Carpe Diem: Flaphead.com : #Exchange 2010 Training Day 5

News

<script type="text/javascript" src="http://technorati.com/embed/3ni3q36ikc.js"> </script>
This information is provided "AS IS" with no warranties, and confers no rights. Also some of the information contains my views and thoughts.
<script src="http://widgets.technorati.com/t.js" type="text/javascript" charset="UTF-8"></script>
Blog Information Profile for flaphead

Add Me! - Search Engine Optimization

Navigation

Blog Roll

Blog Search Engines

We Blog A Lot

Archives

#Exchange 2010 Training Day 5

#Exchange2010 … Last day …

Check it link for more details around RBAC and role assignments .. http://technet.microsoft.com/en-us/library/dd298183(EXCHG.140).aspx

I love this cmdlet:
Get-ManagementRoleAssignment –role “Mailbox Search” –GetEffectiveusers | FL Name, RoleAssigneeName, EffectiveuserName, AssignmentChain

As for certs you need to change the script to get it to work:
Import-ExchangeCertificate -FileData ([Byte[]]$(Get-Content -Path c:\certificates\IssuedCert.p7b -Encoding byte -ReadCount 0))

This script will check a DAG and compare the current database owner with the activationpreference. The first script will just report the status, while the second one will move the database

Get-MailboxDatabase | Sort Name | FOREACH {$db=$_.Name; $xNow=$_.Server.Name ;$dbown=$_.ActivationPreference| Where {$_.Value -eq 1}; Write-Host $db "on" $xNow "Should be on" $dbOwn.Key -NoNewLine; If ( $xNow -ne $dbOwn.Key){Write-host " WRONG" -ForegroundColor Red; }ELSE{Write-Host " OK" -Foregroundcolor Green}}

This will actually move the databases too
Get-MailboxDatabase | Sort Name | FOREACH {$db=$_.Name; $xNow=$_.Server.Name ;$dbown=$_.ActivationPreference| Where {$_.Value -eq 1}; Write-Host $db "on" $xNow "Should be on" $dbOwn.Key -NoNewLine; If ( $xNow -ne $dbOwn.Key){Write-host " WRONG" -ForegroundColor Red; Move-ActiveMailboxDatabase $db -ActivateOnServer $dbOwn.Key -confirm:$False}ELSE{Write-Host " OK" -Foregroundcolor Green}}

The installation / Transition steps I used:

Prepare Schema and Domain for Exchange 2007
Install a Multi Role Exchange 2007 Server with SP1
Apply the Exchange 2010 Schema
- PrepareLegacyExchangePermissions
- PrepareSchema
- PrepareAD
- PrepareDomain
Upgrade Exchange 2007 Server with SP2
I then installed a multi-role Exchange 2010 server with the Hub / CAS Roles

Software Requirements for Exchange 2010

Description	Tools Only	Mailbox	UM	Client Access	Edge	HT
.NET Framework 3.5 SP1 (No R2)	Yes	Yes	Yes	Yes	Yes	Yes
Power Shell 2.0	Yes	Yes	Yes	Yes	Yes	Yes
Windows Remote Management	Yes	Yes	Yes	Yes	Yes	Yes
MS Filter Pack		Yes				Yes
ServerManagerCmd -i Web-Server		Yes	Yes	Yes		Yes
ServerManagerCmd -i Web-Metabase	Yes	Yes	Yes	Yes		Yes
ServerManagerCmd -i Web-Lgcy-Mgmt-Console	Yes	Yes	Yes	Yes		Yes
ServerManagerCmd -i Web-Basic-Auth		Yes	Yes	Yes		Yes
ServerManagerCmd -i Web-Windows-Auth		Yes	Yes	Yes		Yes
ServerManagerCmd -i Web-Net-Ext		Yes	Yes	Yes		Yes
ServerManagerCmd -i Web-Digest-Auth				Yes
ServerManagerCmd -i Web-Dyn-Compression				Yes
ServerManagerCmd -i NET-HTTP-Activation				Yes
ServerManagerCmd -i Web-ISAPI-Ext				Yes
ServerManagerCmd -i RPC-over-HTTP-proxy				Yes
ServerManagerCmd -i Desktop-Experience			Yes
ServerManagerCmd -i ADLDS					Yes
ServerManagerCmd -i RSAT-ADDS	Yes	Yes	Yes	Yes		Yes

Here is a script to check Inherited permissions on an OU:
http://flaphead.dns2go.com/archive/2009/05/07/inherited-ou-rights.aspx

Posted: 04 December 2009 14:57 by Paul Flaherty

Filed under: MsExchange, Flaphead, Training, PowerShell, Exchange

Attachment(s): RBAC examples.txt

Comments

DJ said:

Where is day 3 & 4?

# December 5, 2009 00:37

Exchange Server said:

As you've probably heard, Microsoft recently released the first rollup package for Exchange 2010

# December 15, 2009 17:22

New Comments to this post are disabled

Carpe Diem: Flaphead.com

Recent Posts

Tags