If your organization uses mailbox audit logging you will probably find it useful to automatically enable it when new mailboxes are created. This avoids the potential problem of mailboxes not being enabled manually when they are created by your help desk, and avoids you having to run regular scheduled scripts to enable auditing for new mailboxes.
This is achieved using the Scripting Agent, one of the cmdlet extension agents in Exchange Server 2013 and 2010.
If you have not already enabled the Scripting Agent you can find steps here. Don’t forget to distribute a ScriptingAgentConfig.xml file to all Exchange servers first.
To enable audit logging for new mailboxes create and distribute a ScriptingAgentConfig.xml file containing the following:
The important part is these lines, that will fire if the New-Mailbox or Enable-Mailbox cmdlet completes successfully. You can see that all it is really doing is running Set-Mailbox to enable auditing, just as you would manually in the Exchange management shell.
$mailbox = Get-Mailbox $Alias
Set-Mailbox $mailbox -AuditEnabled:$true
This config uses the Alias attribute of the mailbox, which is populated when a new mailbox is created.
When the mailbox creation process has completed you can verify that auditing has been enabled.
[PS] C:\>Get-Mailbox Alannah.Shaw | fl auditenabled
AuditEnabled : True
And that is basically it. As you can see using the Scripting Agent to automate this task is quite simple, yet powerful, and saves you a lot of administrative burden.