by Flooberjibby at 2012-10-10 12:21:21
Hi Everyone.by mjolinor at 2012-10-10 17:19:33
I’m hoping to get some experienced insight in quota design approach and implementation.
We’re migrating from 2003 to 2010. Our users currently have no quotas on the 2003 stores. We’ll be implementing quotas as we migrate, and we’ll have two levels - 2GB for normal users (including resource mailboxes, even though they should never get that big) and 10GB for the folks that "need" more.
Here is my thought - set all mail DBs to 2GB, then create a group for the 10GB users and write a script to set their warning and prohibit send values and schedule it to run on a schedule. I can do that no problem.
I’m also concerned with my helpdesk guys removing or changing quota limits for users that don’t have approval.
My idea to deal with that is have the script then look for users who are NOT part of that group and set them back to use the store defaults.
Therein lies my difficulty. I’m having a heck of a time finding those users to set them back to the store defaults.
So begin my questions:
1. Is this even a decent approach? I like the store limits being the defaults because then new users get capped. If there is a better way to do it I’m open to it!
2. If #1 is yes, how do I find the users not in my specified group? I tried using filters with no love, I tried piping to the Get-QADUser command but it doesn’t like the pipelined input, even when I format the output to drop the column headers.
I’m at a place where I can generally look at a script, figure out what it does and tweak it a bit for my purposes but I admin I’m baffled on how to use the variables, how folks know to use certain things (like .count on the end of an object) - I know it’s experience but there is still some magic in it for me. I’m learning what I can when I can so hopefully this gives me something to put in my toolbox for the future.
I can provide all the stuff I tried that DIDN’T work but there is a LOT of it - I’ve been trying for two days and haven’t had any luck.
I appreciate whatever guidance and help you might have for me.
Thanks,
Jason
Okay. To start with, you should not need the Quest cmdlets at all. All the cmdlets you need will be in the Exchange Management Shell, or in a remote Exchange management session.by Flooberjibby at 2012-10-10 17:29:03
Get-DistributionGroupMember <group name> should return all the members of the group.
Thanks for the reply. I must not have explained myself well enough.by mjolinor at 2012-10-10 19:33:42
I can set the quota for members of the group easily.
It’s applying the default mail store quota to everyone NOT in the group that I’m trying to figure out.
That’s assuming there isn’t a better way to do it from the get-go.
Jason
by Flooberjibby at 2012-10-10 19:52:32$nondef_quota = get-distributiongroupmember <group name>
$def_quota = get-mailbox -resultsize unlimited |
where {$nondef_quota -notcontains $}
Then just set the UseDatabaseQuotaDefaults to $true for all the $def_quota mailboxes.
So you grab the group then a list of mailboxes to make sure none of those mailboxes are listed in the grabbed group? Is that about it? Just trying to make sure I understand.by mjolinor at 2012-10-10 20:22:45
So I could use that same $nondef_quota to set the high quota for group members as well, right?
It doesn’t actually appear to be working. I have about 15 2010 users and of them, I’m the only member of the group I specified. I added "-RecipientTypeDetails UserMailbox" to the second line and instead of using the $def_quota variable I just printed to the screen - it listed all my 2010 users, including me. I believe I should have been left out. I switched the code to read:$nondef_quota = get-distributiongroupmember mailbox_quota_increase
get-mailbox -resultsize unlimited -RecipientTypeDetails UserMailbox | where {$nondef_quota -notcontains $}
Thank you very much. The last $_ is the part I still don’t know how to use when i try to figure stuff out, but I’m working on it
Jason
I’m not where I can test, but I think this will take care of adding the RecipientTypeDetail to the filter:by Flooberjibby at 2012-10-10 20:25:41$nondef_quota = get-distributiongroupmember <group name>
$def_quota = get-mailbox -resultsize unlimited |
where {($nondef_quota -notcontains $) -and ($.recipienttypedetails -eq 'UserMailbox'}
Yes, you can also use th $nondef_quota to set the high-quota users.
$_ is an automatic vairiable used with pipeline commands that iterate over a group of objects (foreach-object and where-object), and it represents the current object in the pipeline.
Given an array ($array) of 3 numbers (1,2,3),$array | foreach-object {$_ + 1}
Will output 2 3 4
Foreach-object caused the script block {$_ + 1} to execute 3 times, once for each object in the array, and the value of $_ was 1, then 2, then 3, for each loop respectively.
If that makes sense.
Sorry for under-editing you. I figured out that I had to remove the variable definition on the second line to see the results on the screen. It seems to be including me in the results, even though I’m a member of that group.by mjolinor at 2012-10-10 20:33:32
I appreciate your help and patience as I try to get this figured out.
Seems odd. I’ll double check that when I get to work tomorrow. Do you show up in the variable that’s getting the group memebers?by Flooberjibby at 2012-10-10 20:58:38
Yep, I show up as a group member as well.by Flooberjibby at 2012-10-15 14:38:35
Sorry to bug, did you have any luck with this? I tried a few things with your code but I didn’t have any luck.by hansd at 2012-10-31 01:39:04
Thanks,
Jason
Here is my clumsy attempt at solving a similar problem, but it works fine for my setup.by Flooberjibby at 2012-10-31 12:57:36
We have three AD-Groups:
[list]
ADgroup-quota-large
ADgroup-quota-extended
ADgroup-quota-exceptions
[/list]
[list]
"Large" accounts get 2GB mailbox size
"Extended" accounts get 400Mb mailbox size
"Exceptions" accounts get unlimited mailbox size
All others get "standard" size which is 100Mb
[/list]#various settings such as data and logging
$date = get-date
$filename = "mbx_size"
add-Content D:\scripts$filename.log $date
#connecting to exchange and importing commands
Get-PSSession | Remove-PSSession
$servername = "exchserver.domain.local"
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri http://$servername/powershell/;
Import-PSSession $Session -CommandName get-mailbox, set-mailbox
Import-Module activedirectory
#getting group members and mailboxes (takes some time to get all items)
$allmbx = get-mailbox -ResultSize:unlimited | where {$_.UseDatabaseQuotaDefaults -eq $false} | select Distinguishedname
$largeusers = Get-ADGroupMember -Identity ADgroup-quota-large #group with large quota (2GB)
$chklargegrp = Get-ADGroupMember -Identity ADgroup-quota-large | select -expand distinguishedname #group with large quota (distinguishedname expanded)
$extendedusers = Get-ADGroupMember -Identity ADgroup-quota-extended #group with extended quota (400Mb)
$chkextendedgrp = Get-ADGroupMember -Identity ADgroup-quota-extended | select -expand distinguishedname #group with extended quota (distinguishedname expanded)
$exceptions = Get-ADGroupMember -Identity ADgroup-quota-exceptions | select -expand distinguishedname #group with quota exeptions (unlimited quota)
#looping through 400Mb mailboxes
foreach ($mbx in $extendedusers)
{
if ($exceptions -notcontains $mbx.distinguishedName)
{
if ($chklargegrp -notcontains $mbx.distinguishedName)
{
$mailbox = $null
$mailbox = Get-Mailbox $mbx.distinguishedName
if ($mailbox)
{
if ($mailbox.IssueWarningQuota -notlike '390 MB*' -or $mailbox.ProhibitSendQuota -notlike '400 MB*' -or $mailbox.ProhibitSendReceiveQuota -notlike '1.2 GB*' -or $mailbox.UseDatabaseQuotaDefaults -ne $false)
{
Set-Mailbox $mailbox.DistinguishedName -IssueWarningQuota 390MB -ProhibitSendQuota 400MB -ProhibitSendReceiveQuota 1.2GB -UseDatabaseQuotaDefaults $false
$line = $mailbox.SamAccountName + ";extended;" + $date
add-Content .$filename.log $line
}
}
}
}
}
#looping through 2GB mailboxes
foreach ($mbx in $largeusers)
{
if ($exceptions -notcontains $mbx.distinguishedName)
{
$mailbox = $null
$mailbox = Get-Mailbox $mbx.distinguishedName -wa:silentlycontinue -ea:silentlycontinue
if ($mailbox)
{
if ($mailbox.IssueWarningQuota -notlike '1.9 GB*' -or $mailbox.ProhibitSendQuota -notlike '2 GB*' -or $mailbox.ProhibitSendReceiveQuota -notlike '2.2 GB*' -or $mailbox.UseDatabaseQuotaDefaults -ne $false)
{
Set-Mailbox $mailbox.DistinguishedName -IssueWarningQuota 1.9GB -ProhibitSendQuota 2048MB -ProhibitSendReceiveQuota 2.2GB -UseDatabaseQuotaDefaults $false # -wa:silentlycontinue -ea:silentlycontinue
$line = $mailbox.SamAccountName + ";large;" + $date
add-Content .$filename.log $line
}
}
}
}
#looping through all standard mailboxes (100Mb)
foreach ($mbx in $allmbx)
{
if ($exceptions -notcontains $mbx.distinguishedName -and $chklargegrp -notcontains $mbx.distinguishedName -and $chkextendedgrp -notcontains $mbx.distinguishedName)
{
$mailbox = $null
$mailbox = Get-Mailbox $mbx.distinguishedName
if ($mailbox)
{
if ($mailbox.UseDatabaseQuotaDefaults -ne $true)
{
Set-Mailbox $mailbox.DistinguishedName -UseDatabaseQuotaDefaults $true
$line = $mailbox.SamAccountName + ";standard;" + $date
add-Content .$filename.log $line
}
}
}
}
#looping through unlimited mailboxes
foreach ($mbx in $exceptions)
{
$mailbox = $null
$mailbox = Get-Mailbox $mbx
if ($mailbox)
{
if ($mailbox.IssueWarningQuota -ne "unlimited" -or $mailbox.ProhibitSendQuota -ne "unlimited" -or $mailbox.ProhibitSendReceiveQuota -ne "unlimited" -or $mailbox.UseDatabaseQuotaDefaults -ne $false)
{
Set-Mailbox $mailbox.DistinguishedName -IssueWarningQuota unlimited -ProhibitSendQuota unlimited -ProhibitSendReceiveQuota unlimited -UseDatabaseQuotaDefaults $false #-WhatIf
$line = $mailbox.SamAccountName + ";unlimited;" + $date
add-Content .$filename.log $line
}
}
}
Get-PSSession | Remove-PSSession
Thanks! I’ll play with it a bit to see if I can make it work for our environment.by hansd at 2012-10-31 13:37:10
I appreciate you taking the time to post.
Jason
u r welcome, let me know how it goes
-h