Exchange Management Shell quick reference for Exchange 2013
Applies to: Exchange Server 2013
This topic describes the most frequently used cmdlets available in the release to manufacturing (RTM) and later versions of Microsoft Exchange Server 2013 and provides examples of their use.
Note
More content will be added about other areas of Exchange 2013 soon.
For more information about the Exchange Management Shell in Exchange 2013 and all the available cmdlets, see the following topics:
What would you like to learn about?
Common cmdlet actions
The following verbs are supported by most cmdlets and are associated with a specific action.
Verb | Description |
---|---|
New | The New verb creates an instance of something, such as a new configuration setting, a new database, or a new SMTP connector. |
Remove | The Remove verb removes an instance of something, such as a mailbox or transport rule. All Remove cmdlets support the WhatIf and Confirm parameters. For more information about these parameters, see Important Parameters. |
Enable | The Enable verb enables a setting or mail-enables a recipient. |
Disable | The Disable verb disables an enabled setting or mail-disables a recipient. All Disable tasks also support the WhatIf and Confirm parameters. For more information about these parameters, see Important Parameters. |
Set | The Set verb modifies specific settings of an object, such as the alias of a contact or the deleted item retention of a mailbox database. |
Get | The Get verb queries a specific object or a subset of a type of object, such as a specific mailbox, all mailbox users, or mailbox users in a domain. |
Important parameters
The following parameters help you control how your commands run and indicate exactly what a command will do before it affects data.
Parameter | Description |
---|---|
Identity | The Identity parameter identifies the unique object for the task. It's typically used with Enable, Disable, Remove, Set, and Get cmdlets. Identity is also a positional parameter, which means that you don't have to specify Identity when you specify the parameter's value on the command line. For example, Get-Mailbox -Identity user1 queries for the mailbox of user1. Get-Mailbox user1 is equivalent to Get-Mailbox -Identity user1 . |
WhatIf | The WhatIf parameter instructs the cmdlet to simulate the actions that it would take on the object. By using the WhatIf parameter, you can view what changes would occur without actually applying any of the changes. The default value is $true. |
Confirm | The Confirm parameter causes the cmdlet to pause processing and requires the administrator to acknowledge what the cmdlet will do before processing continues. The default value is $true. |
Validate | The Validate parameter causes the cmdlet to check that all prerequisites for running the operation are satisfied and that the operation will complete successfully. |
Tips and tricks
The following commands are associated with various tasks that you can use when administering Exchange 2013.
Cmdlet | Description |
---|---|
Get-Command |
This cmdlet retrieves all tasks that can be executed in Exchange 2013. |
Get-Command *keyword* |
This cmdlet retrieves tasks that have keyword in the cmdlet. |
Get-Task | Get-Member |
This cmdlet retrieves all properties and methods of Task. |
Get-Task | Format-List |
This cmdlet displays the output of the query in a formatted list. You can pipe the output of any Get cmdlet to Format-List to view the whole set of properties that exist on the object returned by that command, or you can specify individual properties that you want to view, separated by commas, as in the following example: Get-Mailbox john | Format-List alias,*quota* . |
Help Task |
This cmdlet retrieves Exchange Management Shell help information for any task in Exchange 2013, as in the following example: Help Get-Mailbox . |
Get-Task | Format-List > file.txt |
This cmdlet exports the output of Task to a text file: file.txt |
Permissions
Command | Description |
---|---|
Get-RoleGroupMember "Organization Management" |
This command retrieves the members of the Organization Management management role group. |
Get-ManagementRoleAssignment -Role "Mail Recipient Creation" -GetEffectiveUsers |
This command retrieves a list of all the users who are granted permissions provided by the Mail Recipient Creation management role. This includes users who are members of role groups or universal security groups (USGs) that are assigned the Mail Recipient Creation role. This doesn't include users who are members of linked role groups in another forest. |
Get-ManagementRoleAssignment -RoleAssignee Administrator | Get-ManagementRole | Get-ManagementRoleEntry |
This command retrieves a list of cmdlets that the user Administrator can run. |
ForEach ($RoleEntry in Get-ManagementRoleEntry *Remove-Mailbox -Parameters Identity) {Get-ManagementRoleAssignment -Role $RoleEntry.Role -GetEffectiveUsers -Delegating $False | Where-Object {$_.EffectiveUserName -Ne "All Group Members"} | FL Role, EffectiveUserName, AssignmentChain} |
This command retrieves a list of all the users who can run the Remove-Mailbox cmdlet. |
Get-ManagementRoleAssignment -WritableRecipient kima -GetEffectiveUsers | FT RoleAssigneeName, EffectiveUserName, Role, AssignmentChain |
This command retrieves a list of all users who can modify the mailbox of kima. |
New-ManagementScope "Seattle Users" -RecipientRestrictionFilter "City -Eq 'Seattle'" New-RoleGroup "Seattle Admins" -Roles "Mail Recipients", "Mail Recipient Creation", "Mailbox Import Export", -CustomRecipientWriteScope "Seattle Users" |
This command creates a new management scope and management role group to enable members of the role group to manage recipients in Seattle. First, the Seattle Users management scope is created, which matches only recipients who have Seattle in the City attribute on their user object. Then, a new role group called Seattle Admins is created and the Mail Recipients, Mail Recipient Creation, and Mailbox Import Export roles are assigned. The role group is scoped so that its members can manage only users who match the Seattle Users recipient filter scope. |
New-ManagementScope "Vancouver Servers" -ServerRestrictionFilter "ServerSite -Eq 'Vancouver'" $RoleGroup = Get-RoleGroup "Server Management" <br/><br/> New-RoleGroup "Vancouver Server Management" -Roles $RoleGroup.Roles -CustomConfigWriteScope "Vancouver Servers" |
This command creates a new management scope and copies an existing role group to enable members of the new role group to manage only servers in the Vancouver Active Directory site. First, the Vancouver Servers management scope is created, which matches only servers that are located in the Vancouver Active Directory site. The Active Directory site is stored in the ServerSite attribute on the server objects. Then, a new role group called Vancouver Server Management is created that's a copy of the Server Management role group. This new role group, however, is scoped to allow its members to manage only servers that match the Vancouver Servers configuration filter scope. |
Add-RoleGroupMember "Organization Management" -Member davids |
This command adds the user davids to the Organization Management role group. |
Get-ManagementRoleAssignment -Role "Mail Recipient Creation" -RoleAssignee "Seattle Admins" | Remove-ManagementRoleAssignment |
This command removes the Mail Recipient Creation role from the Seattle Admins role group. This command is useful because you don't need to know the name of the management role assignment that assigns the role to the role group. |
Remote Shell
Command | Description |
---|---|
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri http://ExServer.contoso.com/PowerShell/ -Authentication Kerberos Import-PSSession $Session |
These commands open a new remote Shell session between a local domain-joined computer and a remote Exchange 2013 server with the FQDN ExServer.contoso.com. Use this command if you want to administer a remote Exchange 2013 server and only have the Windows Management Framework, which includes the Windows PowerShell command-line interface, installed on your local computer. This command uses your current logon credentials to authenticate against the remote Exchange 2013 server. |
$UserCredential = Get-Credential $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri http://ExServer.contoso.com/PowerShell/ -Authentication Kerberos -Credential $UserCredential Import-PSSession $Session |
These commands open a new remote Shell session between a local domain-joined computer and a remote Exchange 2013 server with the FQDN ExServer.contoso.com. Use this command if you want to administer a remote Exchange 2013 server and only have the Windows Management Framework, which includes Windows PowerShell, installed on your local computer. This command uses credentials you specify explicitly to authenticate against the remote Exchange 2013 server. |
Remove-PSSession $Session |
This command closes the remote Shell session between a local computer and the remote Exchange 2013 server. |
Import-RecipientDataProperty -Identity "Tony Smith" -SpokenName -FileData ([System.IO.File]::ReadAllBytes('M:\AudioFiles\TonySmith.wma')) |
This command shows an example of the syntax required to import a file into a remote Exchange 2013 server using the FileData parameter on a cmdlet. The syntax encapsulates the data contained in the M:\AudioFiles\TonySmith.wma file and streams the data to the FileData property on the Import-RecipientDataProperty cmdlet. The FileData parameter accepts data from a file on your local computer using this syntax on most cmdlets. |
$SN = Export-RecipientDataProperty -Identity tonys@contoso.com -SpokenName |
This command shows an example of the syntax required to export a file from a remote Exchange 2013 server. The syntax encapsulates the data stored in the FileData property on the object returned by the cmdlet and then streams the data to your local computer. The data is then stored in the C:\tonysmith.wma file. Most cmdlets that output objects with a FileData property use this syntax to export data to a file on your local computer. |