• State Not Answered
  • Locked Locked
  • Replies 6 replies
  • Subscribers 62 subscribers
  • Views 6041 views
  • Users 0 members are here
Options
Related
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Export mailbox of deprovisioned user in ARS 7.x

robert.eckdale
over 6 years ago

In previous versions of ARS v6.x I've been able run the following script to export an Exchange mailbox to a .pst file as part of a deprovisioning policy:

function onDeprovision($Request) {

# Check target object class
if ($Request.Class -ne "user") { return; }

# Get user information
$userLogon = $dirObj.Get("sAMAccountName")
if (($userLogon -eq $null) -or ($userLogon -eq "")) { return; }

$userSMTP = $dirObj.Get("mail")
if (($userSMTP -eq $null) -or ($userSMTP -eq "")) { return; }

$userGN = $dirObj.Get("givenName")
if (($userGN -eq $null) -or ($userGN -eq "")) { return; }

$userSN = $dirObj.Get("sn")
if (($userSN -eq $null) -or ($userSN -eq "")) { return; }

$dstPath = "\\myfileserver.acme.com\Deprovisioned-Users" + "\" + $userGN + "." + $userSN
$fileName = $userLogon + "_mbox.pst"
$jobName = $userLogon + "_mbox-export"

# Perform path testing
if (Test-Path -Path "$dstPath\$fileName") { return }
if (-not (Test-Path -Path $dstPath)) { New-Item -Path $dstPath -ItemType Directory -Force -Confirm:$false }

# Add PowerShell snapin for Exchange 2010 management
Add-PSSnapin -Name "Microsoft.Exchange.Management.PowerShell.E2010" -ErrorAction SilentlyContinue

# Submit Exchange Mailbox Export Request
New-MailboxExportRequest -Mailbox $userSMTP -FilePath "$dstPath\$fileName" -Name $jobName
} # End function onDeprovision

This process does not work in ARS v7.x which results in the following error:

Administrative Policy returned error. At line: 18 char:5. Exception calling "Get" with "1" argument(s): "The directory property cannot be found in the cache."

The error seems pretty explicit but for some reason I haven't been able to get this to work. I'm obviously doing something (or many things) wrong, any recommendations?

 

Secondary question: Does it make more sense to use a workflow for this?

  • 0 over 6 years ago
    as a troubleshooting step, I would recommend to execute the same script (calls to Exchange mailbox) on the same ARS server (under the ARS Service Account) explicitly.
    ARS 7.x got some changes the way it talks to Exchange. For example ARS 6.9 cannot read EX2016 mbx size and number of items, while ARS7.x can read it (though officially EX2016 is not supported yet)
  • 0 over 6 years ago
    The first thing I notice is the fact that you are loading the Exchange Snap-In in your script. This is really not a good idea - rather, you should establish a remote powershell session and then execute your export command.

    Architecturally, this is how AR does it now as well.
  • 0 over 6 years ago
    Thanks for the suggestion. I disabled the loading of the Exchange snap-in in the script and created a PSSession but still no dice.

    I should also point out that even after disabling the Exchange specific components of the script ARS is failing to even create the folder. I.E. Doesn't work at all.
  • 0 over 6 years ago
    Couple of things to verify (you've probably already thought of these):

    1) Does the AR service account have the rights to create the folders in the location you are specifying?
    2) Is the location resolvable from the AR server - i.e. using the AR service account, you login to the AR server and try to do a "net use" or similar to your location(s).

    This is puzzling because you said this script worked before.
  • 0 over 6 years ago
    All good suggestions...and it's not even that the script worked before, it works currently on my ARS v6.8 server (We're running v6.8 and v7.02 concurrently).

    The same service account is being used for both ARS servers so the account does have both Exchange and File Server permissions. To be clear though I did confirm both permissions and name resolution manually anyway .
  • 0 over 6 years ago

    So I've gotten a bit further. Here's the updated script:


    # Begin Script ----------------------------------------------------------------
    # Declare ARS event handler
    function onDeprovision($Request) {
    # Check target object class
    if ($Request.Class -ne 'User') { exit }

    # Get user information
    $userLogon = $Request.OriginalUserAccount.Get("sAMAccountName")
    if (($userLogon -eq $null) -or ($userLogon -eq "")) { return }

    $userGN = $Request.OriginalUserAccount.Get("givenName")
    if (($userGN -eq $null) -or ($userGN -eq "")) { return }

    $userSN = $Request.OriginalUserAccount.Get("sn")
    if (($userSN -eq $null) -or ($userSN -eq "")) { return }

    $dstPath = "\\fileserver.acme.com\Deprovisioned-Users\${userGN}.${userSN}"
    $fileName = "${userLogon}_mbox.pst"
    $jobName = "${userLogon}_ars-mbox-export"

    # Perform path testing
    if ((Test-Path -Path $dstPath) -eq $false) { New-Item -Path $dstPath -ItemType Directory -Force -Confirm:$false }
    if ((Test-Path -Path "${dstPath}\${fileName}") -eq $true) { throw "Exported mailbox .pst file already exists." }

    # Create PSSession to Exchange 2010 server
    $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri "mailserver.acme.com/.../" -Authentication Kerberos
    Import-PSSession $Session

    # Submit Exchange Mailbox Export Request
    New-MailboxExportRequest -Mailbox $userLogon -FilePath "${dstPath}\${fileName}" -Name $jobName

    # Close the remote powershell session
    Remove-PSSession $Session
    } # End function onDeprovision
    # End Script ------------------------------------------------------------------

     

    No error is thrown. The file server directory *does* get created but the mailbox export request does *not* get created.