Posted by David Quiram on Tue, Jan 10, 2012
PowerShell is the tool that most of us don't use to its full potential. I know we have our excuses, the biggest one being "it will take me longer to figure out how to do (insert task) through PowerShell. I can just use the GUI and figure it out next time", so when is the next time?
Why use PowerShell? Oh my, there are many reasons.. Through PowerShell you can do anything that the GUI can do for the task you're completing and more...really more. You can create the commands and save them for use again...it’s like (gasp) scripting!
I find it most useful when trying to pull data out of Active Directory for reporting and for creating large number of users at the same time.
What are some of the things that one can do with cmdlets in with users in Active Directory?
-
Create user accounts
-
Manage user accounts
-
Change user accounts properties
-
Reporting on user accounts
-
Determine a user’s last log in time or those who have not logged in recently
-
Finding users who’s accounts are about to expire
-
Computer management
-
Join a computer to a domain
-
Rename computers
-
Finding computers of a particular OS
-
Group Management
-
Reporting on groups
-
Finding users and groups
-
Manage Service Accounts
-
Forest Management
-
Domain Management
-
Manage Password Policies
Oh and all these can be done remotely too!!! I read about one administrator who used PowerShell to scan a directory for a .csv nightly. The HR staff would drop in a .csv of the new users and they would be created at night automatically through the use of PowerShell. Get work done and sleep!!!
But where are all the commands to enter in to do all this? That, you will have to find for yourself, odds are you used a search engine to get to this point, take it a few steps further. All the commands and things you want to do have probably been done by someone else. Just make sure you find several versions of the commands you want to run and compare them. Don't be a script kiddy and just run the first one that you find. If you don't understand what you’re running, that is a huge risk. Risk is bad.
Posted by The Blogging Desk on Fri, Feb 18, 2011
- by Chad, "The Dream", Weaver
It has been a while since I have written a truly technical blog, but recently I have found some very useful things that can be done easily with the Microsoft Powershell specifically when it comes to Microsoft Exchange. Now when it comes to using any of the newer Microsoft products I really recommend using the Powershell to complete management tasks. It is truly a powerful tool and I believe that understanding the command line will really bring better understanding of the product as a whole. One neat thing I found when using Exchange 2010 is that when you use the GUI just before the command finishes it shows the Powershell command that it is running to complete the action.
This document is going to focus on a simple task that Exchange administrators would need to complete from time to time, removing a user and mailbox from the system. If you are using the GUI and right click on a mailbox that is no longer needed there are 2 options to kick this process of remove or disable. If you chose remove, it will remove the user from AD and set the mailbox to be deleted at the end of the retention period. The other option does not delete the user, but disconnects the mailbox and sets it to be removed at the end of the retention period. The default retention period is 30 days, if you want this completed sooner using the GUI you are out of luck.
Now to complete the same task in the Exchange Powershell the command would be Disable-Mailbox name@domain.com. So far that was really simple, and accomplishes the same thing we did using the GUI. Now the mailbox is set to be removed is 30 days from the deleted date. Here is where the power of Powershell comes in, we can speed this up and do multiple other tasks. First if we don’t want to wait for the mailbox cleanup agent to discover the newly removed mailboxes, we can run a command to make that happen.
Get-MailboxDatabase | Clean-MailboxDatabase
The part of the above command will get the names of the mailbox databases and then we pipe that command in to the second part, the Clean-MailboxDatabase will then run the cleanup agent on the databases. You can also just use the Clean-MailboxDatabase “mailbox database name” to just run it against a single database. Now that we have the mailboxes discovered as being disconnected and pending deletion at the end of the retention period we need some information about them. The following command will get us the information we need.
get-mailboxstatistics -database "mailbox database name" |where{$_.DisconnectDate -ne $null}| FL displayName, mailboxguid
This command will find all the mailboxes in a specific database, supplied by replacing the “mailbox database name” with the name of the mailbox database you wish to gather information from. The rest of the command is only finding mailboxes where the disconnectdate is not null or blank, which only returns the mailboxes in a disconnected state. The two rows returned are displayname and mailboxguid, this shows the name of the mailbox and the associated GUID that is required to remove it right away. Now that we have this information we can remove the mailboxes from exchange without a month wait. We will need to use the remove-mailbox command set we us the GUID for the –StoreMailboxIdentity part of the command. So to remove a mailbox that is pending deletion we would run the following command.
remove-mailbox -database “mailbox database name” -storemailboxidentity "GUID returned ”
This will prompt you if you want to remove the object, and you can add extra commands to prevent the confirming but I always like to be really sure I ran a command correctly before it finishes. I did show the long way here most of these steps just so you could get a feel for it. This information also really helps if you started the process with the GUI. Now for the shortcut, and a quick advanced command, that makes this really quick. If you know you don’t need the mailbox around just remove it from the Powershell command line with the following command. Remove-Mailbox –Identity name@domain.com –Permanent $true. That command alone will delete the mailbox ignoring the retention policy in one step. See this is where Powershell really shines. Now the last one, this assumes that you have already disconnected the mailbox and know the users name, and includes some advanced powershell scripting. $Temp = Get-Mailbox | Where {$_.DisplayName –eq ‘FirstName LastName’}
Remove-Mailbox –Database “database Name” –StoreMailboxIdentity $temp.MailboxGuid
There you go! Sorting the information - gathering and automating the removal process in 2 steps! Trigon doesn't stop there; let us know if you'd like more helpful tips!