One of the ways to use shared mailbox with exchange is to grant “Full Access” and “Send As” access through security group. With the latest exchange security group must be universal and mail enabled. Recently I had to create
bunch of mailboxes and found the process… repeating and boring, then I decided that there must be a way to automate it, since it is repeating the same thing again and again. The end result is the following script/form – what it does in short is:
- Creates Security Group and Mail Enable it
- Creates Shared Mailbox (could be done only through PowerShell)
- in preselected Active Directory OU – for both ,mail group and mailbox
- In preselected Mailbox Database
- Through predefined domain controller, otherwise it may fail when applying permissions, replication doesn’t happen that quick
- Writes a simple log file in a folder named Log in the current directory
Sample script for three different active directory sites, each one containing own mail groups and mailboxes Organization Units. What you have to do is to change is $MGroupPath, $MailboxDatabase and $MailboxOrgUnit to reflect your own environment. Script require RunAsAdministrator, PowerShell version 4.0 or above and Microsoft.Exchange.Management.Powershell.Snapin so run it from the exchange. Tested on exchange 2016.
It’s probably not the best or the fastest/prettiest thing on earth, but it does the job fine and made my colleagues happy, that is something, right :). As usual I cannot be blamed if something goes wrong and your exchange environment explode, but feel free to let me know in the comments. Download link is under the script.
#requires -version 4.0
#requires -RunAsAdministrator
<#
.Synopsis
Exchange 2013/2016 on Premises Mailbox Creator
.Description
Mailbox Creator simplifies Exchange New mailbox creation, allowing us to
create mailboxes by simply typing the mailgroup and mailbox name
.Parameters
No need to be entered
.Inputs
M Group Name
Mailbox Name
.Outputs
Shared Mailbox with Send As and FullAccess permissions granted to the M Group.
.Notes
Version: 1.1
Author: Ivan Spiridonov
Creation Date: 04 December 2020
Purpose: Initial Script Development
Change Date: 04 December 2020
Change: Added M Group AD Creation and enable. Default DC Server Set. Delay removed, not needed anymore.
.Example
Run the script in elevated powershell prompt, paste the M Group name, paste/type Mailbox Name, select site where it is needed.
#>
Add-Type -AssemblyName System.Windows.Forms
Add-Type -AssemblyName System.Drawing
Add-PSSnapin Microsoft.Exchange.Management.Powershell.Snapin
$Global:LogFilePath = ".\Log\CreatedMailboxes_$((Get-Date).ToString("dd-MM-yyyy")).log"
$to = ".\Log"
if (!(Test-Path -path $to)) {
New-Item $to -Type Directory
}
#Set Preffered Server - it's session valid only
Set-ADServerSettings -PreferredServer DC2.domain.name.com
function Write-Log {
param (
[parameter(Mandatory)]
[string]$Message,
[parameter()]
[ValidateSet("1", "2", "3")]
[int]$Severity = 1 #defaults to low severity, otherwise, override
)
$line = [PsCustomObject]@{
"DateTime" = (Get-Date)
"Message" = $Message
"Severity" = $Severity
}
$line | Export-Csv -path $LogFilePath -Append -NoTypeInformation
}
function Dummy {
[System.Windows.Forms.MessageBox]::Show($MailboxName.Text + " Mailbox Created Successfully")
$MBGroup.Text = ''
$MailboxName.Text = ''
}
function Create-SharedMailbox {
param (
#Same as Mailbox Diplay Name - Maibox Name WHATEVER WHATEVER
[Parameter(Mandatory=$true)]
[string]
$MailboxName,
#Usually mailbox group name without the space after M
[Parameter(Mandatory=$true)]
[string]
$MailboxAlias,
# Where To Create the maibox (Which OU)
[Parameter(Mandatory=$true)]
[string]
$MailboxOrgUnit,
#01DB or 02DB for Site1, 01SGGDB for Site 2, 01CEDB for Site 3
[Parameter(Mandatory=$true)]
[string]
$MailboxDatabase,
#Mailbox Diplay Name - Maibox Name WHATEVER WHATEVER
[Parameter(Mandatory=$true)]
[string]
$MailboxDisplayName,
#Primary SMTP Address - Group Name without space + @domain.name.com
[Parameter(Mandatory=$true)]
[string]
$SMTPAddress,
#Mailbox Group created in advance in _MailBox
[Parameter(Mandatory=$true)]
[string]
$MGroupName
)
New-mailbox -Shared -Name $MailboxName -Alias $MailboxAlias -OrganizationalUnit $MailboxOrgUnit -Database $MailboxDatabase.text -PrimarySMTPAddress $SMTPAddress
#Grant SendAs
#Add-ADPermission $MailboxName -User $MBGroup -ExtendedRights "Send As"
#Grant Full Access
#Add-MailboxPermission -identity $MailboxName -User $MBGroup -AccessRights FullAccess -InheritanceType all
}
[System.Windows.Forms.Application]::EnableVisualStyles()
$MailboxCreatorForm = New-Object System.Windows.Forms.Form
$MailboxCreatorForm.ClientSize = '600,300'
$MailboxCreatorForm.Text = "Exchange Lazy Mailbox Creator Form"
$MailboxCreatorForm.BackColor = "#e3b5a4"
$MailboxCreatorForm.StartPosition = "centerScreen"
$MailboxCreatorForm.FormBorderStyle = 'FixedDialog'
$MailboxCreatorForm.TopMost = $true
$MailboxCreatorForm.Font = New-Object System.Drawing.Font("Times New Roman", 10)
$titles = New-Object System.Windows.Forms.Label
$titles.text = "Lazy Mailbox Creator"
$titles.AutoSize = $true
$titles.Width = 35
$titles.Height = 10
$titles.Location = New-Object System.Drawing.Point(40,20)
$titles.Font = [System.Drawing.Font]::new("Times New Roman", 11, [System.Drawing.FontStyle]::Bold)
$MailboxDatabase = New-Object System.Windows.Forms.ComboBox
$MailboxDatabase.DropDownStyle = [system.windows.forms.comboboxstyle]::DropDown
$MailboxDatabase.Width = 200
$MailboxDatabase.Height = 10
$MailboxDatabase.Location = New-Object System.Drawing.Point(40,40)
@("Site1", "Site2", "Site3") | ForEach-Object {[void] $MailboxDatabase.Items.Add($_)}
$MailboxDatabase.SelectedIndex = 0
$MailboxCreatorForm.Controls.Add($MailboxDatabase)
if ($MailboxDatabase.Text -eq "Site1"){
$MailboxDatabase = "02DB"
$MGroupPath = "OU=_Mail Groups,OU=Groups,OU=OUName,DC=domain,DC=name,DC=com"
}
if ($MailboxDatabase.Text -eq "Site2"){
$MailboxDatabase = "01CEDB"
$MGroupPath = "OU=_Mail Groups,OU=Groups,OU=OUNAME,DC=domain,DC=name,DC=com"
}
if ($MailboxDatabase.Text -eq "Site3"){
$MailboxDatabase = "01SGDB"
$MGroupPath = "OU=_Mail Groups,OU=Groups,OU=OUNAME,DC=domain,DC=name,DC=com"
}
$MBTextLabel3 = New-Object System.Windows.Forms.Label
$MBTextLabel3.Text = "Select Database Site" #"01DB and 02DB-Site1, 01SGDB-Site2, 01CEDB-Site3"
$MBTextLabel3.Height = 15
$MBTextLabel3.Width = 300
$MBTextLabel3.Location = New-Object System.Drawing.Point(260,45)
$MBGroup = New-Object System.Windows.Forms.Textbox
#$MBGroup.Text = "Mailgroup from AD"
$MBGroup.Width = 200
$MBGroup.Height = 10
$MBGroup.Location = New-Object System.Drawing.Point(40,60)
$MBGroup.BorderStyle = 'FixedSingle'
$MailboxCreatorForm.Controls.Add($MBGroup)
$MBTextLabel = New-Object System.Windows.Forms.Label
$MBTextLabel.Text = "Mailbox Group"
$MBTextLabel.Height = 15
$MBTextLabel.Width = 400
$MBTextLabel.Location = New-Object System.Drawing.Point(260,65)
$MBOU = New-Object System.Windows.Forms.ComboBox
$MBOU.Height = 10
$MBOU.Width = 200
$MBOU.Location = New-Object System.Drawing.Point(40,80)
@("Site1", "Site2", "Site3") | ForEach-Object {[void] $MBOU.Items.Add($_)}
$MBOU.SelectedIndex = 0
$MailboxCreatorForm.Controls.Add($MBOU)
if ($MBOU.SelectedText = "Site1"){
$MailboxOrgUnit = "OU=Mailbox Users,OU=Users,OU=OUNAMESite1,DC=domain,DC=name,DC=com"
}
if ($MBOU.SelectedText = "Site3"){
$MailboxOrgUnit = "OU=Mailbox Users,OU=Users,OU=OUNAMESite2,DC=domain,DC=name,DC=com"
}
if ($MBOU.SelectedText = "Site2"){
$MailboxOrgUnit = "OU=Mailbox Users,OU=Users,OU=OUNAMESite3,DC=domain,DC=name,DC=com"
}
$MBTextLabel1 = New-Object System.Windows.Forms.Label
$MBTextLabel1.Text = "Where to Create this Mailbox - OU"
$MBTextLabel1.Height = 15
$MBTextLabel1.Width = 200
$MBTextLabel1.Location = New-Object System.Drawing.Point(260,85)
$MailboxName = New-Object System.Windows.Forms.Textbox
#$MailboxName.Text = "MAILBOX NAME WHATEVER"
$MailboxName.Height = 10
$MailboxName.Width = 200
$MailboxName.Location = New-Object System.Drawing.Point(40,100)
$MailboxDisplayName = $MailboxName.Text
$MBTextLabel2 = New-Object System.Windows.Forms.Label
$MBTextLabel2.Text = "Mailbox Name"
$MBTextLabel2.Height = 15
$MBTextLabel2.Width = 150
$MBTextLabel2.Location = New-Object System.Drawing.Point(260,105)
$Description = New-Object System.Windows.Forms.Label
$Description.Text = "Just paste M Group in M Group field and mailbox ` Name in Mailbox Name field, everything will be created, no need to precreate anything. `
Permission and description will be added. Happy mailbox creation."
$Description.Height = 50
$Description.Width = 420
$Description.Location = New-Object System.Drawing.Point(40,160)
$cancelButton = New-Object System.Windows.Forms.Button
$cancelButton.Text = "Cancel"
$cancelButton.Location = New-Object System.Drawing.Point(400,260)
$cancelButton.UseVisualStyleBackColor = $true
$cancelButton.FlatStyle = 3
$cancelButton.DialogResult = [System.Windows.Forms.DialogResult]::Cancel
$submitButton = New-Object System.Windows.Forms.Button
$submitButton.Text = "Submit"
$submitButton.Location = New-Object System.Drawing.Point(500,260)
#$submitButton.ForeColor = "Red"
#$submitButton.BackColor = "#8eb19d"
$submitButton.FlatStyle = 3
$submitButton.Font = [System.Drawing.Font]::new("Times New Roman", 11, [System.Drawing.FontStyle]::Bold)
$submitButton.Add_Click({
Write-Log -Message "Creating Mail Group $MBGroup"
New-ADGroup -Name $MBGroup.Text -GroupCategory Security -GroupScope Universal -Description $MailboxName.Text -Path $MGroupPath -Server DC2.domain.name.com | Enable-DistributionGroup $MBGroup.Text
Write-Log -Message "$MBGroup.Text Created and mail enabled"
Write-Log -Message "Starting Mailbox Creation of mailbox $MailboxName.Text"
Create-SharedMailbox -MailboxName $MailboxName.Text -MailboxAlias ($MBGroup.Text -replace '\s+', "") -MailboxOrgUnit $MailboxOrgUnit -MailboxDatabase $MailboxDatabase -MailboxDisplayName $MailboxName.Text `
-SMTPAddress (($MBGroup.Text -replace '\s+', "") + '@domain.name.com') -MGroupName $MBGroup.Text
Write-Log -Message "$MailboxName created successfully"
#Grant SendAs
#Start-Sleep -s 5
Add-ADPermission $MailboxName.Text -User $MBGroup.Text -ExtendedRights "Send As"
write-log "Send AS permissions granted to $MBGroup over $MailboxName"
#Grant Full Access
Add-MailboxPermission -identity $MailboxName.Text -User $MBGroup.Text -AccessRights FullAccess -InheritanceType all
write-log "Full Access permissions granted to $MBGroup over $MailboxName"
Write-Log -Message "Mailbox Creation Completed"
})
$submitButton.Add_Click({Dummy})
$MailboxCreatorForm.Controls.Add($submitButton)
$MailboxCreatorForm.Controls.AddRange(@($titles,$MailboxDatabase,$MBGroup, $MBTextLabel, $MBOU, $MBTextLabel1, $MailboxName, $MBTextLabel2,$MBTextLabel3, $Description, $cancelButton, $submitButton))
[void]$MailboxCreatorForm.ShowDialog()
Leave a Reply