|
Well now you personally can!!!!!
I have written and published to the joeware site the tool
called ExchMbx. This tool will
Mailbox Enable existing users - create
mailbox.
MailEnable existing users, contacts, groups - sorry won't
do query based groups yet, later versions will. It would had MS actually used
CDOEXM for mail enabling the groups but they seemed to have forgotten about
scripters and programmers yet again... So a later version of ExchMbx will try
to avoid CDOEXM and do everything via straight LDAP and which means I have
to work out the legacyExchangeDN uniqueness stuff. Not sure if it is possible to
completely avoid cdoexm though, have to look closely at moving mailboxes...
Move mailboxes - yes command line move
mailbox!
Clear Exchange attribs - basically delete mailboxes,
maildisable objects.
It is similar to admod in that you can pipe in the list of
DN's from another program, so say you want to create mailboxes on Server5,
Storage Group SG2, Mail Store DB3 for the first 100 users in the OU called
newusers (and any subou's) who don't already have
mailboxes....
adfind -b ou=newusers,ou=mail,dc=domain,dc=com -f
"&(objectcategory=person)(objectclass=user)(!(homemdb=*))" -dsq | exchmbx
-upto 100 -cr server5:sg2:db3 -cont
or say you want to move the mailboxes of all users with
samaccountname starting with W to Server2, SG4, DB1...
adfind -b ou=mail,dc=domain,dc=com -f
"&(objectcategory=person)(objectclass=user)(samaccountname=w*)(!(homemdb=*))"
-dsq | exchmbx -move server2:sg4:db1 -cont
-unsafe Or you want to delete all mailboxes of all users and
maildisables all of the objects in the OldUsers OU....
adfind -b ou=newusers,ou=mail,dc=domain,dc=com -f
"(objectclass=*)" -s one -dsq | exchmbx -clear
-unsafe Or if
you just want to mail enable one contact but with text w/ uuencoding formatted
email...
exchmbx -b
cn=somecontact,ou=contacts,ou=mail,dc=domain,dc=com -me [EMAIL PROTECTED]
-internetencoding 2228224
Download it from the free win32 tools page of www.joeware.net...
As
usual, anyone finds issues with it or has suggestions, fire them my way. I
whipped this up really quick because I was writing something about Exchange and
how to do things and I never could say what I considered good things for command
line options.
joe
Here
is the usage screen:
[Sun 08/01/2004
14:11:19.48]
F:\DEV\WebSites\Joeware\Current\win32\zips>exchmbx ExchMbx V01.00.00cpp Joe Richards ([EMAIL PROTECTED])
August 2004
Usage:
ExchMbx [switches] Switches: (designated by - or /)
-h host Host to use, use default LDAP server -b basedn DN to do the work on. If basedn is not specified the program will read from stdin anything piped to it or if you want you can type the DNs there followed by a ctrl-z to terminate the pipe. -elapsed Display elapsed time in seconds -cr MDB Create Mailbox in MDB - See Format Below for that value -move MDB Move Mailbox to MDB - See Format Below for that value -me x MailEnable object. If necessary x is targetaddress. -clear Clear all email attribs. -safety x How many objects before safety kicks in. Default 10 -delim x X specifies delimiter for MDB format. Default : -fdelim x X specified delimiter for file format. Default [TAB] -unsafe Don't have a safety, modify objects no matter how many. -upto x Process DNs until x successes have occurred. -cont Continue with objects even if errors. -internetencoding This is the encoding type for mailenabled objects. MDB format Format: (HomeMDBURL|Server:Storage Group:DataBase) This value can be
specified either as a complete HomeMDB URL value
or if you don't know it or don't want to look it up you can specify the server, storage group, and data base and the tool will look up the proper HomeMDB URL for you. Internet Encoding Format Mail enabled objects can either follow the Internet Mail Service settings for how mail is encoded for transfer out of the Exchange system or you can specify specific values. This switch lets you change that setting. The default value written to the mail enabled objects is 1310720 which is 'Use Internet Mail Service' settings. See KB281740 for more info on the settings, here are some alternate values at the time of this writing: 393216 MIME with Plain Text 917504 MIME with HTML 1441792 MIME with Plain Text & HTML 2228224 Plain Text / uuencode 131072 Plain Text / uuencode with Binhex Notes: This tool could be considered dangerous, it can quickly make some serious changes to your directory and really mess up email. I take no responsibility for you dorking up your email system. The safety option will bail the whole operation if there are more objects to work on than specified with the -safety option. This tool is
exceptionally powerful when used in conjunction with
a command line LDAP query tool such as my own adfind with the -dsq switch or dsquery from Microsoft. If you get an
error updating an object, no modification is made
to the specific object. When doing
multi-DN modifications, the errorlevel will be set to the
last error encountered. So if you go through 8 DNs and hit 3 errors, only the last will be passed back to you via %errorlevel%. Be very very
careful of clear option. You can literally clear all mail
objects in your forest with that command in a relatively simple way. This program has the ability to read the DN to modify from STDIN for instance you could take the output from program 1 and send it into this program like: someprogram | exchmbx -move server1:sg1:db1 -upto 100 which would take the output from someprogram and then use that for the the DN list for exchmbx. So for instance say I wanted to move all mailboxes of users in a specific OU to another Exchange Server or another database I could do so by combining an LDAP search from ADFIND or dsquery with exchmbx... You can also have
a list of DNs in a text file and pipe in from there
like this: exchmbx -move srv1:sg1:db3 < file.txt In addition you can add override info to the piped in information as well... Say you want to move all users except a couple of them to one place you have the command above but then on the lines holding DNs you wanted moved to another location you add that information. Basically it is
all in the format of the input. If you are just sending
in DNs the format should be: "cn=something,ou=something,dc=domain,dc=com" and should have the quotes around the DN. If you want to add override information simply follow the DN with TAB character and a quoted string with the override info like so: "cn=something,ou=something,dc=domain,dc=com" "cn=something2,ou=something,dc=domain,dc=com" "cn=something3,ou=something,dc=domain,dc=com" "srv2:sg1:db3" which when combined with the command: exchmbx -move srv1:sg1:db1 < file.txt would result in something3 going to srv2:sg1:db3 and the other objects going to srv1:sg1:db1 This override
functionality works for -cr, -move, -me options.
Ex1: admod -b cn=joe,dc=joe,dc=net -cr srv1:sg1:db2 Create mailbox for joe in Server srv1, storage group sg1, database db2. Ex2:
admod -b cn=joe,dc=joe,dc=net -move srv1:sg1:db2 Ditto ex1 but move. Ex3:
admod -b cn=joe,dc=joe,dc=net -move CN=DB1,CN=SG1,CN=InformationStore,CN=2K3EXC01... Ditto ex1 but move to specified URL (URL chopped short). Ex4:
admod -b cn=joe,cn=users,dc=joe,dc=net -clear Clear Exchange attrs for joe, will delete mailbox or clean email addresses of mailenabled objects. Ex5:
admod -b cn=gr1,cn=users,dc=joe,dc=net -me Mail Enable group gr1 Ex6:
admod -b cn=con1,cn=users,dc=joe,dc=net -me [EMAIL PROTECTED] Mail Enable contact con1 with email address [EMAIL PROTECTED] Ex8:
adfind -b ou=new,dc=joe,dc=net -f "&(objectcategory=person)(objectclass=user)" -dsq |exchmbx -upto 100 -cre s1:sg1:db1 Mailbox enable the first 100 users of the OU called new. This software is Freeware. Use it as you wish at your own risk. If you have improvement ideas, bugs, or just wish to say Hi, I receive email 24x7 and read it in a semi-regular timeframe. You can usually find me at [EMAIL PROTECTED] [Sun 08/01/2004 14:11:22.31] F:\DEV\WebSites\Joeware\Current\win32\zips> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mulnick, Al Sent: Friday, July 30, 2004 10:14 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] [OT] CLI CreateMailBox/MailEnable/Clear Exch Attr Tool Personally haven't seen a CLI that provisions Exchange
objects.
Two issues come to mind with CLI and
Exchange
CDOEXM is more difficult to work with than it should
be and very limited - whatever.
Resource levelling is a difficult thing to accomplish
without the MPS DLL's available. I *heard* there were some levelling DLL's
somewhere, but haven't seen where that's confirmed. If you can't find such
a thing, I'd prefer some DLL's that do this to a CLI to create mailboxes.
Scripting mailbox creation is done to death on the
web. Removal is not. Levelling is unknown (to me anyway) outside of
commercial provisioning apps.
Can't think why I'd want to mailenable a pre-existing group
via CLI.
Moving is something I can script pretty easily, but it
might be nice to have that in CLI in addition to levelling logic. Would
make cobbling a home-grown lifecycle management app much easier for many out
there.
Al
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Friday, July 30, 2004 2:09 AM To: [EMAIL PROTECTED] Subject: [ActiveDir] [OT] CLI CreateMailBox/MailEnable/Clear Exch Attr Tool Sorry
guys and gals, completely off topic and also sorry for being AWOL lately. Trying
to finish up a little project and don't like the outcome on one
point.
Question is, is there a well known good command line tool for
1.
Creating Mailboxes for prexisting users?
2.
MailEnabling pre-existing groups/contacts?
3.
Clearing Exchange Attribs on any Exchange enabled domain partition
object
4.
Moving mailboxes
When I
say CLI/Command Line, I don't mean someone wrote a script, I am talking about an
actual executable. Preferably something that takes some of the sting out the
parameter list that needs to be sent in and can take multiple objects at once.
I
haven't been able to find anything and several people that I have asked have
looked at me strangely like I had drool on my lip or something... Command
Line... Exchange...
If
not, I am going to write the darn thing today. I will even be nice and write the
initial version to actually uses the CDOEXM calls though the goal in the end
would be to not use CDOEXM so I wouldn't be stuck to only running the tools on
machines that have the Exchange Tools loaded and you could manage cross forest
with it. The single forest management method results from laziness. No reason a
machine should have to be in the forest that the mailbox work is being done in.
Anyway, let me know.
thanks, joe
|
Title: RE: [ActiveDir] SpyWare
