How to Apply a Default Managed Folder Mailbox Policy to All Users in Exchange 2007

Thursday, July 8, 2010
Exchange 2007 provides a way for you to apply message retention settings to default and custom folders in user mailboxes.  This process is called Messaging Records Management (MRM) and is covered in pretty good detail here, so I won't go into details on how to configure MRM.

MRM is similar to the Mailbox Manager process in previous versions of Exchange, with one notable exception -- there is no built-in way to apply a Managed Folder Mailbox Policy to all Exchange 2007 users by default.  You must remember to apply the Managed Folder Mailbox Policy to new users when they are created.

I wrote a small Powershell script that will apply a Managed Folder Mailbox Policy to all Exchange 2007 users that do not already have a Managed Folder Mailbox Policy configured.  The script also writes an event to the Windows Application event log so you know it ran successfully.  Copy the script to any Exchange 2007 server and run it as a Scheduled Task.

Here's the 5-line script, called Set-DefaultManagedFolderMailboxPolicy.ps1, wrapped for clarity:
Get-Mailbox -RecipientTypeDetails UserMailbox -ResultSize unlimited | Where-Object {$_.ManagedFolderMailboxPolicy -eq $null} | Set-Mailbox -ManagedFolderMailboxPolicy "Default mailbox policy" -ManagedFolderMailboxPolicyAllowed
$EventLog = new-object System.Diagnostics.EventLog('Application')
$EventLog.MachineName = "."
$EventLog.Source = "Set-DefaultManagedFolderMailboxPolicy"
$EventLog.WriteEntry("Set-DefaultManagedFolderMailboxPolicy.ps1 has configured the 'Default mailbox policy' for new Exchange 2007 user mailboxes.","Information",100)
The first line (in red) is where the actual work is done.  You can see there are three parts to this one-liner:
  • The first part gets all the Exchange 2007 (or Exchange 2010) user mailboxes.  This is useful for mixed Exchange 2003/2007 environments because MRM policies only apply to 2007/2010 mailboxes.
  • The second part filters the collection to only include user mailboxes that do not have a Managed Folder Mailbox Policy already configured (is null).
  • The third part assigns the Default Mailbox Policy to the filtered collection of mailboxes.  Note the -ManagedFolderMailboxPolicyAllowed parameter.  This parameter applies the policy without prompting the following confirmation:
Confirm

When assigning a managed folder mailbox policy with managed custom folders to the mailbox "contoso.com/Users/Jeff Guillet", Outlook clients older than Outlook 2007 do not have all available client features and clients older than Outlook 2003 SP2 are not supported. You may use the "Set-CASMailbox" task to enable client version blocking. Are you sure you want to assign a managed folder mailbox policy to this mailbox?

[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):
Normally, you would suppress a confirmation prompt like this using the -confirm:$false parameter, but that doesn't work for the -ManagedFolderMailboxPolicy parameter for some reason.
 
The remaining four lines (in blue) are used to write the event to the Application event log.
 
Save the script above as Set-DefaultManagedFolderMailboxPolicy.ps1 in C:\Scripts on the Exchange 2007 server where it will be run.  Now we need to create a Windows scheduled task.
  • Configure the task to run the following program: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe with the following arguments: -PSConsoleFile "C:\Program Files\Microsoft\Exchange Server\bin\exshell.psc1" -command ". C:\Scripts\Set-DefaultManagedFolderMailboxPolicy.ps1"
  • Configure the task to Run whether user is logged on or not using a service account that has at least Exchange Recipient Administrator rights.
  • Schedule the task to run daily at least one hour before the the Managed Folder Mailbox Policy is scheduled to run.

6 comments:

  1. Works great.

    Thank you !

    ReplyDelete
  2. Great Script Jeff. I am just now getting into MRM

    ReplyDelete
  3. Jeff,

    Great post! Thanks for sharing
    I have a question. I need to apply a managed folder policy as follow:
    1. Managers OU: Deleted items retention will be for 6 months
    2. The rest of users in the Organization Deleted items retention will be for 1 month

    How can I do to run your script and exclude the Managers OU so they don't get affected by the 1 month retention policy I need to apply to the rest of the Organization?

    Thanks a lot in advance!

    ReplyDelete
    Replies
    1. You can apply different policies to different groups. You'll just need to modify the Where-Object filters to apply to different groups. I don't have time to write a sample, but you should find some examples on Script Center.

      Delete
  4. Jeff,

    Thanks so much for your prompt response! It is greatly appreciated
    I will figure it out

    Best Regards,
    F

    ReplyDelete

Thank you for your comment! It is my hope that you find the information here useful. Let others know if this post helped you out, or if you have a comment or further information.