Common Exchange 2010 Shell Commands for Recipient Administrators

I made this list of Common Exchange 2010 commands for the recipient administrators on our help desk, and it’s come in quite handy to train new people or serve as a quick reference for commands that aren’t used that often.

USER MAILBOXES
Migrate an Existing Mailbox from Legacy Version to Exchange 2010
This initiates a new, immediate move request for a mailbox. The BadItemLimit simply allows for 100 corrupt items to be permanently removed before the move request will fail, and the AcceptLargeDataLoss is just a gut check that you really mean it can delete up to 100 corrupt items.


New-MoveRequest -Identity "MailboxAlias" -BadItemLimit 100 –AcceptLargeDataLoss

Give Full Access Permissions to a Mailbox
If someone needs full access to another user’s mailbox or a resource mailbox, this will do the trick.


add-MailboxPermission -identity "MailboxAlias" -User UserID -AccessRights FullAccess

Apply Exchange 2010 Properties to Mailbox
A safe procedure, this ensures all properties are applied to a mailbox that need to be. If you have a mailbox displaying as a “Legacy Mailbox,” even though it is on an Exchange 2010 database, this command will set it straight.


Set-Mailbox –identity “MailboxAlias” –ApplyMandatoryProperties

Apply Default Exchange RBAC permissions to User
If the mailbox creation process goes really wrong or a user is having difficulties using features of OWA or Outlook, the problem might be that the user has not had a Role Assignment Policy applied (generally done by default).


get-mailbox “MailboxAlias” | set-Mailbox -RoleAssignmentPolicy "Default Role Assignment Policy"

Export Maibox to PST
No need to use Outlook anymore to export a mailbox to PST, this lets you do it right from Exchange.


New-MailboxExportRequest -Mailbox “MailboxAlias” -FilePath \\\$\.pst

To Check Status of Export Request
Self explanatory, sometimes it’s nice to know the export request is still proceeding


Get-MailboxExportRequest \MailboxExport | fl

ROOM MAILBOXES
Convert Exchange 2010 User Mailbox to Room Mailbox
If you migrated a User Mailbox from Exchange 2003 that was really a room, this command will convert it into an actual “Room Type” mailbox.


set-Mailbox –identity “MailboxAlias” –Type Room

Allow Everyone to See Calendar Details for Room Mailbox
Handy if you want to allow all users to see the calendar details for Room Mailbox bookings.


Set-MailboxFolderPermission MailboxAlias:\Calendar -User Default -AccessRights Reviewer

Enable Resource Booking Attendant
After creating a room mailbox, you may want to enable the Booking Attendant, this allows you to do that quickly from the EMC.


Set-CalendarProcessing "MailboxAlias" -AutomateProcessing AutoAccept

DISTRIBUTION GROUPS
Give Permissions to User to “Send As” Distribution Group
Kind of self explanatory


add-ADPermission -identity "GroupDisplayName" -user "UserNameThatGetsSendAsRights" -AccessRights ExtendedRight -ExtendedRights "send as"

Give Permissions to User to “Send on Behalf Of” Distribution Group
Kind of self-explanatory; The BypassSecurityGroupManagerCheck flag allows a Recipient Administrator to perform this action without also being an owner of the group. Note, for the BypassSecurityGroupManagerCheck flag to work, the administrator must have the “Role Management” role assigned either directly or indirectly.


set-DistributionGroup "GroupDisplayName" -GrantSendOnBehalfTo "UserName" –BypassSecurityGroupManagerCheck

Upgrade an Existing Distribution Group from Legacy Version to Exchange 2010
If you need to just do a one-shot upgrade of a distribution group from legacy exchange to Exchange 2010, this will do the trick. I have another article if you want to do all distribution groups at once.


set-DistributionGroup –identity “DistributionGroupName”

Advertisements

About Rebecca Harness

Rebecca Harness is a Business Information Security Officer (BISO) for a publicly-traded, global information solutions company. As BISO, she champions security initiatives and recommends strategies to mitigate risk, facilitating innovation and new product development. She’s also responsible for representing the business unit’s security program in client facing engagements, conferences, and industry forums. Prior to her current role, she was an influential cybersecurity leader for one of the world’s largest transportation providers, known for transforming information security efforts into well-orchestrated programs. There, she developed an innovative methodology for delivering key information security priorities as a service model, leading to quicker adoption enterprise-wide while significantly reducing operational costs. She also led and modernized their global, multi-brand PCI Assessment and other compliance initiatives. In the early 2000’s, Rebecca developed one of St. Louis' leading Managed Services Providers from a startup in a spare bedroom into a mature consulting company with 30+ employees and 150+ clients in the Greater St. Louis Area. Rebecca holds many certifications, including; ISACA Certified Information Systems Auditor (CISA); ISC2 Certified Information Systems Security Professional (CISSP); and GIAC Security Leadership Certified (GSLC). She’s also a proud alumni of Hastings College and a longtime member of the Society of American Magicians.

One Response to “Common Exchange 2010 Shell Commands for Recipient Administrators”

  1. A nice set of one liners, thanks 🙂

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s