Microsoft Exchange: Automating PowerShell Commands

powershell script command library

Enable any user to run PowerShell commands using a drop-down menu from the PowerScripts Library.

Automate Administrative Tasks with PowerScripts

PowerShell is the primary scripting language that Microsoft utilizes to allow administrators to make changes to their environment. Running PowerShell scripts against Exchange environments is also a great way to monitor availability and gather performance metrics. As most Exchange admins probably already know, using PowerShell scripting to monitor or even make changes in their environment can be a daunting task.

VitalSigns PowerScripts for Exchange allows administrators and junior administrators to bypass the daunting process of manually running PowerShell scripts. PowerScripts is a library of approved PowerShell scripts that can securely executed from within VitalSigns. PowerScripts can be extended, allowing experienced administrators to customize their PowerShell terminal by publishing their own custom written scripts. Junior administrators with proper credentials can then safely run the scripts from a simple drop-down menu.

PowerScripts Overview

Using PowerScripts

Leverage PowerScripts to...

Mitigate Risk

Normally, when a user writes a PowerShell script one of the first things they have to do is establish their credentials. If a junior admin is going to run a PowerShell script “natively” then they will also need the credentials. This poses a huge security risk because once a user has credentials, they can use them anyway they want. If a user runs a script in PowerShell IDE, using credentials given to them for another purpose, there will be NO RECORD of what they do with it. The security of any environment is increasingly at risk as more users gain credentials that will allow changes on a production system.

With PowerScripts the credentials do not have to be shared with other users, instead the credentials are dynamically injected into the script at run time, using the encrypted credentials which are used by VitalSigns to monitor the server itself. Meaning that senior administrators can assign junior administrators the ability to run vetted scripts without actually sharing credentials.

Empower Junior Administrators

Designed as a new approach to command line management, PowerScripts requires no prior understanding of PowerShell to execute commands. Users that have been assigned credentials can execute any script in the library, include custom scripts. Scripts can be run against users, mailboxes and servers from a simple drop-down menu located within health pages. The area within the health pages to execute commands is only visible to users with the PowerScripts user role.

PowerScripts enable organizations to delegate administrator tasks to junior administrators without compromising control of the environment. PowerScripts user roles can be easily granted and restricted to users in the VitalSigns configurator.

Generate Audit Trails

Although PowerScripts doesn’t actually share credentials with junior administrators it is still important to know who was running scripts and when they were running them. Every time a PowerShell command is executed using PowerScripts an audit trail is created. The created audit trail will record the name of the script, date/time it was run, who ran it, what parameters were given, as well as the result of the script.

 A complete list of all the audit trails from executed scripts can be viewed from a searchable grid. Within this grid users can easily navigate to view all the scripts run on a specific day, all the scripts run by a specific user, or simply by the name of the script.

Learn more about VitalSigns Monitoring for Microsoft Exchange

Leave a Reply