Once more I find myself in the trenches, battling bravely with Exchange 2010 in a vain attempt to beat it into submission. As there’s nothing worse than coming across problems that, when Googled, return only a handful of results, all asking the same thing and without any clear or satisfactory answer, I am providing the following bits in the hope that it might help others in the same situation.
First up, thanks to: flamingkeys.com; if you’ve got Receive Connectors with lots of Remote IP Ranges (Usually to allow them to relay mail externally through Exchange) then the following will make it nice and easy to copy said ranges when you create a new connector. The AuthMechnaism & PermissionGroups take any combination of the below listed options, comma-separated, of course:
New-ReceiveConnector [Connector Name] -Server [Servername] -Bindings [Server IP]:25 -RemoteIPRanges (Get-ReceiveConnector "[Existing Servername]\[Existing Connector Name]").RemoteIPRanges -AuthMechanism [None,TLS,Integrated,BasicAuth,BasicAuthRequireTLS,ExchangeServer,ExternalAuthoritative] -PermissionGroups [None,AnonymousUsers,ExchangeUsers,ExchangeServers,ExchangeLegacyServers,Partners,Custom] -MaxMessageSize [Size with B/KB/MB/GB]
Next, certificates. For no good reason, Microsoft changed the behaviour of the New-ExchangeCertificate and Import-ExchangeCertificate cmdlets from their 2007 versions in order to make them much harder to use; so, to request a new cert:
New-ExchangeCertificate -GenerateRequest -KeySize 1024 -SubjectName "c=[Country Code],s=[State],l=[City],o=[Org],ou=[Department],cn=[Common name]" -DomainName [Comma separated list of hostnames for SAN] | Set-Content -Path "[Path for CSR Txt file]"
Then, to import and enable the new certificate:
Import-ExchangeCertificate -FileData ([Byte]$(Get-Content -Path [Path to Certificate] -Encoding byte -ReadCount 0))
Enable-ExchangeCertificate -Thumbprint [Thumbprint of certificate] –Services [IIS,SMTP,IMAP]
To make use of the handy GAL photographs, first have a read of this from the Exchange Team Blog then, use this cmdlet to upload a photo:
Import-RecipientDataProperty -Identity [Mailbox Name] -Picture -FileData ([Byte]$(Get-Content -Path [Path To Image] -Encoding Byte -ReadCount 0))
And this one to remove it:
Set-Mailbox [Mailbox Name] -RemovePicture
Hopefully someone will find this useful, I’ll add more stuff as I stumble across it.