Replacing Public Folder Permission groups with new mail groups - Powershell

Hi All,

I am looking to reduce the time it will take to replace the  mail groups with New groups on Exchange 2010 Public folders.

The time to complete this manualy would be over 15 weeks.

I am stuck on the following process:

We are wanting to apply the new security groups to the public folders below (please see attached script)

• Resecure the public folders with the new "Mail_" groups
• Does the public folder contain existing secuirty groups - If yes - Replace Groups with new "Mail_" equivalent group
• If No - Skip to creating a report on the changes to the secuirity groups on the public folders and review any errors during the process.

Thanks

param([string]$source = "*")

function GetGroupDetail
{
    param($targetgroup)

    $newname = "Mail_$($targetgroup.Name)"
    $usermembers=Get-ADGroupMember $targetgroup.Name | ? {$_.ObjectClass -eq "user"}
    $groupmembers=Get-ADGroupMember $targetgroup.Name | ? {$_.ObjectClass -eq "group"}
    $PrimarySmtp=get-distributiongroup $targetgroup.Name | select PrimarySmtpAddress
    $PrimarySmtpNew="$($targetgroup.Name)_new@uat.internal"
    $allEmail=get-distributiongroup $targetgroup.Name | select EmailAddresses
    $arr_allEmail = $allEmail.EmalAddresses.ToArray()
    $prxy_allEmail = ($arr.allEmail | select -exapand ProxyAddressString) -join ","
    $oldSmtpFinal = "'" + $prxy_allEmail + "','" + $PrimarySmtpNew + "'"
    $data=@{
        Name=$targetgroup.Name;
        NewName=$newname;
        DisplayName=$targetgroup.DisplayName;
        Description=$targetgroup.Description;
        Path=$targetgroup.DistinguishedName.Split(',',2)[1];
        Mail=$targetgroup.Mail;
        UserMembers=$usermembers;
        GroupMembers=$groupmembers;
        PrimarySmtpOld=$PrimarySmtp;
        PrimarySmtpNew=$PrimarySmtpNew;
        SmtpFinal=$oldSmtpFinal
    }
    $OutputObject = New-Object PSObject -Property $data
    Write-Output $OutputObject
}

function CreateGroup
{
    param($groupdetails)
    
    $newgroupname = "Mail_$($groupdetails.Name)"
    # Check whether the 'new' group already exists in AD, otherwise we don't want to re-create it!!!!!
    $LDAPPath = "LDAP://DC=uat,DC=internal"
    $seek= [System.DirectoryServices.DirectorySearcher] $LDAPPath
    $seek.Filter = "(&(name=$newgroupname)(objectcategory=group))"
    $result = $seek.FindOne()
    if ($result -eq $null){
        Write-Host "Create $newgroupname"
        New-ADGroup $newgroupname -Path $groupdetails.Path -GroupScope 2 -GroupCategory Distribution -Description $groupdetails.Description
        Enable-DistributionGroup -Identity $newgroupname
        $smtp = Get-DistributionGroup -Identity $newgroupname | select EmailAddresses
        $arr_smtp = $smtp.EmailAddresses.ToArray()
        $prxy_smtp = ($arr_smtp | select -ExpandProperty ProxyAddressString) -Join ","
        $smtp_final = "'" + $prxy_smtp + "','" + $groupdetails.PrimarySmtpOld + "'"
    }
}




# Ensure that the ActiveDirectory PowerShell module is loaded. 
#
Import-Module ActiveDirectory

# Get all mail enabled groups...
#$allmailgroups=Get-ADGroup -Filter * -Properties Mail,DisplayName,IsCriticalSystemObject,Description | ? {$_.IsCriticalSystemObject -ne "True" -and $_.GroupCategory -eq "Security" -and $_.Mail -like "*@*"}
$allmailgroups=Get-ADGroup -Identity "PhilTestGroup"  -Properties Mail,DisplayName,IsCriticalSystemObject,Description | ? {$_.IsCriticalSystemObject -ne "True" -and $_.GroupCategory -eq "Security" -and $_.Mail -like "*@*"}

# Iterate through each group in the mail enabled groups
foreach ($mailgroup in $allmailgroups){
    
    # Get specific group detail...
    $g=GetGroupDetail $mailgroup
    
    Write-Host -ForegroundColor Green $g.Name
    
    # Create the new group
    CreateGroup $g
    
    if ($g.GroupMembers -ne $null){
        foreach ($group in $g.GroupMembers){
            $tg=Get-ADGroup -Identity $group.Name -Properties mail
            if ($tg.mail -like "*@*"){
                # Mail enabled
                $tgd = GetGroupDetail $tg
                CreateGroup $tgd
                Add-ADGroupMember "Mail_$($g.Name)" "Mail_$($tgd.Name)"
            }
        }
    }
    Add-ADGroupMember "Mail_$($g.Name)" $g.UserMembers

}


There was also a report for groups 

########################################################
#
#      Script to create a report of security groups
#      that are email enabled.
#      
#      This report needs running via the exchange 2010
#      management shell.
#
########################################################



Import-Module ActiveDirectory
  
# REPORT PROPERTIES 
 # Path to the report 
  $reportPath = "c:\reports\"; 
 # Report name 
  $reportName = "groupreport"
# Path and Report name together 
$groupReport = $reportPath + $reportName + ".html" 
# Create and write Tabular report

$gpnames = get-adgroup -Filter * -properties mail,displayname,isCriticalSystemObject| where {$_.GroupCategory -Like "Security" -AND $_.isCriticalSystemObject -ne "True" -AND $_.mail -Like "*@*"}
# Create and write HTML Header of report 
$titleDate = get-date -uformat "%d-%m-%Y - %A" 
$header = " <html> <head> <meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'> <title>Group Report</title> <STYLE TYPE='text/css'> <!-- 
  td { 
   font-family: Tahoma; 
   font-size: 11px; 
   border-top: 1px solid #999999; 
   border-right: 1px solid #999999; 
   border-bottom: 1px solid #999999; 
   border-left: 1px solid #999999; 
   padding-top: 0px; 
   padding-right: 0px; 
   padding-bottom: 0px; 
   padding-left: 0px; 
  } 

  td.blank {
   padding-top: 0px; 
   padding-right: 0px; 
   padding-bottom: 10px; 
   padding-left: 0px;
  }

  body { 
   margin-left: 5px; 
   margin-top: 5px; 
   margin-right: 0px; 
   margin-bottom: 10px; 
   table { 
   border: thin solid #000000; 
  } 
  --> </style> </head> <body> <table width='100%'> <tr bgcolor='#CCCCCC'> <td colspan='6' height='25' align='center'> <font face='tahoma' color='#003399' size='4'><strong>Email enabled security group Report for $titledate</strong></font> </td> </tr> <tr><td colspan=3 align='right' bgcolor=#3300FF><font color=#FFFFFF size=3>Number of email enabled security groups:</font></td><td colspan=3 align='left'><font size=3>$($gpnames.count)</font></td></tr>" 
 Add-Content $groupReport $header 

# Connect to exchange 2010

#$Credentials = Get-Credential
#$ExSession = New-PSSession –ConfigurationName Microsoft.Exchange –ConnectionUri ‘http://sbspexchcas0.production.internal/PowerShell/?SerializationLevel=Full’ -Credential $Credentials –Authentication Kerberos
#Import-PSSession $ExSession


foreach ($group in $gpnames){
 
 # Variables used in the report
 # from AD
$gpname = $group.name
$gpcategory = $group.GroupCategory
$gpmail = $group.mail
$membersofgroup = Get-ADGroupMember $group
$arrayMembers = @()
$membersofgroup | % {$arrayMembers += $_.Name}


 # from exchange
$dgname = get-distributiongroup $group.Name
$dlmembers = $dgname.acceptmessagesonlyfrom


$dlonlyfrom = ""

foreach ($dlmember in $dlmembers)
{
    $dlonlyfrom += $dlmember.Name
}

#Write-Host $dlmembers.Count


$dlmembers2 = $dgname.acceptmessagesonlyfromdlmembers


$dlonlyfrom2 = ""

foreach ($dlmember2 in $dlmembers2)
{
    $dlonlyfrom2 += $dlmember2.Name
}


$Eaddress = $dgname.EmailAddresses
$emailaddressarray = @()
$Eaddress | % {$emailaddressarray += $_.ProxyAddressString}

 # Table per group

 $groupdetails = " <tr bgcolor=#CCCCCC> <td colspan=6 align='left'><font face='tahoma' color='#003399' size='4'><strong>GROUP NAME: $gpname</strong></font></td> </tr><tr><td colspan=2 bgcolor=#00CC33 width='33%' align='center'>Display Name</td> <td colspan=2 bgcolor=#00CC33 width='34%' align='center'>Group Type</td> <td colspan=2 bgcolor=#00CC33 width='33%' align='center'>Primary email address</td>  </tr> " 

Add-Content $groupReport $groupdetails

 # Create table data rows  

    $dataRow = " <tr bgcolor=#FFFFFF> <td colspan=2 width='33%'>$gpname</td> <td colspan=2 width='34%'>$gpcategory</td> <td colspan=2 width='33%' >$gpmail<BR><BR>Additional Addresses:<BR>$($emailaddressarray)</td>  </tr>" 

Add-Content $groupReport $datarow 

# Members and restrictions row header

    $rowheader = "<tr><td colspan=3 bgcolor=#00CC33 width='50%' align='center'>Members</td><td colspan=3 bgcolor=#00CC33 width='50%' align='center'>Restrictions</td> </tr>"
Add-Content $groupReport $rowheader

    $MRrowdata = "<tr><td colspan=3 bgcolor#FFFFFF width='50%'>$($arrayMembers)</td><td colspan=3 bgcolor#FFFFFF width='50%'>Receive emails only from: $dlonlyfrom <BR><BR>Receive emails only from distribution list members: $dlonlyfrom2 </td></tr><tr><td colspan=3><strong>Number of members: $($arrayMembers.count)</strong></td></tr>"

Add-Content $groupReport $MRrowdata

}


# Create footer

 $footer = "</table></body></html>"


Add-Content $groupReport $footer 
 
#Remove-PSSession $ExSession

Ryan Mangan | Ryanmangansitblog.wordpress.com | Help keep the forums tidy, if this has helped please mark it as an answer