EHLO.Excommunication

infoexchangeplus & workplace

2007年11月17日

刚看到新闻组提问批量新建邮箱的帖子,就顺便写一下。

其实很少情况下会用到批量建立用户及邮箱的操作,这一点很简单。但是很多时候在测试的时候要求进行批量建立用户及邮箱,ActiveDirectory中使用脚本就很容易实现,再结合ADModify.Net就能达到批量修改用户属性的效果。

在测试Exchange2007的时候,可以借助脚本来批量新建一批用户,然后再在EMS(Exchange Management Shell)里使用enable-mailbox LETCMD就能够批量为用户启用邮箱,非常方便。

批量新建AD用户脚本:(演示脚本在 Active Directory 内的用户容器中创建 1,000 个用户帐户(名为 UserNo1、UserNo2、UserNo3 等等)。此脚本用于测试需要多个用户帐户的方案。)

Set objRootDSE = GetObject("LDAP://rootDSE")
Set objContainer = GetObject("LDAP://cn=Users," & _
objRootDSE.Get("defaultNamingContext"))
For i = 1 To 1000
Set objLeaf = objContainer.Create("User", "cn=UserNo" & i)
objLeaf.Put "sAMAccountName", "UserNo" & i
objLeaf.SetInfo
Next
WScript.Echo "1000 Users created."

更多信息请参考:

http://www.microsoft.com/china/technet/community/scriptcenter/user/default.mspx

完成新建之后用ADModify.Net修改所有新建用户属性,例如密码及登录信息。

接下来在exchange命令控制台中,输入:

get-user UserNo* | enable-mailbox

的命令进行启用邮箱(关于Enable-Mailbox LETCMD命令请输入 man enable-mailbox)

还有一种方式就是不用VBS脚本来批量创建邮箱,将所要添加的用户编辑好做成.CSV表格文件,然后在用命令启用。这种方式更加的灵活也非常实用。

在Exchange 2007中,提供了通过模版创建邮箱的方法:
1. 先创建.csv文件,包含以下格式的内容:


Name,UPN,OU,Password
Deepak Kumar,DKumar@contoso.com,contoso.com/Users,pass@word1
Ray Chow,RChow@contoso.com,contoso.com/Users,pass@word1
David Simpson,DSimpson@contoso.com,contoso.com/Users,pass@word1
Isabel Martins,IMartins@contoso.com,contoso.com/Users,pass@word1


2. 在Exchange Management Shell 中输入以下命令:
$Template = Get-Mailbox "Template1" (template1 为一个已经创建了邮箱的用户名称,这个用户被用作创建其它用户的模版)


Import-CSV "C:\NewUsers.csv" | ForEach-Object -process {$Temp = ConvertTo-SecureString $_.Password -asPlainText -force;New-Mailbox -Name $_.Name -UserPrincipalName $_.UPN -OrganizationalUnit $_.OU -Database "Mailbox Database" -Password $Temp -TemplateInstance $Template}


这将根据csv文件中列出的用户创建邮箱,但这个方法不能为已经存在的用户创建邮箱。
更多的信息,请参考以下文章:
如何使用模板创建收件人
http://technet.microsoft.com/zh-cn/library/bb125152.aspx

致谢:

罗俊华
在线技术支持工程师
微软全球技术支持中心

posted @ 2007-11-17 20:43 yotu 阅读(2081) | 评论 (1)编辑 收藏
Q:

事件日志中有此报错
事件类型: 警告
事件来源: MSDTC Client
事件种类: 群集
事件 ID: 4148
日期: 2007-10-22
事件: 13:55:36
用户: N/A
计算机: HQ-MAIL1
描述:
在此群集节点上的群集服务启动之前,MS DTC 服务已启动。此服务将被停止。 如果已将 MSDTC 配置为在群集上运行,则在群集服务启动时,群集服务将使
MS DTC 资源变为联机。错误说明:
d:\nt\com\complus\dtc\shared\mtxclu\mtxclusetuphelper.cpp:932, Pid: 2368,
CmdLine: "C:\WINDOWS\cluster\resrcmon.exe" -e 932 -m 944 -p 2800
然后我查了下说最好把MSDTC 添加到 windows cluster 的资源里面,但是添加MSDTC
要用到仲裁磁盘,CCR安装的时候用的不是这个模式,所以无法添加。
我现在卸载了这个服务,不知道会不会有影响?
而且我如果手动尝试启动MSDTC这个服务的话会报错:
事件类型: 错误
事件来源: MSDTC
事件种类: 群集
事件 ID: 4384
日期: 2007-10-23
事件: 14:11:27
用户: N/A
计算机: HQ-MAIL2
描述:
由于未将 MS DTC 配置为在群集上运行,MS DTC 无法启动。请通过群集管理员创建 MS DTC 资源。错误说明:
d:\nt\com\complus\dtc\shared\mtxclu\mtxclusetuphelper.cpp:534, Pid: 3068,
CmdLine: C:\WINDOWS\system32\msdtc.exe
有关更多信息,请参阅在 http://go.microsoft.com/fwlink/events.asp 的帮助和支持中心。
数据:
0000: 01 00 00 00               ....

A:

您好!
微软只支持将 MSDTC作为群集资源运行在群集节点上。有关MSDTC的详细信息,请您参考下面的链接:
You may receive error messages when you start MSDTC on a node of a cluster server
http://support.microsoft.com/default.aspx?scid=kb;EN-US;305742
对于您的问题,您可以通过Cluster Administrator工具来将MSDTC配置为群集资源来修复。有关如何配置MSDTC的详细信息,请您参考下面的链接:
How to configure Microsoft Distributed Transaction Coordinator on a Windows Server 2003 cluster
http://support.microsoft.com/default.aspx?scid=kb;EN-US;301600
希望我的回答对您有所帮助,如果您还有什么不清楚的,请继续发帖!
望正茂
在线技术支持工程师
微软全球技术支持中心

posted @ 2007-11-17 20:43 yotu 阅读(911) | 评论 (0)编辑 收藏

我会尽快完成本文的翻译工作,同步更新到首页中

Microsoft® Exchange Server 2007 stores many types of information in the Active Directory® directory service. Exchange 2007 domains correspond to Active Directory domains for purposes of server and user administration. The first time Exchange 2007 is installed into an Exchange 2007 domain hierarchy, the Active Directory schema is extended to accommodate the Exchange containers and properties. Exchange communicates with the Active Directory Global Catalog server through the Exchange DSProxy service.

Users and Groups


Exchange 2007 uses the Active Directory user and group account information to represent Exchange users and groups. In an Exchange 2007 environment, Active Directory users and groups marked with Exchange-specific attributes indicate whether they are Mail-disabled, Mail-enabled or Mailbox-enabled. User accounts that are marked as Mail-enabled are valid recipients for e-mail messages, even though they might not have a local mailbox. User accounts that are marked as Mailbox-enabled have a mailbox in the Exchange system.

Microsoft Windows Server® operating systems groups that are Mail-enabled are similar to distribution lists in Exchange Server 5.5. Messages sent to the Mail-enabled group are distributed to each mail-enabled member of the group.

The Exchange Recipient Update Service (RUS) ensures that the Exchange mailboxes and configuration are synchronized with changes made to the Active Directory user and group information.

Exchange 2007 administrators use the Exchange 2007 Users and Computers Microsoft Management Console (MMC) snap-in to administer user and group accounts. Applications written for Exchange 2007 can access user and group information stored in Exchange 2007 by using LDAP or Active Directory Service Interfaces (ADSI).

Exchange Configuration


Exchange also stores its own configuration data inside Active Directory. This includes the definition of administrative groups, routing groups, configuration settings for protocol virtual servers, and so on.

Exchange Metabase Update Service


Microsoft Internet Information Services (IIS), delivered with Windows Server, stores configuration data in the IIS metabase store. When Exchange 2007 is installed onto a computer, the IIS metabase configuration information is copied into Active Directory. Exchange modifies the information in Active Directory, and the Exchange Metabase Update service replicates the information from Active Directory to the IIS metabase. The Metabase Update service is part of the Exchange System Attendant. This replication occurs only from Active Directory into the IIS metabase, and changes made directly to the IIS metabase will be lost. The Metabase Update service updates the IIS metabase every couple minutes, so there may be a delay before changes take effect.

Accessing Active Directory Programmatically


LDAP and ADSI are commonly used to manage user data in Exchange 2007, and can be used in an Exchange 2007 environment. However, for applications that need to access data in Exchange, using the appropriate CDO for Exchange 2000 Server (CDOEX), CDO for Exchange Management (CDOEXM), or CDO for Workflow (CDOWF) Component Object Model (COM) objects, and the Exchange Microsoft Windows® Management Instrumentation (WMI) providers is recommended.

posted @ 2007-11-17 20:41 yotu 阅读(581) | 评论 (0)编辑 收藏

Q:
我的Exchange Server环境如下:OS:Windows2003+SP2,Ex:Exchange2003+SP2+最新的IMF更新。
智能垃圾邮件过滤设定:大于等于5分的收到User的垃圾邮件文件夹,大于等于6分的被Server过滤并存档。这样还是有部分正常邮件被挡掉,我把正常发送方的邮件Server的IP加到全部接受列表里后还是会被挡掉部分正常邮件,请问我该如何设定才能把一个域名发来的邮件全部接收?IMF给邮件打分都有哪些标准?我用工具看到有些邮件应该属正常邮件,但分值却较高。所以想请教下打分的依据。

A:
您好!
根据我的研究,在连接器筛选->全局接受列表中添加的地址,不会再应用IMF。如果从这些地址发送的邮件,仍然应用IMF,请确认IMF是否在网关上应用。如果不是在网关上应用,那么这个设置不会生效,因为当Exchange 接收邮件时,源地址已经不再是邮件的原始服务器的地址。
另外,可以通过第三方的软件实现发件方域名的白名单,以下该软件的链接:
http://www.nemx.com/products/powertools/HowTo/ExchangeIMFWhiteList.asp

IMF 的评分标准,是根据IMF 学习到的垃圾邮件的特征,与接收的邮件进行对比。IMF 学习到的垃圾邮件的特征是随着IMF 的更新而不断变化的。为了提高过滤的效率,推荐设置自动更新IMF。
更多关于IMF 的问题,请参考操作指南,以下是该文档的下载链接:
http://www.microsoft.com/downloads/details.aspx?displaylang=zh-cn&FamilyID=B1218D8C-E8B3-48FB-9208-6F75707870C2

罗俊华
在线技术支持工程师
微软全球技术支持中心

posted @ 2007-11-17 20:39 yotu 阅读(915) | 评论 (0)编辑 收藏

Q:

事件类型: 错误
事件来源: MSExchangeSA
事件种类: 常规
事件 ID: 9317
日期: 2007-11-12
事件: 10:12:34
用户: N/A
计算机: HQ-BOX-SE
描述:
为 exchangeRFR 注册服务主体名称失败;错误代码是 c0072098。

2007 CCR环境,我在主/被动邮箱服务器间切换的时候会有如上的错误,但邮箱功能没有问题,请问这个错误如何解决.

A:

您好!
这是Exchange 2007 的一个已知问题,通过 Add-ADPermission 添加权限到群集节点对象来解决该问题。解决方法如下:
1. Run the following command in the Exchange Management Shell.
add-ADPermission -Identity "cn=exchange-cms,cn=computers,dc=mydomain,dc=com" -User "node-cl1$" -AccessRights WriteProperty -Properties "Validated-SPN"
Note The -Identity parameter specifies the identity of the object to which the permissions are being granted. The -Identity parameter requires the full name of the user in quotation marks. The "cn=exchange-cms,cn=computers,dc=mydomain,dc=com" placeholder is the clustered Exchange mailbox server distinguished name. The -User parameter specifies the object to which the permissions are being granted. The "node-cl1$" placeholder is the name of the cluster node followed by the dollar sign to specify that it is a computer object.
2. Replace the value of the -User parameter with the next cluster node, and then run the add-ADPermission command again.
Note You must run the add-ADPermission command one time for each node in the Exchange 2007 cluster.
更多的信息,请参考以下文章:
Event ID 9317 is logged when the Microsoft Exchange System Attendant service comes online on an Exchange 2007 cluster node
http://support.microsoft.com/default.aspx?scid=kb;EN-US;935676

罗俊华
在线技术支持工程师
微软全球技术支持中心

posted @ 2007-11-17 20:38 yotu 阅读(929) | 评论 (0)编辑 收藏

Q:

在exchange 2007中如果有的帐户出现问题,接收或者发送有问题的帐户,或者owa登陆有问题的帐户,将帐户删除掉后,然后重新创建后,owa出现以下的提示错误:
Outlook Web Access 未找到 S-1-5-21-3668795194-611804720-3197525248-1246 的邮箱。如果问题持续存在,请与组织的技术支持联系,并告诉他们下列情况: 邮箱可能存储在Microsoft Exchange 2000 或 Microsoft Exchange 2003 服务器上,或此 Active Directory 用户帐户是最近创建的,尚未复制到承载此客户端访问服务器的 Active Directory 站点。
不过这个问题需要一段时间,比如过了三四个小时或者更长的时间该帐户才能正常登陆,请问一下,如果重新建立的帐户需要怎么样才能缩短这三四个小时的延长时间.

A:

您好!
这与您的网络结构和网络状况有关。您可以强制DC的复制,来缩短这个等待的时间。在对帐号执行操作后,在DC上,运行Repadmin /syncall /e,/e参数使得站点的复制也立即启动。
如果有什么问题,请继续发帖。
罗俊华
在线技术支持工程师
微软全球技术支持中心

posted @ 2007-11-17 20:36 yotu 阅读(1592) | 评论 (0)编辑 收藏
many organization used outlook to send/receive their e-mail in the exchange environment, but sometimes many company maybe not use Outlook Client, then will be otherways like Mozilla.
Sometimes i need to deployment other messaging system like Domino, so what the true about MAPI with exchange 2007? How pop with outlook or late version in the exchange environment?
below we found some good introduction about MAPI, so enjoy it.
MAPI can be used to access items and folders within public and private stores, as well as the properties stored along with each item. MAPI is used by various industry-standard e-mail clients, such as the Microsoft® Exchange client, all versions of Microsoft Outlook® and Outlook Express, and many versions of proprietary clients, including those sold by QUALCOMM Incorporated (Eudora) and Netscape Communications Corporation. Previous versions of Exchange Server provided stores that were accessed primarily by using MAPI providers.
A request from a MAPI client, such as Outlook, to view a mailbox store or a public store is sent as a remote procedure call (RPC) to the Exchange Server 2007 . Because Outlook is a MAPI client, the request must go through MAPI on both the client and the server. The Exchange store processes the request and maps the requested folders or items to the equivalent MAPI properties. The requested information is then sent back through the MAPI layers to Outlook as a RPC.
The following illustration shows the relationship between MAPI clients and the Exchange store:

Exchange 2007 continues to provide access to MAPI clients, such as Outlook, through the Exchange store MAPI message-store provider. MAPI clients can access mailboxes in any private store on the server transparently. MAPI clients can access only one public folder tree per server. This public folder tree is designated as the MAPI public folder tree, and is normally specified as the /public virtual root through HTTP and as the Public Folders top-level folder through the Exchange OLE DB (ExOLEDB) provider. To access data within other public folder trees and associated public stores, you must use the new application programming interfaces (APIs) and protocols, such as the WebDAV protocol, the ExOLEDB provider, or the file system.
posted @ 2007-11-17 20:30 yotu 阅读(805) | 评论 (0)编辑 收藏
  • Local Continuous Replication (LCR)   LCR is a single-server solution that uses built-in asynchronous log shipping technology to create and maintain a copy of a storage group on a second set of disks that are connected to the same server as the production storage group. LCR provides log shipping, log replay, and a quick manual switch to a secondary copy of the data.
  • 本地连续复制 (LCR) LCR 是一种单服务器解决方案,它使用内置异步日志传送技术,在与生产存储组所在的服务器相连接的另一个磁盘集上创建并维护存储组的副本。LCR 提供日志传送、日志重播以及到数据的辅助副本的快速手动切换。
  • Cluster Continuous Replication (CCR)   CCR is a clustered solution that uses built-in asynchronous log shipping technology to create and maintain a storage group copy on a second server. CCR is designed to be either a one or two datacenter solution, providing both high availability and site resilience.
  • 群集连续复制 (CCR) CCR 是一种群集解决方案,它使用内置异步日志传送技术,在另一个服务器上创建并维护存储组副本。CCR 针对一个或两个数据中心解决方案而设计,可以提供高可用性和站点弹性。
  • Standby Continuous Replication (SCR)   SCR is a new feature introduced in Exchange 2007 SP1. As its name implies, SCR is designed for scenarios that use or enable the use of standby recovery servers. SCR extends the existing continuous replication features and enables new data availability scenarios for Exchange 2007 Mailbox servers. SCR uses the same log shipping and replay technology used by LCR and CCR to provide added deployment options and configurations. SCR can be used to replicate data from stand-alone Mailbox servers and clustered mailbox servers.
  • 备用连续复制 (SCR) SCR 是 Exchange 2007 SP1 中引入的新功能。顾名思义,SCR 是专门用于使用或启用备用恢复服务器的方案。SCR 会扩展现有连续复制的功能,并使新数据可用于 Exchange 2007 邮箱服务器。SCR 使用与本地连续复制 (LCR) 和群集连续复制 (CCR) 相同的日志传送和重播技术,以提供更多的部署选项和配置。SCR 可以用于从独立的邮箱服务器和群集邮箱服务器复制数据。
  • Single Copy Clusters (SCC)   SCC is a clustered solution that uses a single copy of a storage group on storage that is shared between the nodes in the cluster. SCC is very similar to clustering in previous versions of Exchange Server, with some significant changes and improvements.
  • 单一副本群集 (SCC) SCC 是一种群集解决方案,它使用存储器(在群集中的节点之间共享)上存储组的单一副本。SCC 与早期版本的 Exchange Server 中的群集非常相似,但有一些显著的更改和改进。
  • posted @ 2007-11-17 20:28 yotu 阅读(683) | 评论 (0)编辑 收藏
    仅列出标题  

    公告

    welcome to EHLO.Ex, my name is yotu. This is my running collection of TechNotes about Exchange, Unified Communications, NetApp, Windows platform, and other stuff.

    导航

    <2017年12月>
    262728293012
    3456789
    10111213141516
    17181920212223
    24252627282930
    31123456

    随笔分类(12)

    随笔档案(8)

    搜索

    最新评论

    阅读排行榜

    评论排行榜