Books for you

Next, create a new computer
object and set the common name and sAMaccountName properties. The setInfo() command
commits the in - memory computer object and creates a disabled computer object in AD. To
enable the account, the UserAccountControl property is set to 4096. Finally, the DNSHostName
property is set to the DNS name of the host.
$objOU=[ADSI] ???LDAP://$dc3/ou=ExchangeServers,dc=$dc1,dc=$dc2???
$CMS_Name=???MB100CCR???
$CMS_SAM_Name=???MB100CR$???
$objCMS = $objOU.Create(???Computer???,???cn=$CMS_Name???)
$objCMS.put(???sAMAccountName???, ???$CMS_SAM_Name???)
$objCMS.setinfo()
$objCMS.put(???UserAccountControl???,???4096???)
$objCMS.setinfo()
$objCMS.put(???DNSHostName???,$CMS_Name+???.???+$dc1+???.???+$dc2)
$objCMS.setinfo()
2. Next, assign rights for the cluster service account to the new CMS AD object:
#Read Permissions
Add-ADPermission -Identity
???cn=$CMS_Name,ou=exchangeservers,dc=exchangeexchange,dc=local??? -User exchexch\svcmb001
-AccessRights readcontrol -InheritanceType none
#List Contents
Add-ADPermission -Identity
???cn=$CMS_Name,ou=exchangeservers,dc=exchangeexchange,dc=local??? -User exchexch\svcmb001
-AccessRights listchildren -InheritanceType none
#Read Property
Add-ADPermission -Identity
???cn=$CMS_Name,ou=exchangeservers,dc=exchangeexchange,dc=local??? -User exchexch\svcmb001
-AccessRights ReadProperty -InheritanceType none
#List Object
Add-ADPermission -Identity
???cn=$CMS_Name,ou=exchangeservers,dc=exchangeexchange,dc=local??? -User exchexch\svcmb001
-AccessRights ListObject -InheritanceType none
#Control Access
Add-ADPermission -Identity
???cn=$CMS_Name,ou=exchangeservers,dc=exchangeexchange,dc=local??? -User exchexch\svcmb001
-AccessRights ExtendedRight -InheritanceType none
(continued)
Part III: Working with PowerShell in a Production Environment
344
#Write Property - Logon Information
Add-ADPermission -Identity
???cn=$CMS_Name,ou=exchangeservers,dc=exchangeexchange,dc=local??? -User exchexch\svcmb001
-AccessRights WriteProperty -Properties User-Logon -InheritanceType none
#Write Property - Description
Add-ADPermission -Identity
???cn=$CMS_Name,ou=exchangeservers,dc=exchangeexchange,dc=local??? -User exchexch\svcmb001
-AccessRights WriteProperty -Properties description -InheritanceType none
#Write Property - sAMAccountName
Add-ADPermission -Identity
???cn=$CMS_Name,ou=exchangeservers,dc=exchangeexchange,dc=local??? -User exchexch\svcmb001
-AccessRights WriteProperty -Properties sAMAccountName -InheritanceType none
#Write Property - Account Restrictions
Add-ADPermission -Identity
???cn=$CMS_Name,ou=exchangeservers,dc=exchangeexchange,dc=local??? -User exchexch\svcmb001
-AccessRights WriteProperty -Properties User-Account-Restrictions -
InheritanceType none
#Validated write to DNS host name
Add-ADPermission -Identity
???cn=$CMS_Name,ou=exchangeservers,dc=exchangeexchange,dc=local??? -User exchexch\svcmb001
-accessrights self -Properties DNS-Host-Name -InheritanceType none
#Validated write to service principal name
Add-ADPermission -Identity
???cn=$CMS_Name,ou=exchangeservers,dc=exchangeexchange,dc=local??? -User exchexch\svcmb001
-accessrights self -Properties Service-Principal-Name -InheritanceType none
Installing the Mailbox Server Role on the Primary Node
At this point the cluster is finished, but Exchange has not yet been installed.


Pages:
464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488