Hosted Exchange 2010 SP1 Multi-Tenancy Cmdlets

This quick reference sheet describes the most frequently used cmdlets available in Exchange 2010 SP1.

Most cmdlets consist of a verb associated with a specific action (New, Remove, Enable, Disable, Set, Get), reserved words, and parameters that control the commands.

All tasks that can be executed in Exchange 2010 can be listed by using the Get-Command cmdlet. The Help task cmdlet retrieves Exchange Management Shell help information about the task.

Setup Multi-Tenancy In Hosted Exchange 2010 SP1

We need the following to support multi-tenancy:

  • Service Plan: a list of organization features, a set of mailbox plans, organization resource limits, and RBAC permissions delegated to customer.
  • Service Plan template: the features and predefined permissions to be provisioned for the customer organization and their mailboxes
  • Mailbox Plan: Exchange features to be enabled on the mailbox. A mailbox plan is created by using a service plan template.
  • RBAC (Role-Based Access Control): permissions for Exchange management tasks.

With the Hosted Exchange 2010 SP1 CAS Role installed, the folder C:\Program Files\Microsoft\Exchange Server\V14\ClientAccess\ServicePlans is created, containing the file ServicePlanHostingRemap.csv. This file and the following .serviceplan XML files contain the hosting service plans:

Microsoft Exchange Service Plans Files
  • HostingAllfeatures.serviceplan: all Exchange features available to tenant organization.
  • HostingBusinessMapi.serviceplan: template for provisioning business organization using MAPI and other protocols for client access.
  • HostingBusinessNonMapi.serviceplan: template for provisioning business organizations that use OWA, POP, IMAP, or Exchange Active Sync for client access, without MAPI.
Fragment Of The Sample Service Plan File

Creating A Service Plan

    1) Locate the available service Plans C:\Program Files\Microsoft\Exchange Server\V14\ClientAccess\ServicePlans.
    2) Determine which service plan template meets your needs and open the template using Notepad.
    3) Save the service plan template with a new name in the same service plan location.
    4) If you are going to create multiple Mailbox Plans, copy the mailbox plan section starting with MailboxPlanName and ending with MailboxPlan and paste it after the MailboxPlan end section. Make sure that the mailbox plan is within the MailboxPlans section. You will need to change the following properties for the new mailbox plan:
    • MailboxPlanName: specifies the name of the mailbox plan, for example Gold, Silver, Bronze.
    • MialboxPlanIndex: an identifier unique to each mailbox plan.
    • ProvisionAsDefault: specifies a mailbox plan as the default mailbox plan. When new users are created and you do not specify a mailbox plan at that time the default mailbox plan will be applied to the mailbox. Only one default mailbox plan can be the default one.
    5) Save the new service plan.
    6) Add the service plan to the service plan map, using the following procedure.

Add A Service Plan

  1. Locate the ServicePlanHostingRemap.csv in C:\Program Files\Microsoft\Exchange Server\V14\ClientAccess\ServicePlans.
  2. Open the .csv file using Notepad.
  3. Add a new line and provide the following comma separated information for the new service plan:
    • ProgramId: specifies the service level offering that you are providing to your tenant organizations.
    • OfferId: specifies a sub-service level offering.
    • ServicePlanName: The service plan name specifies the file name of the service plan.
  4. Save and close the file.
  5. Ensure that you have copied the service plan and the serviceplanhostingRemap file across all CAS servers.

Verify A Service Plan

After creating a new service plan, you can validate it by assigning it to a new organisation using the WhatIf parameter by running the following command on Exchange PowerShell:
New-Organization –Name “” –DomainName “” –location “en-us” –ProgramId “Business” –OfferId “SmallOrg”-Whatif
You should use the same ProgramId and OfferId that you used while adding the service plan in the ServicePlanHostingRemap.csv file.

Create A New Tenant Organization

New-Organization -Name -DomainName -Location -OfferId -ProgramId [-Administrator ] [-AdministratorNetID ] [-AdministratorPassword ] [-AuthenticationType ] [-Confirm [ ]] [-CreateSharedConfiguration ] [-EnableFileLogging ] [-ExternalDirectoryOrganizationId ] [-HotmailMigration ] [-IsDatacenter ] [-IsDirSyncRunning <$true | $false> ] [-IsPartnerHosted ] [-LiveIdInstanceType ] [-PartnerObjectId ] [-WhatIf [ ]]

Verify A Tenant Organisation

Get-Organization [-Identity ] [-DomainController ] [-Filter ] [-ForReconciliation ] [-ResultSize ]

Remove A Tenant Organisation

Remove-Organization –Identity Client1


Contact Management

Enable-MailContact -Identity “John Smith” -Alias smith -ExternalEmailAddress Mail-enables the contact John Smith by specifying the distinguished name (DN) for the contact, and providing the alias smith and an external e-mail address
Set-MailContact -Identity smith -Alias jsmith Changes the alias of the mail-enabled contact specified in the Identity parameter from smith to jsmith by using the Alias parameter.
Set-Contact -Identity jsmith -Manager user1 Modifies the Active Directory information of contact jsmith by changing the jsmith manager to user1. The contact must be mail-enabled to retrieve it using an alias. The full name, GUID, or DN of the contact is required.

Group Management

Enable-DistributionGroup -Identity “domain\Distribution Group” -Alias DG Mail-enables the existing universal distribution group named Distribution Group that’s in the domain domain and has the alias DG.
Set-DistributionGroup -Identity DG -Alias group1 Modifies the settings of the universal distribution group named DG in Exchange by changing its alias to group1.
Add-DistributionGroupMember -Identity DG -Member user1 Adds the recipient user1 as a member of the universal distribution group DG.
Get-DistributionGroupMember -Identity DG Retrieves all the members of the distribution group named DG.
New-DynamicDistributionGroup -Name DDG -Alias DDGAlias -OrganizationalUnit OU -IncludedRecipients MailboxUsers Creates a query-based dynamic distribution group named DDG which is in the organizational unit OU and has the alias DDGAlias. The IncludedRecipients parameter can be one of the following values: None, MailboxUsers, Resources, MailContacts, MailGroups, MailUsers, or AllRecipients.

Mailbox Management

New-Mailbox -Name Name -Password Password -UserPrincipalName UserNameAndSuffix [-MailboxPlan ]
{AddtlParams} {ModParams} Creates a new mailbox.
Enable-Mailbox -Identity domain\user1 -Database MailboxDatabase Mailbox-enables an existing Active Directory user with the domain and alias combination domain\user1 by creating a mailbox in the mailbox database named MailboxDatabase.
Disable -Mailbox -Identity user1 Mailbox-disables the user with the alias user1 by removing the associated mailbox. The user will not be deleted.
Set-Mailbox -Identity user1 -Alias user2 Modifies a mailbox by changing the existing alias user1 to user2.
Dir \\SERVER01\PSTshare\*.pst | %{ New-MailboxImportRequest -Name RecoveredPST -BatchName Recovered -Mailbox $_.BaseName -FilePath $_.FullName -TargetRootFolder SubFolderInPrimary} Imports all the .pst files in the shared folder \\SERVER01\PSTshare. Each .pst file name is named after a corresponding user’s alias. The command creates an import request named RecoveredPST for all the .pst files and imports the data into the matching mailbox.
Get-Mailbox | Format-Table alias, *quota Retrieves all mailbox users and formats the output to include the alias of the mailbox and the mailbox quotas.
Get-Mailbox -Server MyServer Retrieves a summary list of all mailboxes on the server named MyServer.
Get-MailboxStatistics -Database MailboxDatabase Retrieves the mailbox statistics for all mailboxes that are located in the mailbox database named MailboxDatabase.
Get-MailboxStatistics -Server MyServer Retrieves the mailbox statistics for all mailboxes that are located on the server named MyServer.
New-MoveRequest -Identity ‘user1′-TargetDatabase Executives Creates a move request for the mailbox associated with the alias user1 to the mailbox database named Executives.
Get-Recipient -RecipientType UserMailbox Retrieves a summary list of all recipients that match the Recipient Type UserMailbox. The RecipientType parameter can be DynamicDistributionGroup, UserMailbox, MailContact, MailUser, PublicFolder, MailUniversalDistributionGroup, MailUniversalSecurityGroup, or MailNotUniversalGroup.
Get-Recipient -Anr “user” Retrieves a summary list of all recipients that contain the string “user” in the mailbox name. The Anr parameter indicates that the argument will be resolved by using Ambiguous Name Resolution (ANR).
Get-Recipient -ResultSize 100 Retrieves a summary list of recipients and returns only the first 100 recipients.
Enable-MailUser -Identity domain\user2 -ExternalEmailAddress Mail-enables the Active Directory user domain\user2 with an external address With this cmdlet, a default primary SMTP e-mail address is also created.
Disable-MailUser -Identity user2 Mail-disables the Active Directory mail-enabled user user2.
Set-MailUser -Identity user2 -ExternalEmailAddress Modifies the Active Directory mail-enabled user user2 by changing its external e-mail address to

Database Management

New-MailboxDatabase -Name MailboxDatabase -Server ExchServer Creates a mailbox database named MailboxDatabase on the server ExchServer.
Set-MailboxDatabase -Identity MailboxDatabase -IssueWarningQuota 250MB Modifies the mailbox database MailboxDatabase by changing its mailbox warning quota limit to 250MB.
Get-MailboxDatabase -Server ExServer1 Retrieves a summary list of all mailbox databases on the server named ExServer1.
Mount-Database -Identity MailboxDatabase Mounts the existing mailbox database named MailboxDatabase.
Dismount-Database -Identity MailboxDatabase Dismounts the existing mailbox database named MailboxDatabase.


Connectors and Delivery

New-SendConnector -Name SendConnector -AddressSpaces Creates an Internet Send connector named SendConnector. The associated address space for the Send connector is
Set-SendConnector -Identity SendConnector -AddressSpaces Modifies the Send connector named SendConnector by changing its address space to
New-ReceiveConnector -Name ReceiveConnector -RemoteIPRanges -Bindings Creates a Receive connector named ReceiveConnector. The associated remote IP range is to The Bindings parameter value will result in the listening to connections on all locally configured IP addresses on port 25.
Set-ReceiveConnector -Identity ReceiveConnector -MaxMessageSize 50MB Modifies the Receive connector ReceiveConnector by changing the value of the MaxMessageSize parameter to 50MB.
Disable Anti-Spam
Set-ContentFilterConfig -Enabled $false Disables the Content Filter agent. Other antispam agents can be disabled similarly by using the corresponding Set command.
Add Accepted Domains
New-AcceptedDomain -Name “ExampleCompany” -DomainName -DomainType Authoritative Creates an authoritative domain.
New-AcceptedDomain -Name “Second Company” -DomainName -DomainType InternalRelay Creates an internal relay domain.
New-AcceptedDomain -Name “Another Company” -DomainName -DomainType ExternalRelay Creates an external relay domain.
Managing Message Size Limits
Get-SendConnector | Set-SendConnector –MaxMessageSize 50MB Sets a send connector with the message size limit specified (external).
Get-ReceiveConnector | Set-ReceiveConnector –MaxMessageSize 100MB Sets a receive connector with the message size limit specified (external).
Set-TransportConfig -MaxReceiveSize Sets receive size limit (internal).
Set-TransportConfig -MaxSendSize Sets sending size limit (internal).

The MultiTenant Parameter

The MultiTenant parameter is available for a few cmdlets in a multi-tenant deployment of Exchange Server 2010 SP1. The application of MultiTenant results in a search or operation performed across the entire forest rather than the organization currently scoped.

This parameter is particularly useful with the Get-MoveRequest and Get-MailboxRestoreRequest cmdlets. For example, if we need to check the progress, Get-MoveRequest –MultiTenant will show results for all move requests across the entire forest.

Cannot use CBT: Soap Fault Error In Veeam Backup & Replication Endangered Online Privacy?
Cannot use CBT: Soap Fault Error In Veeam Backup & Replication
Endangered Online Privacy?

The author

About admin : Leslie F. Sikos, Ph.D. is a Web standardista specializing in website standardization, Responsive Web Design, Semantic Web technologies, Web accessibility, Search Engine Optimisation (SEO), and multimedia. He is a publishing expert with numerous academic papers and 13 textbooks, including Web Standards, an bestseller. Dr. Sikos is a member of several standardization bodies, and actively contributes to the development of open standards.