Exchange Dashboard Organization – “Email Report” PowerShell Script

Get-CorpEmailReport.ps1 V2.4.8  is an Email Organization Report and a great tool for IT Professionals who are working with Microsoft Exchange systems.

This report will get organization wide information about your Email infrastructure, from Exchange servers O.S info, service health, up time details, beside Exchange and database highly aggregated information.

Not only will you get a nice Dashboard describing your Exchange, you will get aggregated information about how much resources your email infrastructure is consuming in terms of server count, mailboxes and total storage.

Script Charts

What makes this script unique and outstanding, is the chart module. Nothing more exciting than parsing the output data in sorted nice looking charts.

Four charts will be generated after running the script. Each chart is designed carefully to get the information that matters most to IT Professional.

Chart Module uses a smart algorithm that will get information from your Exchange organization, digest it, and then decide what is the best way to output the chart depending on the number of data items. In this way, you will not get small crowded charts with hard to read data, instead, the graph dimensions will be scaled dynamically according to the number of items to draw.

DB vs Backup Since

DB vs Size

MBX vs DBs Mounted

MBX vs Mailboxes

DB Activation Preference Table [New]

Have you used the product team Exchange calculator where you input your data and a nice formatted table get generated for all your databases, and their copy distribution along with the activation preference?

The script is intelligent enough to collect your DAG information, database copy locations, their activation preference, and then generate a similar live dashboard with a colored cell indicating a red alarm if a database is mounted on a non-preferred mailbox server.

DB Activation

Aggregated Data

The script will also present a nicely formatted tables with aggregated information like the mailboxes per type, Exchange servers per role and version, and also mailbox and archives count, sizes and average size.

HTML Table

Scope your script with three Filters [New]

The script ships with a new module to handle filtering and scoping your script. Sometimes, you want to get a report for certain DAGs only, so you can use the DAG filter.

Maybe you want to just get information from certain Exchange servers, so you can use the Server List filter and just write a comma separated list of servers.

Finally, you can use the Expression filter, where you can use the wildcard character (*) to write something like “NL*” to get information from server names started with NL.

Filter

Detailed information for Servers and Databases

 Of course the script will not be perfect if a detailed information is not presented. The script will start creating HTML tables for all your Exchange servers with all detailed information, including version, OS Info, Roll Up Updates version, Service health, Up Time information and more.

Also, for each database, you will get a detailed information about the database and all its properties with smart thresholds that you can customize.

CorpEmailReportSnapshot

Easy Script Code Browsing

The script code is divided to 7 modules to make it easy for you to dig deeply into the script code and reach the functionality you are looking for. The script also uses (Regions), so if you are using new PowerShell script editor, you will be able to expand each script region separately for better script browsing

CorpEmailReportSnapshot2

 

Download the Full Documentation

Download the script Documentation here:

Email Organization Report v2.4.8 Description

Download the Script here

Download the script from here : Get-CorpEmailReport_V2.4.8

Examples to run the script

.EXAMPLE
Generate the HTML report and supplying the current directry as a script path to create output files
.\Get-CorpEmailReport.ps1 -ScriptFilesPath .\

.EXAMPLE
Generate the HTML report and supplying the custom directory as a script path to create output files
.\Get-CorpEmailReport.ps1 -ScriptFilesPath C:\MyFiles

.EXAMPLE
Generate the HTML report and Filter by servers that start with “NL”
.\Get-CorpEmailReport.ps1 -ScriptFilesPath .\   -ServerFilter “NL*”

.EXAMPLE
Generate the HTML report and Filter by including only Ex1 and Ex2 servers
.\Get-CorpEmailReport.ps1 -ScriptFilesPath  .\  -OnlyIncludedServers  Ex1,Ex2

.EXAMPLE
Generate the HTML report and Filter by including only Servers that are member of a DAG called “DAG1”
.\Get-CorpEmailReport.ps1 -ScriptFilesPath .\  -InputDAGs  DAG1

.EXAMPLE
Generate the HTML report and use PowerShell Remoting for WMI data collection
\Get-CorpEmailReport.ps1 -ScriptFilesPath .\  -WMIRemoting

.EXAMPLE
Generate the HTML report with SMTP Email option
\Get-CorpEmailReport.ps1 -ScriptFilesPath .\  -SendMail:$true -MailFrom noreply@contoso.com -MailTo me@contoso.com -MailServer smtp.contoso.com

.EXAMPLE
Generate the HTML report with disabling ViewEntireForest option
\Get-CorpEmailReport.ps1 -ScriptFilesPath .\  -ViewEntireForest:$false

How to schedule it?

If you want this script to be run as a schedule task, check my post here showing step by step walk through.

Recommendations

Here some recommendations:

– to learn more about how to schedule the script using task manager, check this post.

– Start running the script with -OnlyIncludedServers switch at first, so you can scope the script to one Exchange Server at first (.\Get-CorpEmailReport.ps1 -ScriptFilesPath  .\  -OnlyIncludedServers  Ex1 )

– Run the script from Exchange Management Console and from an Exchange Server.

– Best condition to run the script is from PowerShell 3.0 and above. Click here for a nice blog post about this.

– If you have an Exchange Edge Servers and want to the script to access it, see this link.

– If you want to use the SendEmail feature and your SMTP server requires authentication, then locate line 2110:

 $smtp = new-object Net.Mail.SmtpClient($smtphost)

and add the following lines below it:

$user = “contoso\username”
$passw = “mypassword”
$smtp.Credentials = New-Object System.Net.NetworkCredential($user,$passw);
$smtp.EnableSsl = $false

Copy Rights

The script is based on Steve Goodman, a Microsoft MVP at the time of writing this document. Steve Script: “Generate Exchange Environment Reports using PowerShell” Version 1.5.8, 2nd Feb 2014, is used heavily as a foundation to build this script.

Steve worked hardly in writing an outstanding script to collect information from all versions of Exchange servers, and get a nicely formatted output. This script extends Steve’s script functionality by adding a lot of functionalities like: new on screen progress, charts, HTML DB Activation output, PowerShell Remoting module, Log files tracking, more aggregated data, new table for Mailbox type, new table for Recovery Databases, threshold options, two new Filter functionality (by DAG names, and by Server names), new module for error handling and logging, more data collected for Exchange and Databases.

A separate communication with Steve has been done to ensure copy rights before releasing this extended script. I encourage you to visit his blog and browse his script: http://www.stevieg.org/2011/06/exchange-environment-report/ 

Similar Scripts

Run remote PowerShell scripts and get WMI data from standalone machines (LocalAccountTokenFilterPolicy)

Introduction

Hi everyone,

Well, i have to admit that the information in this post is so important to me as i always wanted to get data from standalone deployments. I hope that you will find it useful to you also.

Nowadays, with all security concerns and attacks, many application architectures contain standalone not domain joined roles. Take Microsoft Lync for example, they have a separate Edge role to handle media from external clients and for security reasons, this role is meant to be a standalone deployment and never joined to the internal domain.

Exchange Architecture also contains an Edge role acting as SMTP gateway and for security concerns this is a standalone role that is not joined to the internal corporate domain.

Problem

As a PowerShell guy, i always write scripts to collect data, report data, or even send SMTP alerts in case of failures. I usually have a dedicated VM that is acting as a script server that runs all my scripts. I always find it challenging to collect remote WMI data from those standalone not domain joined machines.

The challenge is : How a script running on my script server that is member of contoso domain, and running under contoso\user1 credentials, will be able to connect to that remote standalone server and get WMI data for example.

RemoteScriptStandAlone1

Solution

  • Go to the standalone computer, create a local user called User1 with the same password as Contoso\User1 (which is the account im using to run scripts on the domain joined script server) , and i will add it to the local administrators group on the standalone server.

Now, i have domain user called contoso\User1 running my script on the script server with Password = 123 for example, and i have similar but local user on the standalone server called User1 with same Password=123 , and member of the local administrators group of the standalone server.

  • On the standalone server, i have to enable something called (LocalAccountTokenFilterPolicy) to do the trick. This is saying that, if i receive a connection with a user name and password that matches a local user account on my local credential store, i will consider it valid transaction, and even if the matching local account is administrator, i will elevate the remote connection to a token with admin rights.

Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
Value: LocalAccountTokenFilterPolicy
Data: 1 (to disable, 0 enables filtering)
Type: REG_DWORD (32-bit)

RemoteScriptStandAlone2

Final thoughts

Enabling this registry key is somehow a balance between scrutiny and usability. Make sure you understand what you are giving by disabling this filter.

Read more about this registry key here http://support.microsoft.com/kb/942817

 

New Exchange Organization Report (version 2) is coming soon

The new version is available now here :

https://ammarhasayen.com/2014/05/01/exchange-dashboard-organization-script-report/

 

I got a lot of requests to have version 2 for more customization and cross version support.

I am glad to tell you that i am working on version 2 of the report with initially the below features in mind:

  • Support of all versions of Exchange, including Exchange 2013
  • Support for enhanced filtering. Three filters will be available :
    • Filter by DAG Name : you can enter list of DAGs to include on the report
    • Filter by Server -Like switch : for example Server -like “*NYC*
    • Filter called OnlyTheseServers : so you can do something like -OnlyTheseServers srv1,srv2,srv3
  • Enhanced error handling : There is huge effort to handle many of situation where error popup because of connectivity issues or unexpected nulls
  • Option to enable remote PowerShell connectivity for pulling WMI data in case you have enabled PowerShell remoting on your servers to use HTTP, instead of RPC
  • New Report to show DAG layout across mailbox servers and their activation preference.
  • Big efforts on charts. Now charts will scale automatically depending on the number of items in the input data.
  • Verbose mode to enable enhance troubleshooting
  • More friendly try catch blocks to show friendly warning messages and location of errors if any.

Those are initially the new features in mind. I hope you all will like it.

I hope i can finish coding it  before I fly to TechEd North America 11th May 2014.

Chart Bars232

Exchange Database Health Get-DBCopyHealth

This post is updated to include information about the new version of the script (Version 3) published in April 2015 and includes a filter option to filter by DAG.

Hi everyone,

I got couple of requests to enhance and add new features on my script that reports if any Exchange DB is dismounted or placed on not optimal server according to the activation preference. See my previous post http://wp.me/p1eUZH-a8

Script Features

This script will collect all your Exchange databases and will report two things:

  • If any database is mounted > Email notification will be sent
  • If any database got switched over to another server > Email notification will be sent to report that the DB is not mounted on the server with activation preference =1 (not the optimal location)

The idea behind the script is to schedule it to run every hour or so, and you will get email notification only if something bad happens.

I explained more in a previous post more about this script and functionalists, but now i have created a new version (Version 2 ) with new features:

  1. Exchange 2013 support
  2. Reporting the current mounting server location in addition to where the DB should be mounted
  3. Switch Option to disable checking for mounting status if needed
  4. Verbose logging
  5. Performance enhancement
  6. Option to run the script without Email notification option
  7. Now you can filter databases with the InputDAG option, so you can provide a list of DAG names.

DBCopyHealth_!321222222222

.EXAMPLE
Run the script from PowerSehll without SMTP email notification
.\Get-DBCopyHealth.ps1 -HTMLReport myfile.html

.EXAMPLE
Run the script from PowerShell and filter for databases on DAG1 and DAG2
.\Get-DBCopyHealth.ps1 -HTMLReport myfile.html -InputDAGs DAG1,DAG2

.EXAMPLE
Run the script from PowerShell with verbose logging and without SMTP email notification
.\Get-DBCopyHealth.ps1 -HTMLReport myfile.html -verbose

.EXAMPLE
Run the script from PowerSehll without SMTP email notification. We do not want to check mounting status, only optimal DB placement
.\Get-DBCopyHealth.ps1 -HTMLReport myfile.html -DontCheckMountStatus

.EXAMPLE
Run the script with Email report option
.\Get-DBCopyHealth.ps1 -HTMLReport myfile.html -SendMail $true -MailFrom noreply@contoso.com -MailServer smtp.contoso.com -MailTo admin@contoso.com

 

DBCopyHealth_!3212

 

Download Version 3 here

Click here to get the Get-DBCopyHealth version 3:  Get-DBCopyHealth

 

Get-MailingGroupsModeration

Email moderation is a great replacement for mail group restriction. Instead of maintaining access lists on your key mail groups, just enable moderation on them and distribute the responsibility for approving email flow.

When you deal with Dynamic groups, those with predefined cafeterias for manipulating membership,  it becomes interesting when those groups become so big. For example, you can create a dynamic group for all people who has a specific country code or office location. Those groups are very good candidate for moderation I believe.

Sometimes, when you deal with dynamic groups in Exchange , you  should moderate those groups specially if those groups represents all employees in specific country or office,etc.

The strange thing about Moderated dynamic groups is the fact that you cannot view the moderation info of a moderated group from the Exchange Admin console, you need to go to powershell to do that.

Also, many times, you want to give your IT teams, or business people, a documentation about moderation info in the organization. In my case, i have a script that generate an excel sheet with all moderated groups, along with the moderation info for each group and i publish them via email enabled SharePoint list.

Script Feature :

Generate CSV with option to email it, with info about all moderated groups and the following info :

  1. Name
  2. ModerationEnabled
  3. ModeratedBy
  4. BypassModerationFromSendersOrMembers
  5. SendModerationNotifications
  6. ManagedBy
  7. RequireSenderAuthenticationEnabled
  8. WindowsEmailAddress
  9. Type

Moderation

Download script

You can download the script from here:  Get-MailingGroupModeration

Given a list of users, get distribution groups they manage !

Hi, I got a request to generate a powershell script.  So, say you have a list of users that you need to know which mailing group they manage, and output the results in an CSV file.

This script will take two input variables :

  • InputFile : required parameter, which is the text file containing all usernames that you want to see which mailing groups they manage. Example: c:\users.txt
  • Outfile : required parameter, which is the csv file to generate. Example is c:\output.csv

So, say you have a text file named c:\users.txt that contains three lines ( Johns, JeorgeM, AliceO), then you can type the following :

Get-SpecificDGManagers -inputfile c:\users.txt -outfile c:\output.csv 

So the output.csv will contain a list of those three users along with all mailing groups they manage.

Download the script

You can download the script from here:  Get-SpecificDGManagers

Note: the list of users in c:\users.txt should be the samaccountnames and not the displaynames of the users 🙂 this is to ensure uniqueness.

Note: If no output is available ( the users are not managing any groups, then no csv will get generated). Run the script in verbose mode to see more info 🙂

Note: run it from Exchange Management PowerShell with user that has read access only.

Get Exchange Distribution Groups Manager

Hi again,

I got a request to list all distribution groups and their managers in a csv file. This way, you can quickly see which groups that do not have a manager 🙂

The script is simple, just run it from Exchange Management Shell, and supply the following parameters:

  1. File : required the csv file name and path to save the output csv
  2. OU : optional. used to narrow the scope of the script to a certain OU.

.Example
Get managers of all groups and export results to c:\files.csv”
PS C:\>Get-ExchangeDGManagers -file “c:\file.csv”

.Example
Get managers of all groups under the specified OU.
PS C:\>Get-ExchangeDGManagers -OU “ou=mailing groups, dc = contoso, dc=com” -file “c:\file.csv”

Download the script 

You can find the script here: Get-ExchangeDistributionGroupManagers

 

Get-ExchangeDGManager Snapshot