My Exchange 2016 resides in a Resource Forest in the US and I share an Accounts Forest with our EU parent company who also has an Exchange 2016 Resource Forest. We use the same mailbox provisioning script for both Exchange environments, which simplifies the creation process, but I don't run the same configuration as they do in Europe so I have to change a bunch of settings...like enabling OWA for all users.
I'll show you how to set a scheduled task to enable OWA on all new mailboxes so we don't have to do it manually.
Create a Service Account:
First, you'll want to create a Service Account in your domain, which will be used to run the scheduled task. It's best practice to use service accounts rather than your own account to run scheduled tasks, so if you ever leave your position and they deactivate your account, it won't break the task!
In your domain, create a new user called something like exchscriptaccount and set a super-strong password.
This account will need to be a member of the Server Management Role Group, otherwise it won't have permissions to enable OWA on mailboxes.
Next, add the newly created user to the Local Administrators Group on your Exchange Management Tools server or Exchange server if your running it from there. The scheduled task will need local admin rights to run PowerShell things, and since you have a super strong password, it's not an issue.
Creating The Task:
On your Exchange Management Server or an Exchange Server, open the Task Scheduler Control Panel, click Action > Create Task...
On the General tab:
Give it a name like Enable OWA
Click "Change User or Group..." hit "Locations" and switch to your domain, then search for your exchscriptaccount service account.
Check the box for "Run with highest privileges"
On the Triggers Tab:
Click "New..."
Set it for how often you need it to run. I run mine Daily at 12AM - no specific reason, but you do want it to run Daily depending on your onboarding turnover.
On the Actions Tab:
Set the "Action" dropdown to "Start a program"
Under Program/Script, copy/paste the following:
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
In the "Add arguments" field, copy/paste the following:
-NonInteractive -WindowStyle Hidden -command ". 'C:\Program Files\Microsoft\Exchange Server\V15\bin\RemoteExchange.ps1'; Connect-ExchangeServer -auto; Get-CASMailbox -ResultSize unlimited | ? {$_.OWAEnabled -eq $False} | Set-CASMAilbox -OWAEnabled $True"
**Note** What this cmdlet does is finds any mailbox with OWA disabled ($False), and sets the flag to $True (enabled)
In the Settings Tab:
Checkmark the following boxes:
- Allow task to be run on demand
- Stop the task if it runs longer than: 1 hour (if it runs longer than an hour, you got something wrong!)
- If the running task does not end when requested, force it to stop
Click OK when you have everything set.
Testing the Task:
In the main task window, right-click your new "Enable OWA" task, and click Run.
When it finishes running, you should have a (0x1) Last Run Result.
Check Our Work:
Check that OWA is set on All Mailboxes by running:
Get-CASMailbox -ResultSize unlimited | ? {$_.OWAEnabled -eq $False}
The output should be empty.
Now, Exchange will do the boring job of turning on OWA for you :)
Microsoft Enterprise Messaging tips, tricks, and general help.
No comments:
Post a Comment