Guest User

Untitled

a guest
Mar 9th, 2016
311
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. $ErrorActionPreference = "SilentlyContinue"
  2. $WarningActionPreference = "SilentlyContinue"
  3.  
  4. $CheckPS = Get-Command Get-Mailbox
  5. If ($CheckPS.Name -ne "Get-Mailbox")
  6. {Write-Host "This script must be run using the Exchange Management Shell. Please close this PowerShell session, open the Exchange Management Shell, and then run the configuration script again." -back red -for black
  7. $ErrorActionPreference = "Continue"
  8. exit}
  9.  
  10. $ErrorActionPreference = "Continue"
  11. $WarningActionPreference = "Continue"
  12.  
  13. Get-ExchangeServer *>&1 | Out-Null
  14.  
  15. $DC = (Get-ADDomain).InfrastructureMaster
  16.  
  17. $LabDomain = (Get-AcceptedDomain | where {$_.DomainName -like "Lab*"}).DomainName.Domain.Substring(0,8)
  18.  
  19. $MBXServer = (Get-ExchangeServer | where-object {($_.ServerRole -like "Mailbox*") -and ($_.Name -eq $env:computername)}).Name
  20.  
  21. $LyncPool = "redpool.contoso.local"
  22.  
  23. Function VerifyPath1 {
  24. $filepath = Test-Path "C:\LabFiles\DigiCert_certs.zip"
  25. return $filepath
  26. }
  27.  
  28. Function Extract {
  29. if (VerifyPath1 -eq "True") {
  30.  
  31. $shell = new-object -com shell.application
  32. $zip = $shell.NameSpace("C:\LabFiles\DigiCert_certs.zip")
  33. foreach($item in $zip.items())
  34. {
  35. $shell.Namespace("C:\LabFiles").copyhere($item)
  36. }
  37.  
  38. } else {
  39.  
  40. write-host "The DigiCert_certs.zip file does not appear to be located in the C:\LabFiles folder. Please verify the file exists and rerun the script." -back red -for black
  41.  
  42. exit
  43.  
  44. }
  45. }
  46.  
  47. Extract
  48.  
  49.  
  50. #Importing the publicly trusted certificate and assigning services for Exchange Server
  51.  
  52. Write-Host "Importing the publicly trusted certificate and assigning services for Exchange Server" -back yellow -for black
  53.  
  54. $CertPath = "C:\LabFiles\certs\sip_" + $Labdomain + "_o365ready_com.cer"
  55.  
  56. Import-ExchangeCertificate -Server $MBXServer -FileData ([Byte[]]$(Get-Content -Path $CertPath -Encoding Byte -ReadCount 0)) | Out-Null
  57.  
  58. Start-Sleep -s 3
  59.  
  60. $Cert = Get-ExchangeCertificate | where {$_.Subject -like "CN=sip*"}
  61.  
  62. Enable-ExchangeCertificate -Thumbprint $Cert.Thumbprint -Service IIS,SMTP -Force
  63.  
  64. Start-Sleep -s 3
  65.  
  66. $password = ConvertTo-SecureString 'Pa$$w0rd' -asplaintext -force
  67.  
  68. [String]$CertThumb = $Cert.Thumbprint
  69.  
  70. Export-PfxCertificate -Cert cert:\LocalMachine\My\$CertThumb -ChainOption BuildChain -FilePath C:\LabFiles\LabCert.pfx -Password $password | Out-Null
  71.  
  72.  
  73. # Completing private certificate request and importing certificate
  74.  
  75. certreq -submit -config DC1.Contoso.local\Contoso-DC1-CA -attrib "CertificateTemplate:WebServer" C:\Scripts\PrivCertRequest.req C:\Scripts\PrivCert.cer | Out-Null
  76.  
  77. $CertPath = "C:\Scripts\PrivCert.cer"
  78.  
  79. Import-ExchangeCertificate -Server $MBXServer -FileData ([Byte[]]$(Get-Content -Path $CertPath -Encoding Byte -ReadCount 0)) | Out-Null
  80.  
  81. $PrivCert = Get-ExchangeCertificate | where {$_.Subject -like "CN=mail*"}
  82.  
  83. Get-ChildItem -Path C:\Scripts -Recurse | Where {$_.Name -like "Priv*"} | Remove-Item
  84.  
  85.  
  86. # Configure Outlook Web App for IM integration
  87.  
  88. Write-Host "Configure Outlook Web App IM integration" -back yellow -for black
  89.  
  90. Get-OwaVirtualDirectory -Server $MBXServer | Set-OwaVirtualDirectory -InstantMessagingType OCS -InstantMessagingEnabled $true
  91.  
  92. Get-OwaMailboxPolicy | Set-OwaMailboxPolicy -InstantMessagingEnabled $true -InstantMessagingType OCS
  93.  
  94. $filepath = "\\$MBXServer\C$\Program Files\Microsoft\Exchange Server\v15\ClientAccess\Owa\"
  95.  
  96. $file = "web.config"
  97.  
  98. $fileName = $filepath + $file
  99.  
  100. $tag = "<appSettings>"
  101.  
  102. $key1 = '<add key="IMCertificateThumbprint"' + ' value="' + $PrivCert.thumbprint + '" />'
  103.  
  104. $key2 = '<add key="IMServerName"' + ' value="' + $LyncPool + '" />'
  105.  
  106. $value = ($tag+"`r`n"+$key1+"`r`n"+$key2)
  107.  
  108. Copy-Item $filename ($filepath + $file + ".backup" + (Get-Date -format 'yyyy-MM-dd.hh.mm'))
  109.  
  110. (Get-Content $filename) | Foreach-Object {$_ -replace $tag,$value} | Set-Content $filename
  111.  
  112. C:\windows\system32\inetsrv\appcmd recycle apppool /apppool.name:"MSExchangeOWAAppPool" | Out-Null
  113.  
  114.  
  115. # Import certificate into Local Machine Certificate Store on TMG1, configure Firewall and Web Listener
  116.  
  117. Write-Host "Importing the publicly trusted certificate, configuring firewall and web listener on TMG1" -back yellow -for black
  118.  
  119. Get-PsSession | where {$_.ComputerName -eq "TMG1"} | Remove-PsSession
  120.  
  121. $username = "Admin"
  122.  
  123. $password = ConvertTo-SecureString 'Pa$$w0rd' -asplaintext -force
  124.  
  125. $cred = New-Object System.Management.Automation.PsCredential($username,$password)
  126.  
  127. New-PSDrive -Name TMG -PSProvider FileSystem -Credential $cred -Root \\TMG1\c$\LabFiles | out-null
  128.  
  129. Copy-Item C:\LabFiles\Labcert.pfx TMG:\
  130.  
  131. $PubCertThumbprint = (Get-ExchangeCertificate | where {$_.Subject -like "CN=sip*"}).Thumbprint
  132.  
  133. $sessionTMG = New-PSSession -ComputerName TMG1 -Credential $cred
  134.  
  135. Invoke-Command -Session $sessionTMG -ScriptBlock {
  136.  
  137. $certcmd = 'certutil -p Pa$$w0rd -importpfx C:\LabFiles\Labcert.pfx'
  138.  
  139. cmd.exe /c $certcmd | Out-Null
  140.  
  141. # Import lab rules xml file
  142.  
  143. $FPC = New-Object -ComObject FPC.root
  144. $array = $FPC.GetContainingArray()
  145. $LabTMGrules = "C:\LabFiles\LabTMGRules-$args.xml"
  146. $PolicyRules = $Array.ArrayPolicy.PolicyRules
  147. $PolicyRules.ImportFromFile($LabTMGrules,"")
  148. $Array.Save($True,$True)
  149.  
  150. # Update existing web listener certificate with public certificate
  151.  
  152. $FPC = New-Object -ComObject FPC.root
  153. $array = $FPC.GetContainingArray()
  154. $listener = $array.RuleElements.WebListeners | Where-Object {$_.Name -eq "Lab Services"}
  155. $LabCert = Get-ChildItem -Path cert:\LocalMachine\My | Where-Object {$_.Subject -like "CN=sip*"}
  156. $NewCertThumb = $LabCert.Thumbprint
  157. $MyServer= $FPC.GetContainingServer()
  158. $Listener.Properties.AppliedSSLCertificates.Remove(1)
  159. $NewCert = $MyServer.SSLServerCertificates | Where-Object { (([byte[]]$_.Hash | ForEach-Object { $_.ToString("X2") } ) -Join '' ) -eq $NewCertThumb}
  160. $Listener.Properties.AppliedSSLCertificates.Add($NewCert.Hash,"")
  161. $listener.Save($True,$True)
  162.  
  163. } -args $LabDomain | Out-Null
  164.  
  165. # Import certificate into Local Machine Certificate Store on member servers
  166.  
  167. Write-Host "Importing the publicly trusted certificate on member server(s)" -back yellow -for black
  168.  
  169. #If (Test-Connection -ComputerName VIS1 -Count 1 -Quiet) {
  170. #
  171. #Copy-Item C:\LabFiles\LabCert.pfx \\VIS1\C$\LabFiles
  172. #
  173. #Invoke-Command -ComputerName VIS1 -ScriptBlock {
  174. #
  175. # Import-PfxCertificate -FilePath C:\LabFiles\LabCert.pfx -Password $args[0] -CertStoreLocation cert:\localMachine\My
  176. #
  177. # } -args $password
  178. # }
  179. #Else {Write-Host "VIS1 not online"}
  180.  
  181. If (Test-Connection -ComputerName SRV1 -Count 1 -Quiet) {
  182.  
  183. Copy-Item C:\LabFiles\LabCert.pfx \\SRV1\C$\LabFiles
  184.  
  185. Invoke-Command -ComputerName SRV1 -ScriptBlock {
  186.  
  187. Import-PfxCertificate -FilePath C:\LabFiles\LabCert.pfx -Password $args[0] -CertStoreLocation cert:\localMachine\My | Out-Null
  188.  
  189. } -args $password
  190. }
  191. Else {Write-Host "SRV1 not online"}
  192.  
  193. Copy-Item C:\LabFiles\LabCert.pfx \\$DC\C$\LabFiles
  194.  
  195.  
  196. ""
  197. Write-Host "Complete" -back yellow -for black
RAW Paste Data