Bhargav's IT Playground

Passion for Technology. Power of Messaging.

Archive for February, 2010

Why can’t I remove a Role Group?

Feb 26

Posted by Bhargav in Exchange 2010 | No Comments

When you try to remove a role group using Remove-RoleGroup cmdlet and you get an error “You don’t have sufficient permissions. This operation can only be performed by a manager of the group.” You have verified that you are member of Organization Management group and should have full permissions to all cmdlets. And you wonder why is the Remove-RoleGroup not working for you!

Well, let’s look at the the error. As it says”…This operation can only be performed by a manager of the group…”. Let’s look at the Role Group:

Get-RoleGroup “Role Group| fl ManagedBy
 
 
Managed By: {Domain/OU/User}

When you look at the output, you will notice that your admin user is not one of the managers of the role group. By default, Remove-RoleGroup will not allow you to remove the role group if you are not a manager of the group. If the group does not have any assigned managers, you will be able to remove the group without any issues.

So how do you remove a role group you are not a manger of and have sufficient permissions (are member of Organization Management group)?

You need to use “BypassSecurityGroupManagerCheck” switch:

Remove-RoleGroup “Role Group” –BypassSecurityGroupmanagerCheck –Confirm:$false

If you use BypassSecurityGroupManagerCheck switch, you must be a member of Organization Management role group or be assigned the Role Management role. Details on TechNet.

Neat isn’t it?

Share

Tags: ,

PowerShell Variables and scopes

Feb 19

Posted by Bhargav in Exchange 2010, PowerShell | No Comments

I was helping someone with a profile script. The script is supposed to connect to a remote Exchange 2010 server using PowerShell v2.0 when it is launched.

The script had a function which is called upon when profile is loaded. The function looked like the following:

function connect-remotely()
 
{
      if ($server)
      {
            $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri http://$server/PowerShell/ -Authentication Kerberos
            Import-PSSession $Session
            write-warning 'Do not forget to run Remove-PSSession $Session'
      }
      else
      {
            $server = read-host "Server name"
            connect-remotely $server
      }
}

The $session variable in this instance gets created and populated within the function. The problem, however, is not visible until a bit later. When we were done with our remote session, we tried to remove session using Remove-PSSession $session but encountered an error which indicated that $session has null value.

Why did that happen? That’s where I needed to understand how scopes work. The PowerShell session is created when we launch PowerShell. When the function is executed, a child scope is created. The $session variable is created within child scope. All is fine until after the function completes execution and exits. At this time, $session variable value becomes null since the scope in which it was created is no longer applicable.

But wait, don’t we need the object stored in that variable to remove session successfully? We sure do. So how do we address this?

This can be accomplished using one of the two ways:

1. Define the variable as global. This will make the variable available in all scopes including the one created by function and the parent scopes. Here’s how you can do it:

$Global:Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri http://$server/PowerShell/ -Authentication Kerberos

2. Second option (I like it better) is to define scope. I used New-Variable as describe below when creating $session within function and scoping it to value of 1:

New-Variable -Name Session -Value (New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri http://$server/PowerShell/ -Authentication Kerberos) -Scope 1

When you scope any variable, value 0 means the scope in which it was created. 1 means parent scope, 2 is grand parent and so on. By defining scope of 1, I made the variable available to parent scope of the function which is where I was running Remove-PSSession. As anyone can guess, both methods allowed me to successfully remove session as the variable $session stayed behind populated instead of becoming null.

Hopefully this will help you understand how scope can help in certain situations. For better understanding of scopes, head out to TechNet as it contains lot more information about scopes which is not in scope of this post… get it? ;)

Share

Tags:

Upgrading Exchange 2007 MCTS / MCITP Certification to Exchange 2010 MCTS / MCITP

Feb 11

Posted by Bhargav in Exchange 2010 | 1 Comment

If you are like me who had previously earned MCTS or MCITP in Exchange 2007, you can now upgrade your certification to MCTS / MCITP Exchange 2010.

The certifications are as below:

Microsoft Certified Technology Specialist (MCTS): Microsoft Exchange Server 2010, Configuration

Microsoft Certified IT Professional (MCITP): Enterprise Messaging Administrator 2010

To earn your MCTS in Exchange 2010, you will need to pass exam 70-662. The MCTS certification is for Messaging Generalist who is responsible for maintenance and administration of Exchange 2010 servers in an enterprise environment. Don’t let the words get in your way, this exam also counts towards your MCITP certification. You can find skills measured and other details here.

To earn your MCITP in Exchange 2010, you will need to pass exam 70-663. The MCITP certification is for those responsible for the Exchange Messaging environment in an enterprise environment. If you are not a senior administrator or technical lead responsible for Exchange Messaging environment, passing the exam will still earn you MCITP which can help towards fulfilling your aspirations of becoming one. You can find skills measured and other details here.

I would highly recommend that you are familiar with the product and have some experience with the product before attempting these exams. There are many resources that can help you prepare for exam. I highly recommend making Exchange 2010 Documentation on TechNet your #1. It is constantly updated with current information and contains almost every detail you need to know as an IT Pro about the product. I will also recommend that you read Microsoft Exchange Team Blog. The blog is resource of very valuable information about not only Exchange Server 2010 but previous versions as well.

And for my status, I was lucky enough to attempt the exams when they were in beta and I did achieve passing score in both. Call me certifiable!

Good luck to you all who are planning for these exams.

Share

Tags: , , , ,