MCITP: Enterprise Messaging Administrator on Exchange 2010

Today I passed the 70-663 Designing and Deploying Messaging Solutions with Microsoft Exchange Server 2010 and thus obtained the MCITP: Enterprise Messaging Administrator on Exchange 2010, my second MCITP certification.

This was not an easy exam.  The exam covers everything having to do with Exchange Server 2010 SP1 except Unified Messaging.  While the focus of the 70-662 exam is configuring Exchange,  the focus of 70-663 is Designing and Deploying Exchange.  Do not think that this exam is not technical as it has a good amount of technical content so do not forget what you learned from 70-662.

The majority of my preparation was done by reading the TechNet Library for Exchange 2010 and taking two Microsoft courses that came with my TechNet Professional subscription.  My recommendation is to utilize TechNet and the Exchange team blogs to cover the material as well setup a lab environment.

This certification took almost a year for me to complete due to many set backs, but I am glad it is over with.

Next in line is the CompTIA Linux+ and LPIC-1 combination and possibly a SQL Server 2008 certification or VMware VCA.

Create User Accounts From A csv File In Linux Using Python

Here's a script that I wrote that creates user accounts and home directories from a csv in Linux using Python.

This is a common system administration task that be done using shell scripts but is much easier using Python.

Python has a handy csv module that parses csv files so you do not have to worry about it yourself.

I plan to focus my studies on Linux after I complete the MCITP: Enterprise Messaging Administrator 2010 certification.  So there will be more scripts to come.

#!/usr/bin/python
#pyuseradd.py
#Read users from a csv file and create accounts and home directories.
#Sheldon Alman - sheldonalman@gmail.com
#csv file format : firstname, lastname, username, password
import sys, csv, subprocess

if len(sys.argv) != 2:
    print "Usage: " + str(sys.argv[0]) + " filename"
else:
    filename = str(sys.argv[1])
    with open(filename,  'rb') as csvfile:
        accounts = csv.reader(csvfile)
        for row in accounts:
            subprocess.call(['useradd', '-m' , '-s' + '/bin/bash','-c' + row[0] + row[1] ,  row[2]])
            subprocess.call('echo ' + row[2] +":" + row[3] + " | " + "chpasswd",  shell=True )

OpenVPN

Recently I decided to implement a client access VPN solution that I had been meaning to do for a long time.

I had looked at other solutions like the Windows 7 built in PPTP VPN and pfSense and finally settled on OpenVPN.

The main reason behind my selection of OpenVPN is it's multiple platform support.  The server is available for pretty much any modern OS that one would use, as is the client.  It is also integrated into many open source router and firewall distributions.

There are two versions of OpenVPN available.  The community edition and the commercial edition.  The community edition is available via most repositories for popular Linux distributions and is also available for Windows.  The commercial version is available via OpenVPN's website in many different flavours, including a virtual appliance.

The main differences between the community and commercial editions are that the community edition offers no support while the commercial does, and the commercial edition is easily configured via  a web GUI while the community is generally configured via configuration files.  Furthermore, the commercial edition requires a license per user to connect to the server, however it does come with two free licenses for testing purposes.

I elected to go with the commercial version due to it's ease of setup.  The setup simply involved downloading the Debian Linux based virtual appliance and importing it on to my ESXi 5.1 server.  After going through the simple setup, the server was up and running and I was connected.

OpenVPN utilizes SSL for it's encryption but is not a "true" SSL VPN.  It runs it's own propitiatory client and server.  The client can be downloaded from the server itself but logging in as a registered user and downloading the client for your chosen OS.

Many VPN modes are support including Layer 2 VPN, routed VPN and a NAT VPN where hosts on the private subnet are automatically NAT'd so that hosts on the OpenVPN subnet can access them.

My setup simply involved me port forwarding ports 443 and 1194 to the OpenVPN VM and connecting.  I elected to configure it so that only traffic that needs to access my private network is routed over the VPN and not all Internet traffic.

I plan on looking into the open source version to see what it has to offer, but the commercial version is a great way to get started if you have a small setup.

Update: 
In order to get the Layer 2 VPN to work when using ESXi you have to set the vswitch that the OpenVPN server is associated with to accept promiscious mode packets.  More details can be found here : http://www.jeremycole.com/blog/2010/03/11/openvpn-bridge-under-vmware-esxi/.  Be advised that the Layer 2 VPN is only supported on Windows clients as of now.

Exam 70-662 MCTS: Microsoft Exchange Server 2010, Configuring

70-662 is the first of two exams required to obtain the MCITP: Enterprise Messaging on Exchange 2010.

As the title states, the focus of the exam is configuring Exchange 2010.  The exam topics cover all aspects from installation to granular configuration scenarios.  One noted absence is Unified Messaging.

The exam itself was quite challenging and one needs to know all covered topic very well since they are all equally weighted for the most part.

Trainsignal videos and TechNet were my primary sources of study.  I also setup a lab environment with multiple Exchange servers to get hands on experience.

My recommendations for this exam is to read through TechNet documentation, spend significant time in the Exchange Management Console and Exchange Control Panel and finally know the PowerShell command-lets very well.

On to 70-663.

Update Exchange 2010 Transport Rule From Text File Using Powershell

Here's a short script that reads the contents of a text file and updates the signature of all outgoing email with the contents of the text file.  Useful for delegating the task of maintaining corporate signatures to non-admins.

if (test-path C:\sig.txt )
{
 $signature = Get-Content "C:\sig.txt"
 set-TransportRule -Identity 'External Email Disclaimer' -Name 'External Email Disclaimer' -Comments 'Appends disclaimer to all email that is sent externally.' -ApplyHtmlDisclaimerLocation 'Append' -ApplyHtmlDisclaimerText $signature -ApplyHtmlDisclaimerFallbackAction 'Wrap'
}
else
{
 write-eventlog -logname Application -source MSExchangeTransport -eventID 999 -entrytype Error -message "The signature script failed to run" -category 1 -rawdata 10,20
}

Get Mailbox Sizes & Item Count In Exchange 2010

Here are a few command-lets that output Mailbox sizes and Item counts in Exchange 2010:

Display sizes and item count for all mailboxes:
get-mailbox | Get-MailboxStatistics  | ft DisplayName, TotalItemSize, ItemCount

Display sizes and item count for a specific mailbox:

Get-MailboxStatistics [username] | ft DisplayName, TotalItemSize, ItemCount

More Powershell

Here are a few quick Powershell scripts I created to take care of some daily tasks that came up.

Output list of installed software into a text files, one text file per IP and one master file with all hosts:

$ip = get-content C:\10.10.1.0.txt

foreach ($i in $ip)
{
    wmic  /node: $i computersystem get name >> C:\installList.txt
    wmic  /node: $i os get name`,version >> C:\installList.txt
    wmic  /node: $i product get name`,version >> C:\installList.txt
    wmic  /node: $i computersystem get name >> C:\$i.txt
    wmic  /node: $i os get name`,version >> C:\$i.txt
    wmic  /node: $i product get name`,version >> C:\$i.txt
   
}

Convert a dynamic distribution group to a regular distribution group in Exchange 2010:

$employees = Get-DynamicDistributionGroup "(dynamic group)" #This is the dynamic group to be read from
$groupName = Get-distributiongroup "(regular group name)" -erroraction 'silentlycontinue' #This is the group to be modified. Continues if there are any errors encountered.

#if the group exists, remove it and re-create it.  If it doesn't exist, create it.
if ( $groupname )
{
    remove-distributiongroup "(regular group)" -Confirm:$false #disables confirmation of group removal.
    new-distributiongroup "(regular group)"
    set-distributiongroup "Employees" -customattribute11 "(whatever attribute you use to populate the group)"
}
else
{
    new-distributiongroup "(regular group)"
    set-distributiongroup "(regular group)" -customattribute11 "(whatever attribute you use to populate the group)"
}
Get-Recipient -RecipientPreviewFilter $employees.RecipientFilter | export-csv C:\filename.csv #prints pertinent information about members of the group and exports it to csv

import-csv C:\filename.csv | foreach { Add-DistributionGroupMember "(regular group)" -member $_.name }
Remove-item C:\filename.csv -Confirm:$false #remove csv file if necessary