hcca
asked on
Converting user mailboxes to linked mailboxes in Exchange 2013
I have a significant number of user mailboxes that need to be converted to linked mailboxes. I'm testing the process now with individual accounts and am having difficulty.
In my test today, it appeared that I successfully made the conversion, but the freshly linked account had an empty mailbox. Before the switch, he had 2.5 GB in his mailbox. I need to know what this failed and how to get his mail back.
I used this script:
Any help is greatly appreciated.
In my test today, it appeared that I successfully made the conversion, but the freshly linked account had an empty mailbox. Before the switch, he had 2.5 GB in his mailbox. I need to know what this failed and how to get his mail back.
I used this script:
$Arg1 = "username" #same in account and resource forests)
$username = "accountforest\admin"
$password = ConvertTo-SecureString -String "********" -AsPlainText -Force
$cred = New-object -typename System.Management.Automation.PSCredential -argumentlist $username, $password
Disable-Mailbox -Identity $Arg1
Enable-Mailbox -Identity $Arg1 -Alias $Arg1 -Database 'DB05' -LinkedMasterAccount 'accountforest.priv\username' -LinkedDomainController 'dc01.accountforest.priv' -LinkedCredential:$cred
Set-Mailbox -Id $arg1 -customAttribute1 "CompanyName"Any help is greatly appreciated.
This should work for you. Also, enable-mailbox will always create a completely blank mailbox. Note that disabled mailboxes are not identified by username in the mailbox database. If you want to connect an existing mailbox to a user, you have to use connect-mailbox. There are a number of attributes that can be used to represent the mailbox, but the primary identifier is the GUID of the mailbox, and that's kind of annoying to use. The changes here will check the mailbox database for a disconnected mailbox that has the user's full displayname on it, then pass that to the connect-mailbox cmdlet to assign a linked account in another forest to the mailbox.
$Arg1 = "username" #same in account and resource forests)
$displayname = <user's full name>
$username = "accountforest\admin"
$password = ConvertTo-SecureString -String "********" -AsPlainText -Force
$cred = New-object -typename System.Management.Automation.PSCredential -argumentlist $username, $password
Disable-Mailbox -Identity $Arg1
$dcmb = Get-MailboxDatabase | Get-MailboxStatistics | Where { $_.DisplayName -eq $displayname}
connect-Mailbox -Identity $dcmb -Alias $Arg1 -Database 'DB05' -LinkedMasterAccount 'accountforest.priv\username' -LinkedDomainController 'dc01.accountforest.priv' -LinkedCredential:$cred
Set-Mailbox -Id $arg1 -customAttribute1 "CompanyName"ASKER
Adam,
This looks like it would do that trick. Unfortunately, since my first attempt created a new mailbox, the $dcmb returns to entries. One with the 25k missing items and the other much smaller. Is there a way I can be sure to connect to the correct mailbox in this case?
This looks like it would do that trick. Unfortunately, since my first attempt created a new mailbox, the $dcmb returns to entries. One with the 25k missing items and the other much smaller. Is there a way I can be sure to connect to the correct mailbox in this case?
You'll need to purge the empty mailbox. Use this to determine what the bad mailbox's GUID is
Then use this to purge it:
Get-MailboxDatabase | Get-MailboxStatistics | Where { $_.DisplayName -eq "<display name>" } | fl DisplayName,MailboxGuid,Database,DisconnectReason,totalitemsizeThen use this to purge it:
Remove-StoreMailbox -Database <Database the mailbox is on> -Identity <GUID of the bad MB> -MailboxState Disabled
Did you try the Set-User option? in that method, there is no complexities like reconnecting mailbox.
ASKER
Subsun, I did not try the Set-User option. Can you elaborate?
To convert the TestUserA mailbox to linked mailbox
Set-User TestUserA -LinkedMasterAccount 'accountforest.priv\username' -LinkedDomainController 'dc01.accountforest.priv'
Using the set-user method, you would not disconnect the mailbox at all. The whole script would be this:
$Arg1 = "username" #same in account and resource forests)
2:$username = "accountforest\admin"
3:$password = ConvertTo-SecureString -String "********" -AsPlainText -Force
4:$cred = New-object -typename System.Management.Automation.PSCredential -argumentlist $username, $password
6:set-user -Identity $Arg1 -LinkedMasterAccount 'accountforest.priv\username' -LinkedDomainController 'dc01.accountforest.priv' -LinkedCredential:$cred
7:Set-Mailbox -Id $arg1 -customAttribute1 "CompanyName"ASKER
Adam,
I tried editing your script but the -LinkedCredential:$cred is being rejected by the editor.
I tried editing your script but the -LinkedCredential:$cred is being rejected by the editor.
Try this. Didn't notice the line numbers. Not sure why the editor is ignoring it, unless it doesn't like the -switch:argument method. I replaced the : with a space just in case.
$Arg1 = "username" #same in account and resource forests)
$username = "accountforest\admin"
$password = ConvertTo-SecureString -String "********" -AsPlainText -Force
$cred = New-object -typename System.Management.Automation.PSCredential -argumentlist $username, $password
set-user -Identity $Arg1 -LinkedMasterAccount 'accountforest.priv\username' -LinkedDomainController 'dc01.accountforest.priv' -LinkedCredential $cred
Set-Mailbox -Id $arg1 -customAttribute1 "CompanyName"ASKER
Adam,
In your first script uses a variable $dcmb. When I tried to run that script it hung for a very long time and when it had finished, the mailbox was gone.
I ran it again but did a Write-Host $dcmb to see what the contents of the variable was. It printed: "Microsoft.Exchange.Manage
What am I doing wrong here?
In your first script uses a variable $dcmb. When I tried to run that script it hung for a very long time and when it had finished, the mailbox was gone.
I ran it again but did a Write-Host $dcmb to see what the contents of the variable was. It printed: "Microsoft.Exchange.Manage
What am I doing wrong here?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Subsun,
I gave that a try and the $cred and related values did not seem to get populated and the effort failed again. I'm not sure why. The mailbox was disabled without issue but it was not connected to the external user.
I gave that a try and the $cred and related values did not seem to get populated and the effort failed again. I'm not sure why. The mailbox was disabled without issue but it was not connected to the external user.
Are you getting any errors? If yes, please post the error.
ASKER
There was no error, it just didn't work.
While doing a bit more searching, I found some comments from Martina Miskovic at the site, who suggested the following command:
Do you see any downsides to this?
While doing a bit more searching, I found some comments from Martina Miskovic at the site, who suggested the following command:
Set-User -id <USER> -LinkedMasterAccount accountdomain\user -LinkedDomainController dc01.accountdomain.local -LinkedCredential(get-credential) $Arg1 = "username" #same in account and resource forests
$username = "accountforest\admin"
$password = ConvertTo-SecureString -String "********" -AsPlainText -Force
$cred = New-object -typename System.Management.Automation.PSCredential -argumentlist $username, $password
Set-User -id $Arg1 -LinkedMasterAccount ''accountforest.priv\"$Arg1 -LinkedDomainController 'dc01.accountforest.priv' -LinkedCredential $cred
set-mailbox -id $Arg1 -ApplyMandatoryProperties
Set-Mailbox -Id $Arg1 -customAttribute1 "CompanyName"Do you see any downsides to this?
ASKER
I think that is pretty close to your solution except for leaving out the $Mbx. Agreed?
If Set-User command works then that's the Best method. As it doesn't have complexity of disconnecting and reconnecting mailboxes. Like I said earlier. Test it with a single test mailbox. If it works then We can modify the script for multiple mailboxes.
Also If there is no errors but access fails, then It could be due to replication delay.
ASKER
This seems to work fine though I must remember to force AD replication when it's finished. I put this together using a txt file for input of multiple users. I'm rethinking that though. Using a .csv file might be better in case I find a user whose login name is different in the account forest and the resource forest.
$username = "accountforest.priv\admin"
$password = ConvertTo-SecureString -String "********" -AsPlainText -Force
$cred = New-object -typename System.Management.Automation.PSCredential -argumentlist $username, $password
# Read list of users to convert to linked mailboxes
$sourceusers = get-content "C:\Scripts\sourceusers.txt"
foreach($Arg1 in $sourceusers)
{
Set-User -id $Arg1 -LinkedMasterAccount accountforest.priv\$Arg1 -LinkedDomainController 'dc01.accountforest.priv' -LinkedCredential $cred
set-mailbox -id $Arg1 -ApplyMandatoryProperties
Set-Mailbox -Id $Arg1 -customAttribute1 "CompanyName"
}ASKER
Several very helpful comments but Subsun finally got through my thick skull and provided the tools to make things work very well.
Text file is ok, if you have maintained same user name on both forests, if that's not the case then better use csv file.
Ref : https://technet.microsoft.com/en-us/library/aa997878(v=exchg.160).aspx
Much simple method is explained by Jim McBee using Set-User, it should work on Exchnage 2013 also..
Ref : http://mostlyexchange.blogspot.in/2013/12/convert-user-mailbox-to-linked-mailbox.html