Day: December 4, 2009

#Exchange 2010 Training Day 5

by ucinfo, posted in Exchange, Flaphead, MsExchange, Powershell, Training

#Exchange2010 … Last day …

Check it link for more details around RBAC and role assignments .. http://technet.microsoft.com/en-us/library/dd298183(EXCHG.140).aspx

I love this cmdlet:
Get-ManagementRoleAssignment –role “Mailbox Search” –GetEffectiveusers | FL Name, RoleAssigneeName, EffectiveuserName, AssignmentChain

As for certs you need to change the script to get it to work:
Import-ExchangeCertificate -FileData ([Byte[]]$(Get-Content -Path c:certificatesIssuedCert.p7b -Encoding byte -ReadCount 0))

This script will check a DAG and compare the current database owner with the activationpreference.  The first script will just report the status, while the second one will move the database

Get-MailboxDatabase | Sort Name | FOREACH {$db=$_.Name; $xNow=$_.Server.Name ;$dbown=$_.ActivationPreference| Where {$_.Value -eq 1};  Write-Host $db “on” $xNow “Should be on” $dbOwn.Key -NoNewLine; If ( $xNow -ne $dbOwn.Key){Write-host ” WRONG” -ForegroundColor Red; }ELSE{Write-Host ” OK” -Foregroundcolor Green}}

This will actually move the databases too
Get-MailboxDatabase | Sort Name | FOREACH {$db=$_.Name; $xNow=$_.Server.Name ;$dbown=$_.ActivationPreference| Where {$_.Value -eq 1};  Write-Host $db “on” $xNow “Should be on” $dbOwn.Key -NoNewLine; If ( $xNow -ne $dbOwn.Key){Write-host ” WRONG” -ForegroundColor Red; Move-ActiveMailboxDatabase $db -ActivateOnServer $dbOwn.Key -confirm:$False}ELSE{Write-Host ” OK” -Foregroundcolor Green}}

The installation / Transition steps I used:

  • Prepare Schema and Domain for Exchange 2007
  • Install a Multi Role Exchange 2007 Server with SP1
  • Apply the Exchange 2010 Schema
    • PrepareLegacyExchangePermissions
    • PrepareSchema
    • PrepareAD
    • PrepareDomain
  • Upgrade Exchange 2007 Server with SP2
  • I then installed a multi-role Exchange 2010 server with the Hub / CAS Roles

Software Requirements for Exchange 2010

Description

Tools Only

Mailbox

UM

Client Access

Edge

HT

.NET Framework 3.5 SP1 (No R2)

Yes

Yes

Yes

Yes

Yes

Yes

Power Shell 2.0

Yes

Yes

Yes

Yes

Yes

Yes

Windows Remote Management

Yes

Yes

Yes

Yes

Yes

Yes

MS Filter Pack

  

Yes

      

Yes

ServerManagerCmd -i Web-Server

  

Yes

Yes

Yes

 

Yes

ServerManagerCmd -i Web-Metabase

Yes

Yes

Yes

Yes

 

Yes

ServerManagerCmd -i Web-Lgcy-Mgmt-Console

Yes

Yes

Yes

Yes

 

Yes

ServerManagerCmd -i Web-Basic-Auth

 

Yes

Yes

Yes

 

Yes

ServerManagerCmd -i Web-Windows-Auth

 

Yes

Yes

Yes

 

Yes

ServerManagerCmd -i Web-Net-Ext

 

Yes

Yes

Yes

 

Yes

ServerManagerCmd -i Web-Digest-Auth

      

Yes

    

ServerManagerCmd -i Web-Dyn-Compression

      

Yes

    

ServerManagerCmd -i NET-HTTP-Activation

      

Yes

    

ServerManagerCmd -i Web-ISAPI-Ext

      

Yes

    

ServerManagerCmd -i RPC-over-HTTP-proxy

      

Yes

    

ServerManagerCmd -i Desktop-Experience

    

Yes

      

ServerManagerCmd -i ADLDS

        

Yes

  

ServerManagerCmd -i RSAT-ADDS

Yes

Yes

Yes

Yes

 

Yes

Here is a script to check Inherited permissions on an OU:
http://flaphead.dns2go.com/archive/2009/05/07/inherited-ou-rights.aspx