Hi,

I want to run a Powershell 'script' from a web page to create a mailbox for an existing AD account.

Below is the basic powershell script which works fine as long as you do a solid validation of all input variables for name, mailaddress and storage groups and so on first.

....
 Enable-Mailbox -Identity "mydomain\$name" -Alias $name -Database $Storage
 
 # now fix the settings that the policy messed up ...
 $mbx=get-mailbox $name    # get a handle to the new mailbox
 $mbx.EmailAddressPolicyEnabled=0  # remove policy to allow changing primary address
 $mbx.EmailAddresses.Clear()   # remove all old mail addresses generated by policy !
 $mbx.EmailAddresses.Add($mailaddress)  # add primary smtp address
 if ($mailcomaddress) {           # add the secondary smtp address (.com) if needed
   $mbx.EmailAddresses.Add($mailcomaddress)
  }
 $mbx.WindowsEmailAddress=$mailaddress  # update windows .mail property
 $mbx | set-Mailbox      # save changes
...

Now I want to do the same in an ASP.Net page using remoting. But I can't see how to run a command that get the handle to a mailbox account, assign it to a variable and then continue to use the handle again on the next command. Just like the $mbx variable above...

Sample code for Powershell Remoting pulled from MS Web-site documentation:

'Basic setup of Exchange shell runspace and pipeline
Dim myRunspace As Runspace
myRunspace = RunspaceFactory.CreateRunspace()
Dim rsConfig As RunspaceConfiguration
rsConfig = RunspaceConfiguration.Create()
Dim snapInException As PSSnapInException
Dim info As PSSnapInInfo
info = rsConfig.AddPSSnapIn("Microsoft.Exchange.Management.PowerShell.Admin", snapInException)
myRunspace = RunspaceFactory.CreateRunspace(rsConfig)
myRunspace.Open()
Dim pipeLine As Pipeline
pipeLine = myRunspace.CreatePipeline()

'Create some command on the pipeline

Dim myCommand As New Command("Get-Command")
pipeLine.Commands.Add(myCommand)

' add parameters
Dim verbParam As New CommandParameter("Verb", "Get")
myCommand.Parameters.Add(verbParam)
Dim psSnapInParam As New CommandParameter("PSSnapIn", "Microsoft.Exchange.Management.PowerShell.Admin")
myCommand.Parameters.Add(psSnapInParam)

' Invoke and get result
Dim commandResults As Collection(Of PSObject)
commandResults = pipeLine.Invoke()

' loop results
lblStatus.Text = ""   'This is a label control on the web page...
For Each cmdlet As PSObject In commandResults
Dim cmdletName As String
cmdletName = cmdlet.Properties("Name").Value.ToString()
lblStatus.Text += cmdletName
Next


Could anyone with better knowledge please enlighten me... is this possible to do, and if so then how?

Best regards
Frode D

It's me again. Just tried to do this another way by Set-Mailbox command with remoting:

'Create a command on the pipeline
Dim myCommand As New Command("Set-Mailbox")

'Add parameters
myCommand.Parameters.Add("Identity", "mydomain\myuser")
myCommand.Parameters.Add("EmailAddresses", "test@mydomain.com")
myCommand.Parameters.Add("WindowsEmailAddress", "test@mydomain.com")
myCommand.Parameters.Add("Confirm", True)
myCommand.Parameters.Add("EmailAddressPolicyEnabled", False)
pipeLine.Commands.Add(myCommand)

' Invoke and get result
Dim commandResults As Collection(Of PSObject)
commandResults = pipeLine.Invoke()


This gives me two new issues:
1) No change is saved to the mailbox, even if I get no errors. If I try a normal command like first example on top of page here, which just reads data, it works fine.
2) How can you pass more than one value to the EmailAddresses parameter? In PS you can just call -EmailAddresses "first@mydomain.com" , "second@mydomain.com". I can find no explanation on how to construct a valid Microsoft.Exchange.Data.ProxyAddressCollection here...

Any tip is welcome

Best regards
Frode D

If your patient enough to wait until late next week, I'll try to find time to try this. Are you pretty good at translating C# to VB.NET?

Another update...

Below is a code sample which only works on my local pc ASP.Net Cassini web server (since it runs as current user in the domain) ...
Some error checking of input parameters are omitted here


Protected Function PowerShellMailEnableUser(ByVal Domain As String, ByVal UserName As String, ByVal Storage As String, ByVal PrimarySMTP As String, Optional ByVal SecondarySMTP As String = "", Optional ByVal Language As String = "") As Boolean

'Define list of smtp addresses. Use SMTP upper case in front of primary address
Dim addresses As New ArrayList
addresses.Add("SMTP:" & PrimarySMTP)
addresses.Add("smtp:" & SecondarySMTP)

Try
'Basic setup of Exchange shell runspace and pipeline
Dim myRunspace As Runspace
myRunspace = RunspaceFactory.CreateRunspace()
Dim rsConfig As RunspaceConfiguration
rsConfig = RunspaceConfiguration.Create()
Dim snapInException As PSSnapInException
Dim info As PSSnapInInfo
info = rsConfig.AddPSSnapIn("Microsoft.Exchange.Management.PowerShell.Admin", snapInException)
myRunspace = RunspaceFactory.CreateRunspace(rsConfig)
myRunspace.Open()
Dim pipeLine As Pipeline

'Powershell Command to mail enable user
'Enable-Mailbox -Identity "domain\username" -Alias username -Database StorageGroup

'Command with parameters
Dim EnableBox As New Command("Enable-Mailbox")
EnableBox.Parameters.Add("Identity", Domain & "\" & UserName)
EnableBox.Parameters.Add("Alias", UserName)
EnableBox.Parameters.Add("Database", Storage.ToString)

'Add to pipeline, invoke and get result
pipeLine = myRunspace.CreatePipeline()
pipeLine.Commands.Add(EnableBox)
Dim EnableBoxResults As Collection(Of PSObject)
EnableBoxResults = pipeLine.Invoke()

'Checks pipeline errors. If any throw exception
If pipeLine.Error IsNot Nothing AndAlso pipeLine.Error.Count > 0 Then
Dim temp As String = ""
For Each item As Object In pipeLine.Error.ReadToEnd
temp = item.ToString & vbNewLine
Next
Throw New ArgumentException(temp)
End If

'Powershell Command to adjust settings
'Set-Mailbox -Identity "domain\username" -EmailAddressPolicyEnabled 0 -Languages "en-US" -EmailAddresses ("SMTP:mail1@something.com","smtp:mail2@something.com") -WindowsEmailAddress "mail1@something.com"

'Command with parameters
Dim ChangeBox As New Command("Set-Mailbox")
ChangeBox.Parameters.Add("Identity", Domain & "\" & UserName)
'ChangeBox.Parameters.Add("Confirm", 1) 'Not needed, gives trouble !
ChangeBox.Parameters.Add("WindowsEmailAddress", PrimarySMTP)
ChangeBox.Parameters.Add("EmailAddresses", addresses)
ChangeBox.Parameters.Add("EmailAddressPolicyEnabled", 0) 'Must be turned off to change primary SMTP
If Language.Length > 0 Then ChangeBox.Parameters.Add("Languages", Language)
'Languages: An acceptable value for this parameter is a combination of an ISO 639 two-letter lowercase culture code associated with a language and an ISO 3166 two-letter uppercase subculture code associated with a country or region.
'http://msdn2.microsoft.com/en-us/li...einfo.aspx

'Add to pipeline, invoke and get result
pipeLine = myRunspace.CreatePipeline()
pipeLine.Commands.Add(ChangeBox)
Dim ChangeBoxResults As Collection(Of PSObject)
ChangeBoxResults = pipeLine.Invoke()

'Checks pipeline errors. If any throw exception
If pipeLine.Error IsNot Nothing AndAlso pipeLine.Error.Count > 0 Then
Dim temp As String = ""
For Each item As Object In pipeLine.Error.ReadToEnd
temp = item.ToString & vbNewLine
Next
Throw New ArgumentException(temp)
End If

' Close pipeline and runspace
myRunspace.Close()
myRunspace = Nothing
pipeLine = Nothing

Return True
Catch ex As Exception

'Log error to web page ...

Return False
End Try
End Function


Now the remaining issue is impersonation on the production web site.
The Powershell code above only give the following error: Access to the address list service on all Exchange 2007 servers has been denied
All info found on the web suggest this is an impersonation issue.

The old type of impersonation I've been using for ADSI / LDAP user creation does not work: http://support.microsoft.com/kb/306158
Some info found on the web suggest that PS actively block impersonation, and that you must resort to WCF building blocks. If this is true, it's beyond my current .Net Programming level. Some ideas may be found here if you are up to the challenge: http://msdn2.microsoft.com/en-us/li...30088.aspx

Any help with getting this soloution online is greatly appreciated, I see there are more than me who want to do this ...

Bes regards
Frode D

Frode;

This is how I do it for Exchange 2007:

(Replace CAS Server(s) with OWA Server(s), and this should work fine for 2003 also)

1) Create a service account on your AD that has permissions in Exchange.
2) Setup a new Application Pool in IIS on your CAS servers.
3) Use the account created in #1 for the identity on the Application Pool.
4) Put your website in the new pool
5) Use NTFS permissions to provide access to the website.
6) Use Windows authentication in your web.config

Then, once someone is authenticated on the website, all Exchange processes are run as the service account created in step #1 - No impersonation needed.


On your CAS server(s):

Put the account you created in step 1 in the IIS_WPG local group on your CAS server(s)

Then, you need to add the account to the CAS server(s) local policy "Act as part of the operating system" - follow the below steps:

Open a command prompt
Type secpol.msc and hit enter
Wait a bit, for the "Local Security Settings" window to open
In the left pane double click "Local Policies"
Once again, In the left pane double click "User Rights Assignment"
In the right pane, double click "Act as part of the operating system"

Add the service account you created.

Karl

Thank you Karl, that would work as suggested.

However I still hope someone might suggest another method to do this, since running the web-site process with a account with (exchange) domain admin priviledge is not what I'm looking for.

My site also needs to allow "normal" users to access it. The potential security breach is too big when running as a domain admin with full local server acess since we add act as part of operating system

Best regards
Frode D

Frode;

I'm a little confused. You say you want to enable mailboxes via an ASP page - so far, I'm with you.

Now, to enable mailboxes, an account needs certain exchange permissions.

My solution creates asp pages that run under a service accoun that has those exchange permissions, so you can allow anyone access to enable mailboxes simply by adding them to the NTFS permissions that secure the web page. All is good.

Now you say yoi don't like that idea because "My site also needs to allow "normal" users to access it." - if you are meaning you want "normal" users to enable mailboxes, then you are already granting way too many people exchange permissions, IMHO.

With my soloution, you can give 1 account exchange permissions, and allow 1 or 10,000 people access to those permissions via the web page. Those permissions do not stay with the person when they are not logged into the web page.


Finally, you say this: "The potential security breach is too big when running as a domain admin with full local server acess since we add act as part of operating system"

IMHO, The potential security breach is far bigger if you are giving "normal" users exchange permissions.

Perhaps I just don't understand what you're after?

Karl

Hi, just a little clarification to your last reply Karl.

I'm not granting everyone in my domain the ability to create their own mailbox

I'm only giving the IT department members access to this page, so that anyone of us can "push the button" to mail enable a user which have already been added to a workflow integrated with our HR department. I already create the user account in AD this way, with impersonation in the code-behind on the page ...

I do however still not like the idea of running my web-site with a exchange admin account, since any security breach in the access to this page could potentially enable the user to create lots of new mailboxes (well...), or maybe run other random code as an exchange admin in the domain ... Since it's an internal web-site the risk are not that high, but still I'd normally stick to best practises regarding safety.

Best regards

Frode D

Frode;

You prevent people from accessing the web pages via NTFS permissions on the directory. If someone can bypass that security, they are going to wreak more havoc on your domain that they could do via enable / disable mailbox scripts!

Hi,
I have also impersonation problems, but I just ant to run it as a GUI created in VB.NET or C#. Any ideas how to invoke exchange powershell scripts with impersonation ? tried the good old LogonUser api, but without success. This throws exceptions and errors.

Any info would be great.

BR,

Ronald Top

?

Take a look at this:
"FYI: Exchange Management Shell Blocks Calls Made With Impersonated Credentials"

http://blogs.msdn.com/mstehle/archi...tials.aspx

Thanks for your info,

But how do I exchange the normally returned PSObjects to my original program ? I have some code that launches another process under different credentials, but how do I exchange PSObjects or other datasets ??

Thanks if you have any info.

BR,

Ronald

 

Ronald;

Why don't you explain what you are looking for, and we can help yuu acheive that.

For instance, my web pages will allow you to create mailboxes, chaneg email addresses, or delete mailboxes (same for contacts, and groups)

In all cases, I show a web page with data returned from AD calls, and Exchange calls (current email address, current exchange server, etcetera)

I just need an idea of what you are looking for?

Karl

Hi Karl,

Thanks for you note. What I want to achieve is basically the same as you did. I have a Windows GUI with which you can reset passwords, change naming details, add users to groups etc. Just the basic account management, but not too much =). Creation and deletion of mailboxes was something that was missing. Never tried with E2K3, but since I moved to E2K7 I needed to set this up in E2k7 right away and looks like it's now all powershell.

For creation of the users and group mutations you can use ADSI and with impersoantion this works great. You logon in a form, the app does the impersonation and with that logged on user the account management is done. However, when trying to execute powershell commands under that elevated user, this did not work. After some investigation I came accross this article http://support.microsoft.com/kb/943937/ stating that the impersonation failure is a bug in E2K7 SP1. I try to deploy this today (or better tonite) and see if the impersonation works fine tomorrow.

I do want to move this app to a web form in the future, but building web sites is complete new to me. I have some experience with VB.NET but that's it.

I let you know how it's going in this thread.

Thanks again,

BR,

Ronald

Ronald;

I'm not sure if there's a question in there?

Karl

Hi Karl,

Thanks, there was a bug in MS Exchange 2007 which was solved in a roll up package. Now you can do impersonation with no problem and as expected. The credentials flow with the new created runspace, so I am happy. I can now cerate mailboxes from VB.NET.

BR,

Ronald

topski,

  can you share with me the .net code that worked to enable-mailbox in Exchange 2007?

I am getting this error

System.Management.Automation.ParameterBindingException: Cannot process command because of one or more missing mandatory parameters: ExternalEmailAddress Identity.

 

I  created a webservice C# and called this webservice in vb.net application

here is my code

 

I  greatly appreciate if you can help to solve my issue

 

Thanks in advance

tgreen

 

 public static Collection executeExchangePowerShellCommand(string command, string[,] twoDimParameters)
        {

            RunspaceConfiguration myRunSpace = RunspaceConfiguration.Create();
            PSSnapInException PSException = null;
            PSSnapInInfo info = myRunSpace.AddPSSnapIn("Microsoft.Exchange.Management.PowerShell.Admin", out PSException);
            Runspace runspace = RunspaceFactory.CreateRunspace(myRunSpace);

            runspace.Open();
            Pipeline pipeline = runspace.CreatePipeline();
            Command myCommand = new Command(command);
            //Build the Parameters Array
            for (int i = twoDimParameters.GetLowerBound(0); i <= twoDimParameters.GetUpperBound(0); i++)
            {
                myCommand.Parameters.Add(twoDimParameters[i, 0], twoDimParameters[i, 1]);
            }

            //Add the command to the pipeline
            pipeline.Commands.Add(command);
             Collection commandResults = pipeline.Invoke();
           

            //return the results collection
            return pipeline.Invoke();

        }
        [WebMethod]
        public string  removeEmail(string myUser)
        {
            //Remove email address
            return myUser;

        }
        [WebMethod]
          public bool createMailBox(string  myUser, string identityfinal, string database, string externalemail )
             //public bool createMailBox(string externalemail, string identityfinal, string  myUser)
           
        {
            //Create a new mailbox for a user

            //We use the Enable-MailUser cmdlet documented here:
            //http://technet.microsoft.com/en-us/...G.80).aspx

            string[,] myParameters = new string[4, 4];
            string myCommand = "Enable-MailUser";

            // get identity from activedirectorypath function. manipulate the string for exchange
         
            myParameters.SetValue("Identity", 0, 0);
           // myParameters.SetValue(myUser.UserDomain + "\\" + myUser.UserName, 0, 1);
            myParameters.SetValue(identityfinal, 0, 1);
               myParameters.SetValue("ExternalEmailAddress", 1, 0);
            myParameters.SetValue(externalemail, 1, 1);
            // get  username for alias
            myParameters.SetValue("Alias", 2, 0);
             myParameters.SetValue(myUser, 2, 1);
           // myParameters.SetValue(myUser , 1, 1);
            //get database  string  from  config file

             myParameters.SetValue("Database", 3, 0);
             myParameters.SetValue(database, 3, 1);
            try
            {
                executeExchangePowerShellCommand(myCommand, myParameters);

                return true;
            }
            catch (Exception e)
            {
                throw e;
            }

           
           
               
           

        }

 

and I call this  webservice using

usermgt.createMailBox(

"LTEST", identityfinal, database, externalemail)

 

 

 

 

Ronald,

 please reply to me.. I am waiting for your help to "enable-mailbox"  using vb.net

 

thx

priya

Still getting errors myself : Any idea where this might come from ?

BTW, I have the code that should get you started. Still interested ?

System.Management.Automation.Runspaces.PSSnapInException was unhandled
Message="Cannot load Windows PowerShell snap-in Microsoft.Exchange.Management.PowerShell.Admin because of the following error: The type initializer for 'Microsoft.Exchange.Data.Directory.Globals' threw an exception."
Source="System.Management.Automation"
StackTrace:
at System.Management.Automation.Runspaces.RunspaceConfigForSingleShell.LoadCustomPSSnapIn(PSSnapInInfo mshsnapinInfo)
at System.Management.Automation.Runspaces.RunspaceConfigForSingleShell.LoadPSSnapIn(PSSnapInInfo mshsnapinInfo)
at System.Management.Automation.Runspaces.RunspaceConfigForSingleShell.LoadPSSnapIn(PSSnapInInfo mshsnapinInfo, PSSnapInException& warning)
at System.Management.Automation.Runspaces.RunspaceConfigForSingleShell.DoAddPSSnapIn(String name, PSSnapInException& warning)
at System.Management.Automation.Runspaces.RunspaceConfiguration.AddPSSnapIn(String name, PSSnapInException& warning)
at Maintenance.mod_powershell.PowerShellResults(Command CommandArray)
at Maintenance.mod_powershell.GetEmailAddressPolicyUsr(String OU)
at Maintenance.frm_login.btn_ok_Click(Object sender, EventArgs e)
at System.Windows.Forms.Control.OnClick(EventArgs e)
at System.Windows.Forms.Button.OnClick(EventArgs e)
at System.Windows.Forms.ButtonBase.OnKeyUp(KeyEventArgs kevent)
at System.Windows.Forms.Control.ProcessKeyEventArgs(Message& m)
at System.Windows.Forms.Control.ProcessKeyMessage(Message& m)
at System.Windows.Forms.Control.WmKeyChar(Message& m)
at System.Windows.Forms.Control.WndProc(Message& m)
at System.Windows.Forms.ButtonBase.WndProc(Message& m)
at System.Windows.Forms.Button.WndProc(Message& m)
at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)
at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)
at System.Windows.Forms.NativeWindow.DebuggableCallback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)
at System.Windows.Forms.UnsafeNativeMethods.DispatchMessageW(MSG& msg)
at System.Windows.Forms.Application.ComponentManager.System.Windows.Forms.UnsafeNativeMethods.IMsoComponentManager.FPushMessageLoop(Int32 dwComponentID, Int32 reason, Int32 pvLoopData)
at System.Windows.Forms.Application.ThreadContext.RunMessageLoopInner(Int32 reason, ApplicationContext context)
at System.Windows.Forms.Application.ThreadContext.RunMessageLoop(Int32 reason, ApplicationContext context)
at System.Windows.Forms.Application.Run(ApplicationContext context)
at Microsoft.VisualBasic.ApplicationServices.WindowsFormsApplicationBase.OnRun()
at Microsoft.VisualBasic.ApplicationServices.WindowsFormsApplicationBase.DoApplicationModel()
at Microsoft.VisualBasic.ApplicationServices.WindowsFormsApplicationBase.Run(String[] commandLine)
at Maintenance.My.MyApplication.Main(String[] Args)
at System.AppDomain._nExecuteAssembly(Assembly assembly, String[] args)
at System.AppDomain.ExecuteAssembly(String assemblyFile, Evidence assemblySecurity, String[] args)
at Microsoft.VisualStudio.HostingProcess.HostProc.RunUsersAssembly()
at System.Threading.ThreadHelper.ThreadStart_Context(Object state)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
at System.Threading.ThreadHelper.ThreadStart()

I would be interested in this code if you do not mind. If you can post it or email it to me that owuld be great. jrswick@afstores.com

I am using vb.net. I am trying to "add mail user" or add a "mail contact" with existing user in AD which I need to add an external email address. My goal is to add said user to an address book list programmatically. If you can help or anyone can help for that matter it would be appreciated. Thanks in advance! We have it set up so a an address book list called "store" will grab all amil contacts with external email addresses and we need this done programatically.

Here is an example of what it says the shell cammand would look like.

Exchange Management Shell command completed
Enable-Mailuser -Identity 'domain.com/Stores/username' -Alias 'username'
-ExternalEmailAddress 'SMTP:username@domain.com'

Jesse

I have written my vb.net app for this. It runs through with no errors but doesnt add the NEWUSER. I have also tried it another way and receive a "cmdlet doesnt exist error" I have posted both. If anyone can help here that would be great

first one.
Public Function mailenableuser2() As String
        Try
            'set for testing
            Dim myParameters As Array
            Dim identityfinal As String = "domain.com/Stores/ambagley"
            Dim externalemail As String = "SMTP:ambagley@storemail.domain.com"
            Dim myuser As String = "ambagley"
            Dim database As String
            Dim command As String
            Dim li As New LiteralControl

            command = "Enable-MailUser"

            Dim myRunSpace As RunspaceConfiguration = RunspaceConfiguration.Create()
            Dim PSException As PSSnapInException = Nothing
            Dim info As PSSnapInInfo = myRunSpace.AddPSSnapIn("Microsoft.Exchange.Management.PowerShell.Admin", PSException)
            Dim runspace As Runspace = RunspaceFactory.CreateRunspace(myRunSpace)

            runspace.Open()
            Dim pipeline As Pipeline = runspace.CreatePipeline()
            Dim myCommand As Command = New Command(command)
            'Build the Parameters
            myCommand.Parameters.Add("Identity", identityfinal)
            myCommand.Parameters.Add("ExternalEmailAddress", externalemail)
      
            'Add the command to the pipeline
            pipeline.Commands.Add(myCommand)
            pipeline.Invoke()

            li = New LiteralControl
            li.Text = "Yaaaaa!"
            PlaceHolder1.Controls.Add(li)
            Return "Yaaaaa!"
        Catch
            Dim licheck As New LiteralControl
            licheck = New LiteralControl
            licheck.Text = Err.Description
            PlaceHolder1.Controls.Add(licheck)
            Return Err.Description
        End Try
    End Function

 

second one(one where I receive the cmdlet doesnt exist line)
Public Function mailenableuser2() As String
Try
'set for testing
Dim myParameters As Array
Dim identityfinal As String = "agcrisp"
Dim externalemail As String = "SMTP:agcrisp@storemail.afstores.com"
Dim myuser As String = "agcrisp"
Dim database As String
Dim command As String
Dim li As New LiteralControl

Dim myRunSpace As RunspaceConfiguration = RunspaceConfiguration.Create()
Dim PSException As PSSnapInException = Nothing
Dim info As PSSnapInInfo = myRunSpace.AddPSSnapIn("Microsoft.Exchange.Management.PowerShell.Admin", PSException)
Dim runspace As Runspace = RunspaceFactory.CreateRunspace(myRunSpace)

runspace.Open()
Dim pipeline As Pipeline = runspace.CreatePipeline()


command = "Enable-MailUser -Identity " + identityfinal + " -ExternalEmailAddress SMTP:" + externalemail

Dim myCommand As Command = New Command(command)

'Add the command to the pipeline
Pipeline.Commands.Add(command)
pipeline.Invoke()

li = New LiteralControl
li.Text = "Yaaaaa!"
PlaceHolder1.Controls.Add(li)
Return "Yaaaaa!"
Catch
Dim licheck As New LiteralControl
licheck = New LiteralControl
licheck.Text = Err.Description
PlaceHolder1.Controls.Add(licheck)
Return Err.Description
End Try
End Function

Any help would be greatly appreciated.

TIA

I got this working. If anyone is interest in the code here it is below. I wrote it in VB.NET.

 

 Public Function trythis() As String
        Try
            'set for testing
            Dim temp As String
            Dim li As LiteralControl
            Dim identityfinal As String = "user"
            Dim externalemail As String = "SMTP:user@domain.com"
            Dim Command As String
            Dim myRunSpace As Runspace
            Dim rsConfig As RunspaceConfiguration
            rsConfig = RunspaceConfiguration.Create()
            Dim PSException As PSSnapInException

            Dim info As PSSnapInInfo
            info = rsConfig.AddPSSnapIn("Microsoft.Exchange.Management.PowerShell.Admin", PSException)
            myRunSpace = RunspaceFactory.CreateRunspace(rsConfig)
            myRunSpace.Open()

            Dim pipeline As Pipeline

            Dim myCommand As Command = New Command("Enable-MailUser")
            myCommand.Parameters.Add("Identity", "user")
            myCommand.Parameters.Add("ExternalEmailAddress", "SMTP:user@domain.com")

            pipeline = myRunSpace.CreatePipeline()
            pipeline.Commands.Add(myCommand)
            Dim MailUserResults As Collection(Of PSObject)
            MailUserResults = pipeline.Invoke()

            'pipeline.Commands.Add(myCommand)
            'pipeline.Invoke()

            'Checks pipeline errors. If any throw exception
            If pipeline.Error IsNot Nothing AndAlso pipeline.Error.Count > 0 Then
                For Each item As Object In pipeline.Error.ReadToEnd
                    temp = item.ToString & vbNewLine
                Next
                Throw New ArgumentException(temp)
            End If

            li = New LiteralControl
            li.Text = temp
            PlaceHolder1.Controls.Add(li)
            Return "Yaaaaa!"
        Catch
            Dim licheck As New LiteralControl
            licheck = New LiteralControl
            licheck.Text = Err.Description
            PlaceHolder1.Controls.Add(licheck)
            Return Err.Description
        End Try
    End Function

Ronald,

  Yes  I  am desperately in need of  help .

now  it  is giving me the error

unable to process request. ---> Microsoft.Exchange.Configuration.Tasks.ThrowTerminatingErrorException: An Active directory error 0x8007052E occurred when looking for domain controllers in domain biz.es.svm.com: Logon failure: unknown user name or bad password.
 ---> Microsoft.Exchange.Data.Directory.ADOperationException: An Active directory error 0x8007052E occurred when looking for domain controllers in domain biz.es.svm.com: Logon failure: unknown user name or bad password.

 

I am not sure what password  it is looking for and how i should  pass this to  the  exchange shell

 

any help is appreciated

tgreen

Ronald,
Yes I need your help. I am getting this error now. I don't know how to pass the userid and password .

unable to process request. ---> Microsoft.Exchange.Configuration.Tasks.ThrowTerminatingErrorException: An Active directory error 0x8007052E occurred when looking for domain controllers in domain biz.es.svm.com: Logon failure: unknown user name or bad password.
---> Microsoft.Exchange.Data.Directory.ADOperationException: An Active directory error 0x8007052E occurred when looking for domain controllers in domain biz.es.svm.com: Logon failure: unknown user name or bad password.

Hi tgreen,

Does this also happen when you run this code under admin credentials with suffcient access to Exchange 2007 and Active Directory ? That means you need to have Administrative access in the AD OU you want to create the group in and you have to have Exchange Administrators credentials (Exchange recipient admin might do, but I m not sure).

This is my code anyway :
(I use strDomainController as a global var, no use passing it in every routine as a parameter).
(First I add the user in AD, then I create the Mailbox by Mail-Enabling the user).

Function CreateUser2(ByVal myCommand As Command, ByVal strPassword As String, ByVal strContainer As String) As Boolean

Dim parameter As CommandParameter
Dim userdistinguishedname As String

Dim ou As New DirectoryEntry("LDAP://" & strDomainController & "/" & strContainer)

userdistinguishedname = ""
For Each parameter In myCommand.Parameters
If parameter.Name = "displayname" Then
userdistinguishedname = "CN=" & parameter.Value
End If
Next

Dim user As DirectoryEntry = ou.Children.Add(userdistinguishedname, "User")

For Each parameter In myCommand.Parameters
user.Properties(parameter.Name).Add(parameter.Value)
Next

Try
user.CommitChanges()
Catch e As Exception
MsgBox("Could not create user." & e.Message)
Return False
Exit Function
End Try

Try
user.Invoke("SetPassword", strPassword)
Catch e As Exception
MsgBox("Could not create user." & e.Message)
Return False
Exit Function
End Try

Return True

End Function

Function PowerShellResults(ByVal CommandArray As Command)

Dim myRunspace As Runspace
Dim rsConfig As RunspaceConfiguration
Dim snapInException As New PSSnapInException
Dim info As PSSnapInInfo


'The following code opens a runspace that has access to the Exchange Management Shell.
rsConfig = RunspaceConfiguration.Create()
info = rsConfig.AddPSSnapIn("Microsoft.Exchange.Management.PowerShell.Admin", snapInException)
myRunspace = RunspaceFactory.CreateRunspace(rsConfig)
myRunspace.Open()

'First, create a new instance of the Pipeline class by using the runspace that you created.
Dim pipeLine As Pipeline
pipeLine = myRunspace.CreatePipeline()

'Next, add the command to the Commands collection of the pipeline.
pipeLine.Commands.Add(CommandArray)

'Now, call the Pipeline.Invoke method to run the command.

PowerShellResults = pipeLine.Invoke()
myRunspace.Close()
myRunspace = Nothing
rsConfig = Nothing
info = Nothing
snapInException = Nothing

End Function

Function CreateNewMailbox(ByVal strIdentity As String, ByVal strAlias As String, ByVal strDomainController As String) As Boolean


Dim PSCommand
Dim myCommand
Dim commandResults
Dim obj
Dim item

PSCommand = "Enable-Mailbox"
myCommand = New Command(PSCommand)

myCommand.parameters.Add("DomainController", strDomainController)
myCommand.Parameters.Add("Identity", strIdentity)
myCommand.Parameters.Add("Alias", strAlias)
myCommand.Parameters.Add("DataBase", "CN=Mailbox Database,CN=First Storage Group,CN=InformationStore,CN=SYS-EXMB-A,CN=Servers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=First Organization,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=shared,DC=local")

commandResults = PowerShellResults(myCommand)

CreateNewMailbox = True

myCommand = Nothing
PSCommand = Nothing
obj = Nothing
commandResults = Nothing
item = Nothing

End Function

Posted By topski on 04/03/2008 12:56 PM
Still getting errors myself : Any idea where this might come from ?

BTW, I have the code that should get you started. Still interested ?

System.Management.Automation.Runspaces.PSSnapInException was unhandled
Message="Cannot load Windows PowerShell snap-in Microsoft.Exchange.Management.PowerShell.Admin because of the following error: The type initializer for 'Microsoft.Exchange.Data.Directory.Globals' threw an exception."
Source="System.Management.Automation"
StackTrace:
at System.Management.Automation.Runspaces.RunspaceConfigForSingleShell.LoadCustomPSSnapIn(PSSnapInInfo mshsnapinInfo)
at System.Management.Automation.Runspaces.RunspaceConfigForSingleShell.LoadPSSnapIn(PSSnapInInfo mshsnapinInfo)
at System.Management.Automation.Runspaces.RunspaceConfigForSingleShell.LoadPSSnapIn(PSSnapInInfo mshsnapinInfo, PSSnapInException& warning)
at System.Management.Automation.Runspaces.RunspaceConfigForSingleShell.DoAddPSSnapIn(String name, PSSnapInException& warning)
at System.Management.Automation.Runspaces.RunspaceConfiguration.AddPSSnapIn(String name, PSSnapInException& warning)

 

I'm also getting this exception with no clues. You seems to solve this, how did you do ?

Thanks

Hi, if anyone is still having trouble with impersonation on x32 see this good explanation and example for mail enabling a user with PS : http://blogs.msdn.com/webdav_101/ar...thead.aspx

I'm still having trouble with doing impersonation on my Win 2008 x64 server though. There seems to be some issues with compilation between x32 development machine, and x64 production server. Impersonation code for ASP.Net is running as 32 bit code, and that might well be the source of my trouble. I have found no code examples on how to do this with IIS 7 and x64 so far. Please share if you have this.

Best regards
FrodeD

I am getting the same error as others reported:

Cannot load Windows PowerShell snap-in Microsoft.Exchange.Management.PowerShell.Admin because of the following error: The type initializer for 'Microsoft.Exchange.Data.Directory.Globals' threw an exception."
Source="System.Management.Automation

Were you ever able to solve this or figure out what's causing this error?

Thanks,
Dave