Alright, let's continue with this. So, you have seen how we can enable the hosting mode in Exchange Server 2010 SP1 beta by using the installation with /hosting switch in the Part #1, the first look and also how to create a hosted organization/tenant in part #2. Now let us continue with creating a tenant mailbox in the tenant organization.
Do you remember how we do it in HMC? In order for us to create a mailbox for a tenant organization, we need to do the following,
- Use Hosted Active Directory to create a new user object.
- Use Hosted Email 2007 name space procedure to Mailbox enable the user using the appropriate user plan.
It isn't that bad really. Of course, there are a lot of stuff going on in the background when you call that 2 procedures such as address list stamping, checking for Offline Address Book (if it is not available, create it if it is a MAPI plan), apply the appropriate permissions, allocate the mailbox store resource, apply the user mailbox plan like quotas, stamping with the right email and the list goes on.
In Exchange Server 2010 SP1 beta, it isn't that different. The good news is that, it has been greatly simplified with just one cmdlet, that is New-Mailbox. This one cmdlet will create both the AD object as well as the mailbox. Sweet, eh? By introducing additional switch to the cmdlet for hosting mode, this one little cmdlet will do all the magic, well almost all. Let's go through the process first, then we will discuss more.
If you recall, in part #2, when we created a new tenant organization, each organization has it's own configuration unit in the Active Directory's configuration container and also it's own organization container with tons of other stuff like the Organization Admin groups and etc. (I will spend some time to blog about this in detail soon). Because of that, when we create a tenant mailbox, it is important to make sure we are creating the mailbox in the right organization context. To do that, the New-Mailbox cmdlet in hosting mode comes with a switch called -Organization. Here is a sample that allows you to create a new mailbox in our beloved tenant organization, AlpineSkihouse,
New-Mailbox -Organization AlpineSkiHouse -Name "John Doe" -UserPrincipalName firstname.lastname@example.org
Of course, there are a lot more parameters accepted by this cmdlet and I am putting in the least number of switches here. The above will prompt you for password and then it will proceed with creating the user. Once it is done, you get the following and you can proceed to logon to Outlook Web Access with this user already.
Let me highlight a few things here,
- The above will create an Active Directory User Object in the appropriate OU
- Insert the users into appropriate group
- Apply the appropriate AD permissions
- It then mailbox enable the user object
- The UserPrincipalName switch will be the email as well as the login name. You cannot use a different domain than the domain you put as the accepted domain for this tenant organization.
- It will find the default mailbox plan and apply the appropriate attributes
- It then apply the Email Address Policy and also the address list.
The above is by no mean the full list of what is being done. Now, notice that I didn't specify any mailbox database in the cmdlet. I want to take a moment to specially mention this. You can manually specify the database if you want but if you don't do that, it will utilize the Exchange Server 2010 mailbox provisioning load balancing mechanism to select the mailbox database. I think it is cool, however as hosters sometimes you want to have better control and you want to be able to track like HMC. In those situations, you may need to build your own logic to do that. For example, you can either run the tool periodically to discover the location of the database use by each organization and populate the report or find a way to retrieve what database right after the mailbox creation. Of course, there are tons of other ways to do it, I am just listing out 1-2 ways).
One more thing I should also highlight is this, we no longer need to fear RUS kicking in and re-stamp our address list like we did in the old HMC way. That's because Exchange Server 2010 SP1 beta has full segregation of that.
So, really, that's it, as simple as that. I really like the simplicity of this.
While I am on mailbox, I might as well talk about how to get and remove mailbox in the specific organization context.
Like New-Mailbox, the Get-Mailbox also has an additional -Organization switch. So, here is what you can do,
To get all the users in an organization
Get-Mailbox -Organization AlpineSkiHouse
To get a specific user in an organization
Get-Mailbox -Organization AlpineSkiHouse -Identity jdoe
Note: I don't even need to put in the full email address, the alias will do the job. I love it. 🙂
So, that's all good. What about removing a mailbox then? You will notice that in this SP1 beta, the remove-mailbox has no additional -Organization switch. So, if you try to delete a mailbox for a specific tenant user, you will get error like the following,
This is because it isn't operating in the right context and hence not able to locate the mailbox. Here is how you do it,
To remove a specific user in an organization
Get-Mailbox -Organization AlpineSkiHouse -Identity jdoe | Remove-Mailbox
Next stop, we will go more into the transport and address list.
Exchange Server 2010 SP1 Beta Hosting Deployment... Part #1 - The First Look
Exchange Server 2010 SP1 Beta Hosting Deployment... Part #2 - Creating New Organization
Exchange Server 2010 SP1 Beta Hosting Deployment