Saturday, August 31, 2013

Create Bulk Active Directory Users with PowerShell

Here is real simple script to use to create bulk AD users for your test environment. When you execute the script it will ask you simple questions, all you need to do it to type input based on your scenario, script will take your input and execute within the shell. and at the end it will list the users which have been created.

I wrote this script please fell free to change or add anything you like.

Download the script  from here

 

After downloading the script execute it

image

Script will ask you three questions

image

After you specify how many users you like to create ( you can create as many users as you like)

image

Script will show you the users, you will also find these  users on the default user contained within ADUC.

image

Easy enough (-: , Enjoy it

Respectfully,

MCITP (EMA), MCITP (SA)
MCSE 2003, M+, S+, MCDST
Security+, Project +, Server +
http://smtp25.blogspot.com/ (Blog)
http://telnet25.wordpress.com/ (Blog)

 

 

Wednesday, August 21, 2013

How to Configure Exchange 2010 Self Certificate Part 3

  • Now open your Exchange 2010 Server EMC
  • Go to Server Configuration , make right click
  • Select "new Exchange Certificate"

clip_image001

Give it a name like,

Exchange 2010 CR Request

clip_image002

Click next

clip_image003

Now on this page let me elaborate bit more, in our scenario we won't have any access from internet so all configuration changes we will be doing are INTERNAL. That being said if this would be real time scenario the process would be the same as you would consider to use outside names to access these resources such as mail.YourCompnay.com or outlook.YourCompany.com

Internal Server names DO NOT NEED TO BE on the certificate normally , Unless you can think of some good reason.

We will use two name spaces

Mail.ztekzone.com and Webmail.ztekzone.com , in internal DNS servers we will add A records to point these resources

Any Exchange server we like. The purpose of having different name space is to keep control of internal mail related resources and segregate them from outside ( Different path, different HLB servers etc.)

clip_image004

clip_image005

The last option is Legacy , if you were to perform migration from legacy versions of Exchange servers this is what you would select here for the proper name space to be able to distinguish Exchange services and proxy them back to legacy servers in Co-Existence scenarios . ( you leave this blank if this is wont pertain to you)

clip_image006

Now on this page make sure your common name set it correctly

Fill out the blanks per your reference

clip_image007

clip_image008

clip_image009

clip_image010

Click Finish now you can see you have pending request

clip_image011

Here is our file

clip_image012

In Part 3 we will put all together

clip_image013

Here is OWA and SSL connection is established  with no  issues

clip_image014

Respectfully,

MCITP (EMA), MCITP (SA)
MCSE 2003, M+, S+, MCDST
Security+, Project +, Server +
http://smtp25.blogspot.com/ (Blog)
http://telnet25.wordpress.com/ (Blog)

How to Configure Exchange 2010 Self Certificate Part 2

  • Now open your Exchange 2010 Server EMC
  • Go to Server Configuration , make right click
  • Select "new Exchange Certificate"

clip_image001

Give it a name like,  Exchange 2010 CR Request

clip_image002

Click next

clip_image003

Now on this page let me elaborate bit more, in our scenario we won't have any access from internet so all configuration changes we will be doing are INTERNAL. That being said if this would be real time scenario the process would be the same as you would consider to use outside names to access these resources such as mail.YourCompany.com or outlook.YourCompany.com

Internal Server names DO NOT NEED TO BE on the certificate normally , Unless you can think of some other good reason.

We will use two name spaces

Mail.ztekzone.com and Webmail.ztekzone.com , in internal DNS servers we will add A records to point these resources

Any Exchange server we like. The purpose of having different name space is to keep control of internal mail related resources and segregate them from outside ( Different path, different HLB servers etc.)

clip_image004

clip_image005

The last option is Legacy , if you were to perform migration from legacy versions of Exchange servers this is what you would select here for the proper name space to be able to distinguish Exchange services and proxy them back to legacy servers in Co-Existence scenarios . ( you leave this blank if this is wont pertain to you)

clip_image006

Now on this page make sure your common name set it correctly

Fill out the blanks per your reference or needs.

clip_image007

clip_image008

clip_image009

clip_image010

Click Finish now you can see you have pending request

clip_image011

Here is our file

clip_image012

In Part 3 we will put all together

Respectfully,

MCITP (EMA), MCITP (SA)
MCSE 2003, M+, S+, MCDST
Security+, Project +, Server +
http://smtp25.blogspot.com/ (Blog)
http://telnet25.wordpress.com/ (Blog)

How to Configure Exchange 2010 Self Certificate Part#1

We will configure Exchange 2010 Self Certificate to be used in our LAB , the LAB Environment we will be performing several tasks , including configuring your own certificate authority and creating CR from exchange 2010 servers are part of our goal on this article.

We will at the end install the local certificate and I will show you how to import that into your own laptops etc. to avoid seeing certificate is not trusted warning. The steps you would do are same if you were the AD engineer to manage internal CA authority for your internal usage.

  • Windows 2008 R2 Forest/Domain
  • DC1 ( Domain Controller, Certificate authority server)
  • E1 ( Exchange 2010 , Multi Role DAG member)
  • E2 ( Exchange 2010 , Multi Role DAG member)
  • Windows 7 Workstation ( Domain member)

Working Steps:

  1. Install Certificate authority on the Domain Controller for your domain

Open Server manager, by typing Servermanager.msc

Roles, add roles,

clip_image001

clip_image002

Select Active Directory Certificate Services

clip_image003

Click Next

When it is asked select add required roles and click next when you ready

clip_image004

Enterprise

clip_image005

Root CA

clip_image006

Create a new Private key

clip_image007

Click next ( don’t need to change anything here)

clip_image008

Click next

clip_image009

Click next ( 5 years is good enough normally adjust if you like )

clip_image010

Click next ( pay attention here where will have the databases) if this was production implementation you would certainly

Take a note of this directory

clip_image011

Next

clip_image012

Next

clip_image013

Finally Install

clip_image014

Now open IIS on the same ( server) click start and type "Inetmgr " hit enter.

clip_image015

Expand default website and locate directory called " CerSrv" on the right pane, click on "Browse"

clip_image016

Now you may want to add this into Bookmark of your browser

clip_image017

Part 2 we will generate certificate request from Exchange 2010 servers

Respectfully,

MCITP (EMA), MCITP (SA)
MCSE 2003, M+, S+, MCDST
Security+, Project +, Server +
http://smtp25.blogspot.com/ (Blog)
http://telnet25.wordpress.com/ (Blog)

Thursday, August 15, 2013

Recovery DataBase Exchange 2010 PART-1

If you need to perform recovery on your Exchange server, you will quickly see things got changed compared to previous versions of Exchange Server.

I will first build the task list frame work and I will break these down into easy steps. If you are looking into building your own SOP fell free to use these steps including real nice hand PS scripts which will make most of the task simplify IMO.

  1. Create RDB ( Recovery Database) on your Exchange 2010 Server
  2. Use Recovery_DB.ps1 to create the RSG ( you have to do this from EMS no GUI ) this is why use the script I wrote, it will easy the task and you can corporate this into SOP ( Standard operation process & Paper)
  3. Perform Restore on this Database ( restore DB and Logs)
  4. Make sure the recovered DB is in "Clean Shutdown" Stage ( ESEUTIL /R ) & ( ESEUTIL /P)
  5. Use restore-mailbox to perform different restore option ( Use the restore scripts I will be providing)

Download the scripts from here , part-2 I will show you how easy to use them

image

Recovery DataBase Exchange 2010 PART-2 coming soon

Respectfully,
Oz Casey, Dedeal ( MVP  North America)
MCITP (EMA), MCITP (SA)
MCSE 2003, M+, S+, MCDST
Security+, Project +, Server +
http://smtp25.blogspot.com/ (Blog)
http://telnet25.wordpress.com/ (Blog)

Wednesday, August 14, 2013

Exchange 2010 Create Mailbox Database Script

If you like to create Exchange 2010 database here is real simple script will help you or your helpdesk to get the work done.

Simply run the script and fallow the directions, enjoy.You can copy and paste the script in notepad and save it as “Create_MBDataBase_V2.ps1” or give it any name you like, or simply download and run it.

image

<#==========================================
# Created with: NotePad
# Created on:   8/1/2013 9:21 AM
# Created by:   Oz Casey Dedeal
# Organization: ZTEKzone
# Filename:     ZTEKzone_Create_MBDataBase_V2.ps1
#==========================================#>

Write-Host `tZTEKzone Create DataBase Script.`n -Fore Red;start-Sleep -Seconds 1
Write-Host `t We will need to mount the DB after creating it.`n -Fore Yellow;start-Sleep -Seconds 1
Write-Host `t  You need to be assigned permissions before you can perform this procedure or procedures.`n -Fore Magenta;start-Sleep -Seconds 1
# This is Where we Provide More Details
$SName = read-host "Enter The Name for DB Server, like ( e1 ) "
$DBName = read-host "Enter The Name for Your Database, like ( db15 ) "
$EDbfp = read-host "Enter The DB Path , like ( E:\DatabaseFiles\MP1\ )"
$Lfp= read-host "Enter Log Path for Recovery , like ( E:\LogFiles\MP1\ )"

New-MailboxDatabase -Name $DBName -Server $SName -EdbFilePath "$EDbfp\$DBName\$DBName.edb" -LogFolderPath "$Lfp\$DBname.logs"

Write-Host `tI will mount the DB now .`n -Fore Yellow;start-Sleep -Seconds 2
Get-MailboxDatabase $DBName | Mount-Database
Write-Host `tHang on I am working on it.`n -Fore Yellow;start-Sleep -Seconds 3

# We are done
Write-Host `tI am done now.`n -Fore Red;start-Sleep -Seconds 1
Write-Host `tUse Get-Help -Examples.`n -Fore Yellow;start-Sleep -Seconds 1
Write-Host `tTo Learn More About PowerShell.`n -Fore Red;start-Sleep -Seconds 1
Write-Host `tUse Get-Help -get-MailBox -Examples.`n -Fore Yellow;start-Sleep -Seconds 1

Get-MailboxDatabase $DBName | Mount-DatabaseWrite-Host `tWe are done, we will exist now!!!.`n -Fore Yellow;start-Sleep -Seconds 1

Download the script from here

Respectfully,
Oz Casey, Dedeal ( MVP north America)
MCITP (EMA), MCITP (SA)
MCSE 2003, M+, S+, MCDST
Security+, Project +, Server +
http://smtp25.blogspot.com/ (Blog)
http://telnet25.wordpress.com/ (Blog)