Microsoft Exchange Administration Tips

Ever found yourself in a situation where all your staff have an unlimited quota for their Exchange mailboxes? Or you wanted to find out who your biggest culprits for large mailboxes were?

I ran into a situation yesterday where a manager requested that a quota be applied to all mailboxes but providing exclusions to the higher ups 🙂 now when you’re talking about a small site with 10 users it doesn’t sound too bad but as soon as your mailbox database starts dealing with hundreds or thousands of users, things don’t seem quite as easy. Fear not! Powershell is here to save us all!

Here are a few simple commands that may help you:

View all mailbox quotas
get-mailbox -filter { usedatabasequotadefaults -eq $false -AND recipientTypeDetails -eq ‘usermailbox’  }

Retrieve mailbox sizes
Get-MailboxStatistics -Database “Mailbox Database Name” | Select DisplayName, ItemCount, TotalItemSize | Sort-Object TotalItemSize -Descending | Export-CSV C:\MailboxSizes.csv

Set all mailboxes to use database defaults
get-mailbox -filter { usedatabasequotadefaults -eq $false -AND recipientTypeDetails -eq ‘usermailbox’  } | set-mailbox -UseDatabaseQuotaDefaults $true

Excluding special users

  1. Open Exchange Management Console
  2. Go to Microsoft Exchange On-Premises > Recipient Configuration > Mailbox.
  3. Locate the mailbox you want to provide an exception for. Right click and select properties.
  4. Click on Mailbox Settings > Storage Quota > Properties
  5. Untick “Use mailbox database defaults”
  6. Tick the options required and set the values for warning, prohibit send etc.

Now that you’ve set an awesome default mailbox size limit, want some customised warning messages? You know it!

Customize Quota Messages

Warning 
New-SystemMessage -QuotaMessageType WarningMailbox -Language EN -Text “Your mailbox is now within xMB of the allowable size limit. Please clean out emails to reduce your mailbox size. Move items to public folders or delete any items you don’t need from your mailbox and empty your Deleted Items folder.”

Prohibit Send
New-SystemMessage -QuotaMessageType ProhibitSendMailbox -Language EN -Text “Your mailbox can no longer send messages as the size limit has been reached. Please reduce your mailbox size. Move items to public folders or delete any items you don’t need from your mailbox and empty your Deleted Items folder.”

Prohibit Send and Receive (Ouch!)
New-SystemMessage -QuotaMessageType ProhibitSendReceiveMailbox -Language EN -Text “Your mailbox can no longer send or receive messages as the size limit has been reached. Please reduce your mailbox size. Move items to public folders or delete any items you don’t need from your mailbox and empty your Deleted Items folder.”

 

Enabling Active Directory Recycling Bin – Windows Server 2012

Ever have to do an authoritative restore? Tombstone Reanimation? Feeling chills down your spine?  Me too… Server 2012 says no to this! And I agree wholeheartedly. So how do we do it? Pre-requisites:

  •  The domain functional level of the forest needs to be at least Windows Server 2008 R2

How to set it up:

Powershell

  • Type the following command: Enable-ADOptionalFeature “Recycle Bin Feature’ -scope ForestOrConfigurationSet -target –domainname -server domaincontroller

GUI

  • Open Active Directory Administrative Center from the Tools menu in Server Manager
  • Right click your domain in the navigation tree and select “Enable Recycle Bin”

 

Notes:

  • Enabling the AD recycling bin is irreversible so once you do it you can’t undo it.
  • To confirm the recycling bin has been enabled, a Deleted Objects container will appear at the root of the Domain Controller.

Easy as pie 🙂

Do you really need a strong password?

HELL YES! Anyone that does not use strong passwords are pretty much leaving their keys outside their front door with a sign saying “no trespassers”.

To give you a real life scenario that I’ve encountered, I managed the IT infrastructure for a new customer. One employee decided to use a super, awesome password (password1) and his account was compromised. His user account was used to send thousands of spam emails originating from the organisation’s mail server. The organisation’s mail server was blacklisted and other companies (customers) would no longer accept email from this organisation. They were not able to invoice orders and lost tens of thousands of dollars worth of revenue because one users password was easily compromised.

Why do you need to use a strong password?

  • People post so much information about themselves online that interests, friends, parents, birthplace, email addresses are easily attainable if you search hard enough.
  • There are machines capable of cycling through 6.2 billion password combinations every second.
  • If you use the same password for multiple accounts, don’t! It might be easier to remember but if it’s compromised, consider these other accounts gone.

I can’t enforce this enough: always use strong passwords. Strong passwords should be comprised of a combination of numbers, letters (upper and lower case), symbols etc. You can get creative and use some common words but substitute letters for numbers or symbols. Here are examples of strong and weak passwords:

  • Strong: Th!5IS@$t0ngPW,S0!$thisOne%
  • Weak: password, password123, 123456, hello

Where possible, try use a random password generator such as this, this, or this.

Protect your information 🙂

 

Installing Applications on a Terminal Server

Because of the Sophos issues that many of my clients experienced, many endpoints required a re-installation, particularly on Terminal Servers. This is a quick and easy reminder of best practices for installing applications on a terminal server.

  1. Log on to the server as a domain administrator
  2. Open up command prompt and type the following command
    change user /install
  3. Your session will now be ready to install applications that will work across all user profiles.
  4. Install the application required e.g. Microsoft Office
  5. Once you have finished the install open up command prompt again and type in
    change user /execute


Testing SMTP using Telnet

As an IT admin, you might find yourself in a situation where you need to test sending emails without an email client such as Microsoft Outlook. When that time comes, a great way to test SMTP connectivity is leveraging TELNET.

Here are a few easy steps to test mail flow:

  1. Make sure you know what SMTP server you are trying to connect to e.g. smtp.example.net.au or if it’s an internal mail server you can use the FQDN or IP address e.g. MAILSERVER.local or 192.168.1.1
  2. Make sure you have telnet installed on your client machine, you can do this via the following technet article
  3. Open up command prompt on your machine, click on start > run and type in cmd.
  4. In the command prompt window, type: telnet servername/IP 25 and press enter.
    Note: telnet initiates a telnet connection, the server name is the mail server you are attempting to send mail from and 25 is the default SMTP port.
  5. Now type in the following to test mail flow:
    Note: after each step press enter
  • HELO mail server domain name e.g. HELO example.com
  • MAIL FROM:user@domain.com e.g. MAIL FROM:user@example.com
  • RCPT TO:user@externaldomain.com e.g. RCPT TO:user@gmail.com
  • DATA
  • Type in some test data, this will be the body of the email e.g. Hello Sir 🙂
  • To stop typing in text in the body, you need to press Enter followed by a full stop . the press Enter again.
  • QUIT to exit the telnet session
If your email comes through then you’re a winner, if not don’t stress, there will most likely be other restrictions in place to prevent you from sending emails from SMTP servers. Please note that this is the first point of mail flow testing and further troubleshooting may be required.
This is also a good way of finding out if the host you are connecting to is actually a mail server! Unless of course SMTP is on another port or firewall rules are in place.

Creating a Windows Batch Script

A few solutions that I will post in the future will utilise Windows Batch scripts (.bat) files. Here is a quick tutorial on how to create a batch script in Windows:

  1. In Windows Explorer, click on Tools (press alt key if you can’t see it), then select Folder Options
  2. Click the View tab. Under Advanced settings, untick Hide extensions for known file types and click OK to save changes.
    Folder Options
  3. Open your favorite text editor e.g. notepad
  4. Type in the Windows commands that you want to include in your batch script e.g. net stop spooler
  5. Click on File, then select Save as
  6. Under Save as type, click the dropbox and select All Files
    Save as image
    Type in a relevant name and make sure you add a .bat at the end e.g. StopSpool.bat
  7. Save the file to your required location e.g. desktop. Browse to the saved location and TEST script to see if it works. You will notice that the .bat extension will be displayed.

Happy scripting 🙂

Cleanup Windows & Java Temporary Files using a Batch Script

Recently, there was a breakout of malware tricking people to install a fake “anti-virus” software, which in turn infected their machines. Mind you, the primary reason machines get infected in the first place is because people are browsing dodgy websites so BE CAREFUL or get PROTECTED!

The infected files are usually downloaded to a temporary internet files folder or java temporary folder and are executed/installed from there. It’s always good practice to clear out these temporary files to prevent malicious activity as well as save you some disk space. This batch script can be used as a scheduled task or deployed through your favourite monitoring tool to “cleanup” these temporary files.

This script should work on all Windows platforms so happy cleaning 🙂

Delete All Temporary Files

Note: copy and paste the below code into notepad and save as the text file as a .bat file. Change the “Save as type” to All Files and make sure you add a .bat to the end of the name e.g. Cleanup.bat. There is a tutorial post located here.

@echo off
::Written by Samontech
::Determine which version of Windows is installed
::Set Variable Version to unknown

SET Version=Unknown

VER | FINDSTR /IL “5.0” > NUL
IF %ERRORLEVEL% EQU 0 SET Version=”Windows 2000″

VER | FINDSTR /IL “5.1.” > NUL
IF %ERRORLEVEL% EQU 0 SET Version=”Windows XP”

VER | FINDSTR /IL “5.2.” > NUL
IF %ERRORLEVEL% EQU 0 SET Version=”Windows 2003″

VER | FINDSTR /IL “6.0.” > NUL
IF %ERRORLEVEL% EQU 0 SET Version=”Windows Vista”

VER | FINDSTR /IL “6.1.” > NUL
IF %ERRORLEVEL% EQU 0 SET Version=”Windows 7″

VER | FINDSTR /IL “6.2.” > NUL
IF %ERRORLEVEL% EQU 0 SET Version=”Windows 8″

VER | FINDSTR /IL “6.3.” > NUL
IF %ERRORLEVEL% EQU 0 SET Version=”Windows 8.1″

ECHO The version of Windows found is %VERSION%

IF %VERSION% == “Windows XP” GOTO XP
IF %VERSION% == “Windows 2000” GOTO XP
IF %VERSION% == “Windows 2003” GOTO XP
IF %VERSION% == “Windows Vista” GOTO WIN7
IF %VERSION% == “Windows 7” GOTO WIN7
IF %VERSION% == “Windows 8” GOTO WIN7
IF %VERSION% == “Windows 8.1” GOTO WIN7

::If no versions are found go to UNKNOWN
GOTO UNKNOWN

:WIN7
ECHO WIN7 script to execute
cd /D C:\users
ECHO Clean Temp Folder
for /D %%a in (*.*) do DEL /F /S /Q “%%a\AppData\Local\Temp\*.*”
for /D %%a in (*.*) do FOR /D %%b IN (“%%a\AppData\Local\Temp\*.*”) DO RMDIR /S /Q “%%b”
ECHO Clean IE Cache
for /D %%a in (*.*) do DEL /F /S /Q “%%a\AppData\Local\Microsoft\Windows\Temporary Internet Files\*.*”
for /D %%a in (*.*) do FOR /D %%b IN (“%%a\AppData\Local\Microsoft\Windows\Temporary Internet Files\*.*”) DO RMDIR /S /Q “%%b”
ECHO Clean JAVA Cache
for /D %%a in (*.*) do DEL /F /S /Q “%%a\AppData\LocalLow\Sun\Java\Deployment\cache\*.*”
for /D %%a in (*.*) do FOR /D %%b IN (“%%a\AppData\LocalLow\Sun\Java\Deployment\cache\*.*”) DO RMDIR /S /Q “%%b”

GOTO FINISH

:XP
ECHO XP script to execute
cd /D “C:\Documents and Settings”
ECHO Clean Temp Folder
for /D %%a in (*.*) do DEL /F /S /Q “%%a\Local Settings\Temp\*.*”
for /D %%a in (*.*) do FOR /D %%b IN (“%%a\Local Settings\Temp\*.*”) DO RMDIR /S /Q “%%b”
ECHO Clean IE Cache
for /D %%a in (*.*) do DEL /F /S /Q “%%a\Local Settings\Temporary Internet Files\*.*”
for /D %%a in (*.*) do FOR /D %%b IN (“%%a\Local Settings\Temporary Internet Files\*.*”) DO RMDIR /S /Q “%%b”
ECHO Clean JAVA Cache
for /D %%a in (*.*) do DEL /F /S /Q “%%a\Application Data\Sun\Java\Deployment\cache\*.*”
for /D %%a in (*.*) do FOR /D %%b IN (“%%a\Application Data\Sun\Java\Deployment\cache\*.*”) DO RMDIR /S /Q “%%b”

GOTO FINISH

:FINISH
ECHO Temporary files successfully deleted
GOTO END

:UNKNOWN
ECHO Operating System Unknown

:END

 

Edit: Added Windows 8 paramater 🙂 special thanks to wampbox for that!