我知道 Exchange 需要保留邮箱的同步状态信息,因此我希望可以使用相关属性来知道谁在使用智能手机查看邮件。
到目前为止,我们仍在使用 Exchange 2003。似乎最好的方法是在 ADUC 中保存查询,我希望可以使用它来创建通讯组?但无论你有什么都比我拥有的更好,所以提前感谢。
答案1
不,但您可以询问 Exchange 用户是否正在使用 activesync。您需要查找该邮箱中是否存在 Microsoft-Server-ActiveSync。您需要查找 Glen Scales 编写的脚本来执行此操作。 您还可以解析日志。我在他的网站上找不到它,所以这里是代码:
servername = wscript.arguments(0)
set shell = createobject("wscript.shell")
strValueName = "HKLM\SYSTEM\CurrentControlSet\Control\TimeZoneInformation\ActiveTimeBias"
minTimeOffset = shell.regread(strValueName)
toffset = datediff("h",DateAdd("n", minTimeOffset, now()),now())
report = "<table border=""1"" width=""100%"">" & vbcrlf
report = report & " <tr>" & vbcrlf
report = report & "<td align=""center"" bgcolor=""#000080""><b><font color=""#FFFFFF"">DisplayName</font></b></td>" & vbcrlf
report = report & "<td align=""center"" bgcolor=""#000080""><b><font color=""#FFFFFF"">Email Address</font></b></td>" & vbcrlf
report = report & "<td align=""center"" bgcolor=""#000080""><b><font color=""#FFFFFF"">Device Type</font></b></td>" & vbcrlf
report = report & "<td align=""center"" bgcolor=""#000080""><b><font color=""#FFFFFF"">Device ID</font></b></td>" & vbcrlf
report = report & "<td align=""center"" bgcolor=""#000080""><b><font color=""#FFFFFF"">FolderSync</font></b></td>" & vbcrlf
report = report & "<td align=""center"" bgcolor=""#000080""><b><font color=""#FFFFFF"">ContactSync</font></b></td>" & vbcrlf
report = report & "<td align=""center"" bgcolor=""#000080""><b><font color=""#FFFFFF"">CalendarSync</font></b></td>" & vbcrlf
report = report & "<td align=""center"" bgcolor=""#000080""><b><font color=""#FFFFFF"">autdstate.xml</font></b></td>" & vbcrlf
report = report & "</tr>" & vbcrlf
set req = createobject("microsoft.xmlhttp")
set com = createobject("ADODB.Command")
set conn = createobject("ADODB.Connection")
Set iAdRootDSE = GetObject("LDAP://RootDSE")
strNameingContext = iAdRootDSE.Get("configurationNamingContext")
strDefaultNamingContext = iAdRootDSE.Get("defaultNamingContext")
Conn.Provider = "ADsDSOObject"
Conn.Open "ADs Provider"
polQuery = "<LDAP://" & strNameingContext & ">;(&(objectCategory=msExchRecipientPolicy)(cn=Default Policy));distinguishedName,gatewayProxy;subtree"
svcQuery = "<LDAP://" & strNameingContext & ">;(&(objectCategory=msExchExchangeServer)(cn=" & Servername & "));cn,name,legacyExchangeDN;subtree"
Com.ActiveConnection = Conn
Com.CommandText = polQuery
Set plRs = Com.Execute
while not plRs.eof
for each adrobj in plrs.fields("gatewayProxy").value
if instr(adrobj,"SMTP:") then dpDefaultpolicy = right(adrobj,(len(adrobj)-instr(adrobj,"@")))
next
plrs.movenext
wend
wscript.echo dpDefaultpolicy
Com.CommandText = svcQuery
Set Rs = Com.Execute
while not rs.eof
GALQueryFilter = "(&(&(&(& (mailnickname=*)(!msExchHideFromAddressLists=TRUE)(| (&(objectCategory=person)(objectClass=user)(msExchHomeServerName=" & rs.fields("legacyExchangeDN") & ")) )))))"
strQuery = "<LDAP://" & strDefaultNamingContext & ">;" & GALQueryFilter & ";displayname,mail,distinguishedName,mailnickname,proxyaddresses;subtree"
com.Properties("Page Size") = 100
Com.CommandText = strQuery
Set Rs1 = Com.Execute
while not Rs1.eof
falias = "http://" & servername & "/exadmin/admin/" & dpDefaultpolicy & "/mbx/"
if not isnull(rs1.fields("proxyaddresses").value) then
for each paddress in rs1.fields("proxyaddresses").value
if instr(paddress,"SMTP:") then falias = falias & replace(paddress,"SMTP:","") & "/non_ipm_subtree"
next
wscript.echo falias
SerachAsync(falias)
else
wscript.echo "*** Null Proxy **** : " & rs1.fields("mailnickname")
end if
rs1.movenext
wend
rs.movenext
wend
rs.close
set conn = nothing
set com = nothing
report = report & "</table>" & vbcrlf
Set fso = CreateObject("Scripting.FileSystemObject")
set wfile = fso.opentextfile("c:\temp\asreport.htm",2,true)
wfile.write report
wfile.close
set wfile = nothing
set fso = nothing
wscript.echo "Done"
sub SerachAsync(furl)
strQuery = "<?xml version=""1.0""?><D:searchrequest xmlns:D = ""DAV:"" >"
strQuery = strQuery & "<D:sql>SELECT ""http://schemas.microsoft.com/mapi/proptag/x3001001E"""
strQuery = strQuery & " FROM scope('shallow traversal of """
strQuery = strQuery & furl & """') Where ""DAV:ishidden"" = False AND ""DAV:isfolder"" = True AND "
strQuery = strQuery & """http://schemas.microsoft.com/mapi/proptag/x3001001E"" = 'Microsoft-Server-ActiveSync'</D:sql></D:searchrequest>"
req.open "SEARCH", furl, false
req.setrequestheader "Content-Type", "text/xml"
req.setRequestHeader "Translate","f"
on error resume next
req.send strQuery
if err.number <> 0 then wscript.echo err.description
on error goto 0
If req.status >= 500 Then
ElseIf req.status = 207 Then
set oResponseDoc = req.responseXML
set oNodeList = oResponseDoc.getElementsByTagName("d:x3001001E")
if oNodeList.length <> 0 then
wscript.echo "Active-Sync Folder Exists"
displayAyncSub(furl & "/Microsoft-Server-ActiveSync")
else
wscript.echo "No Active-Sync Folder"
end if
Else
End If
end sub
sub displayAyncSub(furl)
strQuery = "<?xml version=""1.0""?><D:searchrequest xmlns:D = ""DAV:"" >"
strQuery = strQuery & "<D:sql>SELECT ""http://schemas.microsoft.com/mapi/proptag/x3001001E"""
strQuery = strQuery & " FROM scope('shallow traversal of """
strQuery = strQuery & furl & """') Where ""DAV:ishidden"" = False AND ""DAV:isfolder"" = True</D:sql></D:searchrequest>"
req.open "SEARCH", furl, false
req.setrequestheader "Content-Type", "text/xml"
req.setRequestHeader "Translate","f"
on error resume next
req.send strQuery
if err.number <> 0 then wscript.echo err.description
on error goto 0
If req.status >= 500 Then
ElseIf req.status = 207 Then
set oResponseDoc = req.responseXML
set oNodeList = oResponseDoc.getElementsByTagName("d:x3001001E")
for each node in oNodeList
call displaydeviceSub(furl & "/" & node.text,node.text)
next
Else
End If
end sub
sub displaydeviceSub(furl,fname)
strQuery = "<?xml version=""1.0""?><D:searchrequest xmlns:D = ""DAV:"" >"
strQuery = strQuery & "<D:sql>SELECT ""http://schemas.microsoft.com/mapi/proptag/x3001001E"""
strQuery = strQuery & " FROM scope('shallow traversal of """
strQuery = strQuery & furl & """') Where ""DAV:ishidden"" = False AND ""DAV:isfolder"" = True</D:sql></D:searchrequest>"
req.open "SEARCH", furl, false
req.setrequestheader "Content-Type", "text/xml"
req.setRequestHeader "Translate","f"
on error resume next
req.send strQuery
if err.number <> 0 then wscript.echo err.description
on error goto 0
If req.status >= 500 Then
ElseIf req.status = 207 Then
set oResponseDoc = req.responseXML
set oNodeList = oResponseDoc.getElementsByTagName("d:x3001001E")
for each node in oNodeList
report = report & "<tr>" & vbcrlf
report = report & "<td align=""center"">" & rs1.fields("displayname") & " </td>" & vbcrlf
report = report & "<td align=""center"">" & rs1.fields("mail") & " </td>" & vbcrlf
report = report & "<td align=""center"">" & fname & " </td>" & vbcrlf
report = report & "<td align=""center"">" & node.text & " </td>" & vbcrlf
report = report & finditems(furl & "/" & node.text)
report = report & "</tr>" & vbcrlf
next
Else
End If
end sub
function finditems(furl)
hascalsyc = 0
hasfolsyc = 0
hasconsyc = 0
hasautd = 0
rback = ""
strQuery = "<?xml version=""1.0""?><D:searchrequest xmlns:D = ""DAV:"" >"
strQuery = strQuery & "<D:sql>SELECT ""DAV:displayname"", ""DAV:getlastmodified"""
strQuery = strQuery & " FROM scope('shallow traversal of """
strQuery = strQuery & furl & """') Where ""DAV:isfolder"" = False</D:sql></D:searchrequest>"
req.open "SEARCH", furl, false
req.setrequestheader "Content-Type", "text/xml"
req.setRequestHeader "Translate","f"
on error resume next
req.send strQuery
if err.number <> 0 then wscript.echo err.description
on error goto 0
rem wscript.echo req.responsetext
If req.status >= 500 Then
ElseIf req.status = 207 Then
set oResponseDoc = req.responseXML
set oNodeList = oResponseDoc.getElementsByTagName("a:displayname")
set oNodemodlist = oResponseDoc.getElementsByTagName("a:getlastmodified")
wscript.echo oNodeList.length
for i = 1 to oNodeList.length
set onode = oNodeList.nextNode
set onode1 = oNodemodlist.nextNode
select case lcase(onode.text)
case "calendarsyncfile" hascalsyc = 1
hascalsycval = DateAdd("h",toffset,(left(replace(replace(onode1.text,"T"," "),"Z",""),19)))
case "foldersyncfile" hasfolsyc = 1
hasfolsycval = DateAdd("h",toffset,(left(replace(replace(onode1.text,"T"," "),"Z",""),19)))
case "contactssyncfile" hasconsyc = 1
hasconsycval = DateAdd("h",toffset,(left(replace(replace(onode1.text,"T"," "),"Z",""),19)))
case "autdstate.xml" hasautd = 1
hasautdval = DateAdd("h",toffset,(left(replace(replace(onode1.text,"T"," "),"Z",""),19)))
end select
next
Else
End If
wscript.echo hasfolsyc
if hasfolsyc = 1 then
rback = rback & "<td align=""center"">" & hasfolsycval & " </td>" & vbcrlf
else
rback = rback & "<td align=""center"">No </td>" & vbcrlf
end if
if hasconsyc = 1 then
rback = rback & "<td align=""center"">" & hasconsycval & " </td>" & vbcrlf
else
rback = rback & "<td align=""center"">No </td>" & vbcrlf
end if
if hascalsyc <> 0 then
rback = rback & "<td align=""center"">" & hascalsycval & " </td>" & vbcrlf
else
rback = rback & "<td align=""center"">No </td>" & vbcrlf
end if
if hasautd <> 0 then
rback = rback & "<td align=""center"">" & hasautdval & " </td>" & vbcrlf
else
rback = rback & "<td align=""center"">No </td>" & vbcrlf
end if
finditems = rback
end function
答案2
看起来它是由 msExchOmaAdminWirelessEnable 中的某个位控制的。以下是某人列出的位描述这个帖子。
1 (bit 0) = 1 to disable Server Activesync, 0 to enable it
2 (bit 1) = 1 to disable OMA, 0 to enable it
4 (bit 2) = 1 to disable Always Up-To-Date (AUTD), 0 to enbable it
看起来该值在 AD 中是一个十进制值,因此您需要将这些位进行 AND 运算并将其转换为十进制来设置它。因此:
Disable everything = 0x111 = 7
Enable ActiveSync, Disable OMA, Disable AUTD = 0x110 = 6
Enable ActiveSync, Disable OMA, Enable Autd = 0x010 = 4
etc...
答案3
首先看一下这个:http://support.microsoft.com/kb/830188
因此,基本上,“msExchOmaAdminWirelessEnable”属性默认不在所有用户对象上设置,并且允许使用 ActiveSync 进行访问。如果您选择为所有用户关闭它,然后仅为需要它的用户启用它,那么您可以过滤/查询此“msExchOmaAdminWirelessEnable”属性。
所以,这是一个先有鸡还是先有蛋的问题。如果你不知道谁在使用它,你就无法更改此属性。
我会考虑解析 IIS 服务器上的日志以确定谁在使用 ActiveSync,然后考虑对所有未使用它的用户设置标志。这很麻烦,但在我看来这是实现您想要的最好方法。
答案4
我刚刚查看了所有属性,并没有发现任何可以泄露的东西。
对不起。