Thursday, November 17, 2011

Exchange 2010 Provisioning

A long time ago when I first started working with MaXware Identity Center, I had to pass a hands on test to demonstrate my proficiency with Identity Center and Virtual Directory. The part of this whole exam that scared me the most was provisioning to Microsoft Exchange.  Long story short, I aced the exam and successfully provisioned to all of my target systems including Exchange.

Recently I was asked to set up provisioning to Microsoft Exchange 2010 specifically via PowerShell. So I got to earn a little education along the way.
 
To start with there are a few pre-requisites that you need:
  1. Ensure 64 bit PowerShell 2.0 is installed on the server
  2. Ensure that the Exchange 2010 Console is installed on the server
There are a few steps that I’m going to skip along the way mostly because they deal more with PowerShell scripting than Identity Management.
 
You’ll need to create a script which I refer to as exchprov.ps1. PowerShell will need to be configured to store the password for the Service Account as a PowerShell Credential object.
 
#Gather Parameters
Param($MSKEYVALUE,$EXCH_URL,$EXCH_DB)
#user info
$user = "IDMSERVICEACCOUNT"
$password = (get-content d:\pshell\zservice.idm)  | ConvertTo-SecureString
$cred = New-Object -TypeName System.Management.Automation.PSCredential -argumentlist $user, $password
#session info
$session = New-PSSession -Configurationname microsoft.exchange –ConnectionUri $EXCH_URL -Credential $cred
Import-PSSession $session
#actual work!
Add-PSSnapin Microsoft.Exchange.Management.PowerShell.E2010
enable-mailbox -Database $EXCH_DB $MSKEYVALUE
#close session
Remove-PSSession $session


The code receives three parameters to hold the MSKEYVALUE, Exchange Server and Exchange Database. Then reads the service account ID and password. It then opens a session and imports it to the local system. When this is done the Exchange Snap-in gets loaded and the mailbox is created based on the Exchange Server and Database that were passed. When this is all done the session gets closed out.
 
In closing, as usual there were a number of people who helped out with the creation of this process, Exchange Admins, PowerShell experts and other smart people.  However, there are a couple of people that I’d like to thank because you stood behind me all those years ago when I provisioned Exchange for the first time.  Thanks, guys!
Post a Comment