Solved

Need a Powershell Script to Export Exchange 2007 Mailbox

Posted on 2009-04-06
6
1,961 Views
Last Modified: 2012-06-27
I am needing a Powershell script that can export a users mailbox to a pst file.  The reason for the script is I want to try and run a vbscript that does some other funcitons and then call this powershell script to run this task.
0
Comment
Question by:seaninman
6 Comments
 
LVL 9

Expert Comment

by:Sander Stad
Comment Utility
0
 
LVL 4

Author Comment

by:seaninman
Comment Utility
This helps a little, but I am still stuck on how I can use the user name already entered in at the begining of my vbscript, so that when the PowerShell script is called i can pass that username to it for the mailbox export.
0
 
LVL 9

Expert Comment

by:Sander Stad
Comment Utility
Could you please post the code of your vbscript
0
What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

 
LVL 4

Author Comment

by:seaninman
Comment Utility
It is at the very end of this script.
Const ForAppending = 8

Const ADS_SCOPE_SUBTREE = 2

Const ADS_UF_ACCOUNTDISABLE = &H02

Const ADS_GROUP_TYPE_GLOBAL_GROUP = &h2

Const ADS_GROUP_TYPE_LOCAL_GROUP = &h4

Const ADS_GROUP_TYPE_UNIVERSAL_GROUP = &h8

Const ADS_GROUP_TYPE_SECURITY_ENABLED = &h80000000

 

 

strLogFile = "manage-rougue-users-log.csv"

strSuspectAccountOU = "OU=Suspect Account"

 

strQueryName = InputBox("Enter the user name.","Manage Suspect Accounts","username")

if strQueryName = "" then

    wscript.quit

end if

 

Set objFSO = CreateObject("Scripting.FileSystemObject")

If NOT objFSO.FileExists(strLogFile) Then

    Set objFile = objFSO.OpenTextFile(strLogFile, 8, True, 0)

    objFile.WriteLine("""DATE"",""USER"",""LAST LOGIN"",""GROUP MEMBERSHIP""")

else

    Set objFile = objFSO.OpenTextFile (strLogFile, ForAppending, True)

End If

 

Set objRootDSE = GetObject("LDAP://RootDSE")

strDomain = objRootDSE.Get("DefaultNamingContext")

 

Set objConnection = CreateObject("ADODB.Connection")

Set objCommand =   CreateObject("ADODB.Command")

objConnection.Provider = "ADsDSOObject"

objConnection.Open "Active Directory Provider"

Set objCommand.ActiveConnection = objConnection

 

objCommand.Properties("Page Size") = 1000

objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE 

 

objCommand.CommandText = "SELECT distinguishedName FROM 'LDAP://" & strDomain & "' WHERE objectCategory='user' AND sAMAccountName='" & strQueryName & "'"

Set objRecordSet = objCommand.Execute

 

objRecordSet.MoveFirst

Do Until objRecordSet.EOF

    strUser = objRecordSet.Fields("distinguishedName").Value

    strLastLogin = GetLastLogonTime(strUser)

    strGroupMembership = GetGroupMembership(strUser)

    DisableAccount(strUser)

    MoveToNewOU strUser,strSuspectAccountOU,strDomain

    ArchiveMailbox(strQueryName)

    objFile.WriteLine("""" & now() & """,""" & strUser & """,""" & strLastLogin & """,""" & strGroupMembership & """")

    objRecordSet.MoveNext

Loop

 

objFile.Close

 

Function GetLastLogonTime(DN)

    set objUser = GetObject("LDAP://" & DN)

    Set objLastLogon = objUser.Get("lastLogon")

    intLastLogonTime = objLastLogon.HighPart * (2^32) + objLastLogon.LowPart 

    intLastLogonTime = intLastLogonTime / (60 * 10000000)

    intLastLogonTime = intLastLogonTime / 1440

    GetLastLogonTime = intLastLogonTime + #1/1/1601#

End Function

 

Function GetGroupMembership(DN)

    Set objUser = GetObject("LDAP://" & DN) 

    objmemberOf = objUser.GetEx("memberOf")

    

    i = 0

    ReDim arrGroupName(UBound(objmemberOf))

    

    For Each objGroup in objmemberOf

        Set objGroup = GetObject("LDAP://" & objGroup)

        intGroupType = objGroup.GroupType

        If intGroupType AND ADS_GROUP_TYPE_SECURITY_ENABLED Then

            arrGroupName(i) = "[S] " & objGroup.sAMAccountName

	Else

	    arrGroupName(i) = "[D] " & objGroup.sAMAccountName

	End If

	i = i + 1

    Next

    For i = UBound(arrGroupName) - 1 To 0 Step -1

        For k= 0 to i

            If arrGroupName(k)>arrGroupName(k+1) then

                temp=arrGroupName(k+1)

                arrGroupName(k+1)=arrGroupName(k) 

                arrGroupName(k)=temp

            End if

        Next

    Next

    GetGroupMembership = join(arrGroupName,", ")

End Function

 

Sub DisableAccount(DN)

    set objUser = GetObject("LDAP://" & DN)

    intUAC = objUser.Get("userAccountControl")

    if  (intUAC AND ADS_UF_ACCOUNTDISABLE) = 0 Then

        objUser.put "userAccountControl",  intUAC XOR ADS_UF_ACCOUNTDISABLE

        objUser.setinfo

    end if

End Sub

 

Sub MoveToNewOU(DN,OU,DOMAIN)

    set objUser = GetObject("LDAP://" & DN)

    Set objNewOU = GetObject("LDAP://" & OU & "," & DOMAIN)

    objNewOU.MoveHere objUser.ADsPath, vbNullString

End SUb

 

Sub ArchiveMailbox(Username)

    'launch powershell and execute something like this...

    'Get-Mailbox "" & Username & "" | Export-Mailbox -PSTFolderPath "\\server\share\folder$($_.SAMAccountName)"

End Sub

Open in new window

0
 
LVL 70

Expert Comment

by:Chris Dent
Comment Utility

Do you still need this?

You might benefit from saving the little piece you have at the bottom as a ps1 script file.

e.g.

# GetMailbox.ps1
Get-Mailbox $Args[0] | Export-Mailbox -PSTFolderPath "\\server\share\folder$($_.SAMAccountName)"

Then you can call it from your VbScript with:

Set objShell = CreateObject("WScript.Shell")
objShell.Run "PowerShell.exe -Command ""GetMailbox.ps1 " & UserName & """"

You would need to run this once within PowerShell to allow it to run scripts:

Set-ExecutionPolicy Unrestricted

Personally I would be very tempted to rewrite the entire script in PowerShell. I can see it being rather short :)

Chris
0
 
LVL 12

Accepted Solution

by:
GusGallows earned 500 total points
Comment Utility
For the sake of argument, let's say the user's identity is joeblow and you want to save the pst to c:\PSTFiles\ and that your global catalog server is dc2.domain.com:


$mb = get-mailbox 'joeblow'

$PSTLocation = 'c:\PSTFiles\'

$gc = 'dc2.domain.com'

export-Mailbox -Identity $mb -PSTFolderPath $PSTLocation -GlobalCatalog $gc -BadItemLimit 1000 -confirm:$false

Open in new window

0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

Active Directory replication delay is the cause to many problems.  Here is a super easy script to force Active Directory replication to all sites with by using an elevated PowerShell command prompt, and a tool to verify your changes.
Set OWA language and time zone in Exchange for individuals, all users or per database.
This video discusses moving either the default database or any database to a new volume.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now