Black Belt Exchange and Office 365 PowerShellSteve GoodmanSenior Consultant, Ciber

OFC-B220

WelcomeSteve GoodmanExchange Server MVPSenior Consultant as Ciber in the UKWriter for MSExchange.org and SearchExchange.comHost of the UC Architects Podcast

Basics AutomationMonitoringTroubleshootingUseful scripts

Welcome

Basics AutomationMonitoringTroubleshootingUseful scripts

Agenda

Starting with the basics

Similar in concept to Unix-like management shellsSimpler in operation as PowerShell is object-orientedCommands and parameters are easy to discover through the use of verbs and autocompletion

For example Get-Mailbox, Set-Mailbox, New-Mailbox –Firstname –Lastname

Pass the output of one command to the next with the pipeline, or store in variables

Get-User | Set-User –Company Contoso$TemplateUser = Get-User “Template User”Get-User | Set-User –Company $TemplateUser.Company

Key concepts of PowerShell in one slide

PowerShell allows you to pretty much manage anythingWe’ll focus on a few core Exchange and Office 365 technologies in this sessionExchange On-PremisesExchange OnlineWindows Azure Active Directory

What will we focus on managing?

What will we focus on managing?

Connecting to Exchange On-Premises$UserCredential = Get-Credential$Session = New-PSSession

-ConfigurationName Microsoft.Exchange -ConnectionUri "http://<FQDN>/PowerShell/" -Authentication Kerberos -Credential $UserCredential

Import-PSSession $Session

Get-Mailbox "Steve Goodman"

Connecting to Exchange Online$UserCredential = Get-Credential$Session = New-PSSession

-ConfigurationName Microsoft.Exchange -ConnectionUri "https://outlook.office365.com/powershell-

liveid/" -Credential $UserCredential -Authentication Basic -AllowRedirection

Import-PSSession $Session

Get-Mailbox "Lisa Goodman"

Using Both$UserCredential = Get-Credential$CloudSession = New-PSSession

-ConfigurationName Microsoft.Exchange -ConnectionUri "https://outlook.office365.com/powershell-liveid/" -Credential $UserCredential -Authentication Basic -AllowRedirection

Import-PSSession $CloudSession -Prefix Cloud $OnPremSession = New-PSSession

-ConfigurationName Microsoft.Exchange -ConnectionUri "http://<FQDN>/PowerShell/"-Authentication Kerberos -Credential $UserCredential

Import-PSSession $OnPremSession

Get-CloudMailbox "Lisa Goodman"Get-Mailbox "Steve Goodman"

Connecting to Azure Active Directory$UserCredential = Get-CredentialConnect-MsolService -Credential $UserCredential

Get-MsolUser -UserPrincipalName steve@goodman.net

Managing WAAD Sync OperationsImport-Module DirSync

Start-OnlineCoexistenceSync

The ability to automate on-premises and cloud Exchange operations including…Creating new on-premises Active Directory accounts with Exchange or Office 365 mailboxes attachedForcing creation in Office 365Assigning licensing to new Mailboxes in the CloudAssigning policies in Exchange Online

What does all that give us?

Exchange On-Premises

New-RemoteMailboxSet-RemoteMailboxAdd-DistributionGroupMember

DirSync Start-OnlineCoexistenceSync

Azure Active Directory

Set-MSOLUserSet-MSOLUserLicence

Exchange Online Set-CASMailboxSet-MailboxRegionalConfiguration

For example:

Demo

Automation

Mailbox CreationsMailbox DeletionsUpdate of email addressesRemoval of old addresses like X400 addressesAddition and removal from distribution groupsAssigning policies to users, like In-Place Hold, Retention Policies, Mobile Device Policies

What can you automate?

Enable or disable OWA for usersEnabling users for Unified MessagingChanging department or job title detailsUpdating contact phone numbersSetting account expiry dateRe-balancing mailboxes across databasesCreating shared calendars with standard settings

A few more

Collection of information about the organizationRemediation of settings, such as UPN updatesSetup and configuration of Office 365 tenantsLicensing automation Mailbox Migration to Exchange 2013Creating Migration Batches for Office 365 migrationsThe list goes on..

Even more… and the list doesn’t end here

Figure out what value you will get from automating using some sort of criteria, for example:Will you do it more than once?

This includes doing something once to everyone!

Will it save you time to automate it?Sometimes a simple procedure is fine!

But what should you automate?

Can you avoid errors by automating it?Or will it mean errors affect everyone else?

Will you be able to delegate it?Replacing someone else doing it with the EAC with you doing it via PowerShell isn't great

Can you plug it into something else?Does your service desk have the ability to interface with PowerShell?

But what should you automate?

If you know PowerShell, perform the task once using PowerShell

Start-Transcript

If you don't know PowerShell wellIf it's on-premises Exchange, use the EAC or EMC

If it's not are their examples in the TechNet Gallery already?

Licensing is a good exampleRebalancing

More examples of my scripts

Learning from others is a GREAT WAY

Get the template for doing it once

Get the template for doing it one timeBasic Script

InputVariablesLoopError Checking

For example:Automate one time task

Disable ActiveSync for Group MembersAutomate regular task

Setup Shared MailboxAssign Default Set of Permissions

Create the template for doing it once

The template allows you to make it repeatable

Make a Basic ScriptDo you need input?Do you have variables to setWill you want to loop through a list (for example, mailboxes)Should you check for errors?

A couple of demos….Automate a one time task

Disable ActiveSync for Group MembersAutomate a regular task

Setup Shared MailboxAssign Default Set of Permissions

Use the template for doing it once

Demo

Monitoring and Troubleshooting

For pro-active monitoring, use an off-the-shelf solutionBut, there are times you want to gain an insight into your Exchange infrastructure

Getting a regular overview of the environmentCollecting data to monitor changes or growthExporting logs for historical value or to import into a third-party system,Building a bespoke interface into your existing monitoring systemAnd of course – collecting data for Troubleshooting

Let’s have a look at a few examples…

What should you monitor?

You can export data from Exchange or Office 365 and store it, then compare historical data at a later dateFor example – keeping an record of mailbox growthUse the Export-CliXML cmdlet to export the results of a PowerShell cmdlet as a point in time snapshotThen use the Import-CliXML cmdlet to import the snapshot at a later date for comparison

Monitoring your environment for growth

Demo

An example - troubleshooting Availability:Switch on increased logging across all CAS serversRetrieve and collate logs, filtered for relevant errors from the Event LogsSearch for particular errors in IIS Logs

Automating Troubleshooting

Demo

What is the Exchange Environment ReportUseful for:

Overview of patch levelsMailbox distribution across the environmentLast backups etc

Demo of usage and results

Generating Environment Reports

Exchange Environment Report

For example a report on your Office 365 tenantWe will use the following PowerShell featuresHashtables to store dataFunctions to collect individual pieces of data or output contentOutput the results as HTML

Creating your own environment report

Demo

Summary

Use PowerShell to automate managementLaborious tasks, Error prone tasksAutomation with PowerShell should equal less human mistakes (but test!)

Monitor and report using PowerShellYou don't need to reinvent the wheel, good scripts are out there to assistDon't create a new monitoring system, and use Managed Availability cmdlets

Use PowerShell to switch on troubleshooting and retrieve data centrally

An Exchange admin's PowerShell knowledge extends outside of the Exchange Management Shell and also includes areas like Event Logs, Disks, Parsing Text Log Files

Summary

Resources

Learning

Microsoft Certification & Training Resources

www.microsoft.com/learning

Developer Network

http://developer.microsoft.com

TechNet

Resources for IT Professionals

http://microsoft.com/technet

Sessions on Demand

http://channel9.msdn.com/Events/TechEd

Technical Network

Join the conversation!Share tips and best

practices with other Office 365 expertshttp://aka.ms/o365technetwork

Managing Office 365 Identities and Services

5

Office 365

Deploying Office 365 Services

Classroomtraining

Exams

+

Introduction to Office 365

Managing Office 365 Identities and Requirements

FLC

40041

Onlinetraining

Managing Office 365 Identities and ServicesOffice 365 Fundamentals

http://bit.ly/O365-Cert

http://bit.ly/O365-MVA

http://bit.ly/O365-Training

Get certified for 1/2 the price at TechEd Europe 2014!http://bit.ly/TechEd-CertDeal

MOC

20346 Designing for Office

365 Infrastructure

MOC

10968

3

EXAM

346EXAM

347

MVA MVA

TechEd Mobile app for session evaluations is currently offline

SUBMIT YOUR TECHED EVALUATIONSFill out an evaluation via

CommNet Station/PC: Schedule Builder

LogIn: europe.msteched.com/catalog

We value your feedback!

© 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.