Powershell script to apply retention policy by group - Exchange 2010

Similar Messages

• Powershell script to apply retention policy by group

  I am working on a script to apply a specific retention policy to individuals who are members of a particular group, another for rooms, and yet another to everyone else.  Below is what I'm working with:
  I run into an error that states "Pipeline not executed because a pipeline is already executing..." and the retention policy doesn't get set.  can someone tell me where I've gone wrong here?  Or perhaps an easier solution?
  #Check entire domain
  Set-ADServerSettings -ViewEntireForest $true
  #Active Directory Group
  $Group = [ADSI]("LDAP://CN=EXCHANGE_DISABLE_PURGE,OU=EXCHANGE ACCOUNTS,DC=domain,dc=com")
  #Enum Group Members and set equal to array
  $Grouplist = $Group.member
  #do loop varaible setup
  $GroupLength=$Grouplist.count
  $GroupArrayLength=$GroupLength - 1
  $GroupCount = 0
  $Userlist= @(0..$GroupArrayLength)
  $UsersDN=@(0..$GroupArrayLength)
  #do loop to disable purge policy for all array members
  do {
   $Userlist[$GroupCount] = [ADSI]("LDAP://" + $Grouplist[$GroupCount])
   $UsersDN[$GroupCount] = $userlist[$GroupCount].distinguishedname
   $GroupLength=$GroupLength - 1
   $GroupCount++
  until ($GroupLength -eq 0)
  Get-mailbox -database db01 -resultsize Unlimited | foreach-object{
   if ([string[]]$UsersDN -contains $_.DistinguishedName){
    if ($_.RetentionPolicy -ne "NoPurge"){
     set-mailbox $_ -RetentionPolicy NoPurge
     write-host("Applied - No Purge Policy to "+$_.DisplayName) -ForeGroundColor Green
   elseif (($_.RecipientTypeDetails -eq "RoomMailBox") -or ($_.RecipientTypeDetails -eq "EquipmentMailbox")){
    if ($_.RetentionPolicy -ne "Default Resource/Equipment Policy"){
     set-mailbox -identity $_ -RetentionPolicy "Default Resource/Equipment Policy"
     write-host("Applied - Default Resource/Equipment Policy to "+$_.DisplayName) -ForeGroundColor Green
   else{
    if ($_.RetentionPolicy -ne "180DayDefault"){
     set-mailbox -identity $_ -RetentionPolicy "180DayDefault"
     write-host("Applied - Default 180 Day Purge Policy to "+$_.DisplayName) -ForeGroundColor Green

  Hi,
  In order to resolve this issue more efficiently, I recommend you post to the Script forum which is staffed by more experts specializing in this kind of problems. You might get a better answer there. Thanks for understanding.
  http://social.technet.microsoft.com/Forums/scriptcenter/en-US/home?category=scripting
  Best regards,
  Belinda
  Belinda Ma
  TechNet Community Support

• Script set to auto apply Retention policy to all new mailbox created and run everyday

    Script to set auto apply Retention policy to all new mailbox created and run everyday on Exchange 2007 , 2010 , and 2013.
   Could you please help me with the script will rename the policy name please help me with script..
   Thanks,
   Chandu

  Hi Chandu,
  Have you find the solution finally? Have you tried Pavan's suggestion?
  Sorry for my lacking of code and script. If your requirement still haven't been achieved, I suggest we can ask a question in Exchange Development forum and Script Center for more professional suggestion:
  Microsoft Exchange Development forum
  http://social.technet.microsoft.com/Forums/en-US/exchangesvrdevelopment/threads
  Script Center
  http://social.technet.microsoft.com/Forums/scriptcenter/en-US/home?forum=ITCG
  Regards,
  Winnie Liang
  TechNet Community Support

• Powershell script: to get the AD Security Group Name

  I need PowerShell script that takes input: AD Security Group Name and loop
  through all web applications and their content in the farm to know where this particular group is used.

  hi
  AD groups are represented in Sharepoint as SPUser object with
  SPUser.IsDomainGroup set to true. I.e. you may use the same script which is used for users:
  Powershell script to find permissions for a specific user.
  Blog - http://sadomovalex.blogspot.com
  Dynamic CAML queries via C# - http://camlex.codeplex.com

• Apply Retention Policy to All New Mailboxes

  I have created a retention policy tag to “Delete and Allow Recovery” after 14 days of all items in the “Deleted Items” folder.
  I then created a Retention Policy to apply the tag. I see using the EMS I can run a command “Get-Mailbox | Set-Mailbox –RetentionPolicy “Empty Trash” to apply to all existing mailboxes but how do I apply this to all new mailboxes as
  well?
  I see a posting at
  http://www.proexchange.be/blogs/exchange2010/archive/2011/08/31/using-the-scripting-agent-to-automate-some-basic-housekeeping-tasks.aspx
  that describes using the Scripting Agent to automate this processes but it seems overkill for my simple requirement. If I go this route does this need to be applied to each Exchange Server? Is this the only way or is there a simpler way to apply a recipient
  policy to all existing and future mailboxes?
  Pacerfan9

  Hi,
  Any updates on this issue?
  If anything is unclear, please feel free to let us know. 
  Thanks,
  Evan Liu
  TechNet Subscriber Support
  in forum
  If you have any feedback on our support, please contact
  [email protected]  
  Evan Liu
  TechNet Community Support

• Powershell script to Get members of AD group members with first, last, email address

  I'm running a powershell script to retrieve AD users from a specific AD group and pipe specific attributes to a csv file. The script is working perfectly except for one detail. I want the script to ignore any users who have a null value in any of the values
  I'm piping to the spreadsheet. Meaning that if any of the users found in the queried groups have a null value in the attributes givenname, sn or mail, ignore the user and do not pipe to the csv.
  Get-ADGroupMember -identity adgroup -recursive | get-adobject -Properties givenname,sn,mail | select givenname,sn,mail |export-csv -path c:\powershell\groupmembers.csv
  –NoTypeInformation

  Hi,
  You can pipe your user objects through ForEach-Object and then use if to verify all three properties exist. If so, output the object. If not, move to the next object. After you've processed all user objects, then pipe into Export-Csv.
  EDIT: See below.
  Don't retire TechNet! -
  (Don't give up yet - 13,225+ strong and growing)

• Applying retention Policy tags to inbox in Exchange Server 2010

  I configured a Journal inbox in Exchange server 2010. I would like to configure a retention policy of 30 days so after a month all emails will be deleted from the Inbox of the Journal account. I configured the retention policy but messages
  would never get deleted.

  Hi,
  Based on the description, you created a retention policy tag, the type was Inbox, added this tag to a retention policy and then applied this policy to the journal mailbox. However, this retention policy didn't work.
  For this issue, first, I recommend you check if this tag is disabled. Besides, please check the application log to see if the Managed Folder Assistant has processed this journal mailbox. You can force the Managed Folder Assistant to apply the policy manually
  by running the Start-ManagedFolderAssistant command.
  If you have checked the above, I suggest you change the Action that retention policy tag performs to check the result.
  Best regards,
  Belinda
  Belinda Ma
  TechNet Community Support

• Retention Policy Tag on Outlook 2010/Exchange 2010 SP3

  While I still wanted to have the Retention Policies and Tags applied to mailboxes, would I just be able to "HIDE" or "SUPPRESS" the Tip that the Outlook 2010 client shows on the read-pane like...
  Retention Policy: xx Days Retention Inbox (xx days) Expires x/x/xxxx  ??
  Please suggest
  Please mark as helpful if you find my contribution useful or as an answer if it does answer your question. Regards, Siva

  Hi,
  When a retention policy is applied to an item in user's mailbox, the retention policy for a message appears in the header in the Reading Pane under the recipient names and includes the expiration date. If no retention policy is applied, no information appears
  under the message recipient names.
  Based on my knowledge, I'm afraid there is no way to hide it in the Reading Pane.
  Best regards,
  Belinda
  Belinda Ma
  TechNet Community Support

• How to use Powershell to set delegate for user mailbox in Exchange 2010 and Office 365

  Hello,
  Can you please tell me if I can set delegate for user mailbox in Exchange 2010 or Office 365 using Powershell?
  If I can, then how can I do that? (which Powershell commands for setting the delegate?)
  Many thanks, and have a good day!

  Hi,
  If you wanted to add a delegate to possiblly a large number of users or you do this during mailbox provisioning. So the following script will use
  impersonation to access another users mailbox and add a delegate.
  $mbtoDelegate = "[email protected]"
  $delegatetoAdd = "[email protected]"
  $dllpath = "C:\Program Files\Microsoft\Exchange\Web Services\1.0\Microsoft.Exchange.WebServices.dll"
  [void][Reflection.Assembly]::LoadFile($dllpath)
  $service = new-object Microsoft.Exchange.WebServices.Data.ExchangeService([Microsoft.Exchange.WebServices.Data.ExchangeVersion]::Exchange2007_SP1)
  $windowsIdentity = [System.Security.Principal.WindowsIdentity]::GetCurrent()
  $sidbind = "LDAP://<SID=" + $windowsIdentity.user.Value.ToString() + ">"
  $aceuser = [ADSI]$sidbind
  $service.AutodiscoverUrl($aceuser.mail.ToString())
  $service.ImpersonatedUserId = new-object Microsoft.Exchange.WebServices.Data.ImpersonatedUserId([Microsoft.Exchange.WebServices.Data.ConnectingIdType]::SmtpAddress,
  $mbtoDelegate);
  $mbMailbox = new-object Microsoft.Exchange.WebServices.Data.Mailbox($mbtoDelegate)
  $dgUser = new-object Microsoft.Exchange.WebServices.Data.DelegateUser($delegatetoAdd)
  $dgUser.ViewPrivateItems = $false
  $dgUser.ReceiveCopiesOfMeetingMessages = $false
  $dgUser.Permissions.CalendarFolderPermissionLevel = [Microsoft.Exchange.WebServices.Data.DelegateFolderPermissionLevel]::Editor
  $dgUser.Permissions.InboxFolderPermissionLevel = [Microsoft.Exchange.WebServices.Data.DelegateFolderPermissionLevel]::Reviewer
  $dgArray = new-object Microsoft.Exchange.WebServices.Data.DelegateUser[] 1
  $dgArray[0] = $dgUser
  $service.AddDelegates($mbMailbox, [Microsoft.Exchange.WebServices.Data.MeetingRequestsDeliveryScope]::DelegatesAndMe, $dgArray);
  Hope this helps.

• Retention Policy and Managed folder based retention

  What is difference between "Retention Policy/ Policy Tags" and " Managed Content Settings"?
  In my setup , my managed folder folder become general folder after following steps
  1. Created Managed folder
  2. Created managed content settings for IPM.post and IPM.Appointment with retention action "Delete and Allow recovery".
  3. Created managed policy and applied to 1 mailbox, and this is working properly
  But After that,
  1. Created 3 retention tags(1 for inbox, 1 for sent, 1 personal).
  2. Created retention policy combining these 3 tags.
  3. Applied to SAME mailbox
  4. Ran 'ManagedFolderAssitant'
  **After this, Managed folder become general outlook folder.
  So, cant I have "Managed folder based retention for managed folders" and General retention for "Inbox,Sent"

  Exchange 2010 RTM introduced Retention Policies as the successor to the Message Records Management (MRM) technology introduced in Exchange 2007. MRM was the successor to Mailbox Manager Policies in Exchange 2003. Message Records Management is called MRM
  1.0 and Retention Policies is being called MRM 2.0 for short. MRM 1.0 as well as MRM 2.0 are both available in Exchange 2010. Only difference is we can manage Retention Policies from the EMC and EMS, but the Managed Folder Mailbox Policy is only Managed from
  the EMS through cmdlets in Exchange 2010 SP1.
  It completely depends on your requirements when to use MRM 1.0 and when to Use MRM 2.0.
   Certain new features are added in MRM 2.0 (Retention Policy) which allow us to manage our mailbox email items at very granular level. But if we are still happy with earlier version MRM 1.0 then we can continue using Managed folder mailbox
  Policy in Exchange 2010.
  [ Note: If we are Using the Retention Policy (MRM 2.0) then we can view the expiry of  each and every email items of the folders on which the retention Policy is tagged and this can be only view from OWA and Outlook 2010, But this feature
  is not available  for  Managed Folder Mailbox Policy (MRM 1.0) ]
  We cannot use the Base Folder only switch in MRM 2.0 because it is TAG  specific (DPT, RPT, and PPT) not Managed Folder specific.
  Managed folder Mailbox Policy is folder specific this would be the major difference.
  Refer to this link :
  Retention policies vs Managed folders

• Retention Policy problems

  Hello,
  i am trying to set up the automated archival of Exchange 2013.
  So that e-mails, which are older than e.g. 1 year are get moved to the archive.
  What i did:
  1.  Create a archive database
  2.  Create a archive mailbox
  3.  Create a retention tag
  4.  Create a retention policy
  4.1 Including a Default tag and a personal tag
  5. Linked it to a user: Set-mailbox “administrator” -RetentionPolicy "Movetoarchivpolicy"
  6. Checked the User: Get-Mailbox “administrator” | Select RetentionPolicy
  7. Started the ManagedFolderAssistant: Start-ManagedFolderAssistant -Identity “administrator”
  8. But all Mails stayed in the Mailbox
  9. I tryed to manually assign a retention tag to a Mail, but I dont have the button. (OWA and Outlook 2013 ProPlus).
  Have anyone an idea, why i don't have the "assign policy" button?
  And why all Mails stay in the Mailbox?
  Thanks,

  Hi,
  Event 9018 means that Mailbox Assistant has processed the mailbox successfully. But retention policy still didn't work.
  I recommend you create a new test mailbox and apply retention policy to this new mailbox to check if it works.
  And please increase diagnostic logging level for MRM, and then monitor application log to check if there is any related events.
  Best regards,
  Belinda
  Belinda Ma
  TechNet Community Support

• CONFIGURE RETENTION POLICY TO REDUNDANCY 0

  Our database is 11g R2, below is our RMAN script
  Presently our retention policy is 1, so 1 backup is retained along with the current backup.
  I Just want to have 1 backup, i.e RMAN should take the backup and delete the old bacup.
  Will it work if i change the retention policy to 0 ?
  RUN
    ALLOCATE CHANNEL ch1 DEVICE TYPE DISK;
    ALLOCATE CHANNEL ch2 DEVICE TYPE DISK;
    ALLOCATE CHANNEL ch3 DEVICE TYPE DISK;
    DELETE NOPROMPT OBSOLETE;
    BACKUP DATABASE INCLUDE CURRENT CONTROLFILE format 'G:\Oracle\flash_recovery_area\BACKUPSET\tmp\rman_backup\df_%d_%s_%p_%T';
    SQL "ALTER SYSTEM ARCHIVE LOG CURRENT";
    BACKUP ARCHIVELOG ALL DELETE INPUT format 'G:\Oracle\flash_recovery_area\BACKUPSET\tmp\rman_backup\df_%d_%s_%p_%T';
  RMAN> show all
  2> ;
  using target database control file instead of recovery catalog
  CONFIGURE RETENTION POLICY TO REDUNDANCY 1;
  CONFIGURE BACKUP OPTIMIZATION OFF; # defaultEdited by: user10243788 on Apr 24, 2012 1:14 AM

  user10243788 wrote:
  Our database is 11g R2, below is our RMAN script
  Presently our retention policy is 1, so 1 backup is retained along with the current backup.
  I Just want to have 1 backup, i.e RMAN should take the backup and delete the old bacup.
  Will it work if i change the retention policy to 0 ?You cannot set the retention policy to redundancy 0 because redundancy count must be greater than zero.
  >
  RUN
  ALLOCATE CHANNEL ch1 DEVICE TYPE DISK;
  ALLOCATE CHANNEL ch2 DEVICE TYPE DISK;
  ALLOCATE CHANNEL ch3 DEVICE TYPE DISK;
  DELETE NOPROMPT OBSOLETE;
  BACKUP DATABASE INCLUDE CURRENT CONTROLFILE format 'G:\Oracle\flash_recovery_area\BACKUPSET\tmp\rman_backup\df_%d_%s_%p_%T';
  SQL "ALTER SYSTEM ARCHIVE LOG CURRENT";
  BACKUP ARCHIVELOG ALL DELETE INPUT format 'G:\Oracle\flash_recovery_area\BACKUPSET\tmp\rman_backup\df_%d_%s_%p_%T';
  }Just switch the order of operation:
  use
  BACKUP DATABASE INCLUDE CURRENT CONTROLFILE format 'G:\Oracle\flash_recovery_area\BACKUPSET\tmp\rman_backup\df_%d_%s_%p_%T';
  DELETE NOPROMPT OBSOLETE;
  instead of
  DELETE NOPROMPT OBSOLETE;
  BACKUP DATABASE INCLUDE CURRENT CONTROLFILE format 'G:\Oracle\flash_recovery_area\BACKUPSET\tmp\rman_backup\df_%d_%s_%p_%T';
  You can also exclude the operation SQL "ALTER SYSTEM ARCHIVE LOG CURRENT" because BACKUP ARCHIVELOG ALL implicitly switch logfile before archiving.

• Powershell export User properties and policy settings

  is there a Powershell script "out-there" that export and import all the user properties from the User Profile service Application - including their individual placement on the various sections (contact, basic, details etc), and also including their
  policy settings (only me /everyone/replicate settings) - basic all the settings - and if the AD mapping is there as weel it would be nice...
  So I can export from environment A and then import them to environment B... ?

  Did you try this blog:
  POWERSHELL TO EXPORT / QUERY ALL USER PROFILE PROPERTIES AND AD MAPPINGS
  http://www.sharepointfix.com/2012/01/powershell-script-to-print-user-profile.html
  also
  SharePoint 2010: Updating User Profile Properties with PowerShell
  Please remember to mark your question as answered &Vote helpful,if this solves/helps your problem. ****************************************************************************************** Thanks -WS MCITP(SharePoint 2010, 2013) Blog: http://wscheema.com/blog

• C an you display set retention policy?

  Is there a way for a Outlook client to display the current applied retention policy for all items in a folder? I know it is displayed on each item, and I looked for a column to add but didn't see anything applicable.
  This is a request from staff that have large mailboxes that are just starting to use MRM.
  Stunpals - Disclaimer: This posting is provided "AS IS" with no warranties.

  Hi,
  DPTs apply to untagged mailbox items in the entire mailbox. Untagged items are mailbox items that don't already have a retention tag applied, either by inheritance from the folder in which they're located or by the user.
  There is no way to list all items that have the DPT policy applied either.
  Best regards,
  Belinda Ma
  TechNet Community Support

• Messaging Records Management: loss of functionality between Managed Folders and Retention Policy

  In Exchange 2007 and 2010 you can use Managed Folders with Managed Content Settings to act on messages based on when they were moved into the folder. E.g.,
  New-ManagedContentSettings -Name DeleteJunk -FolderName ManagedJunk -MessageClass * -RetentionEnabled $true -RetentionAction DeleteAndAllowRecovery -AgeLimitForRetention 30 -TriggerForRetention WhenMoved
  will delete items 30 days after they're moved into the Junk E-Mail folder designated by the Folder Name "Managed Junk".
  However, Exchange 2010 introduces Retention Policies as an alternative to Managed Folders, and Exchange 2013 drops Managed Folders entirely. With a Retention Policy, it's impossible to specify a TriggerForRetention. See http://technet.microsoft.com/en-us/library/dd335226%28v=exchg.141%29.aspx
  and note that New-RetentionPolicyTag lacks -TriggerForRetention as a parameter. If you Get-RetentionPolicyTag | fl you can still see a TriggerForRetention value, but it's "WhenDelivered" and can't be changed.
  Both http://technet.microsoft.com/en-us/library/bb430780%28v=exchg.141%29.aspx (Exchange 2010) and http://technet.microsoft.com/en-us/library/bb430780%28v=exchg.150%29.aspx (Exchange 2013) describe a rather convoluted method used to determine the age of
  a message for retention purposes, but I don't know whether to believe those pages. It seems apparent, though, that basing a message's age on WhenDelivered can easily produce undesired results.
  Consider a Retention Policy Tag placed on the Junk E-Mail folder which will perform DeleteAndAllowRecovery on items older than 30 days. A message arrives on 01/01/15 and is classified as Junk. It immediately starts aging based on the date 01/01/15. The user
  find the message, which was misclassified, and moves it to another folder. Since there's no way to set a TriggerForRetention based on WhenMoved, the message continues to age from 01/01/15. 90 days later, while the user is reviewing their mail, the user accidentally
  clicks the Junk button on the message. Because the message is more than 30 days old, it's deleted immediately.
  1) Am I correct? Or is there a way to use Retention Policies so that messages are acted on based on how long they've resided in their current folder?
  2) What do I have to do to get Microsoft to add the ability to change the TriggerForRetention on a Retention Policy Tag in Exchange 2013?
  Note, I'm not the first person to raise this issue. It's been discussed in a number of places including TechNet. Here are a few:
  http://social.technet.microsoft.com/Forums/exchange/en-US/82c01e6e-0184-4d25-b803-45a604ca0c68/retention-policy-tag-problem?forum=exchangesvrsecuremessaginglegacy
  http://www.shudnow.net/2010/04/08/exchange-2010-sp1-retention-policies/
  http://social.technet.microsoft.com/Forums/exchange/en-US/82c01e6e-0184-4d25-b803-45a604ca0c68/retention-policy-tag-problem

  By default there is no property on a message to identify a message is moved from one folder to another.Managed folder used to stamp a new property Moveddate on the message when the ContentSetting on the target folder was set to WhenMoved.
  WhenMoved functionality is not available with Retention Policy . You can raise your concern to make this functionality available by opening a ticket with support.