Title: 3304Managing Your Exchange 5.5 Enterprise Using Windows Script Host
1Managing Your Exchange 5.5 Enterprise Using
Windows Script Host Stephen Campbell Anjura
Technology Corporation stephen.campbell_at_anjura.com
http//www.marchview.com/mec99
2(No Transcript)
3Topics
- Windows Script Host
- ADSI and ADO and Admin
- Navigating your Organization
- Retrieving/Changing registry entries
- Retrieving/Changing directory entries
- Exchange Services
- Managing Platinum Servers (Briefly!)
4Why Management Scripts?
- Repeatable
- Can be delegated
- Time savings
- Perhaps
- or 3rd Party Management/Inventory
- e.g., Messagewise (2MA, InLook)
5Windows Script Host
- A wrapper for scripting engines
- Visual Basic Scripting Edition, JavaScript,
ltothersgt - Exposes some objects that are oriented to the
computer - Registry, Environment, Desktop, Network
- WScript and CScript
- Interpreted ? slow
- but simple
- Installed with Windows NT 4.0 Option Pack
6WSH Development Environment
- Powered by Notepad
- Visual Studio/Visual InterDev
- Script Debugger
- VBScript versus JScript
- VBScript Basic syntax, less stringent,
functions (MsgBox, InputBox) - JScript Java-like, stringent, portable
7Useful Objects
- Windows Scripting Host
- WScript - arguments, messages
- WShell - local registry, launch, environment,
desktop - VBScript/JScript
- FileSystemObject
- file and folder manipulation
- Err
8WSH Can Use Any Object
- Excel/Word
- Collect and process data
- Write reports
- CDO/CDONTS
- Read/write messages
- Create and load public folders
- ADO
- Read or write databases including DS
- Internet Information Server/SQL Management
Objects
9Windows Script Host 2.0
- Windows 2000
- .WS File
- Separate Jobs in one .WS
- Includes
- Multiple Scripting Languages per job
- Can use XML Editor
- .WSH File
- Script Options for corresponding .WS, .VBS or .JS
script
10Directory Access
- Admin
- LDAP
- Standards-based protocol
- ADSI
- Generic Directory Access objects
- Read and write attributes
- Windows NT, Netware, LDAP back ends
- ADO
- Read Directory objects/attributes
11Using Admin
- Create CSV Template File
- Create INI Control File
- Shell to Admin /E
- Read the CSV Result
- Take required action
- Create another CSV, INI
- Shell to Admin /I
12Using Admin
- Open a File System Object
- CreateObject(Scripting.FileSystemObject)
- Open the file
- objFS.CreateTextFile(strCSVFile,True)
- Write lines
- objCSVFile.WriteLine(obj-class,)
- objCSVFile.Close
- Run export
- objShell.run(admin /E ...,1,True)
13Exchange Windows 2000
- Active Directory is already using LDAP ports 389
and 637 (SSL) - Change 389 in Exchange
- Configuration, Protocols, LDAP
- Change 637 (See Q232606)
- SP3
- Admin /r
- Configuration, Protocols, LDAP
- Incoming-Msg-Size-Limit
14Demo Read and Set LDAP Ports using Admin
15Manage The Organization
- Find all servers and/or sites
- Perform some action
- Mailbox quota
- Directory Replication schedule
- Diagnostic logging
16LDAP Paths
- Directory Access
- LDAP//ltservergtltportgt/ltobjectgt
- Server DNS, NetBIOS or IP
- Port 389 (SSL637)
LDAP//SABER/OANJURA/OUMARCHVIEW/CNCONFIGURATIO
N /CNSERVERS/CNACER2000 /CNMICROSOFT PRIVATE
MDB LDAP//acer2000.marchview.com8389/ cnmicros
oft private mdb, cnacer2000, cnservers,
cnconfiguration, oumarchview, oanjura
17ADSI Commands
- GetObject(ltpathgt),.OpenDSObject(ltpathgt, ltusergt,
ltpasswordgt,ltauthenticationgt) - Get an LDAP object
- oItem.Get(ltattributegt), .GetEx()
- Get the Value of an attribute
- oItem.Put(ltattributegt), .PutEx()
- Set or clear the value of an attribute
- oItem.SetInfo
18Find All Servers with ADSI
- Point to any server in the site
- Use ADSI/LDAP (must be installed)
Set objOrgGetObject(LDAP//ltservergtltportgt) For
Each objSite in objOrg Set objServersobjMyIAD
s.OpenDSObject( LDAP//ltservergt/oltOrggt/oult
Sitegt /cnConfiguration/cnServers,
dcltdomaingt, cnltuseridgt,ltpassgt,1) For Each
objServer in objServers Record or act on
objServer.Name, objSite.Name NextNext
19ADO Queries LDAP
- LDAP Syntax (RFC-1960)
- ltbasegtfilterfieldsscope
- Base
- LDAP Path of starting point inside ltgt
- Filter
- (fieldvalue)
- ((fieldvalue)(fieldvalue))
- means all, Use \2a to select character
- ! gt lt
20ADO Queries LDAP
- Fields
- Separated by commas
- Case-sensitive
- Schema Attributes Description field
- Scope
- base, onelevel, subtree
ltLDAP//power28389gt ((objectClassRFC1006-X40
0-Link) (Admin-Display-Name\2a))
adspath,Admin-Display-Namesubtree
21ADO Queries SQL Syntax
- SELECT fields FROM base WHERE filter
SELECT rdn,adspath FROM 'LDAP//power2' WHERE
objectClass'Computer'
- Default Scope is subtree
- Or create a command and set its SearchScope
property
Set objCommand CreateObject("ADODB.Command") Set
objCommand.ActiveConnection objADOConn objComma
nd.Properties(SearchScope)0 Base Set
objRSobjCommand.Execute
- Fields are returned in reverse order
22Find All Servers With ADO
- Point to any server in the site
- Use ADSI/LDAP with ADO
Set objConnCreateObject(ADODB.Connection) objCo
nn.Provider"ADSDSOObject objConn.Open My
Connection Set objRSobjConn.OpenRecordSet(
ltLDAP//ltservergt(objectClasscomputer)
adspath,rdnsubtreegt) While not objRS.EOF
Record or act on objRS.Fields(0) wend objRS.Close
23Demo Find servers using ADSI and ADO
24Change Quota
- Change the Quotas using ADSI
- Use ADO to read attributes
- Cant .GET if bit 3 of Heuristics for that
attribute1 (Operational attribute)
SET objPrivobjMyIADs.GetObject(
"LDAP//ltservergt/oltorggt/oultsitegt
/cnConfiguration/cnServers/cnltservergt
/cnMicrosoft Private MDB) objPriv.GetInfo objPri
v.Put "MDB-Storage-Quota",CLng(lngWarning)
objPriv.Put "MDB-Over-Quota-Limit",CLng(lngNoSend
) objPriv.Put "DXA-Task",CLng(lngNoReceive) objPr
iv.SetInfo
25Demo Server quotas
26Registry Access
- Circular logging is a registry change
- HKLM\CCS\Services\MSExchangeIS\ParametersSystem\C
ircular Logging0 - HKLM\CCS\Services\MSExchangeDS\Parameters\Circula
r Logging0
Set oRegShell WScript.CreateObject("WScript.Shell
") iRegValueoRegShell.RegWrite(
"HKLM\System\CurrentControlSet\Services
\MSExchangeDS\Parameters\Circular Logging", 0,
"REG_DWORD")
27Registry Access
- WShell.RegWrite is local only
- Use IISSample.RegistryAccess for network access
set objRegCreateObject("IISSample.RegistryAccess"
) objReg.Get("\\POWER\HKLM\Software\Microsoft\Exch
ange") objReg.Set \\POWER\HKLM\System\CurrentCont
rolSet\ Services\MSExchangeDS\Parameters\Circula
r Logging, 0, True
28Demo Registry Access
29Managing NT Services
- ADSI to access Services and Status
- NT4 Use WinNT
- W2000 Use WinNT or LDAP
- Objects under Computer (with users, print queues,
etc)
set objServerGetObject("WinNT//ltservergt,computer
") for each objService in objServer if
objService.Class "Service" then
wscript.echo objService.DisplayName Next Set
objServiceGetObject( WinNT//ltservergt/MSExchang
eDS,Service)
30Managing NT Services
- Service Object
- .Name, .DisplayName, .ServiceAccount, .StartType,
.StartupParameters, .HostComputer, .Path - ServiceOperations Object
- .Status
- .Start, .Stop, .Pause, .Continue, .SetPassword
31Demo Managing NT Services
32Public Store
SET objLDAPGetObject("LDAP") SET
objPubobjLDAP.OpenDSObject(
"LDAP//ltservergt/oltorggt/oultsitegt
/cnConfiguration/cnServers/cnltservergt
/cnMicrosoft Public MDB", "dcltdomaingt,
cnltusergt, cnadmin",0)
33Schedules
- Activation-Style
- 0-Never, 1-Selected Times, 2-Always
- Activation-Schedule
- 168 characters(7 of 24 chars)
- 0-9,A-F bit mask
- GMT!!
00F0000000000000000000000000500000800000F00000F0
0000500000800000F00000F0
34Things to Check
- Circular Logging (Registry)
- Diagnostic Levels (Registry)
- Quotas Server/Mailbox (DS)
- Protocols Enabled? (DS)
- Connector Schedules (DS)
- Routing (DS)
- Disk Consumption (Registry, FileSystem)
- Permissions (DS)
35Caveats/Notes
- Admin does more than change directory and
registry - Site addressing, permissions
- Test!! before implementing
- Assess cost to develop and test
- Admin versus ADSI
- Admin does security, straightforward translation
from Raw properties - ADSI easier to get information
- Assess 3rd party solutions
36Managing Exchange 2000
- Everything is in the directory and can be
retrieved using LDAP - Platinum specific items are implemented as custom
classes and attributes - W2000 Resource Kit includes Schema snap-in for
MMC - All of the Windows 2000 facilities
- MMC
37Managing Exchange 2000
- Exchange Management Objects (EMO)
- Provide simple access to common tasks
- CDOEXM.MailboxStore
- Quotas, Garbage collection, delegates, HomeMDB
- .CreateMailbox, .MoveMailbox, .DeleteMailbox
- CDOEXM.MailRecipient
- Forward rules, proxy addresses, message size
limits, allow/deny recipients - .MailEnable, .MailDisable
- More coming
38For More Information
- WSH
- http//msdn.microsoft.com/scripting/
- ADSI
- MSDN, Platform SDK
- http//www.15seconds.com/
- Schema (Objects, Attributes)
- schema.csv, admin -r, Technet, MSDN
- MEC!
39(No Transcript)