Introduction to Microsoft Exchange 2010 PowerShell

#### Introduction

Exchange 2010 PowerShell commands, also known as cmdlets, are essential for managing various aspects of an Exchange Server environment. These cmdlets provide granular control and automation capabilities, allowing administrators to efficiently perform tasks such as managing mailboxes, distribution groups, databases, and server settings. Understanding these cmdlets is crucial for effective Exchange Server administration.

#### Recipient Management Cmdlets

1. **Get-Mailbox**

- **Usage**: Retrieves mailbox properties and information.

- **Example**: `Get-Mailbox -Identity "JohnDoe"`

- This cmdlet is commonly used to gather details about individual mailboxes or to list all mailboxes in an organization. You can filter the results based on various properties such as display name, email address, or recipient type.

2. **Set-Mailbox**

- **Usage**: Modifies mailbox properties.

- **Example**: `Set-Mailbox -Identity "JohnDoe" -PrimarySmtpAddress john.doe@example.com`

- This cmdlet allows administrators to change properties of a mailbox, such as email addresses, mailbox quotas, and retention policies.

3. **New-Mailbox**

- **Usage**: Creates a new mailbox for a user.

- **Example**:

```powershell

New-Mailbox -Name "JaneDoe" -UserPrincipalName jane.doe@example.com -Password (ConvertTo-SecureString "P@ssw0rd" -AsPlainText -Force) -FirstName "Jane" -LastName "Doe" -DisplayName "Jane Doe"

```

- This cmdlet is essential for onboarding new users by creating their mailboxes. It includes parameters for setting the initial password and user details.

4. **Remove-Mailbox**

- **Usage**: Deletes a mailbox.

- **Example**: `Remove-Mailbox -Identity "JaneDoe"`

- Used to delete mailboxes, which also removes the associated Active Directory user if specified.

5. **Get-Contact / Set-Contact**

- **Usage**: Retrieves or modifies contact properties.

- **Example**:

- `Get-Contact -Identity "HRContact"`

- `Set-Contact -Identity "HRContact" -DisplayName "Human Resources Contact"`

- These cmdlets are used to manage mail contacts, which are external contacts stored within the Exchange organization.

6. **Enable-Mailbox**

- **Usage**: Mail-enables an existing Active Directory user.

- **Example**: `Enable-Mailbox -Identity "JaneDoe" -Database "MailboxDatabase1"`

- This cmdlet is used to enable a mailbox for an existing user in Active Directory.

#### Distribution Group Management Cmdlets

1. **Get-DistributionGroup**

- **Usage**: Retrieves distribution group properties.

- **Example**: `Get-DistributionGroup -Identity "SalesTeam"`

- This cmdlet provides information about distribution groups, which are used to send emails to multiple recipients.

2. **New-DistributionGroup**

- **Usage**: Creates a new distribution group.

- **Example**:

```powershell

New-DistributionGroup -Name "SupportTeam" -PrimarySmtpAddress support@example.com -OrganizationalUnit "OU=Groups,DC=example,DC=com"

```

- This cmdlet is used to create new distribution groups for organizational communication.

3. **Set-DistributionGroup**

- **Usage**: Modifies distribution group properties.

- **Example**: `Set-DistributionGroup -Identity "SalesTeam" -EmailAddresses @{Add="sales2@example.com"}`

- Used to change settings for existing distribution groups, such as adding new email addresses or changing the display name.

4. **Add-DistributionGroupMember / Remove-DistributionGroupMember**

- **Usage**: Adds or removes members from a distribution group.

- **Example**:

- `Add-DistributionGroupMember -Identity "SalesTeam" -Member "JaneDoe"`

- `Remove-DistributionGroupMember -Identity "SalesTeam" -Member "JaneDoe"`

- These cmdlets manage the membership of distribution groups, making it easy to update group members.

#### Database Management Cmdlets

1. **Get-MailboxDatabase**

- **Usage**: Retrieves mailbox database properties.

- **Example**: `Get-MailboxDatabase -Identity "MailboxDatabase1"`

- This cmdlet is used to fetch information about mailbox databases, such as their size, status, and mount status.

2. **New-MailboxDatabase**

- **Usage**: Creates a new mailbox database.

- **Example**:

```powershell

New-MailboxDatabase -Name "Database2" -EdbFilePath "C:\Databases\Database2.edb" -LogFolderPath "C:\Databases\Logs"

```

- Used to create new mailbox databases, essential for expanding storage or separating different organizational units.

3. **Mount-Database / Dismount-Database**

- **Usage**: Mounts or dismounts a mailbox database.

- **Example**:

- `Mount-Database -Identity "Database2"`

- `Dismount-Database -Identity "Database2"`

- These cmdlets control the availability of mailbox databases by mounting (making available) or dismounting (taking offline) them.

4. **Move-DatabasePath**

- **Usage**: Moves the database and/or log files to a new location.

- **Example**:

```powershell

Move-DatabasePath -Identity "Database2" -EdbFilePath "D:\NewLocation\Database2.edb" -LogFolderPath "D:\NewLocation\Logs"

```

- Used when you need to relocate the database files due to storage reconfiguration or performance optimization.

5. **Get-MailboxDatabaseCopyStatus**

- **Usage**: Retrieves the status of mailbox database copies.

- **Example**: `Get-MailboxDatabaseCopyStatus -Identity "Database2"`

- This cmdlet provides details about the replication and status of mailbox database copies in a Database Availability Group (DAG).

6. **Update-MailboxDatabaseCopy**

- **Usage**: Resynchronizes a mailbox database copy.

- **Example**: `Update-MailboxDatabaseCopy -Identity "Database2\Server2"`

- Used to update or resynchronize a specific database copy.

7. **Test-ReplicationHealth**

- **Usage**: Checks the health of the replication system for mailbox databases.

- **Example**: `Test-ReplicationHealth`

- This cmdlet runs various tests to check the health and status of replication components in a DAG.

#### Server Configuration Cmdlets

1. **Get-ExchangeServer**

- **Usage**: Lists all Exchange servers in the organization.

- **Example**: `Get-ExchangeServer`

- This cmdlet retrieves information about each Exchange server, including roles and version details.

2. **Set-ExchangeServer**

- **Usage**: Modifies properties of an Exchange server.

- **Example**: `Set-ExchangeServer -Identity "ExchangeServer1" -InternetWebProxy "http://proxy.example.com:8080"`

- Used to configure server-specific settings such as proxy settings or diagnostic logging.

3. **Get-MailboxServer**

- **Usage**: Retrieves properties of mailbox servers.

- **Example**: `Get-MailboxServer -Identity "MailboxServer1"`

- Provides details about mailbox servers, including database status and server roles.

4. **Set-MailboxServer**

- **Usage**: Changes settings for a mailbox server.

- **Example**: `Set-MailboxServer -Identity "MailboxServer1" -MaximumActiveDatabases 10`

- Allows you to configure settings specific to mailbox servers, such as the number of active databases.

5. **Restart-Service**

- **Usage**: Restarts an Exchange service.

- **Example**: `Restart-Service -Name "MSExchangeTransport"`

- This cmdlet restarts specified Exchange services, often used during maintenance or troubleshooting.

#### Monitoring and Reporting Cmdlets

1. **Get-EventLogLevel**

- **Usage**: Retrieves the event logging levels configured for the server.

- **Example**: `Get-EventLogLevel -Server "ExchangeServer1"`

- Useful for monitoring and troubleshooting by checking the logging levels.

2. **Set-EventLogLevel**

- **Usage**: Modifies the event logging levels.

- **Example**: `Set-EventLogLevel -Identity "ExchangeServer1\MSExchangeIS\*" -Level Expert`

- Allows you to adjust the verbosity of logs for various services, which can aid in detailed troubleshooting.

3. **Get-Queue / Retry-Queue / Remove-Queue**

- **Usage**: Manages mail queues.

- **Example**:

- `Get-Queue` shows the current status of all mail queues.

- `Retry-Queue -Identity "Submission"` retries messages in the submission queue.

- `Remove-Queue -Identity "Poison"` clears the poison message queue.

- These cmdlets are crucial for managing message flow and handling issues with mail queues.

4. **Test-ServiceHealth**

- **Usage**: Checks the health of various Exchange services.

- **Example**: `Test-ServiceHealth`

- Provides a quick overview of the status of essential Exchange services.

#### 5. Mail Flow and Transport Rules Cmdlets

Managing mail flow and setting up transport rules is essential to ensure that emails are routed correctly and to enforce organizational policies.

1. **Get-TransportRule**

- **Usage**: Retrieves transport rules.

- **Example**: `Get-TransportRule -Identity "BlockExternalEmails"`

- This cmdlet lists all the transport rules in an organization. Transport rules are used to control and modify message flow, enforce compliance requirements, and apply policies to emails.

2. **New-TransportRule**

- **Usage**: Creates a new transport rule.

- **Example**:

```powershell

New-TransportRule -Name "BlockExternalEmails" -FromScope NotInOrganization -Action "DeleteMessage"

```

- This cmdlet creates a new transport rule. Transport rules can perform actions like blocking or redirecting emails based on various conditions such as sender, recipient, or keywords in the subject.

3. **Set-TransportRule**

- **Usage**: Modifies an existing transport rule.

- **Example**: `Set-TransportRule -Identity "BlockExternalEmails" -Comments "Updated to include new criteria"`

- Use this cmdlet to modify properties of existing transport rules. For instance, you can update conditions or actions based on changing organizational needs.

4. **Remove-TransportRule**

- **Usage**: Deletes a transport rule.

- **Example**: `Remove-TransportRule -Identity "BlockExternalEmails"`

- This cmdlet is used to remove outdated or unnecessary transport rules from the system.

5. **Get-Queue / Retry-Queue / Remove-Queue**

- **Usage**: Manages mail queues.

- **Example**:

- `Get-Queue` shows the current status of all mail queues.

- `Retry-Queue -Identity "Submission"` retries messages in the submission queue.

- `Remove-Queue -Identity "Poison"` clears the poison message queue.

- These cmdlets are crucial for managing message flow and handling issues with mail queues. Queues can be retried, messages removed, and statuses checked to ensure smooth mail delivery.

#### 6. Public Folder Management Cmdlets

Public folders are used to share information within an organization. Managing them effectively is crucial for collaboration.

1. **Get-PublicFolder**

- **Usage**: Retrieves public folder properties.

- **Example**: `Get-PublicFolder -Identity "\Marketing" -GetChildren`

- This cmdlet is used to get information about public folders. You can use it to retrieve properties and details about specific folders or a hierarchy of folders.

2. **New-PublicFolder**

- **Usage**: Creates a new public folder.

- **Example**: `New-PublicFolder -Name "Sales" -Path "\Marketing"`

- This cmdlet creates a new public folder. Public folders can be used to store and organize shared data.

3. **Set-PublicFolder**

- **Usage**: Modifies properties of a public folder.

- **Example**: `Set-PublicFolder -Identity "\Sales" -Replicas "Server1" -StorageQuota 500MB`

- Use this cmdlet to modify existing public folder properties such as replication settings, quotas, and permissions.

4. **Remove-PublicFolder**

- **Usage**: Deletes a public folder.

- **Example**: `Remove-PublicFolder -Identity "\Sales"`

- This cmdlet is used to delete public folders that are no longer needed.

5. **Get-PublicFolderStatistics**

- **Usage**: Retrieves statistics for public folders.

- **Example**: `Get-PublicFolderStatistics -Identity "\Marketing"`

- This cmdlet provides information such as folder size, item count, and last access time for public folders.

6. **Set-PublicFolderClientPermission**

- **Usage**: Sets client permissions on a public folder.

- **Example**: `Set-PublicFolderClientPermission -Identity "\Sales" -User "JohnDoe" -AccessRights Owner`

- Use this cmdlet to assign or modify client permissions on public folders. This ensures that the right people have the appropriate level of access.

#### 7. Permissions and Role-Based Access Control (RBAC) Cmdlets

Exchange 2010 introduced Role-Based Access Control (RBAC) to manage permissions more granularly.

1. **Get-ManagementRole**

- **Usage**: Retrieves management roles.

- **Example**: `Get-ManagementRole -Identity "MailboxImportExport"`

- This cmdlet lists all the management roles available in an organization. Roles define sets of cmdlets and parameters that users can execute.

2. **New-ManagementRole**

- **Usage**: Creates a new management role.

- **Example**:

```powershell

New-ManagementRole -Name "CustomRole" -Parent "MailboxImportExport"

```

- This cmdlet is used to create custom management roles based on existing ones. It allows for fine-tuning of permissions to suit specific needs.

3. **Set-ManagementRole**

- **Usage**: Modifies an existing management role.

- **Example**: `Set-ManagementRole -Identity "CustomRole" -Description "Custom role for export tasks"`

- Use this cmdlet to change properties of existing management roles, such as descriptions and assignments.

4. **Remove-ManagementRole**

- **Usage**: Deletes a management role.

- **Example**: `Remove-ManagementRole -Identity "CustomRole"`

- This cmdlet removes roles that are no longer required.

5. **Get-ManagementRoleAssignment**

- **Usage**: Retrieves management role assignments.

- **Example**: `Get-ManagementRoleAssignment -Role "MailboxImportExport"`

- This cmdlet lists all assignments of a specific role, showing which users or groups have been assigned that role.

6. **New-ManagementRoleAssignment**

- **Usage**: Assigns a management role to a user or group.

- **Example**:

```powershell

New-ManagementRoleAssignment -Role "MailboxImportExport" -User "JohnDoe"

```

- This cmdlet is used to assign roles to users or groups, defining what actions they can perform in Exchange.

7. **Remove-ManagementRoleAssignment**

- **Usage**: Removes a management role assignment.

- **Example**: `Remove-ManagementRoleAssignment -Identity "CustomRoleAssignment"`

- This cmdlet is used to unassign roles from users or groups.

#### 8. Compliance Management Cmdlets

Compliance management is vital for organizations to meet legal and regulatory requirements. Exchange 2010 provides cmdlets to help enforce compliance policies.

1. **Get-MailboxAuditLog**

- **Usage**: Retrieves mailbox audit logs.

- **Example**: `Get-MailboxAuditLog -Mailbox "JohnDoe" -StartDate "01/01/2023" -EndDate "01/31/2023"`

- This cmdlet is used to retrieve audit logs for a specific mailbox, showing actions like access, deletion, and changes made by users.

2. **Set-MailboxAuditBypassAssociation**

- **Usage**: Configures audit bypass for specific mailboxes.

- **Example**: `Set-MailboxAuditBypassAssociation -Identity "JohnDoe" -AuditBypassEnabled $true`

- This cmdlet sets up bypass rules for audit logging, typically used for service accounts or specific administrative users.

3. **Search-MailboxAuditLog**

- **Usage**: Searches the mailbox audit log.

- **Example**:

```powershell

Search-MailboxAuditLog -Mailboxes "JohnDoe" -LogonTypes Owner -Operations HardDelete -StartDate "01/01/2023" -EndDate "01/31/2023"

```

- This cmdlet searches the audit logs for specific actions, such as deletions or access by mailbox owners.

4. **New-MailboxSearch**

- **Usage**: Creates a new mailbox search for eDiscovery.

- **Example**:

```powershell

New-MailboxSearch -Name "LegalCase123" -SourceMailboxes "JohnDoe" -SearchQuery "subject:'confidential' AND received:>=01/01/2023" -TargetMailbox "eDiscoveryMailbox"

```

- This cmdlet is used for eDiscovery, allowing searches across mailboxes for specific criteria, such as keywords or dates.

5. **Start-MailboxSearch / Stop-MailboxSearch**

- **Usage**: Starts or stops a mailbox search.

- **Example**:

- `Start-MailboxSearch -Identity "LegalCase123"`

- `Stop-MailboxSearch -Identity "LegalCase123"`

- These cmdlets manage the state of eDiscovery searches.

6. **Export-Mailbox**

- **Usage**: Exports mailbox content to a PST file.

- **Example**:

```powershell

Export-Mailbox -Identity "JohnDoe" -PSTFolderPath "C:\Exports\JohnDoe.pst"

```

- This cmdlet is used to export mailbox data, often for legal, compliance, or backup purposes.