# -------------------------------------- # GRP2CAS # -------------------------------------- # # Evaluates the direct memebrs of a given group and applies restrictions to the Members # If User is member of that group, set the given option to $true otherwise false # groupname and parameter are mandantory. # # sample .\group2cas owaUsers owaenabled $true # # 20011012 Version 1.0 initial without logging etc # 20011013 Version 1.1 additional Parameter für parameter value # 20011013 Version 1.2 Logging with Start-Transcript added, IgnoreDefaultScope addiert, Handling group not found param ( [string]$groupname= $(throw "Parameter GROUPNAME as DN required"), # name of the group to check membership [string]$memberparameter = $(throw "Parameter $memberparameter required"), # parameters to run if memberof [string]$nomemberparameter = $(throw "Parameter $nomemberparameter required") # parameter to run if not member ) $starttime = get-date -Format yyyyMMdd-hhmmss Start-Transcript -Path "Logfile-grp2cas-$starttime.log" -Append Write-Host "GRP2CAS:Start" # $grouphash = @{} $group = Get-Group $groupname -IgnoreDefaultScope if ($group -eq $null){ Write-Error "GRP2CAS:Group $groupname not found" } else { Write-Host "GRP2CAS:Loading Group $groupname in dictionary" foreach ($dn in $group.members) { Write-Host "GRP2CAS:.. adding " $dn.distinguishedname $grouphash.add($dn.distinguishedname,$true) } Write-Host "GRP2CAS:Loading Mailboxes" $mblist = Get-CASMailbox -ResultSize unlimited -IgnoreDefaultScope foreach ($mb in $mblist ) { [string]$dn = $mb.DistinguishedName.tostring() write-host "..Processing" $dn -NoNewline # ([adsisearcher]"$dn").findone().properties.memberof if ($grouphash.ContainsKey($dn)) { Write-Host "... Member of: enabled" $command = "Set-CASMailbox -Identity `'$dn`' $memberparameter" } else { Write-Host "... NO Member of: Disable" $command = "Set-CASMailbox -Identity `'$dn`' $nomemberparameter" } write-verbose "Running $command" # Invoke-Expression -Command $command } } Write-Host "GRP2CAS:END" Stop-Transcript