HCW8078 – Migration Endpoint could not be created

HCW8078 – Migration Endpoint could not be created

Quicktips: Notes from the field

While running the Exchange Hybrod Configuration Wizard I ran in the following issue;

HCW8078 – Migration Endpoint could not be created
Microsoft.Exchange.Migration.MigrationServerConnectionFailedException
The connection to the server ‘http://mail.domain.com’ could not be complete

This issue is a known issue to Microsoft and the resolution is the good old “Have you tried turning it off and on?”

The It Crowd Chris Odowd GIF - Find & Share on GIPHY

The resolution was to Disable MRSProxyEnabled, this can be easily completed for all servers using;

Get-WebServiceVirtualDirectory | Set-WebServiceVirtualDirectory -MRSProxyEnabled $False

Get-WebServiceVirtualDirectory | Set-WebServiceVirtualDirectory -MRSProxyEnabled $True

This script will need to repeat this process for all your servers where MRSProxy is being used.
Invoke-Command -ComputerName Server1 -ScriptBlock {iisreset /restart}

Once you have completed the below steps you will be able to successful rerun the Hybrid Configuration Wizard without any errors

Regards
The Author – Blogabout.Cloud

PowerShell – ForEach do  action X or do Y

PowerShell – ForEach do action X or do Y

PowerShell is one of the greatest tools within any IT Professional toolkit, it enables you to do far more than any GUI available to you today. In my life as a Consultant for a Global Microsoft SI (System Integrator), I face challenges every day where PowerShell has come to the rescue. One of the best cmdlet I use in a lot of script is

ForEach which is the alias name of ForEach-Object

Imagine you need to modify an ExtensionAttribute for your entire organization or grant a permission to a subset of users, ask yourself this? How would I do this in a GUI? and the answer would be “with great difficulty or very time consuming”. This is Foreach-Object comes into play, in the below example I need to modify the PrimarySMTPAddress due to special characters being used

Get-DistributionGroup

In order to correct this, I will be using a source CSV file which contains SamAccountName for the identity of each DistributionList and the correct PrimarySMTPAddress.

Source CSV file

Now for the most important element, the powershell script which will be used to modify the PrimarySMTPAddress. The below script has been designed to achieve the required outcome but also includes the ability to;

  • Be ran using native PowerShell for On-Premises Exchange Servers (2007 through to 2019)
  • Be ran against Exchange Online

So as we can see the Foreach command is being used in the following;

  • For each $row within the $csv which is being imported try and get the distribution list using the column heading SamAccountName
    • If the Identity cannot be found the script will move to the catch
    • If the Identity can be found the script will set the distribution list using the column heading PrimarySMTPAddress
  • The catch is alert if there are any unsuccessful attempts at setting the PrimarySMTPAddress

Simples!!

 Clear-Host
$file = "$env:USERPROFILE\OneDrive\Desktop\groups.csv"
$csv = import-csv -Path $file
region Exchange Module SnapIn
# Exchange 2007
#Add-PSSnapin Microsoft.Exchange.Management.PowerShell.Admin;
# Exchange 2010
#Add-PSSnapin Microsoft.Exchange.Management.PowerShell.E2010;
# Exchange 2013/2016
#Add-PSSnapin Microsoft.Exchange.Management.PowerShell.SnapIn;
endregion
Transcript
Start-Transcript -Path $env:USERPROFILE\OneDrive\Desktop\Get-DistributionGroup.txt
Foreach ($row in $csv)
{
try {
Get-DistributionGroup -Identity $row.SamAccountName | Set-DistributionGroup -PrimarySmtpAddress $row.PrimarySmtpAddress
Write-Host 'INFO:' ($row.SamAccountName),'Primary SMTP Address has now been modified to',($row.PrimarySmtpAddress) -BackgroundColor Green
}
catch
{
Write-Host 'ERROR:' ($row.SamAccountName),'Primary SMTP Address has not been modified to',($row.PrimarySmtpAddress) -BackgroundColor Red
}
}
Stop-Transcript
Get-DistributionGroup
Image result for meerkat simples gif

I have included Start-Transcript as this will dump out all Write-Host entry whether they was successful or not.

Regards

The Author – Blogabout.Cloud

Import Exchange PowerShell Module into your PowerShell ISE console

Import Exchange PowerShell Module into your PowerShell ISE console

When working with Exchange there may be a requirement to create a PowerShell script using PowerShell ISE. Even if you run ISE on a Exchange Server you are unable to get the Exchange cmdlet in ISE, so the workaround for this is to use the following command;

  • If you are trying to add the Exchange cmdlets to your client machine you will need to Install the Exchange Management Tools from the Exchange installation media

The command to import the Exchange modules is different for each version – please use the appropriate command below:

Exchange 2007

2007 Add-PSSnapin Microsoft.Exchange.Management.PowerShell.Admin; 

Exchange 2010

2010 Add-PSSnapin Microsoft.Exchange.Management.PowerShell.E2010; 

Exchange 2013, 2016, 2019

2013-2019 Add-PSSnapin Microsoft.Exchange.Management.PowerShell.SnapIn; 

Regards
The Author – Blogabout.Cloud


QuickTip: PowerShell scripting – How long did it take to run the script?

QuickTip: PowerShell scripting – How long did it take to run the script?

Have you ever wondered how long it took to run your script? Well, you dont need to wonder anymore. The following couple of lines will provide a visual output how long it take to execute your script from start to finish

$Start = [system.datetime]::Now
{
Script run….
}
$End = [system.datetime]::Now
$resulttime = $End – $Start
Write-Host: (‘Execution Time : {0}Days:{1}Hours:{2}Minutes:{3}Seconds’ -f $Resulttime.Hours, $Resulttime.Days, $Resulttime.Minutes, $Resulttime.Seconds)

Image result for meerkat simples

Regards

The Author – Blogabout.Cloud

Working with Active Directory using Get-ADUsers

Working with Active Directory using Get-ADUsers

When working with Active Directory Users sometimes its a lot easier using PowerShell to obtain all the information you require from your environment. As a Consultant I have lost count how many times I’ve used PowerShell to get information out of Active Directory and its essential to your skill set.

The most simple and effective way by running the following command, as it will dump all Active Directory Users and their properties to a CSV file located on your desktop

# Command
Get-ADUser -Filter * -Properties * | Export-CSV $env:userprofile\desktop\ADExport.csv

or

# Command
Get-ADUser -Filter * | Export-CSV $env:userprofile\desktop\ADExport.csv

What if you only require bits of information? The command only targets the Name and SamAccountName Field. Simple right?

# Command
Get-ADUSer -Filter * -Properties Name,SamAccountName | Export-CSV $env:userprofile\desktop\ADExport.csv

or

# Command
Get-ADUSer -Filter * -Properties * | Select-Object -Property Name,SamAccountName | Export-CSV $env:userprofile\desktop\ADExport.csv

The possibilities are endless, you can call all everything from the below table because it exists on the AD object by default. If you have used ExtensionAttributes or CustomAttributes you can also call these as well by adding them to your filter.

PropertySyntaxR/RWlDAPDisplayName
AccountExpirationDateDateTimeRWaccountExpires, converted to local time
AccountLockoutTimeDateTimeRWlockoutTime, converted to local time
AccountNotDelegatedBooleanRWuserAccountControl (bit mask 1048576)
AllowReversiblePasswordEncryptionBooleanRWuserAccountControl (bit mask 128)
BadLogonCountInt32RbadPwdCount
CannotChangePasswordBooleanRWnTSecurityDescriptor
CanonicalNameStringRcanonicalName
CertificatesADCollectionRWuserCertificate
ChangePasswordAtLogonBooleanWIf pwdLastSet = 0
CityStringRWl
CNStringRcn
CompanyStringRWcompany
CountryStringRWc (2 character abbreviation)
CreatedDateTimeRwhenCreated
DeletedBooleanRisDeleted
DepartmentStringRWdepartment
DescriptionStringRWdescription
DisplayNameStringRWdisplayName
DistinguishedNameString (DN)RdistinguishedName
DivisionStringRWdivision
DoesNotRequirePreAuthBooleanRWuserAccountControl (bit mask 4194304)
EmailAddressStringRWmail
EmployeeIDStringRWemployeeID
EmployeeNumberStringRWemployeeNumber
EnabledBooleanRWuserAccountControl (bit mask not 2)
FaxStringRWfacsimileTelephoneNumber
GivenNameStringRWgivenName
HomeDirectoryStringRWhomeDirectory
HomedirRequiredBooleanRWuserAccountControl (bit mask 8)
HomeDriveStringRWhomeDrive
HomePageStringRWwWWHomePage
HomePhoneStringRWhomePhone
InitialsStringRWinitials
LastBadPasswordAttemptDateTimeRbadPasswordTime, converted to local time
LastKnownParentString (DN)RlastKnownParent
LastLogonDateDateTimeRlastLogonTimeStamp, converted to local time
LockedOutBooleanRWmsDS-User-Account-Control-Computed (bit mask 16)
LogonWorkstationsStringRWuserWorkstations
ManagerString (DN)RWmanager
MemberOfADCollectionRmemberOf
MNSLogonAccountBooleanRWuserAccountControl (bit mask 131072)
MobilePhoneStringRWmobile
ModifiedDateTimeRwhenChanged
NameStringRcn (Relative Distinguished Name)
ObjectCategoryStringRobjectCategory
ObjectClassStringRobjectClass, most specific value
ObjectGUIDGuidRobjectGUID converted to string
OfficeStringRWphysicalDeliveryOfficeName
OfficePhoneStringRWtelephoneNumber
OrganizationStringRWo
OtherNameStringRWmiddleName
PasswordExpiredBooleanRWmsDS-User-Account-Control-Computed (bit mask 8388608) (see Note 1)
PasswordLastSetDateTimeRWpwdLastSet, local time
PasswordNeverExpiresBooleanRWuserAccountControl (bit mask 65536)
PasswordNotRequiredBooleanRWuserAccountControl (bit mask 32)
POBoxStringRWpostOfficeBox
PostalCodeStringRWpostalCode
PrimaryGroupStringRGroup with primaryGroupToken
ProfilePathStringRWprofilePath
ProtectedFromAccidentalDeletionBooleanRWnTSecurityDescriptor
SamAccountNameStringRWsAMAccountName
ScriptPathStringRWscriptPath
ServicePrincipalNamesADCollectionRWservicePrincipalName
SIDSidRobjectSID converted to string
SIDHistoryADCollectionRsIDHistory
SmartcardLogonRequiredBooleanRWuserAccountControl (bit mask 262144)
StateStringRWst
StreetAddressStringRWstreetAddress
SurnameStringRWsn
TitleStringRWtitle
TrustedForDelegationBooleanRWuserAccountControl (bit mask 524288)
TrustedToAuthForDelegationBooleanRWuserAccountControl (bit mask 16777216)
UseDESKeyOnlyBooleanRWuserAccountControl (bit mask 2097152)
UserPrincipalNameStringRWuserPrincipalName

Regards
The Author – Blogabout.Cloud

QuickTips: Install-CsDatabase failed

QuickTips: Install-CsDatabase failed

Deploying Skype for Business and ran into the following error? Well here’s a quick tip to resolve the error.

Error(s)

Install-CsDatabase failed.

System.Management.Automation.CmdletInvocationException: Command execution failed: Requested registry access is not allowed.

Resolution(s)

Remove-CsConfigurationStoreLocation to ensure no corrupt legacy information

Run Skype for Business Topology Builder as Administrator

Once this command has been executed, you will be able to successfully publish the Skype for Business Topology.

Regards

The Author – Blogabout.Cloud