The Scripting Agent is one of the cmdlet extension agents in Exchange Server 2013 (and 2010 for that matter). You can read more about cmdlet extension agents here, but in short they allow administrators to extend the functionality of PowerShell cmdlets by creating additional actions that are performed when a cmdlet is used.
One of the best examples, as well as being a common use, of the Scripting Agent is to extend the New-Mailbox and Enable-Mailbox cmdlets to automatically perform additional configuration tasks for new mailboxes as they are created.
For example, when a new mailbox is created automatically enable mailbox audit logging, or automatically disabled protocols such as POP and IMAP.
Enabling the Script Agent takes effect for the entire Exchange organization, so the first step is to deploy the Script Agent configuration file to each of your Exchange servers. This is a simple task if you use the PowerShell script that I’ve made available here.
If you need a placeholder config file before you’ve configured any actual actions this simple three line XML will do the trick.
The next step is to enable the Scripting Agent. You can view the existing cmdlet extension agent configuration using Get-CmdletExtensionAgent.
[PS] C:\>Get-CmdletExtensionAgent | ft name,enabled -auto Name Enabled ---- ------- Admin Audit Log Agent True Scripting Agent False Mailbox Resources Management Agent True OAB Resources Management Agent True Query Base DN Agent True Provisioning Policy Agent True Rus Agent True Mailbox Creation Time Agent True
To enable the Scripting Agent use Enable-CmdletExtensionAgent.
[PS] C:\>Enable-CmdletExtensionAgent "Scripting Agent"
For an example of Script Agent config files check out how to enable mailbox audit logging automatically for new mailboxes.
hello
is there is way to get a list of users in the Send AS or FULL part of a generic mailbox
The Real Person!
The Real Person!
Yes.
https://www.practical365.com/list-users-access-exchange-mailboxes/
That will help with the full access permissions. Send As is an AD permission, so you would need to use Get-ADPermission for that.
Hi Paul, excellent article outlining this scripting agent. I’m wondering, do you think this could be coupled with the new-mailboximportrequest somehow? Right now I have a scheduled task which calls a powershell script that imports the contents of a pst file into newly created mailboxes, but it looks like using this scripting agent might fit the bill. Any chance you could point me in the right direction? Thanks.
The Real Person!
The Real Person!
Possibly. I suppose you could use the agent to fire the new-mailboximportrequest command, but maybe it will run into permissions issues because there is a specific impersonation right required for those import requests.
Still… the only way you’ll find out is to try it.
Hi Paul,
Please help me to sort out exchange 2010 SP3 issue. Getting below mention error while modifying mailbox settings.
——————————————————–
Microsoft Exchange Warning
——————————————————–
The following warning(s) occurred while saving changes:
Set-Mailbox
Completed
Warning:
The cmdlet extension agent with the index 3 has thrown an exception in OnComplete(). The exception is: System.Net.WebException: The underlying connection was closed: An unexpected error occurred on a receive. —> System.IO.IOException: Unable to read data from the transport connection: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond. —> System.Net.Sockets.SocketException: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond
at System.Net.Sockets.NetworkStream.Read(Byte[] buffer, Int32 offset, Int32 size)
— End of inner exception stack trace —
at System.Net.Sockets.NetworkStream.Read(Byte[] buffer, Int32 offset, Int32 size)
at System.Net.FixedSizeReader.ReadPacket(Byte[] buffer, Int32 offset, Int32 count)
at System.Net.Security._SslStream.StartFrameHeader(Byte[] buffer, Int32 offset, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security._SslStream.StartReading(Byte[] buffer, Int32 offset, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security._SslStream.ProcessRead(Byte[] buffer, Int32 offset, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.TlsStream.Read(Byte[] buffer, Int32 offset, Int32 size)
at System.Net.PooledStream.Read(Byte[] buffer, Int32 offset, Int32 size)
at System.Net.Connection.SyncRead(HttpWebRequest request, Boolean userRetrievedStream, Boolean probeRead)
— End of inner exception stack trace —
at System.Web.Services.Protocols.WebClientProtocol.GetWebResponse(WebRequest request)
at System.Web.Services.Protocols.HttpWebClientProtocol.GetWebResponse(WebRequest request)
at Microsoft.Exchange.SoapWebClient.CustomSoapHttpClientProtocol.GetWebResponse(WebRequest request)
at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
at Microsoft.Exchange.SoapWebClient.CustomSoapHttpClientProtocol.c__DisplayClass4.b__3()
at Microsoft.Exchange.SoapWebClient.HttpAuthenticator.NetworkServiceHttpAuthenticator.AuthenticateAndExecute[T](SoapHttpClientProtocol client, AuthenticateAndExecuteHandler`1 handler)
at Microsoft.Exchange.SoapWebClient.SoapHttpClientAuthenticator.AuthenticateAndExecute[T](SoapHttpClientProtocol client, AuthenticateAndExecuteHandler`1 handler)
at Microsoft.Exchange.SoapWebClient.EWS.ExchangeServiceBinding.FindFolder(FindFolderType FindFolder1)
at Microsoft.Exchange.ProvisioningAgent.MailboxLoggerFactory.EwsMailer.GetAdminAuditLogsFolder(ADUser adUser)
at Microsoft.Exchange.ProvisioningAgent.MailboxLoggerFactory.EwsMailer..ctor(OrganizationId organizationId, ADUser adUser, ExchangePrincipal principal)
at Microsoft.Exchange.ProvisioningAgent.MailboxLoggerFactory.Create(OrganizationId organizationId, ADUser mailbox, ExchangePrincipal principal)
at Microsoft.Exchange.ProvisioningAgent.AdminLogAgentClassFactory.ConfigWrapper.get_MailboxLogger()
at Microsoft.Exchange.ProvisioningAgent.AdminLogProvisioningHandler.OnComplete(Boolean succeeded, Exception e)
at Microsoft.Exchange.Provisioning.ProvisioningLayer.OnComplete(Task task, Boolean succeeded, Exception exception)
——————————————————–
OK
——————————————————–
Pingback: Using Exchange Server 2013 Mailbox Audit Logging