Solved

Need a Powershell Script to Export Exchange 2007 Mailbox

Posted on 2009-04-06
6
1,963 Views
Last Modified: 2012-06-27
I am needing a Powershell script that can export a users mailbox to a pst file.  The reason for the script is I want to try and run a vbscript that does some other funcitons and then call this powershell script to run this task.
0
Comment
Question by:seaninman
6 Comments
 
LVL 9

Expert Comment

by:Sander Stad
ID: 24084507
0
 
LVL 4

Author Comment

by:seaninman
ID: 24086828
This helps a little, but I am still stuck on how I can use the user name already entered in at the begining of my vbscript, so that when the PowerShell script is called i can pass that username to it for the mailbox export.
0
 
LVL 9

Expert Comment

by:Sander Stad
ID: 24094309
Could you please post the code of your vbscript
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 4

Author Comment

by:seaninman
ID: 24139707
It is at the very end of this script.
Const ForAppending = 8
Const ADS_SCOPE_SUBTREE = 2
Const ADS_UF_ACCOUNTDISABLE = &H02
Const ADS_GROUP_TYPE_GLOBAL_GROUP = &h2
Const ADS_GROUP_TYPE_LOCAL_GROUP = &h4
Const ADS_GROUP_TYPE_UNIVERSAL_GROUP = &h8
Const ADS_GROUP_TYPE_SECURITY_ENABLED = &h80000000
 
 
strLogFile = "manage-rougue-users-log.csv"
strSuspectAccountOU = "OU=Suspect Account"
 
strQueryName = InputBox("Enter the user name.","Manage Suspect Accounts","username")
if strQueryName = "" then
    wscript.quit
end if
 
Set objFSO = CreateObject("Scripting.FileSystemObject")
If NOT objFSO.FileExists(strLogFile) Then
    Set objFile = objFSO.OpenTextFile(strLogFile, 8, True, 0)
    objFile.WriteLine("""DATE"",""USER"",""LAST LOGIN"",""GROUP MEMBERSHIP""")
else
    Set objFile = objFSO.OpenTextFile (strLogFile, ForAppending, True)
End If
 
Set objRootDSE = GetObject("LDAP://RootDSE")
strDomain = objRootDSE.Get("DefaultNamingContext")
 
Set objConnection = CreateObject("ADODB.Connection")
Set objCommand =   CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
Set objCommand.ActiveConnection = objConnection
 
objCommand.Properties("Page Size") = 1000
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE 
 
objCommand.CommandText = "SELECT distinguishedName FROM 'LDAP://" & strDomain & "' WHERE objectCategory='user' AND sAMAccountName='" & strQueryName & "'"
Set objRecordSet = objCommand.Execute
 
objRecordSet.MoveFirst
Do Until objRecordSet.EOF
    strUser = objRecordSet.Fields("distinguishedName").Value
    strLastLogin = GetLastLogonTime(strUser)
    strGroupMembership = GetGroupMembership(strUser)
    DisableAccount(strUser)
    MoveToNewOU strUser,strSuspectAccountOU,strDomain
    ArchiveMailbox(strQueryName)
    objFile.WriteLine("""" & now() & """,""" & strUser & """,""" & strLastLogin & """,""" & strGroupMembership & """")
    objRecordSet.MoveNext
Loop
 
objFile.Close
 
Function GetLastLogonTime(DN)
    set objUser = GetObject("LDAP://" & DN)
    Set objLastLogon = objUser.Get("lastLogon")
    intLastLogonTime = objLastLogon.HighPart * (2^32) + objLastLogon.LowPart 
    intLastLogonTime = intLastLogonTime / (60 * 10000000)
    intLastLogonTime = intLastLogonTime / 1440
    GetLastLogonTime = intLastLogonTime + #1/1/1601#
End Function
 
Function GetGroupMembership(DN)
    Set objUser = GetObject("LDAP://" & DN) 
    objmemberOf = objUser.GetEx("memberOf")
    
    i = 0
    ReDim arrGroupName(UBound(objmemberOf))
    
    For Each objGroup in objmemberOf
        Set objGroup = GetObject("LDAP://" & objGroup)
        intGroupType = objGroup.GroupType
        If intGroupType AND ADS_GROUP_TYPE_SECURITY_ENABLED Then
            arrGroupName(i) = "[S] " & objGroup.sAMAccountName
	Else
	    arrGroupName(i) = "[D] " & objGroup.sAMAccountName
	End If
	i = i + 1
    Next
    For i = UBound(arrGroupName) - 1 To 0 Step -1
        For k= 0 to i
            If arrGroupName(k)>arrGroupName(k+1) then
                temp=arrGroupName(k+1)
                arrGroupName(k+1)=arrGroupName(k) 
                arrGroupName(k)=temp
            End if
        Next
    Next
    GetGroupMembership = join(arrGroupName,", ")
End Function
 
Sub DisableAccount(DN)
    set objUser = GetObject("LDAP://" & DN)
    intUAC = objUser.Get("userAccountControl")
    if  (intUAC AND ADS_UF_ACCOUNTDISABLE) = 0 Then
        objUser.put "userAccountControl",  intUAC XOR ADS_UF_ACCOUNTDISABLE
        objUser.setinfo
    end if
End Sub
 
Sub MoveToNewOU(DN,OU,DOMAIN)
    set objUser = GetObject("LDAP://" & DN)
    Set objNewOU = GetObject("LDAP://" & OU & "," & DOMAIN)
    objNewOU.MoveHere objUser.ADsPath, vbNullString
End SUb
 
Sub ArchiveMailbox(Username)
    'launch powershell and execute something like this...
    'Get-Mailbox "" & Username & "" | Export-Mailbox -PSTFolderPath "\\server\share\folder$($_.SAMAccountName)"
End Sub

Open in new window

0
 
LVL 70

Expert Comment

by:Chris Dent
ID: 24278652

Do you still need this?

You might benefit from saving the little piece you have at the bottom as a ps1 script file.

e.g.

# GetMailbox.ps1
Get-Mailbox $Args[0] | Export-Mailbox -PSTFolderPath "\\server\share\folder$($_.SAMAccountName)"

Then you can call it from your VbScript with:

Set objShell = CreateObject("WScript.Shell")
objShell.Run "PowerShell.exe -Command ""GetMailbox.ps1 " & UserName & """"

You would need to run this once within PowerShell to allow it to run scripts:

Set-ExecutionPolicy Unrestricted

Personally I would be very tempted to rewrite the entire script in PowerShell. I can see it being rather short :)

Chris
0
 
LVL 12

Accepted Solution

by:
GusGallows earned 500 total points
ID: 24327937
For the sake of argument, let's say the user's identity is joeblow and you want to save the pst to c:\PSTFiles\ and that your global catalog server is dc2.domain.com:


$mb = get-mailbox 'joeblow'
$PSTLocation = 'c:\PSTFiles\'
$gc = 'dc2.domain.com'
export-Mailbox -Identity $mb -PSTFolderPath $PSTLocation -GlobalCatalog $gc -BadItemLimit 1000 -confirm:$false

Open in new window

0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Are you one of those front-line IT Service Desk staff fielding calls, replying to emails, all-the-while working to resolve end-user technological nightmares? I am! That's why I have put together this brief overview of tools and techniques I use in o…
This article will help you understand what HashTables are and how to use them in PowerShell.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question