進入Exchange 2010 時代,終於可以實現自動化了。前兩天看到一老外寫的關於Cmdlet Extension Agents的使用,覺得蠻有意思的,自己測試了下,果然不錯。下面是一些分享。
首先,我們需要創建一個Receive connector 來接受從特定IP地址段來的 free relay。命令行中的IP地址段可自行修改,請注意此處的安全隱患。
- New-ReceiveConnector -Name "Internal Relay" -Bindings 0.0.0.0:25 -RemoteIPRanges 127.0.0.1,192.168.100.1-192.168.100.255 -AuthMechanism None -Enabled $true -Fqdn "ex2010cas01.mcmhost.com" -PermissionGroups AnonymousUsers -Server ex2010cas01 | Add-ADPermission -User "NT AUTHORITY\ANONYMOUS LOGON" -ExtendedRights "ms-Exch-SMTP-Accept-Any-Recipient"
第二步,創建一個腳本來發送歡迎郵件到特定郵箱。我們爲這個腳本取名爲send-mail.ps1, 命令行參數爲:
- send-mail.ps1 –mailboxname <郵箱名>
代碼如下, 請修改變量定義中的郵件地址,請注意郵件中會自動插入出用戶的用戶名,郵件地址等信息,另外,可自行修改聲明。第三步之前,可先行運行此腳本,保證腳本能正常工作。
=================================
- param
- (
- [string]$mailboxname
- )
- #此處填上發信人地址
- $strMsgFrom = "MCMHost HelpDesk <[email protected]>"
- #郵件標題
- $strMsgTitle = "Welcome to MCMhost!"
- #SMTP relay host name,一般是HUB服務器或者是某內部SMTP gateway
- $SMTPClient = New-Object Net.Mail.SmtpClient("ex2010cas01.mcmhost.com")
- $mailbox = get-mailbox -id $mailboxname
- $strMsgTo = $mailbox.PrimarySMTPAddress
- $strMsgBody = "您好, "+$mailbox.DisplayName+", 歡迎使用MCMhost郵件系統!
- --------------------------------------
- 用戶名和密碼
- --------------------------------------
- 您的登錄賬戶名是 is '"+$mailbox.SamAccountName+"'. Use your username and password to login to the network. Your password should NEVER be shared with anyone except the I.T. department, and only then when requested. Please do not write it down on anything that can be seen by your coworkers. You will be prompted to change it regularly.
- --------------------------------------
- 郵箱
- --------------------------------------
- 您的郵件地址是 '"+$mailbox.PrimarySMTPAddress+"'.
- To access your email, calendar, contacts, and tasks from outside of the building, such as from home, you can do so from any Internet connected computer. Simply open Internet Explorer and go to the Outlook Web Access (OWA) page at https://mail.MCMhost.com/ and log in using your username and password. Please note the 's' in https.
- If you'd like to have access to your email and contacts from your cell phone, you will need a cell phone that has Windows Mobile 5 or later, or an Apple iPhone. Blackberry phones are not supported. Instructions for configuring your device can be found in the Frequently Asked Questions (FAQ) section of the MCMhost Intranet at https://intranet.MCMhost.com/helpdesk/Lists/SupportFaq/AllItems.aspx
- --------------------------------------
- Contact information
- --------------------------------------
- Once you're situated, please go to http://directory/DirectoryUpdate and update your information. Log in using your username and password. It's important that you update your information anytime something changes, such as title, department, phone number, etc. This information is used in various systems and applications, and is your responsibility to keep up to date.
- --------------------------------------
- Computer, Email, and Internet policies
- --------------------------------------
- MCMhost, Inc. provides a computer for your work tasks. The use of personally owned computers and related equipment is not permitted on our network. Additional information about use of MCMhost computers, email, Internet, etc. can be found in the Employee Handbook located in the HR section of the intranet at https://intranet.MCMhost.com/hr/
- --------------------------------------
- Technical assistance
- --------------------------------------
- Should you need technical assistance, please check the Frequently Asked Questions (FAQ) section of the MCMhost Intranet at https://intranet.MCMhost.com/helpdesk/Lists/SupportFaq/AllItems.aspx. If you cannot find an answer there, submit a Service Request on the MCMhost intranet at https://intranet.MCMhost.com/helpdesk. If you are unable to access the intranet site, only then should you email [email protected]. It is monitored by the whole IT department, and will ensure your issue is resolved in a timely manner.
- Thank you, and, again, welcome to MCMhost!
- The Information Technology Department"
- $SMTPClient.Send($strMsgFrom,$strMsgTo,$strMsgTitle,$strMsgBody)
=================================
第三步, 去到C:\Program Files\Microsoft\Exchange Server\V14\Bin\CmdletExtensionAgents 目錄下(如果不是缺省安裝路徑,可自行修改)。創建一個XML文件ScriptingAgentConfig.xml 。
XML文件內容如下,其作用是當完成new-mailbox這個命令後,自動調用c:\temp\send-mail.ps1腳本發送歡迎郵件,並且禁止郵箱的IMAP和POP3訪問。這裏的功用可無限引申出去(注意,在某些時候script agent的優先級需要比provisionagent的優先級高,比如對database做操作的命令,此處就不贅述了)。
=========================
- <?xml version="1.0" encoding="utf-8" ?>
- <Configuration version="1.0">
- <Feature Name="MailboxProvisioning" Cmdlets="new-mailbox">
- <ApiCall Name="OnComplete">
- if($succeeded) {
- $newmailbox = $provisioningHandler.UserSpecifiedParameters["Name"]
- c:\temp\send-mail.ps1 -mailboxname $newmailbox
- Set-CASMailbox $newmailbox -IMAPEnabled $false -POPEnabled $false
- }
- </ApiCall>
- </Feature>
- </Configuration>
=========================
第四步,關閉所有服務器上目前打開的EMS和EMC。然後拷貝該XML去您環境中的每一個Exchange 服務器。別怪我沒告訴你噢,等下跟我說你打不開EMC了。
第五部,使用下面命令創建一個新用戶(也可用界面創建)。請自行修改 OU路徑和用戶名等參數。 進入Exchange 2010 時代,終於可以實現自動化了。前兩天看到一老外寫的關於Cmdlet Extension Agents的使用,覺得蠻有意思的,自己測試了下,果然不錯。下面是一些分享。
首先,我們需要創建一個Receive connector 來接受從特定IP地址段來的 free relay。命令行中的IP地址段可自行修改,請注意此處的安全隱患。
- New-ReceiveConnector -Name "Internal Relay" -Bindings 0.0.0.0:25 -RemoteIPRanges 127.0.0.1,192.168.100.1-192.168.100.255 -AuthMechanism None -Enabled $true -Fqdn "ex2010cas01.mcmhost.com" -PermissionGroups AnonymousUsers -Server ex2010cas01 | Add-ADPermission -User "NT AUTHORITY\ANONYMOUS LOGON" -ExtendedRights "ms-Exch-SMTP-Accept-Any-Recipient"
第二步,創建一個腳本來發送歡迎郵件到特定郵箱。我們爲這個腳本取名爲send-mail.ps1, 命令行參數爲:
- send-mail.ps1 –mailboxname <郵箱名>
代碼如下, 請修改變量定義中的郵件地址,請注意郵件中會自動插入出用戶的用戶名,郵件地址等信息,另外,可自行修改聲明。第三步之前,可先行運行此腳本,保證腳本能正常工作。
=================================
- param
- (
- [string]$mailboxname
- )
- #此處填上發信人地址
- $strMsgFrom = "MCMHost HelpDesk <[email protected]>"
- #郵件標題
- $strMsgTitle = "Welcome to MCMhost!"
- #SMTP relay host name,一般是HUB服務器或者是某內部SMTP gateway
- $SMTPClient = New-Object Net.Mail.SmtpClient("ex2010cas01.mcmhost.com")
- $mailbox = get-mailbox -id $mailboxname
- $strMsgTo = $mailbox.PrimarySMTPAddress
- $strMsgBody = "您好, "+$mailbox.DisplayName+", 歡迎使用MCMhost郵件系統!
- --------------------------------------
- 用戶名和密碼
- --------------------------------------
- 您的登錄賬戶名是 is '"+$mailbox.SamAccountName+"'. Use your username and password to login to the network. Your password should NEVER be shared with anyone except the I.T. department, and only then when requested. Please do not write it down on anything that can be seen by your coworkers. You will be prompted to change it regularly.
- --------------------------------------
- 郵箱
- --------------------------------------
- 您的郵件地址是 '"+$mailbox.PrimarySMTPAddress+"'.
- To access your email, calendar, contacts, and tasks from outside of the building, such as from home, you can do so from any Internet connected computer. Simply open Internet Explorer and go to the Outlook Web Access (OWA) page at https://mail.MCMhost.com/ and log in using your username and password. Please note the 's' in https.
- If you'd like to have access to your email and contacts from your cell phone, you will need a cell phone that has Windows Mobile 5 or later, or an Apple iPhone. Blackberry phones are not supported. Instructions for configuring your device can be found in the Frequently Asked Questions (FAQ) section of the MCMhost Intranet at https://intranet.MCMhost.com/helpdesk/Lists/SupportFaq/AllItems.aspx
- --------------------------------------
- Contact information
- --------------------------------------
- Once you're situated, please go to http://directory/DirectoryUpdate and update your information. Log in using your username and password. It's important that you update your information anytime something changes, such as title, department, phone number, etc. This information is used in various systems and applications, and is your responsibility to keep up to date.
- --------------------------------------
- Computer, Email, and Internet policies
- --------------------------------------
- MCMhost, Inc. provides a computer for your work tasks. The use of personally owned computers and related equipment is not permitted on our network. Additional information about use of MCMhost computers, email, Internet, etc. can be found in the Employee Handbook located in the HR section of the intranet at https://intranet.MCMhost.com/hr/
- --------------------------------------
- Technical assistance
- --------------------------------------
- Should you need technical assistance, please check the Frequently Asked Questions (FAQ) section of the MCMhost Intranet at https://intranet.MCMhost.com/helpdesk/Lists/SupportFaq/AllItems.aspx. If you cannot find an answer there, submit a Service Request on the MCMhost intranet at https://intranet.MCMhost.com/helpdesk. If you are unable to access the intranet site, only then should you email [email protected]. It is monitored by the whole IT department, and will ensure your issue is resolved in a timely manner.
- Thank you, and, again, welcome to MCMhost!
- The Information Technology Department"
- $SMTPClient.Send($strMsgFrom,$strMsgTo,$strMsgTitle,$strMsgBody)
=================================
第三步, 去到C:\Program Files\Microsoft\Exchange Server\V14\Bin\CmdletExtensionAgents 目錄下(如果不是缺省安裝路徑,可自行修改)。創建一個XML文件ScriptingAgentConfig.xml 。
XML文件內容如下,其作用是當完成new-mailbox這個命令後,自動調用c:\temp\send-mail.ps1腳本發送歡迎郵件,並且禁止郵箱的IMAP和POP3訪問。這裏的功用可無限引申出去(注意,在某些時候script agent的優先級需要比provisionagent的優先級高,比如對database做操作的命令,此處就不贅述了)。
=========================
- <?xml version="1.0" encoding="utf-8" ?>
- <Configuration version="1.0">
- <Feature Name="MailboxProvisioning" Cmdlets="new-mailbox">
- <ApiCall Name="OnComplete">
- if($succeeded) {
- $newmailbox = $provisioningHandler.UserSpecifiedParameters["Name"]
- c:\temp\send-mail.ps1 -mailboxname $newmailbox
- Set-CASMailbox $newmailbox -IMAPEnabled $false -POPEnabled $false
- }
- </ApiCall>
- </Feature>
- </Configuration>
=========================
第四步,關閉所有服務器上目前打開的EMS和EMC。然後拷貝該XML去您環境中的每一個Exchange 服務器。別怪我沒告訴你噢,等下跟我說你打不開EMC了。
第五部,使用下面命令創建一個新用戶(也可用界面創建)。請自行修改 OU路徑和用戶名等參數。
- New-Mailbox -Name 'Exchange 2010 user08' -Alias 'exchange2010user08' -OrganizationalUnit 'MCMHost.com/MCM/Users' -UserPrincipalName '[email protected]' -SamAccountName 'user08' -FirstName 'Exchange 2010' -Initials '' -LastName 'user08' -Password 'System.Security.SecureString' -ResetPasswordOnNextLogon $false
- New-Mailbox -Name 'Exchange 2010 user08' -Alias 'exchange2010user08' -OrganizationalUnit 'MCMHost.com/MCM/Users' -UserPrincipalName '[email protected]' -SamAccountName 'user08' -FirstName 'Exchange 2010' -Initials '' -LastName 'user08' -Password 'System.Security.SecureString' -ResetPasswordOnNextLogon $false