Tuesday, 5 June 2012

Reporting on Apple IOS ActiveSync Devices, v2

For a while I've known that my original Reporting on Apple IOS ActiveSync Devices script needed optimising as it takes hours to parse over large IIS logs.

After spending some time looking at ways to improve it, I came across Log Parser 2.2, which is exactly the right tool for this job as it enables parsing all kinds of log files, including IIS logs, very, very quickly.

I've re-written the script to take advntage of Log Parser. This new code will analyze log files in just a few seconds, and provide the same output as the old script.

Obviously you will need to have Log Parser 2.2 installed for this script to work.

Monday, 28 May 2012

Listing Lync Server IP Addresses

Today I had to compile a list of Lync mediation server IP addresses so that we could create firewall rules to allow traffic from the Lync 2010 edge servers and reverse proxies to the internal servers. I found that there was no easy way to do this using the existing admin tools, and it would have been a slow and repetitive manual lookup of each service and hostname.

To create a repeatable way I could get the IP addresses of these servers I came up with this PowerShell one-liner:

Get-CsPool | ? {$_.Services -like "MediationServer*"} | Select Computers -ExpandProperty Computers | % {$Hostname = $_; $IPAddress = [System.Net.Dns]::GetHostAddresses($Hostname) | ? {$_.AddressFamily -eq "InterNetwork"}; Write-Host $IPAddress,$Hostname}

This command will get all the Lync 2010 Mediation Servers in the topology, expand the computer names from each pool, use a .Net call to get the IPv4 IP address, then output a list of IP addresses and hostnames.

For readbility, the same command can be written across several lines as this:

Get-CsPool | ? {$_.Services -like "MediationServer*"} `
| Select Computers -ExpandProperty Computers `
| % {$Hostname = $_; $IPAddress = [System.Net.Dns]::GetHostAddresses($Hostname) `
| ? {$_.AddressFamily -eq "InterNetwork"}; Write-Host $IPAddress,$Hostname}

The command could easily be changed to list IP addresses for other roles (such as Web or Edge) by changing "MediationServer*" to something else (such as "Web*" or "Edge*")

- Ben

Wednesday, 2 May 2012

Automating Backups of Lync 2010 Configuration

As we planned for Lync DR it became clear that I needed a way to create backups of our Lync server and user configuration and so that we could restore service in an alternate site in the event of a disaster.

Lync provides Lync PowerShell cmdlets in the Lync Management Shell for backing up some data (the CMS and LIS databases), there is a resource kit tool for backing up Response Groups, and the DbImpExp.exe tool for backing up user data in the event you need to re-home users to another pool and their primary registrar is unavailable. The DbImpExp tool is limited in that for a Lync Server 2010, Standard Edition server you must run it locally because the SQL instance is configured to only accept local connections.

To bring these tools together, and to centralise the process for taking Lync config backups, I created this script. It requires the Lync 2010 resource kit and the Lync admin tools installed where it is run. It will enumerate the topology and back up RGS data for all app pools and user data for all registrars. You'll need to make sure that WinRM is configured to accept remote connections on Lync Standard Edition servers so that the DbImpExp command can be invoked remotely.

Thursday, 1 March 2012

Using PowerShell to find a local Domain Controller

I have a few scripts which perform a bunch of actions in series, and in order for the script to succeed it's important that all the actions are performed against the same Active Directory domain controller.

To ensure that this would happen I wrote a small function which finds all the DCs in the local site, tests to make sure each one is accessible, and then selects one of the available ones at random and returns the FQDN.

Friday, 3 February 2012

Auditing Exchange UM Mailbox Recordings

I've been working on a project to implement Exchange unified messaging as part of a Lync Server 2010 deployment, replacing a Nortel PBX. Our corporate policy requires that staff record a mailbox greeting for their voicemail and their name in the corporate directory, and with the Nortel system we were able to report on both (albeit manually).

When I was asked if we could perform a similar audit of the Exchange UM mailboxes I struggled to find out if this was possible. It turns out that the undocumented Exchange Management Shell cmdlet Get-UMMailboxConfiguration can report on mailbox greetings, including which greeting is in use. I also discovered that when an Exchange UM user records their name it is stored in Active Directory in the msExchUMSpokenName attribute of the user object.

So, I created this script to gather information about the greetings and name recording and report on it. The script creates a CSV file which can be used to identify users who need to record their greetings, or could easily be modified to e-mail reminders directly to the users.

Friday, 13 January 2012

Auditing Outlook Folder Permissions

After it came to light that some users had set permissions on folders in their Outlook mailbox which were allowing others too much access, I had to create a report of who was sharing certain folders with other users, and who had changed the default permissions.

In Exchange 2010 this is fairly easy, thanks to the Get-MailboxFolderPermission cmdlet.

The trick however, is to find get the right folder to pass into the -Identity parameter. In a multi-national organisation, where local-language versions of Outlook are used, folders may have non-English names. Fortunately the Get-MailboxFolderStatistics cmdlet can be used to identify the correct folder name.

Below is the script I wrote to generate a report of all the rules on the calendar folder, for all regular mailboxes in the Exchange Organisation.