• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1604
  • Last Modified:

How to change set-mailbox credentials

Hi folks,

So, I can do this:

$c = Get-Credential
Get-Mailbox -DomainController dc.test.com -Credential $c username

and it works nicely.  However I can't do the same thing for Set-Mailbox!  There's no -Credential parameter.  How do I specify alternate credentials using Set-Mailbox?  
0
lacheur42
Asked:
lacheur42
  • 7
  • 4
  • 3
1 Solution
 
grandebobCommented:
We had to use add-adpermission with -accessrights and -extendrights options.
0
 
lacheur42Author Commented:
I don't really understand what that does - can you give me some syntax?
0
 
grandebobCommented:
get-help add-adpermission would be a good place to start if you are planning on making scripts, which i think you are planning on. Below is a varient on a line in a script we use to give a user permissions to send as a different email address.

add-adpermission "user1@domain.com" -user "user2@domain.com -accessrights "GenericAll" -extendedrights "Send As"

Open in new window

0
Easily manage email signatures in Office 365

Managing email signatures in Office 365 can be a challenging task if you don't have the right tool. CodeTwo Email Signatures for Office 365 will help you implement a unified email signature look, no matter what email client is used by users. Test it for free!

 
lacheur42Author Commented:
I'm thinking that's not what I need exactly.

I'm on a machine that belongs to one domain (A) and trying to modify my email account on another domain (B) - for get-mailbox, setting the credentials to my domain account on (B) works.

I'd prefer to avoid permanently adding permissions to my domain account (A) to modify my domain account (B), which it seems like you're suggesting (not sure if that would even work...).
0
 
grandebobCommented:
Your original post didn't say anything about cross domains.

I think I see what you are getting at. Perhaps you can just open powershell using the credentials of the other domain by using the runas command?
0
 
lacheur42Author Commented:
Sorry - I thought it was going to be a simple answer.  

Yeah, I've tried doing that, but it keeps trying to grab the DC for the machine I'm on, even if I specify it:
Set-Mailbox -DomainController DC.B.com -SimpleDisplayName "First Last" flast

   Set-Mailbox : Active Directory server DC.A.com is not available. Error message: A local error occurred.

It's really irritating that the -credential parameter is missing, I don't get it!
0
 
lacheur42Author Commented:
Bumping the points.  Any other thoughts?
0
 
Chris DentPowerShell DeveloperCommented:

Hey :)

That does appear to be a bit of a pain. Have you considered approaching it with tools built for AD rather than those build for Exchange?

It would possibly be worth grabbing the Quest cmdlets for this:

http://www.quest.com/activeroles-server/arms.aspx

"Set-QADUser" does allow you to pass credentials via Connect-QADService. Usage combining Connect-QADService and Set-QADuser is in the examples towards the end of "Get-Help Set-QADUser -Full".

Then you could do something like this:

Set-QADUser "UniqueIdForUser" -ObjectAttributes @{displayNamePrintable='SomeValue'}

Chris
0
 
lacheur42Author Commented:
I have those installed, but I'm not clear on how I would use them to set mailbox-specific properties such as SimpleDisplayName.

Set-QADUser "UniqueIdForUser" -Credential $c -ObjectAttributes @{SimpleDisplayName='SomeValue'}

Doesn't throw an error, but it also doesn't change the value of SimpleDisplayName.
0
 
Chris DentPowerShell DeveloperCommented:

That's because what's called "Simple Display Name" in the GUI is called displayNamePrintable in the directory, hence it's inclusion in my example :)

Chris
0
 
lacheur42Author Commented:
Maybe I'm misunderstanding something, but it seems like you're saying the following should work.  It doesn't.

Thanks,
Erik
$c = Get-Credential
Set-QADUser "flast" -ObjectAttributes @{displayNamePrintable='First M Last'}
$mb = Get-Mailbox -DomainController chidc02.huronconsultinggroup.com -Credential $c flast
echo $mb.SimpleDisplayName

Open in new window

0
 
Chris DentPowerShell DeveloperCommented:

Error messages?

This is what I mean.

Chris
# First set the attribute after authenticating the connection
 
$pw = Read-Host "Please enter password" -AsSecureString
Connect-QADService -Server "chidc02.huronconsulting.com" `
  -ConnectionAccount "SomeDomain\SomeUser" -ConnectionPassword $pw
Set-QADUser "SomeDomain\flast" -ObjectAttributes @{displayNamePrintable='First M Last'}
Disconnect-QADService
 
# Then read it back again
 
$c = Get-Credential
(Get-Mailbox "flast" -DomainController chidc02.huronconsultinggroup.com `
  -Credential $c).SimpleDisplayName

Open in new window

0
 
lacheur42Author Commented:
Ok, that totally works.  I was just running it as the account, not using the "Connect-QADService", and I wasn't getting an error, it just wasn't updating.  Using your method works like a charm.   In case anyone reads this, -Service not -Server

Thanks!
0
 
Chris DentPowerShell DeveloperCommented:

Oops sorry, not sure how I managed to put server in there, automatic typing I guess :)

Chris
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

  • 7
  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now