If you’ve arrived here, you are trying to run a script, and you cant;
[box]PS C:\Users\{User-name}> .\{script-name}.ps1
.\{script-name} : File C:\Users\{User-name}\{script-name} cannot be loaded because running scripts is disabled on this system. For more information, see about_Execution_Policies at
http://go.microsoft.com/fwlink/?LinkID=135170.
At line:1 char:1
+ .\{script-name}
+ ~~~~~~~~~~~~~~~~~~
+ CategoryInfo : SecurityError: (:) [], PSSecurityException
+ FullyQualifiedErrorId : UnauthorizedAccess
PS C:\Users\\{User-name}>[/box]
Solution
Execute the following command;
[box]Set-ExecutionPolicy -Scope Process -ExecutionPolicy Bypass[/box]
Then run your script.
THIS WILL ONLY WORK: While that PowerShell window is open, so don’t close it if you are running a lot of scripts.
I Want to Always be Able to Run Scripts?
OK you can either change the ‘Scope’ of that last command, from ‘Process’ to to ‘CurrentUser’, or ‘CurrentMachine’.
Process: The execution policy affects only the current Windows PowerShell process.
CurrentUser: The execution policy affects only the current user.
LocalMachine: The execution policy affects all users of the computer.
Or you can simply change the policy ‘Globally’;
[box]Set-ExecutionPolicy {Value}[/box]
Possible values are;
Restricted: Does not load configuration files or run scripts. Restricted is the default execution policy.
AllSigned: Requires that all scripts and configuration files be signed by a trusted publisher, including scripts that you write on the local computer.
RemoteSigned: Requires that all scripts and configuration files downloaded from the Internet be signed by a trusted publisher.
Unrestricted: Loads all configuration files and runs all scripts. If you run an unsigned script that was downloaded from the Internet, you are prompted for permission before it runs.
Bypass: Nothing is blocked and there are no warnings or prompts.
Undefined: Removes the currently assigned execution policy from the current scope. This parameter will not remove an execution policy that is set in a Group Policy scope.
Related Articles, References, Credits, or External Links
1. Make sure the user you will be performing the migration as, is in the right security groups, (Organizational Management and Recipient Management).
2. On the Legacy Exchange server download the PF-Migration-Scripts-v2 Then extract them to the servers C: drive.
3. Launch the Exchange Management Shell > Change to the script directory > Then create a folder name to folder size mapping file by running the Export-PublicFolderStatistics.ps1 script, supply the name of the file you want to create. (Here I use PublicFoldersStats.csv). Then supply the name of the server, (the legacy one, with the source public folders on it).
[box]
cd c:\Scripts
./Export-PublicFolderStatistics.ps1 PublicFoldersStats.csvMail-Server
[/box]
4. Create a Public Folder to Mailbox mapping file, by running the PublicFolderToMailboxMapGenerator.ps1 script, supply it with the maximum mailbox size (in bytes) Note: The Maximum size is 25GB. You will also need to supply the import file you created in step 3 (PublicFoldersStats.csv). Finally supply the name of the output file you wish to generate i.e. Folder2Mailbox.csv.
[box]
./PublicFolderToMailboxMapGenerator.ps1
[/box]
5. Open the last CSV file you created (Folder2Mailbox.csv) and take note of the TargetMailbox name. By default the first one is called Mailbox1, I’m changing it to Public-Folder-Mailbox and saving the change. Note: You may get more than one! If so take note of them all, or rename them accordingly.
6. Now copy the ‘Scripts’ Directory from your legacy 2010 Exchange server, to the new 2013 / 2016 Server.
7. Whilst still on the new Exchange 2013 / 2016 Server, you need to open a command shell, navigate to the scripts directory and then run the Create-PublicFolderMailboxesForMigration.ps1 script. Reply ‘A’ to run all the scripts, then supply the name of the mapping csv you created above, (Folder2Mailbox.csv). Supply the estimated concurrent users to this mailbox, and enter ‘Y’ to proceed. Now the public folder mailbox will be created.
(Note: Public folders are now in a Mailbox, NOT their own Mailbox database, as in older versions of Exchange).
[box]
cd c:\Scripts
./Create-PublicFolderMailboxesForMigration.ps1
[/box]
8. Next we need to create a ‘batch task’ much the same as when we migrate multiple mailboxes. This first command creates the task, and the second one sets it running. (Change the values in red to match your own).
Update: 05/08/16: Make sure you have a ‘mailbox database’ mounted on the source Exchange server before proceeding, or you may see the following problem.
It might say Queued for quite a while, don’t worry!
Check Public Folder Migration Progress Option 2 From EAC
Open the Exchange Admin Center website and logon. Navigate to recipients > Migration > View Details
10. If you were looking at the progress you will see its stops just before 100%, this is because you need to “Lock” the source public folder and let the migration complete. WARNING this will involve downtime, so warn your users, or do this next step out of hours.
To MAKE SURE you are ready, check either the progress report like so;
Or, re-run the progress command above and look for 95% completion and ‘Automatically suspending job’
DOWNTIME FROM THIS POINT ONWARDS
11. Go to the legacy Exchange 2010 server and ‘lock’ the source public folders for migration, and restart the service.
12. Now access to the legacy Public Folder Database is shut down, but before replication to the new Public Folder Mailbox can be completed you need to return to the new Exchange 2013 / 2016 server and run the following commands;
This can take a little time, I would wait least a couple of hours before proceeding (depending on your network topology, if you have a slow network or the Exchange 2010 server is on another network segment it may take longer).
Now to check the migration worked with a test user, and (provide everything is OK, unlock the Public Folders.
Log on as that user, (Outlook 2010 SP3 or Later.) Make sure the public folders are correct, you can expand them, the permissions are correct and you can create and delete entries.
It’s All Gone Wrong!
Don’t panic! You can remove the migration request with the following command;
Note: As per feedback (from Tobias Gebler) Test mail flow to your public folders, you may need to manually “Mail Enable” them before they function properly, In some cases you need to disable then re-enable them before they work properly.
14. Remember in Outlook Web App 2013 / 2016, public folders are not visible until you add them!
Note: If, (post Migration to Exchange 2016). Your users cannot access the public folders, see the following article.
File > Save As > Save the file as Users-Last-Logon.ps1 > Change the file type to ‘All Files’ >Save it in C:WindowsSystem32.
2. Open PowerShell, and execute the following commands;
[box]
cd c:WindowsSystem32
./Users-Last-Logon.ps1
[/box]
3. Navigate to c:WindowsSystem32 and locate the Users-Last-Logon.csv file.
4. Open the file in Excel, and you can sort the ‘Last Logon’ column, to get the users in the correct order.
Update 24/05/13
Email form reader ‘Simon’
I read your article “PowerShell – List All Domain Users and Their Last Logon Time” and it helped me out a lot. Thank your very much for this.
May i suggest to add a filter option on the script, in order to get more results. Currently the script limits the result to 1000. In my Environment there are more users than that.
I added $objstalesearcher.PageSize=4000 to the script, and i got all the users from my bomain.
Again, thank you very much for the script you provided. saved me tons of time !
Related Articles, References, Credits, or External Links
Earlier in the year, I had a problem with Certificate Services, every time it tried to issue a ‘user’ certificate it gave me an error because the user did not have an email address specified on their user object in AD. At the time I thought “I wish I know enough PowerShell, to just put an email address in all the users e-mail attribute”. So while building an 802.1x lab the same problem came up again, this time I had a bit more time to solve the problem.
Solution
OK, I’m the first to admit this is a ‘quick and dirty’ fix, it might not be what you want, but it may send you in the right direction. My test network had about 500 users and no Exchange etc, so my thought was, “Why not see if I can copy all the users UPN’s to the email address fields?”. Because even though they are not email addresses they look like them, and if I did have Exchange, then username@domain-name.domain-extention would work anyway, (unless I’d changed the addressing policy from the default).
1. Lets enumerate all the domain users, and see who has an entry in the email address field.
2. Either download this one, or use the following to create a PowerShell Script, and run it.
Populate “mail” attribute with UPN Import-Module ActiveDirectory.