Set up Powershell
- Lango: Language and translation manager
- 1 1. introduction
- 2 2. installation stanoc PowerShell script
- 3 3. Exchange Online and Entra ID
- 4 4. exchange on premises / active directory
- 4.1 4.1. 4.1 Important note on Exchange on Premises
- 4.2 4.2. 4.2 Install Exchange Management PowerShell / Active Directory Management Tools (migration server is a member of the AD domain with Exchange)
- 4.3 4.3. 4.3 Set up Remote PowerShell with Basic-Auth (migration server is not a member server of the domain with Exchange)
- 4.3.1 4.3.1. 4.3.1 Client
- 4.3.2 4.3.2. 4.3.2 Exchange server
- 4.4 4.4. 4.4 Set up Exchange on Premises ApplicationImpersonation
- 4.5 4.5. 4.5 Adjust Exchange on Premises limits
- 4.6 4.6. 4.6 Store Exchange on Premises access data
- 5 5. 5 SharePoint Online
- 6 6. troubleshooting for the execution
1. introduction
Setting up PowerShell is only necessary for environments if:
the archive system is connected to Exchange
the Outlook add-in is to be used
Migrations from/to Exchange are to be carried out
SharePoint is to be controlled via Shift
2. installation stanoc PowerShell script
The PowerHelper must be installed in <Domino program directory> in the subdirectory stanoc be copied:
https://stanoc.atlassian.net/l/c/vBF13fut
Prerequisite: PowerShell 5.x (version can be changed via command
$psversiontable in PowerShell) or newer. (From Windows Server 2016).
Older servers require an update ( https://www.microsoft.com/en-us/download/details.aspx?id=54616 - Attention - a reboot is probably due)
The file stanocPowerHelper.zip contains a PowerShell script for accessing Exchange Online or on Premises.
The following work must be carried out in preparation (please continue with either 3. Exchange Online or 4. Exchange on Premises)
Microsoft .NET Framework 4.7.1 or higher is also required for the Exchange Online Management module ( About the Exchange Online PowerShell V3 module )
PowerShell 7.2 or newer is required for SharePoint (see also Installing PnP PowerShell | PnP PowerShell ) is required.
We recommend the current LTS version, e.g. from Installieren von PowerShell unter Windows - PowerShell to be used.
2.1. 2.1 Enable/enforce TLS 1.2
To use secure TLS 1.2 connections, please issue the following command in an administrator PowerShell
cd <Domino Programmverzeichnis>\stanoc
.\stanocPowerHelper -ConfigureTLS
If the output looks like in the screenshot (options not set), please answer the query with "Y" and restart the server.
3. Exchange Online and Entra ID
3.1. 3.1 Installing the required modules
Please run the following once in the Administrator PowerShell to install the modules for Exchange Online, Microsoft Online and Azure AD:
[Net.ServicePointManager]::SecurityProtocol=[Net.SecurityProtocolType]::Tls12; Install-Module ExchangeOnlineManagement,MSOnline,AzureAD
# Optional: Wenn Entra-ID verwendet werden soll:
[Net.ServicePointManager]::SecurityProtocol=[Net.SecurityProtocolType]::Tls12; Install-Module -Name Microsoft.Graph.Entra -Repository PSGallery -allowprerelease3.2. 3.2 Store Exchange Online access data
ATTENTION: Microsoft no longer allows Basic Auth since September/October 2022. Therefore, please also carry out the following for existing installations
Sign in to the Azure AD portal
App registrations → New registration
Name: "stanocPowerHelper"
→ Register
Copy and save the application ID (client) (required later)
Call up the manifest and in the editor (from approx. line 42) resourceAppId,id and type customize and save
API authorizations
The following API authorizations must also be selected for Entra ID:
Grant administrator approval for the tenant
On the computer on which the PowerShell script is to be executed, create and save the certificate using stanocPowerHelper.ps1
Attention: The certificate creation under Windows Server 2012 R2 does not work correctly. The certificate creation must therefore be executed on a different server operating system (Windows Server 2019 / Windows Server 2022) or on a local client installation of the 'stanoc PowerHelper script' (min . Windows 10). Otherwise, the following error will occur during the connection:
→ Assign certificate to the app
Select and upload cert.pem
Assign Entra ID roles (Global Reader / Exchange Administrator)
→ You can also define and assign a role group yourself.
Go up one level and switch to "Roles and administrators"
Search for "Exchange Administrator" role
3.3. 3.3 Testing the connection
4. exchange on premises / active directory
4.1. 4.1 Important note on Exchange on Premises
During the migration phase, a large number of transactions are executed on the Exchange database files. It is therefore important to provide sufficient disk space for storing the transaction logs of the database files. Ideally, these should be stored on a separate volume that can be enlarged if necessary. The size of the transaction logs can exceed the size of the database files.
Alternatively, you can also activate circulation logging for the mailbox databases during the migration.
4.2. 4.2 Install Exchange Management PowerShell / Active Directory Management Tools (migration server is a member of the AD domain with Exchange)
To do this, execute the following in the PowerShell of the Domino server:
If you only need the Active Directory Management Tools, you are finished at this point.
Install Visual Studio C++ 2012 Redistributable (source https://download.microsoft.com/download/1/6/B/16B06F60-3B20-4FF2-B699-5E9B7962F9AE/VSU_4/vcredist_x64.exe )
If .Net 4.8 is not yet installed, please install it (Source: https://go.microsoft.com/fwlink/?linkid=2088631 )
Mount the Exchange ISO file and then install the management tools
(from Exchange 2019 CU 11 (or possibly already CU 10):
Please check and if not availablecopy the Microsoft.Exchange.ManagedLexRuntime.MPPGRuntime.dll from the Exchange server to the current computer (target and source folder C:\Program Files\Microsoft\Exchange Server\V15\Bin ) Otherwise the following error will occur during execution:
4.3. 4.3 Set up Remote PowerShell with Basic-Auth (migration server is not a member server of the domain with Exchange)
Additional requirement: Ports TCP 80,443 (5985/5986)
4.3.1. 4.3.1 Client
Check current setting
If there is an "*" there, this is already OK
Otherwise,
Set basic auth on the client
4.3.2. 4.3.2 Exchange server
4.4. 4.4 Set up Exchange on Premises ApplicationImpersonation
To do this, execute the following command in the Exchange Management PowerShell:
adminstanoc@ad.kunde.de with the corresponding AD user who is to perform the migration
4.5. 4.5 Adjust Exchange on Premises limits
4.6. 4.6 Store Exchange on Premises access data
Then execute the stanocPowerHelper.ps1 once with the parameter -prepareCredentials to store the credentials for accessing Exchange PowerShell:
These are then stored in AES encrypted form and used for the connection to Exchange from the Domino server.
5. 5 SharePoint Online
PnP PowerShell must be installed in PowerShell 7.2+: To do this, start an administrative PowerShell 7.2+ (pwsh.exe)
For SharePoint, the app must be registered in the same way as Exchange Online and also authenticated using a certificate.
If a different registered app is to be used for Shift than for SWAP, the credentials for this case must be saved separately and the path must be specified absolutely (without \ at the end!) in the Shift target configuration.
The following API authorizations must also be set (application with administrator approval)
SharePoint → Sites.FullControl.All
SharePoint → TermStore.ReadWrite.All
SharePoint → User.ReadWrite.All
For testing
can be used.
The application ID and a secret are also required for use via API (not PowerShell).
6. troubleshooting for the execution
If an "is not digitally signed" error occurs during execution, please execute this command: