Require that all senders are authenticated exchange 2007. Bulk change this.

Hi,

Require that all senders are authenticated exchange 2007. Bulk change this.
below is the screenshot. i want to change this for all users,Contacts,Groups in a OU

Regards
Sharath

Group---user---Contact.JPG
LVL 11
bsharathAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

AkhaterCommented:
Copy the following to a ps1 and run it
$Recipients = get-Recipient -OrganizationalUnit "domain.com/ou"

foreach ($Recipient in $Recipients)
{
   if ($Recipient.RecipientType -eq "UserMailbox") { 
      set-mailbox $Recipient.name -RequireSenderAuthenticationEnabled:$True}
   elseif ($Recipient.RecipientType -eq "MailContact") {
      set-MailContact $Recipient.name -RequireSenderAuthenticationEnabled:$True}
   elseif ($Recipient.RecipientType -eq "MailUniversalDistributionGroup") {
      set-DistributionGroup $Recipient.name -RequireSenderAuthenticationEnabled:$True}
}

Open in new window

0
AkhaterCommented:
to be more complete I have added Dynamic Distribution group
$Recipients = get-Recipient -OrganizationalUnit "domain.com/ou"

foreach ($Recipient in $Recipients)
{
   if ($Recipient.RecipientType -eq "UserMailbox") { 
      set-mailbox $Recipient.name -RequireSenderAuthenticationEnabled:$True}
   elseif ($Recipient.RecipientType -eq "MailContact") {
      set-MailContact $Recipient.name -RequireSenderAuthenticationEnabled:$True}
   elseif ($Recipient.RecipientType -eq "MailUniversalDistributionGroup") {
      set-DistributionGroup $Recipient.name -RequireSenderAuthenticationEnabled:$True}
   elseif ($Recipient.RecipientType -eq "DynamicDistributionGroup") {
      set-DynamicDistributionGroup $Recipient.name -RequireSenderAuthenticationEnabled:$True}
}

Open in new window

0
bsharathAuthor Commented:
Thanks
How can restrict it for just 1 OU
Should it be
Domain.com/just the OU name or any specific format
0
The Ultimate Tool Kit for Technolgy Solution Provi

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy for valuable how-to assets including sample agreements, checklists, flowcharts, and more!

AkhaterCommented:
just replace in my script domain.com/ou by yourdomain.ext/wantedOU

e.g. Company.local/users
0
bsharathAuthor Commented:
I get this

[PS] E:\>.\senders_are_authenticated_exchange.ps1
Organizational unit "cal/Accessible Desktops" was not found. Please
 make sure you have typed it correctly.
At E:\senders_are_authenticated_exchange.ps1:1 char:14
+ $Recipients = <<<<  get-Recipient -OrganizationalUnit "cal/Accessible Desktops"
    + CategoryInfo          : NotSpecified: (:) [], ManagementObjectNotFoundEx
   ception
    + FullyQualifiedErrorId : 49860887

Its a old OU and the name is correct. tried with few other Ou names also
0
AkhaterCommented:
what is CAL??
what is your domain name ?
0
bsharathAuthor Commented:
Its Domain.local
i changed it before posting here
0
AkhaterCommented:
did you copy paste the script ?

if so try deleting the double quotes and typing them again

also please try

get-Recipient -OrganizationalUnit "domain.local/users"

0
bsharathAuthor Commented:
I removed and added the quotes same issue
I even ram the 2nd line of code same error
I ran on shell and quest the same issue
0
AkhaterCommented:
you are running this in Exchange Management shell are you ? not in power shell right ?
0
bsharathAuthor Commented:
Yes on exchange management shell
0
AkhaterCommented:
what if you run get-Recipient alone ? without any parameters?

there is something wrong in your setup, I have tested the script here and it is working perfectly
0
bsharathAuthor Commented:
get-Recipient gets all details right without a issue
0
AkhaterCommented:
care to share a screen shot about the command and the error ?
0
AkhaterCommented:
please also try omitting the domain name simply

get-Recipient -OrganizationalUnit "users"
0
bsharathAuthor Commented:
Screenshot
Capture.JPG
0
AkhaterCommented:
well I did some tests here and I am getting this error when the OU name doesn't exist

please try
get-Recipient -OrganizationalUnit "users" also send me a screen shot of your AD users and computers
0
bsharathAuthor Commented:
get-Recipient -OrganizationalUnit "users"
isnt this the same command as before and
>>also send me a screen shot of your AD users and computers
Sorry did not follow do you mean structure?
0
AkhaterCommented:
Yes I mean the Active Directory Users and computers
0
bsharathAuthor Commented:
Below is the same
Capture.JPG
0
AkhaterCommented:
get-Recipient -OrganizationalUnit "test"

screen shot of the results please
0
bsharathAuthor Commented:
Now it works
because i was wrongly placing the user name rather than the OU name
0
AkhaterCommented:
ok so all is working fine now?
0
bsharathAuthor Commented:
No what i meant was
Fo this line
get-Recipient -OrganizationalUnit "test"
For the main code still get the same error
0
AkhaterCommented:
Sorry i didn't get you

get-Recipient -OrganizationalUnit "test" is working fine now ?

where is "Accessible Desktops" ou located ? i can't find it in the screenshot
0
bsharathAuthor Commented:
Accessible Desktops is in a 4 or 5 step depth within UKI
0
AkhaterCommented:
well then your should put them all something like

get-Recipient -OrganizationalUnit "domain.local/offices/uki/.../.../accessible desktops"


get-Recipient -OrganizationalUnit "test" is working fine right ?
0
bsharathAuthor Commented:
Sorry i was a fool on this
I mentioned the exact folder structure and i get no error but the tick is still there after the run also
0
AkhaterCommented:
Then maybe I misunderstood what you wanted from the start :)

if you want to REMOVE the tick just replace $true by $false in the script
0
bsharathAuthor Commented:
I realised it and changed but the tick still does not go
Hope you are refering to this place tick
Capture.JPG
0
AkhaterCommented:
yes this is the tick I am referring too
did you change all the occurrence of $true to $false ?

did you close the EMC and opened it again  before checking again for the checkbox ?
0
bsharathAuthor Commented:
Yes not the code is as this

$Recipients = get-Recipient -OrganizationalUnit "cal.local/Users/Named Users/new1"

foreach ($Recipient in $Recipients)
{
   if ($Recipient.RecipientType -eq "UserMailbox") {  
      set-mailbox $Recipient.name -RequireSenderAuthenticationEnabled:$False}
   elseif ($Recipient.RecipientType -eq "MailContact") {
      set-MailContact $Recipient.name -RequireSenderAuthenticationEnabled:$False}
   elseif ($Recipient.RecipientType -eq "MailUniversalDistributionGroup") {
      set-DistributionGroup $Recipient.name -RequireSenderAuthenticationEnabled:$False}
   elseif ($Recipient.RecipientType -eq "DynamicDistributionGroup") {
      set-DynamicDistributionGroup $Recipient.name -RequireSenderAuthenticationEnabled:$False}
}

I even closed and reopened the EMC
0
AkhaterCommented:
you know that's funny I never noticed this "bug" :)

I just ran the test and you are perfectly right the GUI isn't affected when you set it from powershell or vice versa but I can assure you they have the same effect.

0
AkhaterCommented:
how many domain controllers do you have ?
this could be simply a replication issue
0
AkhaterCommented:
try running the script another time it shld give you yellow warnings that no settings were changed
0
AkhaterCommented:
don't rely on the visual interface, I sent a test message to the user and it passed without problem even though the GUI showed the checkbox still checked

test and you will see,
0
AkhaterCommented:
after forcing domain controller replication the GUI and the powershell results are now matching, just wait one hour or so and check again
0
bsharathAuthor Commented:
Still no change i even force replicated
and when run multiple times also no change
0
AkhaterCommented:
pick a user inside that OU  and run

get-mailbox username | fl *require*

where username is the user name of that user

what is the result
0
bsharathAuthor Commented:
I get this

[PS] E:\>get-mailbox Bha yuia | fl *require*
Get-Mailbox : A positional parameter cannot be found that accepts argument 'Bha'.
At line:1 char:12
+ get-mailbox <<<<  Bha yuia | fl *require*
    + CategoryInfo          : InvalidArgument: (:) [Get-Mailbox], ParameterBin
   dingException
    + FullyQualifiedErrorId : PositionalParameterNotFound,Microsoft.Exchange.Management.RecipientTasks.GetMailbox

[PS] E:\>get-mailbox "Bha yuia" | fl *require*
Get-Mailbox : Bha yuia is not a mailbox user.
At line:1 char:12
+ get-mailbox <<<<  "Bha yuia" | fl *require*
    + CategoryInfo          : InvalidData: (:) [Get-Mailbox], ManagementObject
   NotFoundException
    + FullyQualifiedErrorId : 46BC31B8,Microsoft.Exchange.Management.Recipient
   Tasks.GetMailbox


these ares many are not mailbox users they are mail enabled users
0
AkhaterCommented:
well I didn't take into consideration mail enabled users

issue get-recipient "Bha yuia"

give me the result
0
bsharathAuthor Commented:
I get this

[PS] E:\>get-recipient "Bha yuia"

Name                                    RecipientType
----                                    -------------
Bha yuia                                   MailUser
0
AkhaterCommented:
great! then an updated version of the script would be
$Recipients = get-Recipient -OrganizationalUnit "domain.com/ou"

foreach ($Recipient in $Recipients)
{
   if ($Recipient.RecipientType -eq "UserMailbox") { 
      set-mailbox $Recipient.name -RequireSenderAuthenticationEnabled:$True}
   elseif ($Recipient.RecipientType -eq "MailContact") {
      set-MailContact $Recipient.name -RequireSenderAuthenticationEnabled:$True}
   elseif ($Recipient.RecipientType -eq "MailUniversalDistributionGroup") {
      set-DistributionGroup $Recipient.name -RequireSenderAuthenticationEnabled:$True}
   elseif ($Recipient.RecipientType -eq "DynamicDistributionGroup") {
      set-DynamicDistributionGroup $Recipient.name -RequireSenderAuthenticationEnabled:$True}
   elseif ($Recipient.RecipientType -eq "MailUser") {
      set-MailUser $Recipient.name -RequireSenderAuthenticationEnabled:$True}
}

Open in new window

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
bsharathAuthor Commented:
Thank U
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.