blog.icewolf.ch

Let's talk about IT!
posts - 2204, comments - 295, trackbacks - 0

My Links

Archives

Post Categories

icewolf

Install and use Exchange 2019 CU12 Recipient Management PowerShell

Hi All,

With the recent Release of Exchange Server 2019 CU12 Microsoft Announced the Exchange Recipient Management without Exchange Server.

Manage recipients in Exchange Hybrid environments using Management tools

In my LAB Environement i've removed Exchange a while ago.
Now i will install only the Management Tools to see how we can manage Exchange Recipients

Cumulative Update 12 for Exchange Server 2019 (KB5011156)

It should be clear, but you can't install the Management Tools on a Server where already another Version of Exchange is installed



I've downloaded the Exchange Server 2019 CU 12, mounted the ISO File and started setup.exe in a elevated Command Prompt








As there does not exist any Exchange Organization the Schema and Active Directory has to be prepared.










As expected only the Management Tools have been installed


But the Exchange Management Shell (EMS) does not work, due there is no Exchange Server to Connect


Same applies to the Exchange Toolbox MMC - no Exchange Server to Connect


If you have an Exchange installation. Do not uninstall it - this will delete all Exchange Schema Properties and therefore sync the deletion to Azure AD. Just shut it down and delete the Computer Object in Active Directory.
Make sure you don't need any Exchange Servers for Mail Flow anymore.


I did remove the Exchange Objects in Active Directory Configuration Partition with the Script below

Make sure the OU is not write Protected



cd C:\Program Files\Microsoft\Exchange Server\V15\Scripts
.\CleanupActiveDirectoryEMT.ps1



To use the Exchange Recipient Management Cmdlets, you have to add the following PSSnapin

Add-PSSnapin *RecipientManagement
Get-PSSnapin
Get-Command -PSSnapin Microsoft.Exchange.Management.PowerShell.RecipientManagement



With the "Add-PermissionForEMT.ps1" Script you can add a Group that has Permission on every OU in the Forest/Domain or you can specify the Parameter -RecipientOUs "CN=OU1,DC=contoso,DC=com,CN=OU2,DC=contoso,DC=com"

cd "C:\Program Files\Microsoft\Exchange Server\V15\Scripts"
.\Add-PermissionsForEMT.ps1





The Script creates "Recipient Management EMT" in the "Users" OU



It is a Mail-Enabled Security Group with Group Scope "Universal"



You can see the Permissions on the OU



The Script applies Permissions for the "Recipient Management EMT" Group to the EmailAddressPolicies, Accepted Domains in the Config Partition and on All or the specified OU's.



Regards
Andres Bohren


Print | posted on Wednesday, April 27, 2022 8:03 AM | Filed Under [ Exchange ]

Powered by:
Powered By Subtext Powered By ASP.NET