Solved

scripting, exchange

Posted on 2016-10-10
35
38 Views
Last Modified: 2016-10-11
I am running script on ems on my mailbox server to create bulk users in AD , and I am getting this error

anybody can help why is this throwing error
Capture1.JPG
0
Comment
Question by:pramod1
  • 24
  • 11
35 Comments
 
LVL 14

Expert Comment

by:Todd Nelson
ID: 41837071
Are you running that command from the Exchange 2007 Management Shell?
0
 

Author Comment

by:pramod1
ID: 41837123
yes
0
 
LVL 14

Expert Comment

by:Todd Nelson
ID: 41837136
If you want to run AD-based commands like Get-ADUser and New-ADUser you will need to import the proper toolset into the Exchange 2007 EMS.

Try adding the following to the beginning of your script or before you run the command shown in the screenshot...

Import-Module ActiveDirectory

Open in new window


If this is in reference to your other request (https://www.experts-exchange.com/questions/28970474/exchange-2007-scripts.html?anchor=a41837006#a41837006) it is the same issue.  And I suggest subtle changes to that script so it looks something more like this...

Import-Module ActiveDirectory

$Password = Read-Host "Enter Password:" -AsSecureString

Import-CSV CreateMailboxes-tt.csv | ForEach {

     New-Mailbox -Alias $_.alias -Name $_.name -FirstName $_.Givenname -LastName $_.Surname -userPrincipalName $_.UPN -Database “Field Mailbox Database” -OrganizationalUnit ' Email accounts' -Password $Password -LinkedDomainController "domain..COM" -LinkedMasterAccount "domain\$($_.Name)";

     Get-ADUser -Filter { UserPrincipalName -like $_.upn } | Disable-ADAccount;

     Add-DistributionGroupMember -Identity "ActiveSync" -Member $_.upn;

     Add-DistributionGroupMember -Identity "OWA" -Member $_.upn;

}

Open in new window


Please try it out before to close your question and award points blindly.
0
 

Author Comment

by:pramod1
ID: 41837169
I am running above  command on dc, but I have 2 questions

in the script attached at top

1) how can I put customized password
and the upn should be domain-hq.com and email address domain-retail.com as far as email address it is incorporating that
do I need to run this first
$Password=Read-Host “Enter Password” –AsSecureString
0
 
LVL 14

Expert Comment

by:Todd Nelson
ID: 41837192
Adding a password cannot be done in clear text and needs to be done in a secure way by issuing the command I provided ($Password = Read-Host "Enter Password:" -AsSecureString) before creating the mailbox/user and piped into the script.  Alternately, you can remove the "-Password" parameter from the New-Mailbox command so the scripts prompts you to enter a password manually for each user as the script runs for every user in the CSV file.

What is the other question?  You stated you have 2.

Are you familiar that UPN stands for user principal name (i.e. jdoe@domain.com) which is not the same as the UPN suffix (i.e. domain.com)?
0
 

Author Comment

by:pramod1
ID: 41837199
when I am creating AD account, everything gets created ok but as per attached capture1.jpg, but the upn shows same as user@domain-retail.com  which is the email address of user , I have to manually change the upn domain name that is domain-hq.com

is there any way the script runs where upn is user @domain-hq.com and email remains the same user@domain-retail.com

mport-csv .\BulkAddUsers.csv | foreach { New-ADUser -GivenName $_.GivenName -Surname $_.Surname -Name $_.Name -SamAccountName $_.SamAccountName -Description $_.Description -UserPrincipalName $_.email -Path $_.Path -Enabled $True -AccountPassword (ConvertTo-SecureString $_.Password -AsPlainText -force) -PasswordNeverExpires $True -Email $_.Email}


please find the csv I am running
BulkAddUsers.csv
0
 
LVL 14

Expert Comment

by:Todd Nelson
ID: 41837214
Sure there is a way to do it.  Review the parameter options for New-ADUser ... https://technet.microsoft.com/en-us/library/ee617253.aspx.  Your CSV is close but not there.  If you want the UserPrincipalName parameter set to a different value than what you have set for email address you will need to provide a different value.

HINT: Maybe a new column in the CSV file with a header value of UserPrincipalName and associated values set for each user to ...@domain-hq.com.

But before you can set the UPN you will need to add a UPN suffix for "domain-hq.com" to the forest/domain you are running this script.

References...

0
 

Author Comment

by:pramod1
ID: 41837238
I have the upn suffix added,  I have made changes in csv file but where I need to add in the script
BulkAddUsers-test.csv
bulk-ad-script.txt
0
 
LVL 14

Accepted Solution

by:
Todd Nelson earned 500 total points
ID: 41837275
In your script, based on your updated CSV file, all you should need to change is "-UserPrincipalName $_.email" to "-UserPrincipalName $_.UserPrincipalName".
0
 

Author Comment

by:pramod1
ID: 41837276
Import-Module ActiveDirectory

$Password = Read-Host "Enter Password:" -AsSecureString

Import-CSV CreateMailboxes-tt.csv | ForEach {

     New-Mailbox -Alias $_.alias -Name $_.name -FirstName $_.Givenname -LastName $_.Surname -userPrincipalName $_.UPN -Database “Field Mailbox Database” -OrganizationalUnit ' Email accounts' -Password $Password -LinkedDomainController "domain..COM" -LinkedMasterAccount "domain\$($_.Name)";

     Get-ADUser -Filter { UserPrincipalName -like $_.upn } | Disable-ADAccount;

     Add-DistributionGroupMember -Identity "ActiveSync" -Member $_.upn;

     Add-DistributionGroupMember -Identity "OWA" -Member $_.upn;

}


when running above, I am getting this error
Capture.JPG
0
 
LVL 14

Expert Comment

by:Todd Nelson
ID: 41837282
You really need to do better at breaking out your topics.  One is specific for AD and the other is specific for Exchange.

Where are you running this latest script from?

And what does the CSV file look like?
0
 

Author Comment

by:pramod1
ID: 41837287
this one is from exchange account
0
 

Author Comment

by:pramod1
ID: 41837315
AD part works fine now
0
 

Author Comment

by:pramod1
ID: 41837336
EXCHANGE PART ERROR

 New-Mailbox -Alias $_.alias -Name $_.name -FirstName $_.Givenname -LastName $_.Surname -userPrincipalName $_.UPN -Database “Field Mailbox Database” -OrganizationalUnit ' Email accounts' -Password $Password -LinkedDomainController "domain..COM" -LinkedMasterAccount "domain\$($_.Name)";

      Get-ADUser -Filter { UserPrincipalName -like $_.upn } | Disable-ADAccount;

      Add-DistributionGroupMember -Identity "ActiveSync" -Member $_.upn;

      Add-DistributionGroupMember -Identity "OWA" -Member $_.upn;
EXCHNAGE-SIDE-ERROR.JPG
0
 
LVL 14

Expert Comment

by:Todd Nelson
ID: 41837361
Don't run the two commands for Add-DistributionGroupMember together.  Make sure they run separately.
0
 

Author Comment

by:pramod1
ID: 41837362
I didn't get you, you mean run add distribution group sepeartely
0
 

Author Comment

by:pramod1
ID: 41837364
so how it co-relate  with earlier command I ran
0
Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

 

Author Comment

by:pramod1
ID: 41837365
New-Mailbox -Alias $_.alias -Name $_.name -FirstName $_.Givenname -LastName $_.Surname -userPrincipalName $_.UPN -Database “Field Mailbox Database” -OrganizationalUnit ' Email accounts' -Password $Password -LinkedDomainController "domain..COM" -LinkedMasterAccount "domain\$($_.Name)";

       Get-ADUser -Filter { UserPrincipalName -like $_.upn } | Disable-ADAccount;

till here it works fine
0
 

Author Comment

by:pramod1
ID: 41837366
but after that it throws error I attached
0
 

Author Comment

by:pramod1
ID: 41837372
can i add Add-DistributionGroupMember -Identity "ActiveSync, storetablet" -Member $_.upn;

like this?
0
 

Author Comment

by:pramod1
ID: 41837373
all in one line
0
 
LVL 14

Expert Comment

by:Todd Nelson
ID: 41837374
With the error you provided the, command looks to be running like this...

Add-DistributionGroupMember -Identity "ActiveSync" -Member $_.upn;Add-DistributionGroupMember -Identity "OWA" -Member $_.upn;

Open in new window


Instead of like this...

Add-DistributionGroupMember -Identity "ActiveSync" -Member $_.upn;

Open in new window


Add-DistributionGroupMember -Identity "OWA" -Member $_.upn;

Open in new window


If you copied the script I provided, you need to make sure the closing bracket is there "}".
0
 

Author Comment

by:pramod1
ID: 41837377
I am not getting you todd? I run below and when prompt comes should

New-Mailbox -Alias $_.alias -Name $_.name -FirstName $_.Givenname -LastName $_.Surname -userPrincipalName $_.UPN -Database “Field Mailbox Database” -OrganizationalUnit ' Email accounts' -Password $Password -LinkedDomainController "domain..COM" -LinkedMasterAccount "domain\$($_.Name)";

        Get-ADUser -Filter { UserPrincipalName -like $_.upn } | Disable-ADAccount;

U MEAN HIT ENTER HERE?

Add-DistributionGroupMember -Identity "ActiveSync" -Member $_.upn;
0
 

Author Comment

by:pramod1
ID: 41837380
CAN YOU REMOTE IN
0
 
LVL 14

Expert Comment

by:Todd Nelson
ID: 41837383
This is what the script should look like.  Include the ending bracket ... "}".

Import-Module ActiveDirectory

$Password = Read-Host "Enter Password:" -AsSecureString

Import-CSV CreateMailboxes-tt.csv | ForEach {

     New-Mailbox -Alias $_.alias -Name $_.name -FirstName $_.Givenname -LastName $_.Surname -userPrincipalName $_.UPN -Database “Field Mailbox Database” -OrganizationalUnit ' Email accounts' -Password $Password -LinkedDomainController "domain..COM" -LinkedMasterAccount "domain\$($_.Name)";

     Get-ADUser -Filter { UserPrincipalName -like $_.upn } | Disable-ADAccount;

     Add-DistributionGroupMember -Identity "ActiveSync" -Member $_.upn;

     Add-DistributionGroupMember -Identity "OWA" -Member $_.upn;

}

Open in new window

0
 

Author Comment

by:pramod1
ID: 41837396
can u remote in through team viewer  for a sec
0
 

Author Comment

by:pramod1
ID: 41837399
Import-Module ActiveDirectory

$Password = Read-Host "Enter Password:" -AsSecureString

Import-CSV CreateMailboxes-tt.csv | ForEach {

     New-Mailbox -Alias $_.alias -Name $_.name -FirstName $_.Givenname -LastName $_.Surname -userPrincipalName $_.UPN -Database “Field Mailbox Database” -OrganizationalUnit ' Email accounts' -Password $Password -LinkedDomainController "domain..COM" -LinkedMasterAccount "domain\$($_.Name)";

     Get-ADUser -Filter { UserPrincipalName -like $_.upn } | Disable-ADAccount;

     Add-DistributionGroupMember -Identity "ActiveSync" -Member $_.upn;

     Add-DistributionGroupMember -Identity "OWA" -Member $_.upn;

}
0
 

Author Comment

by:pramod1
ID: 41837400
this is what I am putting in shell,
0
 

Author Comment

by:pramod1
ID: 41837402
it is not working for distribution groups
0
 

Author Comment

by:pramod1
ID: 41837404
do I need to put exactly like yours with numbers
0
 

Author Comment

by:pramod1
ID: 41837410
bracket ... "}".
0
 

Author Comment

by:pramod1
ID: 41837411
you haven't put it
0
 

Author Comment

by:pramod1
ID: 41837426
same error
Capture.JPG
0
 
LVL 14

Expert Comment

by:Todd Nelson
ID: 41837440
private message me
0
 
LVL 14

Expert Comment

by:Todd Nelson
ID: 41838777
Pramod,

Good working with you.  Based on the conversation yesterday, you do not need to provide a password for linked mailboxes because they are created as disabled accounts.  So I've removed those items.  And I added the setting of a custom attribute to set the proper default reply address based on your email address policies.

Import-CSV CreateMailboxes-tt.csv | ForEach {

     New-Mailbox -Alias $_.alias -Name $_.name -FirstName $_.Givenname -LastName $_.Surname -userPrincipalName $_.UPN -Database “Field Mailbox Database” -OrganizationalUnit ' Email accounts' -LinkedDomainController "domain..COM" -LinkedMasterAccount "domain\$($_.Name)"

     Set-Mailbox -Identity $_.alias -CustomAttribute15 "StoreTablets"

     Add-DistributionGroupMember -Identity "ActiveSync" -Member $_.upn

     Add-DistributionGroupMember -Identity "StoreTabletAccts" -Member $_.upn

     Add-DistributionGroupMember -Identity "StoreTablets" -Member $_.upn

}

Open in new window


Good luck with your project.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

In this article, we will see the basic design consideration while designing a Multi-tenant web application in a simple manner. Though, many frameworks are available in the market to develop a multi - tenant application, but do they provide data, cod…
A procedure for exporting installed hotfix details of remote computers using powershell
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
how to add IIS SMTP to handle application/Scanner relays into office 365.

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now