Home   Kaiming

layout

Setup /PrepareDomain

You must run this command in every domain in which you will install Exchange 2007. You must also run this command in every domain that will contain mail-enabled users, even if the domain does not have Exchange 2007 installed.

Scenario 1:

Work.Com hosts Exchange 2007 servers.
Canoe.Com and ABC.work.com don’t host any Exchange 2007 servers.

ABC domain: Setup /PrepareDomain
Canoe Domain: Setup /PrepareDomain

Mail User

The ExternalEmailAddress must be unique in an Exchange Organization.

$password=Read-Host  "Please Enter Password" -asSecureString

New-MailUser -Name "Ted Bremer" -Password $password -ExternalEmailAddress ted@gmail.com -UserPrincipalName ted@work.com -OrganizationalUnit work.com -DomainController paula.work.com
New-MailUser -Name "Steve Balmer" -Password $password -ExternalEmailAddress steve@hotmail.com -UserPrincipalName steve@abc.work.com -OrganizationalUnit ABC.work.com -DomainController Ex20073.ABC.work.com
New-MailUser -Name "Beata Norton" -Password $password -ExternalEmailAddress Beata@gmail.com -UserPrincipalName Beata@canoe.com -OrganizationalUnit Canoe.com -DomainController W2008.Canoe.com

New-Mailbox -Name 'Rob Prince' -Alias 'Rob.Prince' -OrganizationalUnit 'work.com/Users' -UserPrincipalName 'Rob.Prince@work.com' -SamAccountName 'Rob.Prince' -FirstName 'Rob' -Initials '' -LastName 'Prince' -Password $password -Database 'EX20071\First Storage Group\Mailbox Database'

When Rob.Prince@work.com sends mail to Ted Bremer, Steve Balmer, and Beata Norton, the mail goes to External Email Addresses.

Ted Bremer can log on to work.com domain and accesses the resources assigned.
Steve Balmer can log on to ABC.work.com domain and accesses the resources assigned.
Beata Norton can log on to Canoe.com domain and accesses the resources assigned.

Scenario1

New-MailContact -ExternalEmailAddress 'Dean@hotmail.com' -Name 'Dean Bruno' -Alias 'DeanBruno' -OrganizationalUnit 'work.com' -FirstName 'Dean' -Initials '' -LastName 'Bruno' -DomainController Paula.work.com

New-MailContact -ExternalEmailAddress 'Paul@hotmail.com' -Name 'Paul Thorthan' -Alias 'PaulThorthan' -OrganizationalUnit 'Canoe.com' -FirstName 'Paul' -Initials '' -LastName 'Thorthan' -DomainController w2008.canoe.com

New-MailContact -ExternalEmailAddress 'Victor@hotmail.com' -Name 'Victor Martin' -Alias 'VictorMartin' -OrganizationalUnit 'ABC.work.com' -FirstName 'Victor' -Initials '' -LastName 'Martin' -DomainController Ex20073.ABC.work.com


When Rob Prince sends mail to Dean Bruno, Paul Thorthan, and Victor Martin, the mail goes to Internet same as the mail user does.

However,


Dean Bruno cannot log on to work.com domain.
Paul Thorthan cannot log on to canoe.com domain.
Victor Martin cannot log on to ABC.work.com domain.

Linked Mailbox

A linked mailbox is a mailbox that is associated with an external account. Every mailbox must have a user account associated with it. However, the user account that will access the linked mailbox does not exist in the forest where Exchange is deployed. Therefore, a disabled user account that exists in the same forest as Exchange must be created and associated with each linked mailbox.

01

02

Tiger.VAN.COM is the domain controller for VAN.com domain.

USA.Terrace.COM is the domain controller for Terrace.com domain.

As the diagram shows, Terrace.com domain hosts the mailboxes, whereas VAN.COM domain has the active accounts. From VAN.COM domain, an incoming one-trust relationship is created as follows:

On Tiger.VAN.COM domain controller, start the Active Directory Domain and Trust tool and create the incoming one-way trust.

03

Create a user account: Kobe in VAN.COM first;

To create a Linked Mailbox, you need to work at USA.Terrace.com domain controller.

Exchange Management Console--New Mailbox--Linked Mailbox type--New User: Kobe Bryant

 

04

05

06

By Exchange Management Shell

Create a user account in Van.com, e.g. Andy Wilson. At USA.Terrace.COM:

$credential=Get-credential

07

You should provide UPN name, e.g. administrator@VAN.COM.

password=read-host "Enter Password" -asSecureString
Enter Password: *********


New-Mailbox -Name 'Andy Wilson' -Alias 'Andy.Wilson' -OrganizationalUnit 'Terrace.com/Users' -UserPrincipalName 'Andy.Wilson@Terrace.com' -SamAccountName 'Andy.Wilson' -FirstName 'Andy' -Initials '' -LastName 'Wilson' -Database 'USA\First Storage Group\Mailbox Database' -LinkedMasterAccount 'VAN\Andy.Wilson' -LinkedDomainController 'tiger.VAN.com' -LinkedCredential $credential

How do you access the Linked Mailbox?

From OWA, e.g. https://USA.Terrace.com/OWA
You must sign in as van\Andy.Wilson instead of Terrace\Andy.Wilson. The Terrace\andy.wilson account is disabled.

If you configure OUTLOOK client, please remember the mailbox and its associated account are in different forests.

When you implement the Linked Mailbox?

The resource forest scenario allows an organization to centralize Exchange in a single forest, while allowing access to the Exchange organization with user accounts in one or more trusted forests.

Microsoft Exchange Server: Calendar Concierge

Microsoft Office Outlook 2007 and Microsoft Outlook Web Access 2007:Scheduling Assistant

Shane.Williams schedules a meeting through OWA.

01

Calendar Attendant

The Calendar Attendant processes meeting requests as they come in, even if you are not currently logged on by means of Office Outlook or another client. Meetings are automatically placed on the calendar as tentative, so that timeslots will not be overbooked.

Shane.Williams@work.com organizes a meeting. He sent a meeting request to Rob.Prince. When Rob.Prince@work.com opens his Calendar, he will see the meeting is automatically placed on his calendar as tentative.

02

Resource Booking Attendant

The Resource Booking Attendant automates acceptance and declination of resource booking requests. Policies can be set up for each resource based upon by whom, when, and for how long a resource can be booked. If the request for the resource is within policy, the resource will automatically be granted, and no one else will be able to book the resource. If the request is out of policy, information can be provided explaining alternative resources, and escalation paths provided to approve an out of policy request.

Assuming the RoomMailbox: Class701 is created.

Add-MailboxPermission -AccessRights FullAccess -Identity Class701 -User Kaiming

Set-MailboxCalendarSettings -id class701 -AutomateProcessing 'autoaccept'

Get-MailboxCalendarSettings -id class701

Understanding the AutomateProcessing:AutoAccept

Enable the Class701 account

Logon as Class701 through OWA

Set the schedule as below:

03

Shane.Williams@work.com schedules a meeting with class701.

04

05

If Shane.Williams uses the Schedule Assistant, he could see the schedule of Class701. The conflict wouldn't happen.

Resource Mailboxes

Room mailboxes are assigned to a meeting location, such as a conference room, auditorium, or training room. Equipment mailboxes are assigned to a resource that is not location specific, such as a portable computer projector, microphone, or company car.

It is easy to create a Room Mailbox and a Equipment Mailbox.

However, managing it needs some explanation.

get-mailbox -RecipientTypeDetails RoomMailbox | fl Name,Resource*

Name : Class701
ResourceCapacity : 20
ResourceCustom : {}
ResourceType : Room

Name : Class801
ResourceCapacity : 15
ResourceCustom : {}
ResourceType : Room

get-mailbox -RecipientTypeDetails EquipmentMailbox | fl Name,Resource*

Name : Projector1
ResourceCapacity :
ResourceCustom : {}
ResourceType : Equipment

Name : car1
ResourceCapacity :
ResourceCustom : {}
ResourceType : Equipment

Name : TV1
ResourceCapacity :
ResourceCustom : {}
ResourceType : Equipment

It's better to provide more information (such as a room has TV, VCR, etc., a equipment has AUTO or Manual) to users.

Set-ResourceConfig -ResourcePropertySchema ("Room/TV", "Room/VCR", "Room/LeatherChair","Room/Computers","Equipment/Auto", "Equipment/Manual", "Equipment/DVI","Equipment/VGA","Equipment/HDMI","Equipment/Truck", "Equipment/SUV","Equipment/4Seats")

Set-Mailbox -Identity "Class701" -ResourceCustom ("TV","VCR","Computers") -ResourceCapacity 20
Set-Mailbox -Identity "Class801" -ResourceCustom ("TV","VCR","LeatherChair") -ResourceCapacity 12

Set-Mailbox -Identity "Car1" -ResourceCustom ("Auto","SUV")

Set-Mailbox -Identity "Projector1" -ResourceCustom ("VGA")

How Outlook clients use the additional information?

Exchange Management Console--Toolbox--Details Template Editor

06

07

08

09

Shared Mailbox

The Shared parameter specifies that you are creating a shared mailbox. A shared mailbox is a mailbox to which multiple users can log on. This mailbox is not associated with any of the users that can log on. It is associated with a disabled user account.

$password = Read-Host "Enter password" -AsSecureString

New-mailbox -UserPrincipalName chris@work.com -alias chris -Name ChrisAshton -password $password -FirstName Chris -LastName Ashton -shared -Database "Ex20071\First Storage Group\Mailbox Database"

You will find ChrisAshton account is disabled.

Add-MailboxPermission chrisAshton -User:'Domain Users' -AccessRights:FullAccess

Add-ADPermission chrisAshton -User:'Domain users' -ExtendedRights:Send-As -AccessRights:ReadProperty, WriteProperty -Properties:'Personal Information'

Shane.Williams can logon ChrisAshton mailbox from OWA.

10

Shane Williams open Chris mailbox by https://ex20071/owa/chris@work.com.

11

Microsoft recommend to use the resource mailboxes instead of the shared mailboxes.

Home