Monday, October 27, 2014

Steps to migrate the configuration Exchange 2010 Edge to Exchange 2013 Edge

In this article I want to share powershell commands with which you can quickly import a basic configuration Exchange 2013 Edge server. First, export the configuration from the source server Exchange Edge 2010, before each command is written which configuration is exported:

New-Item -ItemType directory -Path C:\ex-config -ea 0
## IP Allow list
Get-IPAllowListEntry | Select IPRange | Export-Csv c:\ex-config\ip-allow.csv
## IP Block list
Get-IPBlockListEntry | Select IPRange | Export-Csv c:\ex-config\ip-block.csv
## Bypassed Recipients (whitelist to)
Get-ContentFilterConfig | select BypassedRecipients -expand BypassedRecipients | 
select local, domain | export-csv c:\ex-config\BypassedRecipients.csv -notypeinformation
## Bypassed Senders  (whitelist from)
Get-ContentFilterConfig | select BypassedSenders -expand BypassedSenders | 
select local, domain | export-csv c:\ex-config\BypassedSenders.csv -notypeinformation
## Blocked Senders  (blacklist from)
Get-SenderFilterConfig | select BlockedSenders -expand BlockedSenders | 
select local, domain | export-csv c:\ex-config\BlockedSenders.csv -notypeinformation
## Blocked Senders domain (blacklist from)
Get-SenderFilterConfig | select BlockedDomains -expand BlockedDomains | 
select domain | export-csv c:\ex-config\BlockedDomains.csv -notypeinformation
## Blocked Senders domain and sub (blacklist from)
Get-SenderFilterConfig | select BlockedDomainsAndSubdomains -expand BlockedDomainsAndSubdomains | 
select domain | export-csv c:\ex-config\BlockedDomainsAndSubdomains.csv -notypeinformation
## Blocked Recipients (blacklist to)
Get-RecipientFilterConfig | select BlockedRecipients -expand BlockedRecipients | 
select local, domain | export-csv c:\ex-config\BlockedRecipients.csv -notypeinformation
## Transport rules
$file = Export-TransportRuleCollection
Set-Content -Path "C:\ex-config\Ex2010TransportRules.xml" -Value $file.FileData -Encoding Byte
Then you need to copy a folder c:\ex-config with configuration files to the destination server and execute commands powershell:

## IP Allow list
$IPList = Import-Csv c:\ex-config\ip-allow.csv
ForEach ($SingleIP in $IPList) { Add-IPAllowListEntry -IPRange $SingleIP.IPRange }
## IP Block list
$IPList = Import-Csv c:\ex-config\ip-block.csv
ForEach ($SingleIP in $IPList) { Add-IPBlockListEntry -IPRange $SingleIP.IPRange }
## Bypassed Recipients (whitelist to)
$MList2 = (Get-ContentFilterConfig).BypassedRecipients
$MList = Import-Csv c:\ex-config\BypassedRecipients.csv
ForEach ($mail in $MList)
{
    $mail2 = $mail.local + "@" + $mail.domain
    $Mlist2.add($mail2)
}
Set-ContentFilterConfig -BypassedRecipients $Mlist2
## Bypassed Senders  (whitelist from)
$MList2 = (Get-ContentFilterConfig).BypassedSenders
$MList = Import-Csv c:\ex-config\BypassedSenders.csv
ForEach ($mail in $MList)
{
    $mail2 = $mail.local + "@" + $mail.domain
    $Mlist2.add($mail2)
}
Set-ContentFilterConfig -BypassedSenders $Mlist2
## Blocked Senders  (blacklist from)
$MList2 = (Get-SenderFilterConfig).BlockedSenders
$MList = Import-Csv c:\ex-config\BlockedSenders.csv
ForEach ($mail in $MList)
{
    $mail2 = $mail.local + "@" + $mail.domain
    $Mlist2.add($mail2)
}
Set-SenderFilterConfig -BlockedSenders $Mlist2
## Blocked Senders domain (blacklist from)
$MList2 = (Get-SenderFilterConfig).BlockedDomains
$MList = Import-Csv c:\ex-config\BlockedDomains.csv
ForEach ($mail in $MList)
{
    $Mlist2.add($mail.domain)
}
Set-SenderFilterConfig -BlockedDomains $Mlist2
## Blocked Senders domain and sub (blacklist from)
$MList2 = (Get-SenderFilterConfig).BlockedDomainsAndSubdomains
$MList = Import-Csv c:\ex-config\BlockedDomainsAndSubdomains.csv
ForEach ($mail in $MList)
{
    $Mlist2.add($mail.domain)
}
Set-SenderFilterConfig -BlockedDomainsAndSubdomains $Mlist2
## Blocked Recipients (blacklist to)
$MList2 = (Get-RecipientFilterConfig).BlockedRecipients
$MList = Import-Csv c:\ex-config\BlockedRecipients.csv
ForEach ($mail in $MList)
{
    $mail2 = $mail.local + "@" + $mail.domain
    $Mlist2.add($mail2)
}
Set-RecipientFilterConfig -BlockedRecipients $Mlist2
## Transport rules
[Byte[]]$Data = Get-Content -Path "C:\ex-config\Ex2010TransportRules.xml" -Encoding Byte -ReadCount 0
Import-TransportRuleCollection -FileData $Data

You also need to perform general configuration commands, here are some examples:

New-ReceiveConnector -Name Inet -Bindings <your ip eg 1.1.1.1>:25 -RemoteIPRanges 0.0.0.0-255.255.255.255 
-Fqdn <your server fqdn eg mx1.blogspot.com> -AuthMechanism none -MaxMessageSize <your limit eg 60Mb>

-PermissionGroups AnonymousUsers -ProtocolLoggingLevel Verbose
Set-ReceiveConnector <your internal server connector> -Bindings <your ip eg 10.1.1.1>:25 -MaxMessageSize <your limit eg 60Mb> -ProtocolLoggingLevel Verbose

Add-IPBlockListProvider -Name Spamhaus -LookupDomain zen.spamhaus.org 
-AnyMatch $true -Enabled $true -RejectionResponse "Your message was rejected because the IP address of the sending server {0} is blacklisted by {1} Lookup Domain {2}"
Add-IPBlockListProvider -Name "Dul Sorbs" -LookupDomain dul.dnsbl.sorbs.net 
-AnyMatch $true -Enabled $true -RejectionResponse "Your message was rejected because the IP address of the sending server {0} is blacklisted by {1} Lookup Domain {2}"
Add-IPBlockListProvider -Name Spamcop -LookupDomain bl.spamcop.net 
-AnyMatch $true -Enabled $true -RejectionResponse "Your message was rejected because the IP address of the sending server {0} is blacklisted by {1} Lookup Domain {2}"

Set-ContentFilterConfig -QuarantineMailbox junk@blogspot.com -SCLRejectEnabled $False -SCLQuarantineThreshold 7 -SCLQuarantineEnabled $True

Set-TransportServer <your server name> -ConnectivityLogPath "D:\TransportRoles\Logs\Connectivity" 
-MessageTrackingLogPath "D:\TransportRoles\Logs\MessageTracking" -ReceiveProtocolLogPath "D:\TransportRoles\Logs\ProtocolLog\SmtpReceive" 
-SendProtocolLogPath "D:\TransportRoles\Logs\ProtocolLog\SmtpSend" -AgentLogPath "D:\TransportRoles\Logs\ProtocolLog\AgentLog"
Posted by at No comments:
Labels: ,

Thursday, October 23, 2014

CMD title %userdomain%\%username%

When administering multiple domains, forests often have to run a command line CMD from different users. Previously, I always confused: what CMD from which user is running? Then came the idea to sign the title of the CMD command line username and domain. This can be done as follows:
1. Create or modify a registry key "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Command Processor" AutoRun (REG_SZ)
2. Add to the value of the command @title %userdomain%\%username%

for example, this can be done by running the command
reg add "HKLM\SOFTWARE\Microsoft\Command Processor" /v AutoRun /t REG_SZ /d "@title "%""userdomain%\%""username%"" /f


Posted by at No comments:
Labels:

Tuesday, October 14, 2014

Creating a address list for users of MS Lync

With the introduction of Lync in the company is very convenient to give users a ready-address list, grouped by such organizational structure. This can be done in the following ways:
1. If your company has Exchange server, you need to create a Exchange distribution group to include users and add to Lync these groups. Member List will be updated in accordance with changes in the distribution group. Then extended to other users http://charlesulrich.blogspot.ru/2013/03/lync-server-2013-bulk-updating-contact.html eg on Lync server
- Create a folder C:\Scripts, copy the folder script "contact_import.ps1"
- Install 7 zip
- Take a standard user, create a user address list
- In Lync powershell run command: Export-CsUserData -PoolFqdn <yourpool> -UserFilter <sipofstandartuser> -FileName "c:\temp\ExportedUserData.zip"
- Copy from "c:\temp\ExportedUserData.zip" the desired line in more detail in the article http://charlesulrich.blogspot.ru/2013/03/lync-server-2013-bulk-updating-contact.html to "contact_import.ps1"
- Run the script "contact_import.ps1" (before running the script recommend commenting out the last line to deleting files and delete files manually)
- Address list will appear after restarting the client Lync
2. If the company does not Exchange server - you can not add no Exchange distribution group in Lync, then you can use the following script https://gallery.technet.microsoft.com/office/Bulk-Import-Contacts-for-8e3c614f eg on Lync server
- Create a folder C:\Scripts, copy the folder script "Add-CsContact.ps1", file users.csv
- Take a standard user, create a user address list
- To make a file users.csv users for whom this list should be extended (More in the article https://gallery.technet.microsoft.com/office/Bulk-Import-Contacts-for-8e3c614f)
- Run the script ".\Add-CsContact.ps1 -userCsv C:\Scripts\users.csv -tplpath <sipofstandartuser> -poolfqdn <yourpool> -folder C:\Scripts"
- Address list will appear after restarting the client Lync

Posted by at No comments:
Labels:
Subscribe to: Posts (Atom)