObject Win32_Printer -computername $Printserver
foreach ($Printer in $Printers)
{
    $Sheet.Cells.Item($intRow, 1) = $Printer.Name
    $Sheet.Cells.Item($intRow, 2) = $Printer.Location
    $Sheet.Cells.Item($intRow, 3) = $Printer.Comment
    $Ports = Get-WmiObject Win32_TcpIpPrinterPort -computername $Printserver
        foreach ($Port in $Ports)
        {
            if ($Port.Name -eq $Printer.PortName)
            {
            $Sheet.Cells.Item($intRow, 4) = $Port.HostAddress
            }
        }
    $Sheet.Cells.Item($intRow, 5) = $Printer.DriverName
    $Sheet.Cells.Item($intRow, 6) = $Printer.Shared
    $Sheet.Cells.Item($intRow, 7) = $Printer.ShareName
    $intRow = $intRow + 1
}

$WorkBook.EntireColumn.AutoFit()
$intRow = $intRow + 1
$Sheet.Cells.Item($intRow,1).Font.Bold = $True
$Sheet.Cells.Item($intRow,1) = "Print server inventory - Created by Michel Stevelmans - http://www.michelstevelmans.com"

Source : http://www.michelstevelmans.com/powershell-print-server-inventory-script/

Control Panel Shortcut

---

Control Panel Files [CPL's]
File name Purpose
-----------------------------------------------------------------------
Access.cpl Accessibility properties
Appwiz.cpl Add/Remove Programs properties
Desk.cpl Display properties
FindFast.cpl FindFast (included with Microsoft Office for Windows 95)
Inetcpl.cpl Internet properties
Intl.cpl Regional Settings properties
Joy.cpl Joystick properties
Main.cpl Mouse, Fonts, Keyboard, and Printers properties
Mlcfg32.cpl Microsoft Exchange or Windows Messaging properties
Mmsys.cpl Multimedia properties
Modem.cpl Modem properties
Netcpl.cpl or Ncpa.cpl Network properties
Odbccp32.cpl Data Sources (32-bit ODBC, included w/ Microsoft Office)
Password.cpl Password properties
Sticpl.cpl Scanners and Cameras properties
Sysdm.cpl System properties and Add New Hardware wizard
Themes.cpl Desktop Themes
TimeDate.cpl Date/Time properties
Wgpocpl.cpl Microsoft Mail Post Office

---

How to Start Single Sections of Control Panel With a Command

Control Panel Tool Command
---------------------------------------------------------------
Accessibility Options control access.cpl
Add New Hardware control sysdm.cpl add new hardware
Add/Remove Programs control appwiz.cpl
Date/Time Properties control timedate.cpl
Display Properties control desk.cpl
FindFast control findfast.cpl
Internet Properties control inetcpl.cpl
Joystick Properties control joy.cpl
Keyboard Properties control main.cpl keyboard
Microsoft Exchange control mlcfg32.cpl
(or Windows Messaging)
Microsoft Mail Post Office control wgpocpl.cpl
Modem Properties control modem.cpl
Mouse Properties control main.cpl
Multimedia Properties control mmsys.cpl
Network Properties control netcpl.cpl or ncpa.cpl
Password Properties control password.cpl
PC Card control main.cpl pc card (PCMCIA)
Power Management (Windows 95) control main.cpl power
Power Management (Windows 98) control powercfg.cpl
Printers Properties control main.cpl printers
Regional Settings control intl.cpl
Scanners and Cameras control sticpl.cpl
Sound Properties control mmsys.cpl sounds
System Properties control sysdm.cpl

PsTools with Powershell - Remote Execution

So I was tasked to remote execute an exe file on a server.

I wanted to use PowerShell to do the whole thing but ended up using PsTools due to lack of time to explore PowerShell Remote.

I ran into few issue. Basically when I was executing the exe file it wasn't displaying anything to the end user. After doing some research I found that exe was running but on the wrong session. For example I wanted to see the Test.exe GUI logged in as a remote user. But when I executed the psexec it ran the Test.exe in console session id 0. My session id was 2. You can see you session by going to taskmanager and go to users tab. There you will see the session id.

In order for me to see Test.exe GUI I had to specify the session on psexec. But problem was that every time I log into remote desktop I would get a new session id.

So I googled it and found the solution for identifying the session id.

So basically psexec runs a command query session and looks for session id of the user where the app should be displayed. i.e the variable $UserSession

=======================================================================
#Make sure you change the location of PsTools exe files below
#Change following variables for your setup
set-alias psexec 'C:\PsTools\PsExec.exe' 
$UsersSession = 'ijaved' #Username of the user you want the app to show
$UserAdmin = 'admin' #admin user on the remote pc
$AdminPass = 'test' #pass of admin user
$RemotePc = '\\192.168.1.128' #remote pc
$App ='C:\test.exe' # App to run

#No need to change anything below
$results = & psexec '$RemotePC' -u '$UserAdmin' -p '$AdminPass' query session
$id = $results | Select-String "$UsersSession\s+(\w+)" | Foreach {$_.Matches[0].Groups[1].Value}
$delay = ping 127.0.0.1 -n 2
$call =  & psexec '$RemotePC' -u '$UserAdmin' -p '$AdminPass' -i $id -d '$App'
#End Script
=======================================================================

I found a problem where one of the installer.exe won't run even after being called. It would come up and disappear. After trying to figure out something I got my break. I found that when psexec is executing the installer it is doing so from c:\windows\system32 folder and the installer for some stupid reason was looking for its file inside system32. Don't know why but that was the case.

So I made a batch file which called the installer from its own folder. Basically batch file did the following :-

cd \
cd "c:\installerfolder\"
c:\installerfolder\install.exe

Hope it helps anyone out there.