PowerShell 技能连载 - Exchange 管理技巧

在 PowerShell 中管理 Exchange 是一项重要任务,本文将介绍一些实用的 Exchange 管理技巧。

首先,让我们看看基本的 Exchange 操作:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
# 创建 Exchange 邮箱管理函数
function Manage-ExchangeMailbox {
param(
[string]$UserPrincipalName,
[string]$DisplayName,
[string]$Alias,
[string]$Database,
[ValidateSet('Create', 'Update', 'Delete', 'Disable', 'Enable')]
[string]$Action
)

try {
Import-Module ExchangeOnlineManagement

switch ($Action) {
'Create' {
New-Mailbox -UserPrincipalName $UserPrincipalName -DisplayName $DisplayName -Alias $Alias -Database $Database
Write-Host "邮箱 $UserPrincipalName 创建成功"
}
'Update' {
Set-Mailbox -Identity $UserPrincipalName -DisplayName $DisplayName -Alias $Alias
Write-Host "邮箱 $UserPrincipalName 更新成功"
}
'Delete' {
Remove-Mailbox -Identity $UserPrincipalName -Confirm:$false
Write-Host "邮箱 $UserPrincipalName 删除成功"
}
'Disable' {
Disable-Mailbox -Identity $UserPrincipalName -Confirm:$false
Write-Host "邮箱 $UserPrincipalName 已禁用"
}
'Enable' {
Enable-Mailbox -Identity $UserPrincipalName
Write-Host "邮箱 $UserPrincipalName 已启用"
}
}
}
catch {
Write-Host "Exchange 操作失败:$_"
}
}

Exchange 分发组管理:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
# 创建 Exchange 分发组管理函数
function Manage-ExchangeDistributionGroup {
param(
[string]$Name,
[string]$DisplayName,
[string[]]$Members,
[ValidateSet('Create', 'Update', 'Delete', 'AddMembers', 'RemoveMembers')]
[string]$Action
)

try {
Import-Module ExchangeOnlineManagement

switch ($Action) {
'Create' {
New-DistributionGroup -Name $Name -DisplayName $DisplayName
Write-Host "分发组 $Name 创建成功"
}
'Update' {
Set-DistributionGroup -Identity $Name -DisplayName $DisplayName
Write-Host "分发组 $Name 更新成功"
}
'Delete' {
Remove-DistributionGroup -Identity $Name -Confirm:$false
Write-Host "分发组 $Name 删除成功"
}
'AddMembers' {
Add-DistributionGroupMember -Identity $Name -Member $Members
Write-Host "成员已添加到分发组 $Name"
}
'RemoveMembers' {
Remove-DistributionGroupMember -Identity $Name -Member $Members -Confirm:$false
Write-Host "成员已从分发组 $Name 移除"
}
}
}
catch {
Write-Host "Exchange 分发组操作失败:$_"
}
}

Exchange 邮件规则管理:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
# 创建 Exchange 邮件规则管理函数
function Manage-ExchangeTransportRule {
param(
[string]$Name,
[string]$Description,
[string[]]$Conditions,
[string[]]$Actions,
[ValidateSet('Create', 'Update', 'Delete', 'Enable', 'Disable')]
[string]$Action
)

try {
Import-Module ExchangeOnlineManagement

switch ($Action) {
'Create' {
New-TransportRule -Name $Name -Description $Description -Conditions $Conditions -Actions $Actions
Write-Host "传输规则 $Name 创建成功"
}
'Update' {
Set-TransportRule -Identity $Name -Description $Description -Conditions $Conditions -Actions $Actions
Write-Host "传输规则 $Name 更新成功"
}
'Delete' {
Remove-TransportRule -Identity $Name -Confirm:$false
Write-Host "传输规则 $Name 删除成功"
}
'Enable' {
Enable-TransportRule -Identity $Name
Write-Host "传输规则 $Name 已启用"
}
'Disable' {
Disable-TransportRule -Identity $Name
Write-Host "传输规则 $Name 已禁用"
}
}
}
catch {
Write-Host "Exchange 传输规则操作失败:$_"
}
}

Exchange 邮箱权限管理:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
# 创建 Exchange 邮箱权限管理函数
function Manage-ExchangeMailboxPermission {
param(
[string]$Mailbox,
[string]$User,
[string[]]$AccessRights,
[ValidateSet('Grant', 'Revoke', 'Reset')]
[string]$Action
)

try {
Import-Module ExchangeOnlineManagement

switch ($Action) {
'Grant' {
Add-MailboxPermission -Identity $Mailbox -User $User -AccessRights $AccessRights
Write-Host "权限已授予 $User 访问 $Mailbox"
}
'Revoke' {
Remove-MailboxPermission -Identity $Mailbox -User $User -AccessRights $AccessRights -Confirm:$false
Write-Host "权限已从 $User 撤销访问 $Mailbox"
}
'Reset' {
Get-MailboxPermission -Identity $Mailbox | Where-Object { $_.User -ne "NT AUTHORITY\SELF" } | ForEach-Object {
Remove-MailboxPermission -Identity $Mailbox -User $_.User -AccessRights $_.AccessRights -Confirm:$false
}
Write-Host "邮箱 $Mailbox 的权限已重置"
}
}
}
catch {
Write-Host "Exchange 邮箱权限操作失败:$_"
}
}

Exchange 审计和报告:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
# 创建 Exchange 审计和报告函数
function Get-ExchangeAuditReport {
param(
[datetime]$StartDate,
[datetime]$EndDate,
[string]$ReportPath
)

try {
Import-Module ExchangeOnlineManagement

$report = @()

# 获取邮箱访问日志
$mailboxAccess = Search-UnifiedAuditLog -StartDate $StartDate -EndDate $EndDate -RecordType MailboxAccessed
$mailboxAccess | ForEach-Object {
[PSCustomObject]@{
Type = "Mailbox Access"
User = $_.UserIds
Mailbox = $_.MailboxOwnerUPN
Time = $_.CreationDate
IP = $_.ClientIP
}
}

# 获取邮件发送日志
$mailSent = Search-UnifiedAuditLog -StartDate $StartDate -EndDate $EndDate -RecordType Send
$mailSent | ForEach-Object {
[PSCustomObject]@{
Type = "Mail Sent"
User = $_.UserIds
Recipients = $_.Recipients
Time = $_.CreationDate
Subject = $_.Subject
}
}

$report = $mailboxAccess + $mailSent
$report | Export-Csv -Path $ReportPath -NoTypeInformation

return [PSCustomObject]@{
TotalEvents = $report.Count
MailboxAccess = $mailboxAccess.Count
MailSent = $mailSent.Count
ReportPath = $ReportPath
}
}
catch {
Write-Host "Exchange 审计报告生成失败:$_"
}
}

这些技巧将帮助您更有效地管理 Exchange。记住,在处理 Exchange 时,始终要注意安全性和性能。同时,建议使用适当的错误处理和日志记录机制来跟踪所有操作。

PowerShell 技能连载 - Exchange 管理技巧

http://blog.vichamp.com/2025/03/12/powershell-exchange-management/

作者

吴波

发布于

2025-03-12

更新于

2025-03-25

许可协议

评论