Archive

Archive for September, 2012

ActiveSync Power Administrator

September 19, 2012 25 comments

The latest trend in IT is bring you own device (BYOD), where employees are allowed to either chose which device(s) the company provides, or allow employees to use their personal devices to connect to the corporate network and work off. The company I work for is anti-BYOD. We standardized on iPhones, which are purchased by the company and assigned to employees. I was tasked with ensuring only those company assigned iPhones could sync with Exchange. This is fairly easy to do in Exchange 2007/2010 as there is a CASMailbox property called “ActiveSyncAllowedDeviceIDs”. This property has a null value by default and when the value is null any device can form a partnership with that account. All the user needs to do is run the setup Wizard on the phone, enter their credentials, then the phone starts syncing with Exchange. You can limit which devices are allowed to sync with a mailbox by setting a list of device serial numbers in the ActiveSyncAllowedDeviceIDs property. When the property is not null, only the devices listed can form a partnership with that mailbox.

Microsoft has assumed that setting the value of ActiveSyncAllowedDeviceIDs isn’t something the majority of organization would want to do, so they have left it out of the EMC. If you want to set this value, you need to do it through powershell. I wanted my help desk staff to be able to modify this property but I didn’t want them to have to use powershell, so I decided to create a Windows form GUI for this function. I decided if I was going to create a GUI for this function, I might as well create a full blown ActiveSync administrator to take care of all admin task in one GUI. I also decided to add some reporting functionality to the GUI.

Overview

The script uses a Windows form to look up and set ActiveSync properties on an Exchange 2007/2010 mailbox. The first tab of the form is the user administrator. After an email address is entered, the form will retrieve the current ActiveSync settings on the mailbox. The administrator can then modify those settings. The second tab is a reporting function. There are four reports defined. I can add more on request if you have a specific report in mind. The results of the report are displayed on the form and can also be exported to a csv file.

Prerequisites

To run this script, you need to have the Exchange 2007 or Exchange 2010 management tools installed. You also need the free Quest cmdlets for Active Directory, which can be found here.

User Admin Tab

Email Address

Enter the primary email address on the mailbox you want to manage. As you type, the script will do a look up in AD and present suggestions. Once you have entered the email address, click the Lookup button.

ActiveSync Status

This will tell whether ActiveSync is enabled for this mailbox. You can enable/disable ActiveSync with the corresponding buttons.

ActiveSync Policy

This shows which ActiveSync policy is currently assigned to the mailbox. If you have defined ActiveSync policies, you can select which policy to apply from the drop-down. If you have not defined any policies, the “Default” policy will be assigned.

Allowed Devices

The Allowed Devices list shows any device serial numbers that have been allowed for this mailbox. If the list is empty, all devices are allowed to connect. You can remove devices by clicking the checkbox next to the device serial number and clicking the “Remove Selected” button.

Serial Number

You can add serial numbers to the Allowed Devices list by entering the serial number and clicking “Add”.

Sync History

This shows the device partnerships for devices that have synced with this mailbox, as well as the last time the device has synced.

Identity

You can issue a wipe command to a device, cancel a pending wipe, or remove the device partnership by selecting the device identity and clicking the corresponding button.

Reporting Tab

From the reporting tab, you can run various predefined reports on your ActiveSync users. There are currently four reports defined but I can add additional reports on request. The current reports are:

Users with ActiveSync enabled
Users with ActiveSync enabled and a null list of allowed devices
Users with ActiveSync disabled
Devices that haven’t synced in 30 days

Once the report has finished running, it will be displayed on the Reporting tab. You will then be presented with a button, which allows you to take action on all the users returned in the report. For example, you will be able to enable ActiveSync on all users returned after you run the “Users will Activesync disabled” report. You can also export the report to a csv file by clicking the “Export to File” button.

To run this script, download it from the link below and save it to your hard drive. Change the extension from txt to ps1. Open a powershell window and navigate to the directory where you saved the script. Type .\ActiveSyncAdmin.ps1 and hit enter.

DOWNLOAD SCRIPT (Change extension from doc to ps1)

Advertisements

WizBang Exchange Message Tracker 2.0

September 6, 2012 38 comments

UPDATE: Version 2.1 is available. For details, click here.

The Exchange tracking logs provide a wealth of information about mail flow through your organization. Unfortunately, the tools that ship with Exchange aren’t very good at leveraging this information in a useful way. You can use the message tracking tool that ships with EMC to search for specific logs but beyond viewing the raw log data, there isn’t much information available. Fortunately, Microsoft has provided us with powershell and powershell can be used in all sorts of interesting ways to gather, aggregate and present data in useful summaries and reports.

One of the great things about powershell and the IT community is that there are plenty of people who have built powershell scripts to solve problems, automate or streamline tasks, and gather and present data. Most people are more than happy to share their scripts with anyone who would like to use them. Those scripts are then sometimes improved or built upon by someone else. I was recently searching for a way to analyze message tracking logs and I came across this blog post. Glen Scales built a powershell script that uses a Windows form GUI to gather Exchange message tracking logs and present a summary of mail flow statistics, including graphs and charts that are built with the Google Charts API. Glen called his script “WizBang 2007 Message Tracker”. While I really like Glen’s script, I decided to make some changes and improvements to better suite the information I needed to get out of the script. Thus “WinzBang Exchange Message Tracker 2.0” was born.

Overview

This script uses Windows forms to accept input and display output. There are five tabs on the form (explained in detail below). The user selects query setting for the search on the first tab. Once the search has been completed, the summary results are displayed on the dashboard tab. The email summaries tab shows a summary of email statistics for each internal recipient. Message tracking logs for a specific user can also be displayed on this tab. The tracking data tab shows raw tracking logs for the period of the search. The final tab is used to find and display individual messages using the EWS service.

Changes in Version 2.0

  • Changed Server Name drop-down list
    • Limited server list to Exchange 2007/2010 Hub Transport, Mailbox, and Edge Transport roles (Previously contained all Exchange servers in org, even legacy)
    • Added “All” to server list to enable searching all servers
  • Added quick date range options for Last Hour, Today, Previous 24 hours, and Previous 7 days (Previously only option was to manually pick starting and end time)
  • Added filter options to match default Exchange Message Tracker
  • Added check box to determine if raw data should be displayed (Raw data collection is system resource intensive)
  • Changed graphs and charts
    • Changed graph from vertical to horizontal
    • Changed graph to display internal, sent to external, and received from external (Previously just sent and received)
    • Changed graph to display data for full time of search query (Was previously last 6 hours max)
      • When time frame is less than 31 minutes, data is graphed in minute increments
      • When time frame is between 31 minutes and 8 hours, data is graphed in 15 minute increments
      • When time frame is between 9 and 24 hours, data is graphed in hourly increments
      • When time frame is greater than 24 hours, data is graphed in daily increments
    • Consolidated pie charts into one, which now displays totals for internal, sent to external, and received from external for total time frame
  • Broke out top senders/receivers report into four separate reports: top internal sender, top internal receiver, top external sender, top external receiver, which covers search time frame (Previously consolidated into one report that covered previous hour)
  • On Organizational Totals report, consolidated total internal received and total internal sent into just total internal as these two values are always equal
  • Excluded message journaling messages from reports (except raw data)
  • Raw tracking data now includes all events; not just SENT and RECEIVED

Prerequisites

To run this script, you need to have the Exchange 2007 or Exchange 2010 management tools installed.

To use the message find functionality, you need to have EWSUtil.dll in C:\temp. You can get the file here.

Query Settings Tab

Server Name

Message tracking logs are stored on Exchange servers with the Mailbox, Hub Transport, and Edge Transport roles. The server name drop-down is automatically populated with servers in your organization that hold those roles. You can select an individual server to search against, or you can search against all servers. Being able to search all servers is a major advantage over the message tracking feature in the Exchange tools, which is only able to search one server at a time.

Date Range

The date range to search tracking logs can be selected here. There are quick selection options for last hour, today, previous 24 hours, and previous 7 days. Additionally, custom date ranges can be selected.

Filter Criteria

Tracking logs can be filtered based on the same criteria used in the message tracking log searcher built into the Exchange tools. For example, logs can be filtered to look for a specific, sender, recipient, or message subject. This is helpful is you are trying to find information on a specific sender, recipient, or message.

Presentation Options

This option allows the user to choose whether or not to show raw tracking data. This option should only be selected for narrow searches as displaying large amounts of raw tracking date is system memory intensive.

Dashboard Tab

The dashboard tab displays a summary of message tracking log data, based on the search criteria. A graph of mail flow is displayed at the top of the window. Below the graph, there are four tables which show the top 5 internal recipients, internal senders, external recipients, and external senders. A table also shows the organizational totals broken down by internal email, received from external, and sent to external email. This table is accompanied by a pie chart.

Email Summaries Tab

This tab displays a summary of the number and size of emails sent and received by individual internal users in the top table. A user can be highlighted and the “Get Messages” button pressed to to display all the tracking logs related to that user in the bottom table. If the option to show raw tracking data was selected on the query settings tab, an individual cell is highlighted in the bottom table, the “Show Message” button can be pressed to populate fields on the Message Find tab. Both tables can be exported to csv files but pressing the appropriate export button.

Tracking Data Raw Tab

If the option to show raw tracking data was selected on the query settings tab, this tab displays the full raw message tracking data. This data is filtered based on the settings on the Query Settings tab.

Message Find Tab

You can use the Message Find tab to search a mailbox for a specific message, if you have the message ID. This will display the To, From, Subject, and body of the message. You can also download any attachments and view the message headers.

Note: There is an issue when Outlook users are in cached mode, as described in this KB article. You won’t be able to find messages in the user’s sent items folder if they are in cached mode.

DOWNLOAD SCRIPT (Change extension from to ps1)