April 2012 – flaphead.com

Boldon James Launches SharePoint Classifier

April 18, 2012 by ucinfo, posted in News

http://www.boldonjames.com/products/information-classification-products/sharepoint/

Boldon James SharePoint Classifier puts classification labelling at the heart of data loss prevention by giving users the ability to apply relevant labels to any file held in the document libraries of Microsoft SharePoint. As well as ensuring users understand the value of the data they handle, the labelling metadata can be used to provide consistent control over the dissemination of that information – increasing the effectiveness of data loss prevention measures and meeting key objectives of ISO27001.

Product Benefits

Raises user awareness of security responsibilities
Classifies any type of file or document
Manages labelled assets
Enforces information assurance policies
Improves data loss prevention (DLP) measures
Controls unstructured information

Pre-FlightChecks.ps1 v1.4

April 13, 2012 by ucinfo, posted in Exchange 2010, Powershell

#MsExchange

As promised script #1 of #3

<#
.NOTES
NAME: Pre-FlightChecks.ps1
AUTHOR: Paul Flaherty
Last Edit: v1.4 [11 April 2012]
v1.0 sometime    : A script it born
v1.1 22 Nov 2011 : Added OU to user list output
v1.2 07 Dec 2011 : Added console resize
v1.3 08 Mar 2012 : Added RemoveExistingMoveRequests switch
V1.4 11 Apr 2012 : Add autodiscovery of ADSite
.LINK
blogs.flaphead.com
.SYNOPSIS
This script performs some preflight checks for mailboxes moves
and should be run before a mailbox move
.DESCRIPTION
This script performs a number of checks getting ready for a mailbox move.
The first check is Test-MRSHealth for the a selected set of Hub/Cas servers that
may be involved in the mailbox moves
The second check is to make sure all the mailbox databases are homes on activation
preference #1
The final check read the CSVin file and checks:
– The mailbox exists
– If it is in a "valid" state
– if it has any outstanding move requests
.OUTPUTS
None
.EXAMPLE
pre-flightchecks.ps1
Run the checks using the default csv file
.EXAMPLE
pre-flightchecks.ps1 -CSVin <csvfile>
Uses the provided CSV file for the list of users
.EXAMPLE
pre-flightchecks.ps1 -RemoveExistingMoveRequests
Uses the default CSV and will remove any existing move requests
.PARAMETER CSVin
Inpout csv file that contains a list of email addresses and has a single heading of email
.PARAMETER RemoveExistingMoveRequests
This switch will remove existing move requests if they already exist
#>
##########################################################################################
PARAM([String]$CSVin = "C:MigrationListmiguserlist.csv",
      [switch]$RemoveExistingMoveRequests = $False,
      [string]$ExchangeServerPrefix = "*",
      [string]$DatabaseFilter = "*")
$Error.Clear()
CLS
#########################################################################################
$AppName    = "Pre-FlightChecks.ps1"
$AppVer     = "v1.4 [11 Apr 2012]"
$ServerName = hostname
$today      = Get-Date
$RunUser    = ([System.Security.Principal.WindowsIdentity]::GetCurrent()).Name
##########################################################################################
#Display script name and version
##########################################################################################
Write-host " " $AppName -NoNewLine -foregroundcolor Green
Write-Host ": " $AppVer -foregroundcolor Green
Write-host "`n Run on $ServerName at $Today by $RunUser" -foregroundcolor Yellow
Write-Host "|——————————————————————-|`n"
$ADSite = ([System.DirectoryServices.ActiveDirectory.ActiveDirectorySite]::GetComputerSite()).Name
Write-Host "CSVin:………………….."$CSVin
Write-Host "RemoveExistingMoveRequests:.."$RemoveExistingMoveRequests
Write-Host "ExchangeServerPrefix:…….."$ExchangeServerPrefix
Write-Host "DatabaseFilter:………….."$DatabaseFilter
Write-Host "Current AD Site:…………."$ADSite
$xPsCheck = Get-PSSnapin | Select Name | Where {$_.Name -Like "*Exchange*"}
If ($xPsCheck -eq $Null) {Add-PsSnapin Microsoft.Exchange.Management.PowerShell.e2010}
Write-Host "`n`nChecking MRSHealth" -Foregroundcolor Green
Write-Host "Getting a list of Client Access Servers [$ExchangeServerPrefix]"
$tmpCmdLet = "Get-ExchangeServer $ExchangeServerPrefix | Where{(##_.IsClientAccessServer) -AND (##_.IsE14OrLater)} | Sort Name"
$tmpCmdLet = $tmpCmdLet.Replace("##","$")
$tmpCAS = Invoke-Expression $tmpCmdLet
IF($ExchangeServerPrefix -eq "*"){
Write-Host "Using ADSite: "$ADSite
$tmpCAS = $tmpCAS | where {$_.Site -like "*$AdSite*"}
}
ForEach($item in $tmpCAS){
Test-MRSHealth $item.Name | select Identity, Check, Passed, IsValid, Message | ft -AutoSize -wrap
}
read-host "Review the text above and Press Enter to Continue"
Write-Host "`nChecking Databases [$DatabaseFilter]" -Foregroundcolor Green
IF($DatabaseFilter -eq "*"){
Write-Host "Using ADSite: "$ADSite
$tmpCmdLet = "Get-ExchangeServer $ExchangeServerPrefix | Where{(##_.IsMailboxServer) -AND (##_.IsE14OrLater)} | Sort Name"
$tmpCmdLet = $tmpCmdLet.Replace("##","$")
$tmpMBX = Invoke-Expression $tmpCmdLet
$tmpMBX = $tmpMBX | where {$_.Site -like "*$AdSite*"}
$tmpMDB = $tmpMBX | Get-MailboxDatabase | Sort Name -Unique
}ELSE{
$tmpMDB = Get-MailboxDatabase $DatabaseFilter | Sort Name
}
$tmpMDB | FOREACH {$db=$_.Name; $xNow=$_.Server.Name ;$dbown=$_.ActivationPreference| Where {$_.Value -eq 1}; Write-Host $db "on" $xNow "Should be on" $dbOwn.Key -NoNewLine; If ( $xNow -ne $dbOwn.Key){Write-host " WRONG" -ForegroundColor Red; }ELSE{Write-Host " OK" -Foregroundcolor Green}}
read-host "Review the text above and make sure you have green OK. Then Press Enter to Continue"
Write-Host "`nChecking Mailboxes" -Foregroundcolor Green
Write-Host "Using " $csvin
If(test-path $csvin){
Write-host "$csvin found" -foregroundcolor Green
$users2Migrate = import-csv $csvin
}ELSE{
Write-host "$csvin not found" -foregroundcolor red
exit
} #If(test-path $csvin)
$users = @()
ForEach($xUser in $Users2Migrate){
$tmpemail = $xUser.email
Write-Host $tmpemail
$tUser = Get-Mailbox $tmpemail
$tmpusers = $tUser | Select PrimarySmtpAddress, @{Expression={$_.Database.Name};Label="Database"}, IsValid, @{Expression={$_.OrganizationalUnit.replace("ad.bgep.co.uk/Offices/","")};Label="OrganizationalUnit"}
$MR = Get-MoveRequest $tmpemail -ErrorAction silentlycontinue
IF($MR -ne $Null){
    Write-Host "!!Outstanding MoveRequest!! .. Run Remove-MoveRequest $tmpemail BEFORE you continue" -foregroundcolor red
    IF($RemoveExistingMoveRequests){Remove-MoveRequest $tmpemail -confirm:$False}
}
$users += $tmpUsers
If ($tmpUsers.IsValid -eq $False){
    Write-Host "`n## Invalid User ##" -Foregroundcolor Red;
    $invalid=$tUser.validate();
    write-host "Property Name:.."$inValid
[0].PropertyName;
    write-host "Description:…."$inValid[0].Description;
    Write-host "######`n"-Foregroundcolor Red
}
}
$users | ft –auto

#END
#########################################################################################

Enable-PersonalArchive.ps1 v1.2

April 13, 2012 by ucinfo, posted in Exchange 2010, Powershell

#MSExchange

During migrations to Exchange 2010, we are also using a tool call Transvault to export data from Enterprise Vault in to Exchange. As you would expect this is a massive task. Originally we moved the data in to the primary mailbox, but with laptop rebuilds and slow links while syncing the data we switched Transvault to move the data in to an Exchange Personal Archive, and it works like a dream.

This results in me having to enable the personal archive for different users and as expected I scripted it and here it is. The help text at the top should explain everything you need to know .. Enjoy

<#
.NOTES
NAME: Enable-PersonalArchive.ps1
AUTHOR: Paul Flaherty
Last Edit: v1.2 [4 April 2012]
v1.0 21 Feb 2012 : A script is born
v1.1 02 Mar 2012 : Added switches to allow only applying of policies
v1.2 04 Apr 2012 : Added mailbox switch
.LINK
blogs.flaphead.com
.SYNOPSIS
Enable Exchange 2010 Personal Archive from a CSV file
.DESCRIPTION
This Script gets reads a CSV file that contains email addresses and enabled
the Exchange 2010 Personal Archive.
.PARAMETER CSVIN
Location of a csv file that contains a single column for email
Default file is C:MigrationListArchivelist.csv
.PARAMETER RetentionPolicy
Name of the Retention Policy to apply
.PARAMETER CreateArchive
Create the archive
.PARAMETER ApplyPolicy
Specified Retention Policy
.PARAMETER StartMFA
Start the ManageFolderAssistant for the users
Automatically enabled if the ApplyPolicy switch is selected
.PARAMETER ListRetentionPolicies
Shows a list of available retention Policies
.PARAMETER Mailbox
Specify an individual mailbox instead of using the CSV file
.EXAMPLE
Enable-PersonalArchive.ps1
Enable the Personal Archive for all the users in C:MigrationListArchivelist.csv
and applies the "Default Archive and Retention Policy" retention policy
.EXAMPLE
Enable-PersonalArchive.ps1 -CreateArchive
Create personal archives using the default retention policy for all the users in C:MigrationListArchivelist.csv
.EXAMPLE
Enable-PersonalArchive.ps1 -ListRetentionPolicies
Displays a list of the available retention policies
#>
#########################################################################################
PARAM([String]$CSVin="C:MigrationListArchivelist.csv",
      [String]$RetentionPolicy="Default Archive and Retention Policy",
      [Switch]$ListRetentionPolicies=$false,
      [Switch]$EnableArchive,
      [Switch]$ApplyPolicy,
      [Switch]$StartMFA,
      [String]$Mailbox)
$Error.Clear()
#########################################################################################
$AppName    = "Enable-PersonalArchive.ps1"
$AppVer     = "v1.2 [4 April 2012]"
$ServerName = hostname
$today      = Get-Date
$RunUser    = ([System.Security.Principal.WindowsIdentity]::GetCurrent()).Name
##########################################################################################
#Display script name and version
##########################################################################################
Write-host " " $AppName -NoNewLine -foregroundcolor Green
Write-Host ": " $AppVer -foregroundcolor Green
Write-host "`n Run on $ServerName at $Today by $RunUser" -foregroundcolor Yellow
Write-Host "|——————————————————————-|`n"
Write-Host "PARAMETERS:" -Foregroundcolor Green
Write-host "ListRetentionPolicies:.. " $ListRetentionPolicies
Write-host "EnableArchive:……….." $EnableArchive
Write-host "ApplyPolicy:…………." $ApplyPolicy
Write-Host "StartMFA:……………." $StartMFA
Write-host "CSVin: ………………" $CSVin
Write-host "RetentionPolicy:………" $RetentionPolicy
write-Host "Mailbox:…………….." $Mailbox
##########################################################################################
$xPsCheck = Get-PSSnapin | Select Name | Where {$_.Name -Like "*Exchange*"}
If ($xPsCheck -eq $Null) {Add-PsSnapin Microsoft.Exchange.Management.PowerShell.e2010}
If($ListRetentionPolicies){
Write-Host "Available Retention Policies" -Foregroundcolor Blue
Get-RetentionPolicy | select Name
Exit
} #If($ListRetentionPolicies)
Write-Host ""
If ($Mailbox -eq ""){
Write-Host "Reading $CSVin"
$tmpUsers = Import-Csv $CSVin
$tmpUserCnt =0;$tmpUsers | ForEach{$tmpUserCnt ++}
Write-Host $tmpUserCnt -Foregroundcolor Green -NoNewLine
Write-Host " Users found"
}ELSE{
Write-Host "Individual Mailbox spelected [$Mailbox]"
$tmpusers = "" | Select email
$tmpusers.email = $mailbox
} #If ($Mailbox -eq "")
If($EnableArchive -eq $True){
#First Loop to enable archive
Write-Host "`nEnabling Archive" -foregroundcolor Yellow
ForEach($user in $tmpUsers){Write-Host "`n"$user.email; Get-Mailbox $user.email | Enable-Mailbox -Archive}
Write-Host "`nWaiting 30 Seconds while AD Catches up!`n" -Foregroundcolor Blue
Sleep 30
} #If($EnableArchive -eq $True)
#Loop to enable policy
IF($ApplyPolicy -eq $True){
$StartMFA = $True
Write-Host "`nSetting Retention Policy: " -NoNewLine
Write-Host $RetentionPolicy -foregroundcolor Yellow
ForEach($user in $tmpUsers){
    Write-Host $user.email
    Get-Mailbox $user.email | Set-Mailbox -RetentionPolicy $RetentionPolicy
} #ForEach($user
Write-Host "`nWaiting 30 Seconds while AD Catches up!`n" -Foregroundcolor Blue
Sleep 30
} #IF($ApplyPolicy -eq $True)
#Loop to Start the managedfolderassistant
IF($StartMFA -eq $True){
Write-Host "`nStart-ManagedFolderAssistant: " -foregroundcolor Yellow
ForEach($user in $tmpUsers){
    Write-Host $user.email
    Get-Mailbox $user.email | Start-ManagedFolderAssistant
} #ForEach($user
} #IF($StartMFA -eq $True)
#Loop for the results
Write-Host "`n`nResults" -foregroundcolor Yellow
$tmpResults =@()
ForEach($user in $tmpUsers){
#Write-Host
$user.email
$tmpResults += Get-Mailbox $user.email | select PrimarySmtpAddress, Database, RetentionPolicy, ArchiveDatabase
} #ForEach($user
$tmpResults | ft -auto
If ($Mailbox -eq ""){
If ($EnableArchive -or $ApplyPolicy){
    $xBatchName = get-date -Format "yyyy-MMM-dd_HH-mmm-ss"
    $csvRename = ($csvin.split("."))[0] + "_" + $xBatchName + ".csv"
    Write-host "Renaming csv files to $csvrename" -foregroundcolor yellow
    Ren $csvin $csvRename
} #If ($EnableArchive -or $ApplyPolicy)
} #If ($Mailbox -eq "")
#END
#########################################################################################

Moving Mailboxes the easy way

April 11, 2012 by ucinfo, posted in Exchange 2010, Powershell

#MSExchange

So I have moved quite a few mailboxes from Exchange 2003 to Exchange 2010. I have shared some of my pain (http://flaphead.dns2go.com/?p=2917) and wanted to share what I actually do.

Those that know me, would know that I am not too bad with Powershell Winking smile and the obvious thing to do is to script these moves. So probably on Friday, I will post the scripts, but this is how things work for me.

So before we start, the reason for the different scripts is #1 so they can be run by themselves, and #2 automation is a great thing, but I am a control freak and want to be able to control things just in case things go pear shaped!

It all starts with a list of email address. I put them in a csv file with a single heading of email

I then run my first script: pre-flightchecks.ps1

This script checks the AD site that I am running the script from, enumerated the CAS servers and runs Test-MRSHealth on each CAS server to make sure its happy.

Next it checks to make sure all the databases in the AD site are mounted on the server that has an Activation Preference of 1. A bit of qdos for this, is that the code can be found on page 491 of Microsoft Exchange 2010 Inside Out by Tony Redmond [Thanks Tony for the mention Open-mouthed smile ]

Finally the script reads the CSV file and checks to make sure all the mailboxes have IsValid = True. Due to the age of the system I am migrating at the moment, we are find a lot of mailboxes, groups and contacts that are “invalid” as far as Exchange 2007 & 2010 are concerned. The most common issues are bad Alias Names (having commas in), database names that don’t exist anymore (don’t ask!), invalid UPNs and display names with trailing whitespace. Oh the other thing it checks is to see if the mailboxes already have move requests associated with them!

So once complete we know that MRS is cool, the database are where they are supposed to be and the mailboxes are valid

Script #2 is Move-RequestFromCSV.ps1

As the name suggests it takes the CSV file I have with email addresses and then generates move requests. It does a few other smart things, but the kinda cool thing is that is autogenerates a BatchName and all the moves are given the same batchname.

Now if you have not played with move requests before, the batchname is excellent and Devon put me on this a a long while back. What is cool is that you can then reference all the move requests in a batch and treat them as one .. really cool

So the move requests are in flight, what next

Well Script #3 – Monitor-MoveRequest.ps1

I just love this script. In an nutshell, this uses the BatchName from the previous script and just sits and monitors the progress.

Something Ari has been beating me up about for a while, is that where I am now we don’t have SCOM, so I have written a poor man monitoring website with static html pages that are updated by a handful of powershell scripts. I must admit it is rather bloody cool. Maybe one day I will get round to doc’ing it!

So the monitor script generates a html page every 20 seconds or so until the moves are complete. All you have to do it open the html page and watch. It is a bit like watching paint dry. [On a side note what is interesting is how tollerate move requests are to ~~bad~~ slow network links. I move 60 odd mailboxes over the weekend where it peaked at a massive 3MB per min! Took over 8hrs to move a 1.9TB mailbox!]

Once complete it sends the html page in an email as the message body as well as the reports from the move requests. These reports are golden, especially if you the move has failed for any reason. If you want to see normally you want view a move request in the Exchange Management Console, or run somethng like (Get-MoveRequestStatistics <user email> -IncludeReport).report

An that’s it, only another 7000 odd to go now!

Oh I almost forgot! So driving home last night I was thinking about how to distribute mailboxes across databases [Coding in my head is scary]. Yeah I know this is old skool and that plenty of people have done this before. Steve’s example is good [http://www.stevieg.org/2010/09/balancing-exchange-databases/] BUT I couldn’t resist, and Mitch has been on at me to do something, so I did.

I got my Wife involved too, and started with an explanation of pots filled with coins and that I wanted the same number of coins in each pot. She came up with a idea (after I got the WTF are you taking about look) and so last night v0.1 of Get-DatabaseDistribution.ps1 was born

So you think coding while ur driving is bad, well last night instead of counting sheep I was working on part 2. So I explained this to my wife this morning, as the same pots filled with coins, but now I want to make sure all the pots has the same coin value in them. I think I burned her out of ideas last night and only got a WTF this morning.

BUT I think I have cracked it. Been testing it today with both Distribute by Count and MB and it looks good. What is even better is that is generates a CSV file, and I can use the combination of the 3 scripts above.

Looking to share the scripting love probably Friday

l8trs

Powershell Format-Table HELL!

April 11, 2012 by ucinfo, posted in Powershell

#Powershell

This really is killing me, I am getting it more an more.

Basically if I create an array I want to send the output to the screen using Format-Table.

In the shell it works fine, but when I use a .ps1 I am constantly getting

out-lineoutput : The object of type "Microsoft.PowerShell.Commands.Internal.Format.FormatStartData" is not valid or not in the correct sequence. This is likely caused by a user-specified "format-table" command which is conflicting with the
default formatting.
+ CategoryInfo : InvalidData: (:) [out-lineoutput], InvalidOperationException
+ FullyQualifiedErrorId : ConsoleLineOutputOutOfSequencePacket,Microsoft.PowerShell.Commands.OutLineOutputCommand

What the hell is going on?! Why is the shell different to a .ps1

I don’t want a list, all I want is a table! .. Select-Object can’t make up its mind if it want to use a table or list and I done see anyway around it .. Event exporting to CSV and reimporting fails!

Dell Announces Intent to Acquire Wyse Technology

April 4, 2012 by ucinfo, posted in News

http://content.dell.com/us/en/corp/d/secure/2012-04-02-dell-acquisition-wyse-technology.aspx

Interesting!

Dell today announced it has signed a definitive agreement to acquire Wyse Technology, the global leader in cloud client computing, to significantly extend its desktop virtualization offerings. The addition of Wyse will expand Dell’s desktop virtualization capabilities and provide new solutions and services opportunities for the full range of Dell’s enterprise offerings.

In some environments, a virtual desktop allows enterprises to more efficiently and securely manage their users and end point devices. With this acquisition, Dell expands its enterprise solutions portfolio and offers customers an ever broadening array of tailored solutions to meet their needs.

“The total market for desktop virtualization solutions should continue to see strong growth globally, with the larger revenue and margin opportunities coming from the datacenter infrastructure, cloud and services offerings that are tied to thin client and desktop virtualization technology sales,” said Matt Eastwood, Group Vice President, Enterprise Platform Research, IDC. “Thin client and desktop virtualization solutions typically drive high attach rates to data center solutions, including servers, networking, storage and services. The end-to-end datacenter infrastructure stack for these solutions is expected to exceed $15 billion by 2015.”

Symantec Enterprise Vault 10.0.1 Released

April 4, 2012 by ucinfo, posted in Enterprise Vault

#Symantec #EnterpriseVault

http://www.symantec.com/business/support/index?page=content&id=TECH147787

Symantec Enterprise Vault, Compliance Accelerator, Discovery Accelerator 10.0.1 – Release Details

This document provides information about version 10.0.1 of Enterprise Vault, Compliance Accelerator, and Discovery Accelerator.

When you perform a new installation of Enterprise Vault, follow the instructions in the Installing and Configuring guide. The guide is in the Documentation folder on the Enterprise Vault 10.0.1 media.

If you want to upgrade from an earlier version of Enterprise Vault, follow the instructions in the Upgrading to Enterprise Vault 10.0.1 guide, which is available on the Enterprise Vault 10.0.1 media. The latest version of this guide is available from the link below.

Before you install or upgrade to Enterprise Vault 10.0.1, download and read the latest release notes from the locations below:

Microsoft #Forefront Protection for Exchange Server detected a virus

April 1, 2012 by ucinfo, posted in Forefront, Virus

#MSExchange

Been seeing a lot of these this week, all with different senders

Microsoft Forefront Protection for Exchange Server has detected a virus.
Virus name: "Trojan-Spy.HTML.Fraud.gen"
File name: "Body of Message"
State: "Removed"
Subject line: "FW: Receipt for Your Payment to AU-AdCommerce-EOM@ebay.com"
Sender: "Jacki Seers"
Scan job: "Transport"

Thankfully Winking smile forefront removes it!