Re-Blog Exchange 2007 Powershell remoting solution

Exchange 2007 Remoting with Powershell explained

Hi, I wanna share this solution with everyone whoes interested in connecting to Exchange 2007 with powershell.
As I read at microsoft impersonating is not supported and so this solution is with out guarantee!
Use it at your own risk!!

First of all you have to prepare the Exchange Server to allow and use remoting.

You need Powershell and winrm on the client.
Next you have to enable remoting:

Command Box: winrm quickconfig
Powershell: Enable-PSRemoting set-item wsman:localhost\client\trustedhosts -value *

Download files from here: exchange_remote.zip

There are 3 scripts:
  • Exchange_remote.ps1 local on your Workstation or Terminal Server Session
  • Impersonation.psm1 on you Exchange Server
  • Exchange_help.ps1 on your Exchange Server 
You need 2 users:
One User which connects to Exchange Server in the exchange_remote.ps1 script
The Second user which will be impersonated. This User must be exchange recipient admin.

You can automate loading a password as securestring from a file.
I will write how to do this in an upcoming blog post.

Save the impersonation script on the Exchange Server in C:\WINDOWS\system32\windowspowershell\v1.0\Modules\Impersonation

Exchange_remote.ps1:

#*******************************************************************************
#* Script Name: exchange_remote.ps1
#* Author : Manfred Peer, Exchange System Engineer
#* Email/Blog: maeffy@gmail.com http://peerfect.blogspot.com
#* Date: 01/02/2011
#* Purpose: This is a script that can be used to connect
#*    to an Exchange 2007 Server in an easy way with remote powershell
#* NOTE: THIS WAS DEVELOPED AGAINST EXCHANGE SERVER AND DOES NOT INCLUDE MUCH
#*    ERROR CHECKING.  USE AT YOUR OWN RISK !
#*******************************************************************************
# Connection information

$RemoteOutput = ""
$RemoteCommandOutput = ""
$MXSFQDN = "servername"
$y = "domain\username"
$AuthenticationPrompt = $true
$so = new-pssessionoption -skiprevocationcheck -SkipCNCheck -SkipCACheck

# May be set with environment variables
$Remoteparameter = "xxxxx" # User in this Case
$RemoteParameter1 = 'Vienna' # Only a test value

$RemoteCommand = {
 
   param($User,$Parameter1)
   Write-Host -ForegroundColor Green "Running Remote Command for: $User" -NoNewline
 
   #$Cmd2Run = "get-casmailbox $User -domaincontroller setyoudomaincontrollerhere"
   $Cmd2Run = "set-mailbox $User -office $Parameter1 -domaincontroller setyoudomaincontrollerhere"
 
   $Script = "(set your Exchange program files path here)\bin\exchange_help.ps1"
   $Commandline = "`"$Script`" `"$Cmd2Run`""
   $RemoteCommandOutput = (Invoke-Expression "& $Commandline")
 
   Write-Host " Done !" 
}

$x = (read-host "Password" -assecurestring)
$xy = new-object -typename System.Management.Automation.PSCredential -argumentlist $y,$x

$Error.Clear()

If ($AuthenticationPrompt) {
    Write-Host -ForegroundColor Green "Connecting to Exchange Server Administrative Session"
    # $CSSession = New-PSSession -Connectionuri https://$MXSFQDN -Authentication Negotiate -Credential $xy -SessionOption $so
    $CSSession = New-PSSession -Computername $MXSFQDN -usessl -Authentication Negotiate -Credential $xy -SessionOption $so
}

If ($Error.count -gt 0){
    Write-Host -ForegroundColor Red "Unable to Connect to Exchange Server Administrative Session`n Error:" $Error
}
else {
    Write-Host -ForegroundColor Green "Connected to Exchange"
    $RemoteOutput = Invoke-Command -Session $CSSession -ScriptBlock $RemoteCommand -ArgumentList $Remoteparameter,$RemoteParameter1
}

# Some Debugging
Write-Host "Output Remoteconnection"
$RemoteOutput | fl
Write-host "Command Output:"
$RemoteCommandOutput  | fl

get-pssession | remove-pssession

###############################################################################

Echange_help.ps1

#*******************************************************************************
#* Script Name: exchange_help.ps1
#* Author : Manfred Peer, Exchange System Engineer
#* Email/Blog: maeffy@gmail.com http://peerfect.blogspot.com
#* Date: 01/02/2011
#* Purpose: This is a script impersonates a User to run Exchange commands in a remote Poweshell session (which is obviously unique in the world only with powershell :-) )
#* Important: This code runs on the Exchange Server  
#* NOTE: THIS WAS DEVELOPED AGAINST Exchange SERVER Remoting AND DOES NOT INCLUDE MUCH
#*    ERROR CHECKING. 
#* USE AT YOUR OWN RISK.
#*******************************************************************************
param($Argument1)
$y = "domain\username"
$x = "password from $y"
# This Block imports a impersonation module written from Joel Bennett @ http://huddledmasses.org/
# It impersonates a different user than the remote connected User to run the Exchange Command against the AD.
# I modified the impersonation script to allow domain\user but also upn user@domain
# This is important because impersonating the connected User doesn't work. The impersonated user has to be Exchange recipient administrator at least
import-module impersonation

$Domain = $y.split("\")[0]
$User = $y.split("\")[1]

# This function impersonates the user to get the domain context
# User - PW - Domain
Push-ImpersonationContext $User $x $Domain
# Loads the Exchange Snap-In
Add-PSSnapin Microsoft.Exchange.Management.PowerShell.Admin
# Runs the command from Exchange_remote.ps1
invoke-Expression $Argument1

###############################################################################

Have fun! Maeffy

Comments

Post a Comment

Popular posts from this blog

Exchange 2007 / Exchange 2010: Daily or Hourly Messagestatistc and Warning

Image
Messagetracking Statistics and Warning ################################# Update: 28.02.14 A new Version is available. V1.2 I did some performance improvement by changing from Group-Object to a foreach Loop. The Script also checks now if a DAG is present and runs only on the PrimaryActiveManager. I also did some minor bugfixing (Debug Switch,...) ################################# I wanted to know how many mails are going thru my Exchange 2010 System. So I searched for a powershell script and found a very interesting article from Roland Ehle at http://www.roland-ehle.de/archives/997. He wrote a little script to get all the worth knowing e-mail counters like incomming and outgoing SMTP Mails and also which size they have summarized. To get all this infomation the get-messagetracking command from Exchange will be called. I got the HTML formatting from Sean Duffy at http://www.simple-talk.com/sysadmin/powershell/building-a-daily-systems-report-email-with-powershe
Read more

Out of Office Admin Tool

Image
Today I am blogging about my new Powershell GUI Tool called OOF Admin. With the Out of Office Admin Tool an Exchange Recipient Administrator (Exchange Admin, Service Desk,..) can set the OOF Settings for every single Mailboxes on a Exchange 2010 Server without special permissions. It looks like and works the same way as your Automatic Replies Assistent in Outlook. This makes sense if an User goes for vacation or has some days off and forgot to set his OOF Settings in Outlook. What Permissions are needed to run the Tool? You must be Exchange Recipient  Administrator. Which Powershell Version is supported? Exchange 2010 depends on Powershell V2 so it needs V2 to be installed on the Workstation. Do I need any Exchange related Tools ?? Yes you need the Exchange Admin Tools to be installed. How does the Tool connect to Exchange? It connnects with implicit Remoting to an Exchange Mailbox Server. Can I change the OOF text directly in the GUI? Yes. It has an HTML Editor built
Read more