我正在尝试设置一项服务,禁止用户通过远程PowerShell对Exchange服务器进行交换访问,并执行如下操作:
Set-CASMailbox -Identity usern -OwaEnabled $False
Set-CASMailbox -Identity usern -EwsEnabled $False
Set-CASMailbox -Identity usern -EcpEnabled $False
Set-CASMailbox -Identity usern -MapiEnabled $False
Set-CASMailbox -Identity usern -MapiBlockOutlookRpcHttp $True
Set-CASMailbox -Identity usern -EwsAllowMacOutlook $False
Set-CASMailbox -Identity usern -EwsAllowOutlook $False
//THIS ONE FAILS:
Set-CASMailbox -Identity usern -ActiveSyncBlockedDeviceIDs "USERSDEVICEID"
错误:找不到与参数名称“ActiveSyncBlockedDeviceIDs”匹配的参数。
当我从交换服务器本身执行Get-Command时, 在Set-CASMailbox接受的参数列表中显示ActiveSyncBlockedDeviceIDs,但是当我从我的c#执行Get-Command时远程服务器上的代码,它不会在参数列表中显示ActiveSyncBlockedDeviceIDs!我错过了什么吗? Set-CASMailbox命令行管理器在服务器上运行的那个和远程公开的命令行管理器之间是不同的?或者这个字段不受支持? (或者我应该通过未在交换服务器上执行的wcf服务来实现这一点的任何其他树?)
从远程服务器执行此操作的C#代码如下:(尝试...块等删除)
WSManConnectionInfo connectionInfo = new WSManConnectionInfo(
new Uri("http://" + server + "/Powershell/Microsoft.Exchange"),
"http://schemas.microsoft.com/powershell/Microsoft.Exchange",
credential);
Runspace runspace = RunspaceFactory.CreateRunspace(connectionInfo);
PowerShell ps = PowerShell.Create();
ps.Runspace = runspace;
//none of these seem to make any difference if i add them or not.
//ps.Commands.AddScript(@"Import-Module 'C:\Program Files\Microsoft\Exchange Server\V14\bin\RemoteExchange.ps1'");
//ps.Commands.AddScript(@"Add-PSSnapin Microsoft.Exchange.Management.PowerShell.E2010");
ps.Commands.AddScript(@"Get-Command");
runspace.Open();
var psResult = ps.Invoke();
//iterate through and find parameters for Set-CASMailbox
foreach (var res in psResult) {
if (res.Members["Name"].Value.ToString()=="Set-CASMailbox") {
foreach (var mem in res.Members) {
if (mem.Name == "ParameterSets") {
Console.WriteLine(mem.Value);
break;
}
}
}
}
输出列表或参数:
(ActiveSyncBlockedDeviceIDs不在那里,也就是ActiveSyncEnabledDeviceIDs)
[-Identity] <MailboxIdParameter>
[-ActiveSyncDebugLogging <Nullable`1>]
[-ActiveSyncEnabled]
[-ActiveSyncMailboxPolicy <MailboxPolicyIdParameter>]
[-DisplayName <String>]
[-DomainController <Fqdn>]
[-ECPEnabled]
[-EmailAddresses <ProxyAddressCollection>]
[-EwsAllowEntourage <Nullable`1>]
[-EwsAllowList <MultiValuedProperty`1>]
[-EwsAllowMacOutlook <Nullable`1>]
[-EwsAllowOutlook <Nullable`1>]
[-EwsApplicationAccessPolicy <Nullable`1>]
[-EwsBlockList <MultiValuedProperty`1>]
[-EwsEnabled <Nullable`1>]
[-HasActiveSyncDevicePartnership]
[-IgnoreDefaultScope]
[-ImapEnabled]
[-ImapEnableExactRFC822Size]
[-ImapMessagesRetrievalMimeFormat <MimeTextFormat>]
[-ImapSuppressReadReceipt]
[-ImapUseProtocolDefaults]
[-MAPIBlockOutlookNonCachedMode]
[-MAPIBlockOutlookRpcHttp]
[-MAPIBlockOutlookVersions <String>]
[-MAPIEnabled]
[-Name <String>]
[-OWAEnabled]
[-OwaMailboxPolicy <MailboxPolicyIdParameter>]
[-PopEnabled]
[-PopEnableExactRFC822Size]
[-PopMessagesRetrievalMimeFormat <MimeTextFormat>]
[-PopSuppressReadReceipt]
[-PopUseProtocolDefaults]
[-PrimarySmtpAddress <SmtpAddress>]
[-SamAccountName <String>]
[-ShowGalAsDefaultView]
[-Verbose]
[-Debug]
[-ErrorAction <ActionPreference>]
[-WarningAction <ActionPreference>]
[-ErrorVariable <String>]
[-WarningVariable <String>]
[-OutVariable <String>]
[-OutBuffer <Int32>]
[-WhatIf]
[-Confirm]
答案 0 :(得分:2)
终于回到了这个问题。 mjolinor的建议对我有所帮助。需要将服务帐户添加到适当的RBAC角色。 (我认为是交换经理)。之后,ActiveSyncBlockedDeviceIDs和ActiveSyncEnabledDeviceIDs显示在Set-CASMailbox命令的可用参数列表中。有趣的是,这些是唯一的2个缺失,并且在添加角色后仅出现了2个。