Powershell Needful Things put that in your pipeline

20Apr/170

Display the last couple of lines in the crawler log

Posted by Jean Louw

From time to time you need to rebuild an Exchange server database search catalog, and you can monitor the progress using performance monitor. However, I have found it more useful to monitor the actual crawler log, and see which mailbox it is currently busy crawling.

The following script will display the last 25 lines of the last crawl log and refresh it every 15 seconds. This assumes you have Exchange installed in the default location. If not, you just need to update the path.

while (1 -eq 1)
{
cls
import-csv (dir 'C:\Program Files\Microsoft\Exchange Server\V15\Logging\Search\Crawler' | sort -Descending | select -First 1).fullname -Header date-time,component,version,operationId,databaseName,mailboxGuid,operation | select -last 25 | ft -AutoSize
sleep 15
}

2017-04-20_09-36-13

If you find this, I hope it can help you in your efforts to rebuild a corrupt search catalog.

1Mar/170

Quickly find all deferred messages in Exchange

Posted by Jean Louw

Here is a quick little one liner to find all the deferred messages with FromAddress, Recipients and DeferReason.

Get-TransportServer | Get-Queue | ?{$_.Identity -like '*submission*'} | get-message -IncludeRecipientInfo | ?{$_.Status -eq 'Retry'} | select FromAddress,Recipients, DeferReason

2017-03-01_14-21-56

I'm working now on a function to resolve ambigious recipients and loops from here if possible.

21Oct/163

Exchange 2013 Audit Script

Posted by Jean Louw

I finally had time to finish the last little issues with this script.

As with the Exchange 2010 script, this script can be used to audit various aspects of Exchange servers in the organization. Some administrators may deploy it as a morning check script, to check the health of the environment, while others may use it at client sites, as a quick overview of the server health.

Features:

- Audit Exchange 2013 servers including all features of the Exchange 2010 script.
- Added DAG health (get-mailboxdatabasecopystatus).
- Added certificates check to alert about expiring certificates.
- Colour coded some of the alerts to make them more visual.
- Updated the script output to a more Exchange 2013 look and feel.
- Added a check for the CU version of Exchange.
- Reduced the Event Log checks to 4 hours to increase speed, and reduce output size.

I have decided to make this script a GitHub project, so that anyone with PowerShell / Exchange knowledge can contribute to the project.

This script is a project I maintain in my free time, and which I provide to the community at no cost. If you like this script and use it in production, please help me keep this project free by considering a small donation.

The latest version of the script can be downloaded at https://github.com/technologicza/testexchange2013

18Apr/133

Windows 2008 R2 DHCP Scope Utilisation Report

Posted by Jean Louw

Just a quick little script I developed for a client this week. As you know Windows 2012 DHCP server has some pretty cool Powershell cmdlets built in, but sadly, in the case of Windows 2008 there are none.

My customer needed to know when scopes are starting to run out of addresses. I found that the DHCP server logs an event each hour after startup for all scopes that are at 80% utilisation or more.

My solution was the following script. The script is triggered by the 1020 event in the system log, and then finds the events for the last hour, and send an email to the guys to alert them.

You need to modify the script for your servers SMTP parameters and if you prefer to run the script remotely you can use -computername on the the get-eventlog cmdlet.

Admittedly, this is not the best way if you have something like SCOM in place, but as a rudimentary solution it does exactly what they need.

$eventList = @()
Get-EventLog -LogName System -After (get-date).AddHours(-1) -Source DhcpServer -InstanceId 1020 `
| foreach-Object {
$row = "" | Select ScopeAddress, Utilization, FreeIPAddresses
$row.ScopeAddress = $_.ReplacementStrings[0]
$row.Utilization= $_.ReplacementStrings[1]
$row.FreeIPAddresses = $_.ReplacementStrings[2]
$eventList += $row
}

$messageParameters = @{
Subject = "DHCP Scope Utilisation Report - $((Get-Date))"
Body = $eventList | Sort Utilization -Descending |
ConvertTo-Html |
Out-String
From = "Scope Alert <scopealert@xyz.com>"
To = "group@xyz.com"
SmtpServer = "xxx.xxx.xxx.xxx"
}

Send-MailMessage @messageParameters -BodyAsHtml
Filed under: powershell, script 3 Comments
3Jan/1311

Bulk Export Exchange Calendar data to Excel

Posted by Jean Louw

2013-01-03_09-45-01

The previous version of this script, proved far more popular than I could have ever imagined. It was however very complex, which caused numerous failures during execution.

I have recently spent some time streamlining the script at a client, to a point where it is now running fully automated on a schedule.

The new script has the following requirements:

  • The script assumes that it is running in C:\Scripts\CalX - if this path is not possible you have to manually update the script to reflect the location.
  • The script should be executed in the Exchange 20xx management shell.
  • The script requires that Outlook 2007 or above is installed on the computer.
  • The script requires texprof.exe to create the profiles.
  • The script requires MAPILab Advanced Outlook Security to control the security popups.
  • The script requires a file called rooms.txt in the same folder that the script is executed from.

If any exported calendar CSV data files exist from a prior runs, the script will backup these files. The script runs thought each room, in the rooms.txt file and creates / updates a profile on the local machine.  The script assigns full mailbox permissions to the current user, for the calendar to be exported. The script logs onto Outlook using that profile, and exports the calendar data to a CSV.

When it is complete, it combines all of the calendar export files into a single CSV containing all the exported data. As always, your comments and suggestions are always welcome.

The script and texprof.exe can be downloaded below:

12Oct/119

Find missing subnets in Active Directory

Posted by Jean Louw

I was doing an Active Directory health check for a customer, and one of the things I normally include, is to review the netlogon.log to find IP addresses or machines which are not linked to any subnet / site in Active Directory. These entries are listed as NO_CLIENT_SITE in the log.

This is a very manual task of logging onto each domain controller and copying the file to a central location, and then sifting through the data to remove any duplicate IP addresses etc. This task becomes very time consuming if you have a large number of domain controllers.

I decided to write a Powershell script to do the work for me. The advantage of the script, is that the data is stored in a CSV which can be imported to be sorted and manipulated to find recent entires, or remove duplicate computer names and / or IP addresses.

The code doesn't currently look for the no_client_site error specifically, it will import the entire file. The script does not rely on the Microsoft Active Directory module so you can use it with Windows 2003 domain controllers.

I hope you find this script useful and your comments and suggestions are always welcome.

$dom = [System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain()
Write-Host '..current domain is' $dom

Write-Host '..getting all domain controllers in domain'
$dcs = $dom | % { $_.DomainControllers } | Select Name
$at = ($dcs | Measure-Object).count

foreach ($dc in $dcs)
    {
        $path = '\\' + $dc.name + '\admin$\debug\netlogon.log'
        if ((test-path $path) -eq $true)
            {
                Write-Host "..collecting logfile from ($at)" $path
                [array]$colLogs += gc $path
            }
            $at --
    }

Write-Host '..combining logs'
$outFile = '.\expFile.txt'
$colLogs | Out-File $outFile

Write-Host '..importing combined log as csv'
$importString = Import-Csv $outFile -Delimiter ' ' -Header Date,Time,Domain,Error,Name,IPAddress

Write-Host '..exporting results'
$importString | select Date, Name, IPAddress | sort IPAddress -Unique | Export-Csv .\expDB.csv
20May/118

Exchange 2010 stale & unused mailbox cleanup tool

Posted by Jean Louw

I have finally completed the testing of the User Mailbox Cleanup tool for Exchange 2010.

Although this script is run from the EMS, it opens as a GUI utility which Exchange Administrators can use to cleanup stale or old Exchange mailboxes from Exchange 2010 mailbox servers.
The utility has a couple of preset search queries to help locate stale or old mailboxes, and once complete, administrators have various options they can use to remove or cleanup these mailboxes.

The script obviously does not care about the significance of the individual mailboxes, although certain system mailboxes are excluded from the search. You still have to verify your selection before you take action against any items.

The script can be downloaded for free from here:

http://www.powershellneedfulthings.com/?page_id=291

Your comments and feedback with regards to these items are always welcome.

10May/114

Find SAMAccountName with trailing space

Posted by Jean Louw

The other day, one of the security guys at a customer had a problem with a reporting package which needs to import objects from Active Directory via LDAP.

The process appeared to import a limited amount of user accounts and then stop.

Feedback provided by the vendor, stated that we had duplicate SAMAccountNames in the domain, which as you know is impossible.

I started investigating the issue, and found a number of objects which, at first appeared to have duplicate SAMAccountName properties. On further investigation, I found that some of these duplicates, were indeed similar, but ended in a trailing space.

I tested this, and it seemed that the ADUC does not allow you to create objects with trailing spaces, so these objects may have been imported from other directories, or old NT4 migrations etc.

I needed a way to find all the objects with trailing spaces in the SAMAccountName property to send the list to the administrators to fix, as this involved some human interaction which I am unable to script.

This seemed easy at first, once you realise that not all SAMAccountName properties are the same length!

The following script will use the Exchange Get-User cmdlet to determine the length of the SAMAccontName property, and then inspect the last character in the string to see if it is a space. If it is, it is added to a variable and reported at the end.

Hopefully this script saves you some time.

$broken = @{Name="Broken";expression={foreach-object {($_.SAMAccountName).ToString().SubString((($_.SAMAccountName.ToString().Length)-1),1).Contains(' ')}}}

$users = Get-User -Resultsize Unlimited

Foreach ($user in $users){
If (($user | Select $broken).broken -eq $True){
[array]$brokenAccounts += $user}
}

$brokenAccounts | Select Name, SAMAccountName, $broken
4Feb/110

Updated: Exchange 2010 Audit Script

Posted by Jean Louw

I have made some updates to the script:

  • Fixed the pipeline issue – You can now use commands like Get-ExchangeServer and pipe that to the script to build a server selection.
  • Embedded the header image into the HTML – This now allows you to display the image even if the server is not connected to the Internet.
  • Changed logical disk information to volume information – This will include volume mount points.
  • Database whitespace – the mailbox database report now displays the whitespace for each database.
  • Move Requests – I have added the ability to display uncleared move requests. This however will currently display on the report for any mailbox server.
  • The version number now correctly displays as 1.1 instead of 4.

Some items I still need to fix:

  • HTML / javascript error with single file report.
  • Colour on the move request section.
  • DAG information and mailbox count by server.
  • Display move requests from current server only.

If you have any additional requests for items you would like to see in the script, or even of you feel the colour scheme is horrible, please let me know.

More complete information, and the download link for the script can be found here:
http://www.powershellneedfulthings.com/?page_id=281

1Feb/110

Exchange 2010 Audit Script – Version 1

Posted by Jean Louw

I have had a couple of requests from a few readers for access to test the Exchange 2010 version of the Audit script, and I made a commitment to have this ready in January 2011. Although the script is nowhere near complete, this is a full working version which can be used to collect information from Exchange 2010 servers.

I have been very busy between work and family commitments, so I will continue to add features as and when time permits.

A couple of bugs I am aware of:

  • You cannot pipe server names to the script yet – this worked on the 2007 script so I need to spend time troubleshooting this.
  • You need to create the test mailboxes manually – refer to my post here for more info: http://www.powershellneedfulthings.com/?p=124
  • You can use the "-output s" parameter to force multiple scans onto a single report. There is a bug in the HTML code which causes the expand function on the HTML report to work incorrectly.

A couple of features I still plan to add:

  • Add volume mount points into the disk report.
  • Database Availability Group reports - I plan to add some reports with regards to the DAG if the server is a member of a DAG.
  • If a database is currently active on a server report on the number of mailboxes and total mailbox count for the current server.
  • Report on uncleared move requests and their status.

I know development is a little slow at the moment, but please be patient, when I start Exchange 2010 in a VM on my current laptop its like I have kicked it in the stomach. I will need to upgrade soon, and I am considering creating a donation option on to enable you guys to contribute to the hardware, but at this stage it is still debatable.

Other than that, I hope you can use the script in your environment, and please send me your feedback and enhancement requests so that I can add them to the wish list.

More complete information, and the download link for the script can be found here:
http://www.powershellneedfulthings.com/?page_id=281