Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

How to change set-mailbox credentials

Posted on 2009-07-07
14
Medium Priority
?
1,565 Views
Last Modified: 2012-06-21
Hi folks,

So, I can do this:

$c = Get-Credential
Get-Mailbox -DomainController dc.test.com -Credential $c username

and it works nicely.  However I can't do the same thing for Set-Mailbox!  There's no -Credential parameter.  How do I specify alternate credentials using Set-Mailbox?  
0
Comment
Question by:lacheur42
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 4
  • 3
14 Comments
 
LVL 6

Expert Comment

by:grandebob
ID: 24797170
We had to use add-adpermission with -accessrights and -extendrights options.
0
 
LVL 1

Author Comment

by:lacheur42
ID: 24797361
I don't really understand what that does - can you give me some syntax?
0
 
LVL 6

Expert Comment

by:grandebob
ID: 24797402
get-help add-adpermission would be a good place to start if you are planning on making scripts, which i think you are planning on. Below is a varient on a line in a script we use to give a user permissions to send as a different email address.

add-adpermission "user1@domain.com" -user "user2@domain.com -accessrights "GenericAll" -extendedrights "Send As"

Open in new window

0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
LVL 1

Author Comment

by:lacheur42
ID: 24797582
I'm thinking that's not what I need exactly.

I'm on a machine that belongs to one domain (A) and trying to modify my email account on another domain (B) - for get-mailbox, setting the credentials to my domain account on (B) works.

I'd prefer to avoid permanently adding permissions to my domain account (A) to modify my domain account (B), which it seems like you're suggesting (not sure if that would even work...).
0
 
LVL 6

Expert Comment

by:grandebob
ID: 24797688
Your original post didn't say anything about cross domains.

I think I see what you are getting at. Perhaps you can just open powershell using the credentials of the other domain by using the runas command?
0
 
LVL 1

Author Comment

by:lacheur42
ID: 24797972
Sorry - I thought it was going to be a simple answer.  

Yeah, I've tried doing that, but it keeps trying to grab the DC for the machine I'm on, even if I specify it:
Set-Mailbox -DomainController DC.B.com -SimpleDisplayName "First Last" flast

   Set-Mailbox : Active Directory server DC.A.com is not available. Error message: A local error occurred.

It's really irritating that the -credential parameter is missing, I don't get it!
0
 
LVL 1

Author Comment

by:lacheur42
ID: 24798934
Bumping the points.  Any other thoughts?
0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 24802841

Hey :)

That does appear to be a bit of a pain. Have you considered approaching it with tools built for AD rather than those build for Exchange?

It would possibly be worth grabbing the Quest cmdlets for this:

http://www.quest.com/activeroles-server/arms.aspx

"Set-QADUser" does allow you to pass credentials via Connect-QADService. Usage combining Connect-QADService and Set-QADuser is in the examples towards the end of "Get-Help Set-QADUser -Full".

Then you could do something like this:

Set-QADUser "UniqueIdForUser" -ObjectAttributes @{displayNamePrintable='SomeValue'}

Chris
0
 
LVL 1

Author Comment

by:lacheur42
ID: 24805578
I have those installed, but I'm not clear on how I would use them to set mailbox-specific properties such as SimpleDisplayName.

Set-QADUser "UniqueIdForUser" -Credential $c -ObjectAttributes @{SimpleDisplayName='SomeValue'}

Doesn't throw an error, but it also doesn't change the value of SimpleDisplayName.
0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 24806562

That's because what's called "Simple Display Name" in the GUI is called displayNamePrintable in the directory, hence it's inclusion in my example :)

Chris
0
 
LVL 1

Author Comment

by:lacheur42
ID: 24816751
Maybe I'm misunderstanding something, but it seems like you're saying the following should work.  It doesn't.

Thanks,
Erik
$c = Get-Credential
Set-QADUser "flast" -ObjectAttributes @{displayNamePrintable='First M Last'}
$mb = Get-Mailbox -DomainController chidc02.huronconsultinggroup.com -Credential $c flast
echo $mb.SimpleDisplayName

Open in new window

0
 
LVL 71

Accepted Solution

by:
Chris Dent earned 1000 total points
ID: 24818124

Error messages?

This is what I mean.

Chris
# First set the attribute after authenticating the connection
 
$pw = Read-Host "Please enter password" -AsSecureString
Connect-QADService -Server "chidc02.huronconsulting.com" `
  -ConnectionAccount "SomeDomain\SomeUser" -ConnectionPassword $pw
Set-QADUser "SomeDomain\flast" -ObjectAttributes @{displayNamePrintable='First M Last'}
Disconnect-QADService
 
# Then read it back again
 
$c = Get-Credential
(Get-Mailbox "flast" -DomainController chidc02.huronconsultinggroup.com `
  -Credential $c).SimpleDisplayName

Open in new window

0
 
LVL 1

Author Comment

by:lacheur42
ID: 24819526
Ok, that totally works.  I was just running it as the account, not using the "Connect-QADService", and I wasn't getting an error, it just wasn't updating.  Using your method works like a charm.   In case anyone reads this, -Service not -Server

Thanks!
0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 24821142

Oops sorry, not sure how I managed to put server in there, automatic typing I guess :)

Chris
0

Featured Post

Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Are you an Exchange administrator employed with an organization? And, have you encountered a corrupt Exchange database due to which you are not able to open its EDB file. This article will explain all the steps to repair corrupt Exchange database.
On September 18, Experts Exchange launched the first installment of the Help Bell, a new feature for Premium Members, Team Accounts, and Qualified Experts. The Help Bell will serve as an additional tool to help teams increase question visibility.
The viewer will learn how to dynamically set the form action using jQuery.
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question