I’ve previously written a blog post demonstrating how to automate the sending of welcome messages to new users in an on-premises environment. A similar technique can be used in a hybrid environment (when an organisation is using a mixture of on-premises Exchange servers and Exchange Online), but due to the time it can take to create the mailbox in EXO some modifications must be made.
Using New-RemoteMailbox and Enable-RemoteMailbox
For on-premises installations, we can use a scripting agent to hook into Exchange and run some extra commands when specific cmdlets are run (in this case, we look for any cmdlet that creates a mailbox). This option isn’t available in EXO, but so long as mailboxes are created from the on-prem side (e.g. using New-RemoteMailbox or Enable-RemoteMailbox) then we can still use the scripting agent for automation. The limitation of this approach is that it won’t work for any users created directly in Exchange Online (which is something I will look into for a future post).
When New-RemoteMailbox is run, it can take some time for the mailbox to be created in EXO. Before the creation process is complete, it isn’t possible to send an email to that mailbox, which means that we can’t generate the welcome message immediately after the cmdlet is run (it will bounce). The simplest way to resolve this is to move the email sending to a scheduled task, which runs once daily to send welcome emails to all new mailboxes created that day (you can adjust the schedule to suit your needs, but once daily seems reasonable for a welcome email task).
Automating the Welcome Email
To keep track of new mailboxes, the scripting agent now writes the primary SMTP address or UPN to a text file, and it is this that is used by the scheduled task to send emails. The scheduled task simply sends the welcome email to each user in the list, and then removes them from the list.
The steps for setting this up in my lab, with sample code, are detailed below.
- Create a file-share that is accessible by all Exchange servers to be used for the queue file. Ensure permissions are set so that Exchange and the scheduled task can read and write this file – the easiest way to do this is to create a blank text file for the queue, and set permissions directly on that (assuming the folder is accessible). In my environment, the queue file is located on one of the Exchange servers (\SRV-EX16\Queue\NewMailboxQueue.txt). You’ll also need to check the permissions on the log file if you enable that (Exchange will access these files using a system account, so if it creates the files then you won’t be able to edit them as a user, most likely – I encountered this issue during testing).
- Update the scripting agent so that it will write to the queue file created in step 1, and then deploy this to all Exchange servers in the on-premises organisation. Once this is done, you should see new mailboxes being added to the queue file whenever they are created (whether on-prem or EXO).
- Create the mailbox from which the welcome messages will be sent (this mailbox will remain empty, but is required for the script to work as it sends messages as this mailbox).
- Update the PowerShell script that processes the queue file so that it reads the same queue file defined in step 1, and also update the welcome message as desired (to see how to do this, please refer to my previous blog post).
- Save the welcome message automation script and related files on the machine which will run the scheduled task. In my lab, I used an Exchange server for this, but this isn’t necessary and the script could be set up to run on any machine (so long as it has access to the queue file).
- Export the credentials needed to connect to Exchange PowerShell (the welcome message sending script needs to connect to Exchange PowerShell, and needs credentials for this – it only needs access to Get-Mailbox). You’ll need to export the credentials using the same account that you use to run the scheduled task in step 6, as credentials stored using export-clixml are encrypted to the user account that stored them. To store the credentials:
Get-Credential | export-clixml “c:\Welcome Message Automation\cred.xml”
- Set up the scheduled task to run the script set up in step 4 on the schedule you’d prefer. In a production environment, you’d want to sign the scripts, but in my lab I am using a batch file and two PowerShell scripts to bypass signature requirements. I configured the script to run at midnight:
That should be it, all that needs to be done now is to test. You can do this without needing to wait until midnight by creating two new mailboxes (one on-premises and one in Exchange Online), waiting until both mailboxes have been created (for EXO, assign the licence and wait until mailbox properties are populated in the portal), and then running the scheduled task. If everything is set up correctly, you’ll see the welcome message be sent to both mailboxes.
The scripting agent, a sample welcome message, and the scheduled script can be downloaded from here.