Ben Tucker

Ben Tucker

This user hasn't shared any profile information

Home page: http://www.iphouse.com/

Posts by Ben Tucker
ipHouse Dot Logo

Adding Exchange 2010 mailboxes from text file with PowerShell

I wrote before about adding Exchange 2010 mailboxes with PowerShell and AWK. I was having some trouble with the syntax of importing from a .csv or tab-delimited file so I punted and used awk on my workstation and got the work done.

That workflow is not ideal. I’d rather do it all in PowerShell. I got some great help from the fine folks over at /r/powershell and Don Jones’s PowerShell books and videos.

Here is a better way:

  • Use the Import-Csv cmdlet to import the data as an array objects with text properties, for each column.
  • Add and adjust the properties we need and their values.
  • Pass the whole array to New-Mailbox, which will do the right thing, as long as all the parameter names match the object properties.

If I exported the data as .csv, with properly named column headers, this would get even easier, but I will give PowerShell the same data I gave awk for the sake of parity. So let’s say I have no control over the format the data arrives in and it comes space-delimited like this:

Alice Adams aadams aadams@corp.domain.com Password1
Bob Baker bbaker bbaker@corp.domain.com Password2
Charlie Carter ccarter ccarter@corp.domain.com Password3
Dan Davis ddavis ddavis@corp.domain.com Password4
Ed Evans eevans eevans@corp.domain.com Password5
Frank Foster ffoster ffoster@corp.domain.com Password6

Here is how to use PowerShell to add these users using the data from this file.

To use a space for the field delimiter, we’ll use -Delimiter ‘ ‘. This file does not have a header row. Import-Csv imports as key-value pairs, so each column needs a name.  By default, it uses the top row for that, but that would not be the right thing to do here, since the top row is data.  So we can either put a header row on the file, or define alternate column names with a -Header argument.  Here is the command import my users.txt file as an array of objects, $users:

PS> $users = Import-Csv -Delimiter ' ' -path .\users.txt -Header FirstName, LastName, SamAccountName, UserPrincipalName, plaintextpass

This loads the data from the file into an array of objects $users.  Each element of $users has properties as defined in the header with values from the corresponding row.  Here’s the first element in $users:

PS> $users[0]

FirstName         : Alice
LastName          : Adams
SamAccountName    : aadams
UserPrincipalName : aadams@corp.domain.com
plaintextpass     : Password1

Next, we’ll add the “Name” property, which is a string in the form “FirstName LastName”

PS> $users = $users | Select-Object -Property *, @{name='Name';expression={$_.FirstName + ' ' + $_.LastName}}

The property is appended to the end of the list, but that’s fine, since Add-Mailbox accepts these arguments in any order. Here’s how the first object looks now.

PS> $users[0]

FirstName         : Alice
LastName          : Adams
SamAccountName    : aadams
UserPrincipalName : aadams@corp.domain.com
plaintextpass     : Password1
Name              : Alice Adams

Add-Mailbox wants the password as a system.securestring, and won’t accept a plain string at all. Items of type System.SecureString is stored in memory encrypted.  We’re defeating the security benefits of that behavior by handling the passwords as plaintext elsewhere in the script and in the data file. For exactly that reason, ConvertToSecureString will complain if we use it to accept plain text with -AsPlainText, but it will do it anyway if we use -Force.  The whole thing goes like this.

PS> $users = $users | Select-Object -Property *, @{name='Password';expression={(ConvertTo-SecureString -AsPlainText -Force -String "$_.plaintextpass")}}

Now we have the password stored as a SecureString.  Trying to print the password only prints “System.Security.SecureString” and not the actual contents, but it is in there.

PS> $users[0]

FirstName         : Alice
LastName          : Adams
SamAccountName    : aadams
UserPrincipalName : aadams@corp.domain.com
plaintextpass     : Password1
Name              : Alice Adams
Password          : System.Security.SecureString

Now let’s get rid of that plaintext password.  Strictly, this step is not necessary. Since “plaintextpass” does not match any of the arguments that Add-Mailbox accepts, it will be discarded.  But since we need to encrypt the password as a SecureString to pass it anyway, why pass it as plaintext as well.  So we strip the property out like this:

PS> $users = $users | Select-Object -Property * -ExcludeProperty plaintextpass

And finally, our objects look like this:

PS> $users[0]

FirstName         : Alice
LastName          : Adams
SamAccountName    : aadams
UserPrincipalName : aadams@corp.domain.com
Name              : Alice Adams
Password          : System.Security.SecureString

It is not an accident that these are exactly the arguments that Add-Mailbox wants.  This is the fun part.

PS> $users | Add-Mailbox

That’s it. The contents of the properties of each object in $users are passed to the corresponding arguments Add-Mailbox accepts.  Add-Mailbox takes those arguments and creates six new users.

And of course, since this is powershell, all of this can be done in one big pipeline if readability is not your thing.  That would look like this:

PS> Import-Csv -Delimiter ' ' -path .\users.txt -Header FirstName, LastName, SamAccountName, UserPrincipalName, plaintextpass | Select-Object -Property *, @{name='Name';expression={$_.FirstName + ' ' + $_.LastName}}, @{name='Password';expression={(ConvertTo-SecureString -AsPlainText -Force -String "$_.plaintextpass")}} | Select-Object -Property * -ExcludeProperty plaintextpass | Add-Mailbox

Adding Exchange mailboxes from a text file by way of awk

When you get a virtual server or a vmForge Virtual Data Center from us, you can choose to manage it yourself or have us take care of it.  If you choose ipHouse management on a Windows virtual machine, I will probably be involved with your server management. Here is a recent task related to that role.

I hope others find it helpful.

I was adding a list of users to an Exchange 2010 server.  There is a quick way and a slow way to do that. The quick way and slow way trade places when the list grows to a certain size. The quick way is to open Exchange Management Console, expand Recipient Configuration, and click New Mailbox.  Type in the proper values and click next a few times, then click Finish.

The slow way is to create the PowerShell commands to add the mailboxes from a text file containing all the user data and paste it into PowerShell. It is also the quick way, if you have enough users to add.

(more…)

Feature freeze

Some of us took the time last week to create something new. I chose to challenge myself by designing a system I had not built before and that I am not ready to share… quite yet. :) But I do want to share something about the design process in very general terms.

The lesson I learned: Feature freeze is a good thing. Know when to stop fixing.

Now early in the project, I had a pretty good idea of what pieces needed to go together but I did not have a very good idea of how to get there. I put down a quick design and while I was doing that I started to see problems..

  • Pieces did not fit together.
  • Some things were missing.
  • This was not going to work.

Time to start learning. I love learning.

(more…)

IIS 7.5 and FTP-SSL

FTP-SSL is the encrypted FTP type that is supported by IIS 7.5 (Windows Server 2008 R2) and IIS 7.0 (Windows Server 2008). There are some quirks to setting it up this way. This brief walk-through has a couple of warnings about those specific issues.

I am using FTP-SSL in passive mode, with explicit SSL.  I do that because most of my users run their computers behind some sort of firewall. This sometimes means that their data channels get blocked by their firewall. The symptom then is that they can connect, but can’t send or receive files or list directories. So I have them use passive FTP in their client software. (more…)

Electric

Lots of folks don’t think much about where the power they use comes from, but I do. We can’t do any of the things we do here at all without it and we take it seriously. In this post, I’ll cover the basic parts of how electrical power is delivered to the datacenter without getting too serious.

These parts are: electrical service, backup generator, uninterruptible power supply, automatic transfer switch, power distribution units, power monitoring, and power consumers, such as servers, routers, and switches.

The main difference between power for devices in the datacenter and other types of power service is that a power loss in this situation can be a really big deal. These devices need power that is always on, even in a storm, to function properly. Making the datacenter stay on when the power from the electric company falters takes some special design considerations.

(more…)

Ben Tucker's RSS Feed
Go to Top