top of page
Screenshot 2023-10-19 145811.png

PowerShell Exchange remove old invalid SMTP addresses that stop migrations to EXO

Updated: Feb 12

During client engagements I often find that basic admin tasks can be overlooked in companies that go through mergers and acquisitions. Teams are often overwhelmed with integrating new accounts and consolidating users to the main company email domain. The result are objects in Active Directory with old stale properties such as old SMTP addresses, which, will stop mailbox migrations.

The two scripts below will first create a CSV based on an array that contains all your valid domains


$validDomains = @("contoso1.com","contoso2.com","etc")

 

The CSV should be checked but will contain all mailboxes and identify items in “Proxyaddresses” and mark the valid = YES or not valid = NO


1_FindAllowedDomains.ps1

<# Script create CSV of up to date distribution lists and find accepted domains 1_FindAllowedDomains.ps1 20/11/23 Jason.Hearse@AzurePremium.com (Get-ADForest).domains #> #Import-module activedirectory cls write-host -ForegroundColor Green START $a=1; $b=1; $c=1; $displaycount=0; $FailredEmail = @() $SuccessEmail = @() $summary = @() $VerbosePreference = "Continue" $result = @() $data = @() $data2 = @() $whitelist = @() $Emails =@() $item = '' $users = @() $Report1 = @() $group = '' $groups = $null $members = '' $folder = '<USERDirectory>\Exchange\scripts\removeSMTPAlias\' $logfolder = $folder+'logs' write-host -ForegroundColor Yellow Create new CSV of Distribution Lists all_proxyaddresses.csv Get-ADgroup -filter "GroupCategory -eq 'Distribution'" -Properties *| select name, @{Name=’proxyAddresses’;Expression={$_.proxyAddresses -join ';'}} | Export-Csv $folder'all_proxyaddresses.csv' -NoTypeInformation $validDomains = @("contoso1.com","contoso2.com","etc") $data = @() $groups = import-csv $folder'all_proxyaddresses.csv' ForEach($user in $groups) { $SMTPAddressList = $user.proxyaddresses $SMTPAddressList = ($SMTPAddressList -split ';') foreach ($SMTPAddress in $SMTPAddressList) { if ($SMTPAddress -like "smtp:*") { Write-Host -ForegroundColor Yellow $SMTPAddress $email = $SMTPAddress $SMTPAddress = (($SMTPAddress -split '@')[1]) Write-Host -ForegroundColor green $SMTPAddress $Property = [Ordered]@{ Name = $User.Name SMTP = $email domain = $SMTPAddress Allowed = "Yes" } if ($validDomains -notcontains $property.domain) { $Property.allowed = "No" } $row = New-Object -TypeName psobject -Property $Property $data+=$row #End IF } } } #fe $data| select-object name,smtp,domain,allowed |Export-Csv -Path $folder'allowedDomains.csv' -NoTypeInformation -Encoding UTF8 -Force



The second script will take the CSV and remove all items from “Proxyaddresses” that equal “NO”


2_RemoveSMTPAlias.ps1


<#
Script update CSV of up to date distribution lists
to remove old Domains

2_RemoveSMTPAlias.ps1

15/09/23

Jason.Hearse@AzurePremium.com

#>
#Import-module activedirectory

Add-PSSnapin Microsoft.Exchange.Management.PowerShell.SnapIn
cls
write-host -ForegroundColor Green START
$a=1;
$b=1;
$c=1;
$displaycount=0;
$FailedEmail = @()
$SuccessEmail = @()
$summary = @()
$VerbosePreference = "Continue"
$result = @()
$data = @()
$data2 = @()

$whitelist = @()
$Emails =@()

$item = ''
$users = @()
$Report1 = @()

$group = ''
$groups = $null
$members = ''
$folder = 'C<userdirectory>\Exchange\scripts\removeSMTPAlias\'
$logfolder = $folder+'logs'

#####

$domainFQDN = "contoso.com"
$date = $([System.DateTime]::Now)
$reportdate = $date.ToString("yyyy_MM_dd_HH_mm_ss")

#####

$MailboxNames = $folder+'allowedDomains.csv'

Import-Csv $MailboxNames | foreach {
    $name = $_.name
    $smtp = $_.smtp
    $allowed = $_.allowed

    if ( $allowed -eq "no" ) 
    {
    try
        {
        
        $DLGroup = get-adgroup $name -Properties proxyAddresses
        $DLgroup.proxyAddresses.Remove($smtp)
        Set-ADgroup -instance $DLgroup

        Write-Host "Distribution List '$name' removed '$smtp' successfully." -ForegroundColor Green
        $SuccessEmail += $name+','+$smtp 

        } # end try
    catch
        {

        Write-Warning "[ERROR] with group $name : $_"
        $FailedEmail += $name+" - "+$_.Exception.Message

        } # end catch

    } #end if
   
} # fe

#####
if ( !(test-path $LogFolder)) {
    Write-Verbose "Folder [$($LogFolder)] does not exist, creating"
    new-item $LogFolder -Force 
    }

Write-verbose "Writing logs"
$failedemail |ForEach-Object {"$($b),$($_)"; $b++} | out-file -FilePath  $LogFolder\Failed_$reportdate.log -Force -Verbose
$successemail | ForEach-Object {"$($a),$($_)"; $a++} |out-file -FilePath  $LogFolder\success_$reportdate.log -Force -Verbose

write-host -ForegroundColor Green STOP

As with all my scripts that remove live items from Active Directory objects the logging is important, the log directory will show success and fails.

 

Success log would be the rollback information should that be needed.

 

Fail will give a reason for not removing the item and will need investigation.


As with all scripts ensure you understand the code before running.





Comments


bottom of page