Exemples de scripts PowerShell du DVD de création de serveurs
S’applique à : Exchange Server 2007 SP3, Exchange Server 2007 SP2, Exchange Server 2007 SP1
Dernière rubrique modifiée : 2008-07-23
Cette rubrique présente des exemples de scripts Microsoft Windows PowerShell pouvant servir de base à la création des scripts requis pour la réalisation d'un DVD de création visant à améliorer le processus de création de serveurs. Vous pouvez modifier les procédures suivantes pour créer les scripts PowerShell nécessaires à votre organisation.
Les exemples de scripts suivants doivent être modifiés conformément aux remarques concernant les scripts afin de les rendre fonctionnels dans votre environnement spécifique. Ce script vous permettra d'automatiser de nombreuses procédures nécessaires au déploiement d'un serveur Exchange dans votre environnement.
Scripts de prise en charge de PowerShell
.gif "important") Important : |
|---|
| Ces exemples de scripts présentent la procédure d'implémentation des étapes d'automatisation. Vous devez les modifier afin de les adapter à votre environnement. Vous devez tout tester dans un environnement de laboratoire avant de tenter une utilisation dans votre environnement de production. |
Avant de commencer
Pour exécuter les procédures suivantes, vous devez utiliser un compte membre du groupe Administrateurs local.
Pour plus d'informations sur les autorisations, la délégation de rôles et les droits requis pour administrer Exchange 2007, consultez la rubrique Considérations relatives aux autorisations.
Set-registry.ps1
Procédure
Utilisez le Bloc-notes pour créer un script PowerShell permettant d'implémenter les modifications préalables du Registre dans un serveur Exchange 2007
Ouvrez le Bloc-notes ou un autre éditeur de texte.
Copiez le code suivant dans un fichier et enregistrez ce dernier en lui attribuant un nom descriptif et l'extension .ps1. Il est recommandé de nommer le fichier set-registry.ps1.
#"!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!" #"!!!!!!! THIS IS NOT A MICROSOFT SUPPORTED SCRIPT. !!!!!!!!" #"!!!!!!! TEST IN A LAB FOR DESIRED OUTCOME !!!!!!!!" #"!!!!!!! !!!!!!!!!!" #"!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!" #" " #======================================= #Set-Registry.ps1 #THIS CODE AND INFORMATION ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY #KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE #IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A #PARTICULAR PURPOSE. #Description: Script to configure HKEY_LOCAL_MACHINE registry settings on local or remote servers. #Based on Original Work By: Christian Schindler (NTx BOCG) #This Script Written by: Ross Smith IV (Microsoft) #Version: 1.0 #Last Updated: 4/16/2007 #======================================= # To get help, just add the \"-help\" paramter #======================================= # Parameter definition #======================================= Param( [string] $Server, [string] $RegKey, [string] $RegValue, [string] $RegData, [string] $RegType ) #======================================= # Function that validates the script parameters #======================================= function ValidateParams { $validInputs = $true $errorString = "" if ($Server -eq "") { $validInputs = $false $errorString += "`n`nMissing Parameter: The -Server parameter is required. Please pass in the name of a valid Server." + "`n" } if ($RegKey -eq "") { $validInputs = $false $errorString += "`n`nMissing Parameter: The -RegKey parameter is required. Please pass in the name of a registry key." + "`n" } if ($RegValue -eq "") { $validInputs = $false $errorString += "`n`nMissing Parameter: The -RegValue parameter is required. Please pass in the name of a registry value." + "`n" } if ($RegData -eq "") { $validInputs = $false $errorString += "`n`nMissing Parameter: The -RegData parameter is required. Please pass in the registry value's data." + "`n" } $RegType = $RegType.ToUpper() switch ($RegType) { STRING {return $validInputs} EXPANDSTRING {return $validInputs} MULTISTRING {return $validInputs} DWORD {return $validInputs} QWORD {return $validInputs} BINARY {return $validInputs} default { if ($RegType -eq "") { $validInputs = $false $errorString += "`n`nMissing Parameter: The -RegType parameter is required. Please pass in the registry value's type." + "`n" } else { $validInputs = $false $errorString += "`n`nIncorrect Parameter: The value specified for the -RegType parameter is incorrect. Please pass in the registry value's type." + "`n" } } } if (!$validInputs) { Write-error "$errorString" } return $validInputs } #======================================= # Function that returns true if the incoming argument is a help request #======================================= function IsHelpRequest { param($argument) return ($argument -eq "-?" -or $argument -eq "-help"); } #======================================= # Function that displays the help related to this script following # the same format provided by get-help or <cmdletcall> -? #======================================= function Usage { @" NAME: Set-Registry.ps1 SYNOPSIS: Configures local or remote server's HKEY_LOCAL_MACHINE registry settings. SYNTAX: Set-Registry.ps1 `t[-Server <CASServerName>] `t[-RegKey <KeyPath>] `t[-RegValue <ValueName>] `t[-RegData <ValueData>] `t[-RegType <ValueType>] PARAMETERS: -Server (required) The server to operate against. -RegKey (required) Specifies the registry key. -RegValue (required) Specifies the registry value within the key. -RegData (required) Specifies the registry value's data. -RegType (required) Specifies the registry value's data type. -------------------------- EXAMPLE 1 -------------------------- .\Set-Registry.ps1 -Server CAS1 -RegKey "SYSTEM\CurrentControlSet\Services\MSExchange OWA" -RegValue PrivateTimeout -RegData 24 -RegType dword "@ } #======================================= # Check for Usage Statement Request #======================================= $args | foreach { if (IsHelpRequest $_) { Usage; exit; } } #======================================= # Validate the parameters and Execute the functions #======================================= $ifValidParams = ValidateParams; if (!$ifValidParams) { exit; } #======================================= # Determine if Server is Local Machine #======================================= $server = $server.ToUpper() $LocalServerName = hostname if ($LocalServerName -eq $server) {$IsLocal = "True"} else {$IsLocal = "False"} #======================================= # Configure Registry Function #======================================= function ConfigureRegistry { Write-Host "Configuring Registry Settings..." if ($IsLocal -eq "True") { set-ItemProperty "HKLM:$RegKey" -name "$RegValue" -value "$RegData" -type $RegType } else { $rootkey=[Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey("LOCALMACHINE",$server).OpenSubKey("$RegKey", [Microsoft.Win32.RegistryKeyPermissionCheck]::ReadWriteSubTree) $SetRegValue=$rootkey $SetRegValue.SetValue("$RegValue", "$RegData", [Microsoft.Win32.RegistryValueKind]::$RegType) $rootkey.Flush() $rootkey.Close() } } #======================================= # Assign values to Variables #======================================= #======================================= # Execute functions #======================================= ConfigureRegistry;
ConfigureAutoDiscover.ps1
Procédure
Utilisez le Bloc-notes pour créer un script PowerShell permettant de configurer la découverte automatique sur des serveurs Exchange 2007 sur lesquels le rôle serveur d'accès au client est installé
Ouvrez le Bloc-notes ou un autre éditeur de texte.
Copiez le code suivant dans un fichier et enregistrez ce dernier en lui attribuant un nom descriptif et l'extension .ps1. Il est recommandé de nommer le fichier configureautodiscover.ps1.
#"!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!" #"!!!!!!! THIS IS NOT A MICROSOFT SUPPORTED SCRIPT. !!!!!!!!" #"!!!!!!! TEST IN A LAB FOR DESIRED OUTCOME !!!!!!!!" #"!!!!!!! !!!!!!!!!!" #"!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!" #" " #========================================================================== #ConfigureAutoDiscover.ps1 #THIS CODE AND INFORMATION ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY #KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE #IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A #PARTICULAR PURPOSE. #Description: Script to configure AutoDiscover on a CAS server. #Based on Original Work By: Christian Schindler (NTx BOCG) #This Script Written By: Ross Smith IV (Microsoft) #Version: 1.4 #Last Updated: 2/26/2007 #========================================================================== # To get help, just add the \"-help\" paramter #======================================= # Parameter definition #======================================= Param( [string] $InternalName, [string] $ExternalName, [string] $Server, [string] $SiteAffinity, [switch] $OutlookAnywhereAuthNTLM, [switch] $InternetUsage, [switch] $SiteAffinityEnabled ) #============================================== # Function that validates the script parameters #============================================== function ValidateParams { $validInputs = $true $errorString = "" if ($Server -eq "") { $validInputs = $false $errorString += "`n`nMissing Parameter: The -Server parameter is required. Please pass in the name of a valid CAS Server." + "`n" } if ($InternetUsage) { if ($ExternalName -eq "") { $validInputs = $false $errorString += "`nMissing Parameter: The -ExternalName parameter is required. Please pass in the desired FQDN." } } if ($InternalName -eq "") { $validInputs = $false $errorString += "`nMissing Parameter: The -InternalName parameter is required. Please pass in the desired FQDN." } if ($SiteAffinity -ne "") { _In $SiteAffinityEnabled = $true } if (!$validInputs) { Write-error "$errorString" } return $validInputs } #========================================================================== # Function that returns true if the incoming argument is a help request #========================================================================== function IsHelpRequest { param($argument) return ($argument -eq "-?" -or $argument -eq "-help"); } #=================================================================== # Function that displays the help related to this script following # the same format provided by get-help or <cmdletcall> -? #=================================================================== function Usage { @" NAME: ConfigureAutoDiscover.ps1 SYNOPSIS: Configures AutoDiscover and the Exchange Services on an Exchange 2007 CAS Server for usage by Internet and Internal clients. Virtual Directories covered are: Exchange ActiveSync, RPC, OAB, UM, EWS SYNTAX: ConfigureAutoDiscover.ps1 `t[-Server <CASServerName>] `t[-InternalName <InternalFQDN>] `t[-SiteAffinity <Active Directory Site>] `t[-InternetUsage] `t[-ExternalName <ExternalFQDN>] `t[-OutlookAnywhereAuthNTLM] PARAMETERS: -Server (required) The server to operate against. Must be an Exchange 2007 CAS server. -InternalName (required) The internal FQDN under which the services will be accessible. -SiteAffinity (optional) If set, the script will configure site affinity for the Autodiscover service on the CAS server. -InternetUsage (optional) If set, the script will also configure the OAB, RPC, EAS, and EWS virtual directories for AutoDiscover Internet usage. -ExternalName (required with -InternetUsage) The external FQDN under which the services will be accessible. -OutlookAnywhereAuthNTLM (optional) If set, the script will configure the authentication mechanism for Outlook Anywhere Clients to use NTLM instead of Basic. -------------------------- EXAMPLE 1 -------------------------- .\ConfigureAutoDiscover.ps1 -Server CAS1 -InternalName CAS01.ad.contoso.com -------------------------- EXAMPLE 2 -------------------------- .\ConfigureAutoDiscover.ps1 -Server CAS1 -InternalName CAS01.ad.contoso.com -ExternalName mail.contoso.com -InternetUsage -------------------------- EXAMPLE 3 -------------------------- .\ConfigureAutoDiscover.ps1 -Server CAS1 -InternalName CAS01.ad.contoso.com -ExternalName mail.contoso.com -InternetUsage -SiteAffinity Redmond-AD-Site -OutlookAnywhereAuthNTLM "@ } #======================================= # Check for Usage Statement Request #======================================= $args | foreach { if (IsHelpRequest $_) { Usage; exit; } } #===================================================== # Validate the parameters and Execute the functions #===================================================== $ifValidParams = ValidateParams; if (!$ifValidParams) { exit; } #=================================================== # Configure Internal AutoDiscover Settings Function #=================================================== function ConfigureInternalAutoDiscover { Write-Host "Configuring AutoDiscover Internal Settings..." if ($SiteAffinityEnabled = $true) {Set-ClientAccessServer -Identity $server -AutodiscoverServiceInternalURI https://$InternalName/$ad -AutodiscoverSiteScope $SiteAffinity} else {Set-ClientAccessServer -Identity $server -AutoDiscoverServiceInternalUri https://$InternalName/$ad} } #=================================================== # Configure Internet AutoDiscover Settings Function #=================================================== function ConfigureInternetUsage { Write-Host "Configuring AutoDiscover related Internet Settings..." if ($OutlookAnywhereAuthNTLM) {Enable-OutlookAnywhere -Server $server -ExternalHostname $ExternalName -DefaultAuthenticationMethod "NTLM" -SSLOffloading:$False} else {Enable-OutlookAnywhere -Server $server -ExternalHostname $ExternalName -DefaultAuthenticationMethod "Basic" -SSLOffloading:$False} Set-OABVirtualDirectory -identity $oabvdir -externalurl https://$ExternalName/$OAB Set-UMVirtualDirectory -identity $umvdir -externalurl https://$ExternalName/$um Set-WebServicesVirtualDirectory -identity $ewsvdir -externalurl https://$ExternalName/$ews Set-ActiveSyncVirtualDirectory -Identity $easvdir -ExternalURL "https://$ExternalName" } #======================================= # Assign values to Variables #======================================= $easvdir = "$server\Microsoft-Server-ActiveSync (Default Web Site)" $ewsvdir = "$Server\EWS (Default Web Site)" $oabvdir = "$Server\OAB (Default Web Site)" $umvdir = "$Server\UnifiedMessaging (Default Web Site)" $eas = "Microsoft-Server-ActiveSync" $ad = "autodiscover/autodiscover.xml" $oab = "oab" $owa = "owa" $um = "UnifiedMessaging/Service.asmx" $ews = "ews/exchange.asmx" #======================================= # Execute functions #======================================= if ($InternetUsage) {ConfigureInternalAutoDiscover; ConfigureInternetUsage;} else {ConfigureInternalAutoDiscover;}
ConfigureOAB.ps1
Procédure
Utilisez le Bloc-notes pour créer un script PowerShell permettant de configurer la distribution Web du carnet d'adresses en mode hors connexion sur des serveurs Exchange 2007 sur lesquels le rôle serveur d'accès au client est installé
Ouvrez le Bloc-notes ou un autre éditeur de texte.
Copiez le code suivant dans un fichier et enregistrez ce dernier en lui attribuant un nom descriptif et l'extension .ps1. Il est recommandé de nommer le fichier configureoab.ps1.
#"!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!" #"!!!!!!! THIS IS NOT A MICROSOFT SUPPORTED SCRIPT. !!!!!!!!" #"!!!!!!! TEST IN A LAB FOR DESIRED OUTCOME !!!!!!!!" #"!!!!!!! !!!!!!!!!!" #"!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!" #" " #================================================================================= #ConfigureOAB.ps1 #THIS CODE AND INFORMATION ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY #KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE #IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A #PARTICULAR PURPOSE. #Description: Configures Offline Address Book Web Distribution on an Exchange 2007 # CAS Server for usage by Internet and Internal clients. #Based on Original Work By: Christian Schindler (NTx BOCG) #This Script Written By: Ross Smith IV (Microsoft) #Version: 1.6 #Last Updated: 12/4/2007 #================================================================================= # To get help, just add the \"-help\" paramter #======================================= # Parameter definition #======================================= Param( [string] $ExternalName, [string] $Server, [string] $OABName, [switch] $RequireOABSSL ) #============================================== # Function that validates the script parameters #============================================== function ValidateParams { $validInputs = $true $errorString = "" if ($Server -eq "") { $validInputs = $false $errorString += "`n`nMissing Parameter: The -Server parameter is required. Please pass in the name of a valid CAS Server." + "`n" } if ($OABName -eq "") { $validInputs = $false $errorString += "`n`nMissing Parameter: The -OABName parameter is required. Please pass in the name of a valid offline address book name." + "`n" } if ($ExternalName -eq "") { $validInputs = $false $errorString += "`nMissing Parameter: The -ExternalName parameter is required. Please pass in the desired FQDN." } if (!$validInputs) { Write-error "$errorString" } return $validInputs } #========================================================================== # Function that returns true if the incoming argument is a help request #========================================================================== function IsHelpRequest { param($argument) return ($argument -eq "-?" -or $argument -eq "-help"); } #=================================================================== # Function that displays the help related to this script following # the same format provided by get-help or <cmdletcall> -? #=================================================================== function Usage { @" NAME: ConfigureOAB.ps1 SYNOPSIS: Configures Offline Adress Book Web Distribution on an Exchange 2007 CAS Server for usage by Internet and Internal clients. SYNTAX: ConfigureOAB.ps1 `t[-Server <CASServerName>] `t[-ExternalName <ExternalFQDN>] `t[-OABName <OABName>] `t[-RequireOABSSL] PARAMETERS: -Server (required) The server to operate against. Must be an Exchange 2007 CAS server. -ExternalName (required) The external FQDN under which the services will be accessible. -OABName (required) The name of the offline address book that will be configured for web distribution. -RequireOABSSL (optional) If set, the script will require SSL for clients to access the OAB virtual directory. By default clients do not have to use SSL because BITS cannot be used when the CAS certificate is self-signed. -------------------------- EXAMPLE 1 -------------------------- .\ConfigureOAB.ps1 -Server CAS1 -ExternalName mail.contoso.com -OABName "Default Offline Address Book" -------------------------- EXAMPLE 2 -------------------------- .\ConfigureOAB.ps1 -Server CAS1 -ExternalName mail.contoso.com -OABName "Default Offline Address Book" -RequireOABSSL "@ } #======================================= # Check for Usage Statement Request #======================================= $args | foreach { if (IsHelpRequest $_) { Usage; exit; } } #===================================================== # Validate the parameters and Execute the functions #===================================================== $ifValidParams = ValidateParams; if (!$ifValidParams) { exit; } #============================================== # Determine if Server is Local Machine Function #============================================== $server = $server.ToUpper() $LocalServerName = hostname if ($LocalServerName -eq $server) {$IsLocal = "True"} else {$IsLocal = "False"} #======================================= # Enable OAB Web Distribution Function #======================================= function ConfigureOABDistribution { # Get Exchange Organization Distinguished Name $rootdom = "LDAP://rootDSE" $RootDomain = [System.DirectoryServices.DirectoryEntry] $rootdom $ConfigurationNC = $RootDomain.Get("configurationNamingContext") $OrgContainer = "cn=Microsoft Exchange,cn=services,$ConfigurationNC" $OrgSearch = New-Object DirectoryServices.DirectorySearcher $OrgSearch.SearchRoot = [System.DirectoryServices.DirectoryEntry] "LDAP://$orgContainer" $OrgSearch.Filter = '(objectCategory=msExchOrganizationContainer)' $OrgResult = $OrgSearch.FindOne() if ($OrgResult -eq $NULL) { Write-Host "Could not find a valid Exchange Organization!" exit; } else { $OrgDN = $OrgResult.Properties.distinguishedname } # Build OAB Vdir DN $OABVDirDN = "CN=OAB (Default Web Site),CN=HTTP,CN=Protocols,CN=$server,CN=Servers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,$OrgDN" # get existing OAB v-dirs that may be set $GetOABVDirs = get-OfflineAddressBook $oabname $GetOABVDirs.VirtualDirectories += $OABVDirDN #Set new OAB Vdir Write-Host "Configuring OAB for Web Distribution..." Set-oabvirtualdirectory -identity $oabvdir -ExternalURL https://$ExternalName/$OAB Set-OfflineAddressBook $oabname -VirtualDirectories $GetOABVDirs.VirtualDirectories } #======================================= # Enable OAB V-Dir SSL #======================================= function ConfigureOABSSL { Write-Host "Configuring OAB Virtual Directory to Require SSL..." Set-OABVirtualDirectory -identity $oabvdir -RequireSSL } #======================================= # Reset IIS on the server #======================================= function ResetIIS { if ($isLocal -eq "True") {Write-Host "Restarting IIS Services..." iisreset /noforce} else {Write-Host "Please restart the IIS services on $server by executing the command iisreset /noforce."} } #======================================= # Assign values to Variables #======================================= $oabvdir = "$Server\OAB (Default Web Site)" $oab = "oab" #======================================= # Execute functions #======================================= if ($EnableOABSSL) {ConfigureOABDistribution; ConfigureOABSSL; ResetIIS;} else {ConfigureOABDistribution; ResetIIS;}
ConfigureOLAnywhere.ps1
Procédure
Utilisez le Bloc-notes pour créer un script PowerShell permettant de configurer Outlook Anywhere sur un serveur Exchange 2007 sur lequel le rôle serveur d'accès au client est installé
Ouvrez le Bloc-notes ou un autre éditeur de texte.
Copiez le code suivant dans un fichier et enregistrez ce dernier en lui attribuant un nom descriptif et l'extension .ps1. Il est recommandé de nommer le fichier configureolanywhere.ps1.
#"!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!" #"!!!!!!! THIS IS NOT A MICROSOFT SUPPORTED SCRIPT. !!!!!!!!" #"!!!!!!! TEST IN A LAB FOR DESIRED OUTCOME !!!!!!!!" #"!!!!!!! !!!!!!!!!!" #"!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!" #" " #========================================================================== #ConfigureOLAnywhere.ps1 #THIS CODE AND INFORMATION ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY #KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE #IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A #PARTICULAR PURPOSE. #Description: Configures Outlook Anywhere on an Exchange 2007 # CAS Server for usage by Internet and Internal clients. #Based on Original Work By: Christian Schindler (NTx BOCG) #This Script Written By: Ross Smith IV (Microsoft) #Version: 1.5 #Last Updated: 3/5/2008 #========================================================================== # To get help, just add the \"-help\" paramter #======================================= # Parameter definition #======================================= Param( [string] $ExternalName, [string] $Server, [switch] $OutlookAnywhereAuthNTLM ) #============================================== # Function that validates the script parameters #============================================== function ValidateParams { $validInputs = $true $errorString = "" if ($Server -eq "") { $validInputs = $false $errorString += "`n`nMissing Parameter: The -Server parameter is required. Please pass in the name of a valid CAS Server." + "`n" } if ($ExternalName -eq "") { $validInputs = $false $errorString += "`nMissing Parameter: The -ExternalName parameter is required. Please pass in the desired FQDN." } if (!$validInputs) { Write-error "$errorString" } return $validInputs } #========================================================================== # Function that returns true if the incoming argument is a help request #========================================================================== function IsHelpRequest { param($argument) return ($argument -eq "-?" -or $argument -eq "-help"); } #=================================================================== # Function that displays the help related to this script following # the same format provided by get-help or <cmdletcall> -? #=================================================================== function Usage { @" NAME: ConfigureOLAnywhere.ps1 SYNOPSIS: Configures Offline Adress Book Web Distribution on an Exchange 2007 CAS Server for usage by Internet and Internal clients. SYNTAX: ConfigureOLAnywhere.ps1 `t[-Server <CASServerName>] `t[-ExternalName <ExternalFQDN>] `t[-OutlookAnywhereAuthNTLM] PARAMETERS: -Server (required) The server to operate against. Must be an Exchange 2007 CAS server. -ExternalName (required) The external FQDN under which the services will be accessible. -OutlookAnywhereAuthNTLM (optional) If set, the script will configure the authentication mechanism for Outlook Anywhere Clients to use NTLM instead of Basic. -------------------------- EXAMPLE 1 -------------------------- .\ConfigureOLAnywhere.ps1 -Server CAS1 -ExternalName mail.contoso.com -------------------------- EXAMPLE 2 -------------------------- .\ConfigureOLAnywhere.ps1 -Server CAS1 -ExternalName mail.contoso.com -OutlookAnywhereAuthNTLM "@ } #======================================= # Check for Usage Statement Request #======================================= $args | foreach { if (IsHelpRequest $_) { Usage; exit; } } #===================================================== # Validate the parameters and Execute the functions #===================================================== $ifValidParams = ValidateParams; if (!$ifValidParams) { exit; } #======================================= # Determine if Server is Local Machine Function #======================================= $server = $server.ToUpper() $LocalServerName = hostname if ($LocalServerName -eq $server) {$IsLocal = "True"} else {$IsLocal = "False"} #======================================= # Configure Outlook Anywhere Function #======================================= function ConfigureOLAnywhere { $OAenabled = Get-OutlookAnywhere -Server $Server if ($OAenabled -eq $Null) { Write-Host "Enabling Outlook Anywhere..."; if ($OutlookAnywhereAuthNTLM) {Enable-OutlookAnywhere -Server $server -ExternalHostname $ExternalName -DefaultAuthenticationMethod "NTLM" -SSLOffloading:$False} else {Enable-OutlookAnywhere -Server $server -ExternalHostname $ExternalName -DefaultAuthenticationMethod "Basic" -SSLOffloading:$False} } else {Write-Host "Outlook Anywhere is already enabled"} } #======================================= # Reset IIS on the server #======================================= function ResetIIS { if ($isLocal -eq "True") {Write-Host "Restarting IIS Services..." iisreset /noforce} else {Write-Host "Please restart the IIS services on $server by executing the command iisreset /noforce."} } #======================================= # Assign values to Variables #======================================= #======================================= # Execute functions #======================================= ConfigureOLAnywhere; ResetIIS;
ConfigureOWA.ps1
Procédure
Utilisez le Bloc-notes pour créer un script PowerShell permettant de configurer Outlook Web Access sur un serveur Exchange 2007 sur lequel le rôle serveur d'accès au client est installé
Ouvrez le Bloc-notes ou un autre éditeur de texte.
Copiez le code suivant dans un fichier et enregistrez ce dernier en lui attribuant un nom descriptif et l'extension .ps1. Il est recommandé de nommer le fichier configureowa.ps1.
#"!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!" #"!!!!!!! THIS IS NOT A MICROSOFT SUPPORTED SCRIPT. !!!!!!!!" #"!!!!!!! TEST IN A LAB FOR DESIRED OUTCOME !!!!!!!!" #"!!!!!!! !!!!!!!!!!" #"!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!" #" " #======================================= #ConfigureOWA.ps1 #THIS CODE AND INFORMATION ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY #KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE #IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A #PARTICULAR PURPOSE. #Description: Script to configure OWA settings on a CAS server. #Based on Original Work By: Christian Schindler (NTx BOCG) #This Script Written by: Ross Smith IV (Microsoft) #Version: 1.5 #Last Updated: 3/16/2007 #======================================= # To get help, just add the \"-help\" paramter #======================================= # Parameter definition #======================================= Param( [string] $ExternalName, [string] $Server, [string] $PublicTO, [string] $PrivateTO, [switch] $EnableGZipHigh, [switch] $EnableFBA, [switch] $EnableIntAuth, [switch] $ForcePublicWebReady, [switch] $DisablePublicWSSAccess, [switch] $DisablePrivateWSSAccess, [switch] $DisablePublicUNCAccess, [switch] $DisablePrivateUNCAccess, [switch] $EnableRedirection, [switch] $SetLegacyVDirs ) #======================================= # Function that validates the script parameters #======================================= function ValidateParams { $validInputs = $true $errorString = "" if ($Server -eq "") { $validInputs = $false $errorString += "`n`nMissing Parameter: The -Server parameter is required. Please pass in the name of a valid CAS Server." + "`n" } if ($EnableRedirection) { if ($ExternalName -eq "") { $validInputs = $false $errorString += "`nMissing Parameter: The -ExternalName parameter is required. Please pass in the desired FQDN." } } if (!$validInputs) { Write-error "$errorString" } return $validInputs } #======================================= # Function that returns true if the incoming argument is a help request #======================================= function IsHelpRequest { param($argument) return ($argument -eq "-?" -or $argument -eq "-help"); } #======================================= # Function that displays the help related to this script following # the same format provided by get-help or <cmdletcall> -? #======================================= function Usage { @" NAME: ConfigureOWA.ps1 SYNOPSIS: Configures Outlook Web Access settings on an Exchange 2007 CAS Server. IIS services will be restarted after configuration. SYNTAX: ConfigureOWA.ps1 `t[-Server <CASServerName>] `t[-EnableFBA] `t[-EnableIntAuth] `t[-EnableRedirection] `t[-ExternalName <FQDN>] `t[-PublicTO <Timeout Value>] `t[-PrivateTO <Timeout Value>] `t[-EnableGZipHigh] `t[-ForcePublicWebReady] `t[-DisablePublicWSSAccess] `t[-DisablePublicUNCAccess] `t[-DisablePrivateWSSAccess] `t[-DisablePrivateUNCAccess] `t[-SetLegacyVDirs] PARAMETERS: -Server (required) The server to operate against. Must be an Exchange 2007 CAS server. -EnableFBA (optional) Configures the server use Forms-Based Authentication (enabled by default during CAS installation). -EnableIntAuth (optional) Configures the server use Windows Integrated Authentication. -EnableRedirection (optional) Configures the server to redirect the user to the appropriate CAS server. -ExternalName (Required with EnableRedirection) The external FQDN under which the services will be accessible. -PublicTO (Optional) The public timeout value in minutes for Forms-Based Authentication. -PrivateTO (Optional) The public timeout value in minutes for Forms-Based Authentication -EnableGZipHigh (Optional) OWA is configured to use GZip Low GZip compression. This option will enable High compresssion. -ForcePublicWebReady (Optional) This parameter forces certain attachments to be viewed via a web interface when clients connect via the Public Computer FBA option. -DisablePublicWSSAccess (Optional) This parameter will disable SharePoint Document Library access via the Public Computer FBA access option. -DisablePublicUNCAccess (Optional) This parameter will disable File Share access via the Public Computer FBA access option. -DisablePrivateWSSAccess (Optional) This parameter will disable SharePoint Document Library access via the Private Computer FBA access option. -DisablePrivateUNCAccess (Optional) This parameter will disable File Share access via the Private FBA access option. -SetLegacyVDirs (Optional) This parameter sets the same options on /exchange, /public, and /exchweb that are used on /owa. -------------------------- EXAMPLE 1 -------------------------- .\ConfigureOWA.ps1 -Server CAS1 -EnableFBA -EnableGZipHigh -ForcePublicWebReady -DisablePublicWSSAccess -DisablePublicUNCAccess -------------------------- EXAMPLE 2 -------------------------- .\ConfigureOWA.ps1 -Server CAS1 -EnableIntAuth -SetLegacyVDirs -DisablePrivateWSSAccess -DisablePrivateUNCAccess -PrivateTO 360 -PublicTO 60 -------------------------- EXAMPLE 3 -------------------------- .\ConfigureOWA.ps1 -Server CAS1 -EnableRedirection -ExternalName mail.contoso.com "@ } #======================================= # Check for Usage Statement Request #======================================= $args | foreach { if (IsHelpRequest $_) { Usage; exit; } } #======================================= # Validate the parameters and Execute the functions #======================================= $ifValidParams = ValidateParams; if (!$ifValidParams) { exit; } #======================================= # Determine if Server is Local Machine #======================================= $server = $server.ToUpper() $LocalServerName = hostname if ($LocalServerName -eq $server) {$IsLocal = "True"} else {$IsLocal = "False"} #======================================= # Determine if Timeout is enabled #======================================= $TimeoutEnabled = "False" if ($PublicTO -ne $NULL) {$TimeoutEnabled = "True"} if ($PrivateTO -ne $NULL) {$TimeoutEnabled = "True"} #======================================= # Configure OWA V-Dir Function #======================================= function ConfigureOWA { Write-Host "Configuring Outlook Web Access Settings..." if ($EnableFBA) {Set-owavirtualdirectory -identity $owavdir -FormsAuthentication:$true} if ($EnableIntAuth) {Set-owavirtualdirectory -identity $owavdir -WindowsAuthentication:$true} if ($EnableGZipHigh) {Set-owavirtualdirectory -identity $owavdir -GzipLevel High} if ($Timeoutenabled -eq "True") { if ($IsLocal -eq "True") { if ($PrivateTO) {set-ItemProperty "HKLM:\SYSTEM\CurrentControlSet\Services\MSExchange OWA" -name PrivateTimeout -value $PrivateTO -type dword} if ($PublicTO) {set-ItemProperty "HKLM:\SYSTEM\CurrentControlSet\Services\MSExchange OWA" -name PublicTimeout -value $PublicTO -type dword} } else { $rootkey=[Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey("LOCALMACHINE",$server).OpenSubKey("SYSTEM\CurrentControlSet\Services\MSExchange OWA", [Microsoft.Win32.RegistryKeyPermissionCheck]::ReadWriteSubTree) if ($PrivateTO) {$PrivateTOValue=$rootkey $PrivateTOValue.SetValue("PrivateTimeout", "$PrivateTO", [Microsoft.Win32.RegistryValueKind]::DWord)} if ($PublicTO) {$PublicTOValue=$rootkey $PublicTOValue.SetValue("PublicTimeout", "$PublicTO", [Microsoft.Win32.RegistryValueKind]::DWord)} $rootkey.Flush() $rootkey.Close() } } if ($ForcePublicWebReady) {Set-owavirtualdirectory -identity $owavdir -ForceWebReadyDocumentViewingFirstOnPublicComputers $true} if ($DisablePublicWSSAccess) {Set-owavirtualdirectory -identity $owavdir -WSSAccessOnPublicComputersEnabled $true} if ($DisablePrivateWSSAccess) {Set-owavirtualdirectory -identity $owavdir -WSSAccessOnPrivateComputersEnabled $true} if ($DisablePublicUNCAccess) {Set-owavirtualdirectory -identity $owavdir -UNCAccessOnPublicComputersEnabled $true} if ($DisablePrivateUNCAccess) {Set-owavirtualdirectory -identity $owavdir -UNCAccessOnPrivateComputersEnabled $true} if ($EnableRedirection) {Set-OwaVirtualDirectory -identity $owavdir -ExternalURL https://$ExternalName/$owa} } #======================================= # Configure Legacy Virtual Directories Function #======================================= function ConfigureLegacyVDirs { Write-Host "Configuring Legacy Outlook Web Access Settings..." if ($EnableFBA) {Set-owavirtualdirectory -identity $exchangevdir -FormsAuthentication:$true Set-owavirtualdirectory -identity $exchwebvdir -FormsAuthentication:$true Set-owavirtualdirectory -identity $Publicvdir -FormsAuthentication:$true} if ($EnableIntAuth) {Set-owavirtualdirectory -identity $exchangevdir -WindowsAuthentication:$true Set-owavirtualdirectory -identity $exchwebvdir -WindowsAuthentication:$true Set-owavirtualdirectory -identity $Publicvdir -WindowsAuthentication:$true} if ($EnableGZipHigh) {Set-owavirtualdirectory -identity $exchangevdir -GzipLevel High Set-owavirtualdirectory -identity $exchwebvdir -GzipLevel High Set-owavirtualdirectory -identity $Publicvdir -GzipLevel High} } #======================================= # Reset IIS on the server #======================================= function ResetIIS { if ($IsLocal -eq "True") {Write-Host "Restarting IIS Services..." iisreset /noforce} else {Write-Host "Please restart the IIS services on $server by executing the command iisreset /noforce."} } #======================================= # Assign values to Variables #======================================= $owavdir = "$server\OWA (Default Web Site)" $exchwebvdir = "$server\exchweb (Default Web Site)" $Publicvdir = "$server\public (Default Web Site)" $exchangevdir = "$server\exchange (Default Web Site)" $owa = "owa" $exchange = "exchange" $Public = "public" $exchweb = "exchweb" #======================================= # Execute functions #======================================= if ($SetLegacyVDirs) {ConfigureOWA; ConfigureLegacyVDirs; ResetIIS;} else {ConfigureOWA; ResetIIS;}
Pour plus d'informations
Pour plus d'informations sur la documentation et l'automatisation du processus de création de serveurs Exchange, consultez la rubrique Guides relatifs à l'installation des serveurs et à l'automatisation.