So for example to re-create a four node (3 active, 1 passive) cluster with new names, instead of
ExchangeServer1
ExchangeServer2
ExchangeServer3
you would now use something like
ExchangeServer1New
ExchangeServer2New
ExchangeServer3New
Then you would need to amend the AD user accounts for users on those Exchange Servers to point to the new locations - the following properties need to be changed.
homemdb
msexchhomeservername
homemta
None of these properties can be changed through ADUC, you would need to use ADSIEdit if you wanted to use a GUI. Of course those smart people among you would choose to user Powershell anyway.
So naturally I turned to my trusty friend the Quest AD cmdlets to help me out.
First of all we get all the users who have a mailbox based on one of the original servers; depending on your naming convention you may need to adjust this filter to make sure you are matching the correct people. The three properties mentioned are not returned by default from Get-QADUser so we have to specify them.
We then loop through each user and using the Switch statement if we match ExchangeServer1, 2 or 3 we amend the text of each variable to be the new Exchange servername (note: homemta will be the same for all of these users) and then user the Set-QADUser cmdlet to change these properties on the account.
$users = Get-QADUser -ldapFilter '(msExchHomeServerName=*ExchangeServer*)' -IncludedProperties homemdb,msexchhomeservername,homemta -sizelimit 0
foreach($user in $users){
$homemdb = $user.homemdb
$msexchhomeservername = $user.msexchhomeservername
$newhomemta = 'CN=Microsoft MTA,CN=ExchangeServer1New,CN=Servers,CN=Exchange,CN=Administrative Groups,CN=Springfield,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=springfield,DC=local'
switch -wildcard ($homemdb)
{
"*ExchangeServer1*" {$newhomemdblocation = $homemdb.replace("ExchangeServer1","ExchangeServer1New"); $newmsexchhomeservername = $msexchhomeservername.replace("ExchangeServer1","ExchangeServer1New"); Set-QADUser $user -objectAttributes @{homemdb=$newhomemdblocation;msexchhomeservername=$newmsexchhomeservername;homemta=$newhomemta}; break}
"*ExchangeServer2*" {$newhomemdblocation = $homemdb.replace("ExchangeServer2","ExchangeServer2New"); $newmsexchhomeservername = $msexchhomeservername.replace("ExchangeServer2","ExchangeServer2New"); Set-QADUser $user -objectAttributes @{homemdb=$newhomemdblocation;msexchhomeservername=$newmsexchhomeservername;homemta=$newhomemta}; break}
"*ExchangeServer3*" {$newhomemdblocation = $homemdb.replace("ExchangeServer3","ExchangeServer3New"); $newmsexchhomeservername = $msexchhomeservername.replace("ExchangeServer3","ExchangeServer3New"); Set-QADUser $user -objectAttributes @{homemdb=$newhomemdblocation;msexchhomeservername=$newmsexchhomeservername;homemta=$newhomemta}; break}
default {"Nothing for this user"}
}
}
I was also interested to see the resulting performance of this script and was pleasantly surprised to see it change 6000+ accounts in only 10 mins.
A sidenote to this method is that you won't actually see the mailboxes appear in Exchange System Manager until either they receive an email or a user logs on to them. To prove that this method had worked I created a quick Distribution Group, used the below one-liner to populate it with all of the above users and then sent an email to this group.
Get-QADUser -ldapFilter '(msExchHomeServerName=*ExchangeServer*)' -sizelimit 0 | Add-QADGroupMember TestGroup
There are of course many different ways to carry out Exchange DR, but this proved a useful exercise.
No comments:
Post a Comment