Removing Messages by Message Class from Mailbox

This script will remove items of a certain class from a mailbox, traversing through mail item folders (IPF.Note). You can also specify how the items should be deleted. Example usages are cleaning up mailboxes of stubs, by removing the shortcut messages left behind by archiving pr

 
 
 
 
 
5 Star
(10)
6,425 times
Add to favorites
Exchange
5/6/2020
E-mail Twitter del.icio.us Digg Facebook
  • fails on autodiscover
    3 Posts | Last post February 12, 2020
    • I'm guessing several people have solved this already.
      
      Running against an office 365 mailbox.  always fails on looking up autodiscover URL.  Is there a way to just hardcode this value in the script?
      
      C:\scripts\Remove-MessageClassItems.ps1 : Autodiscover failed, error: Exception calling "AutodiscoverUrl" with "2" argument(s): "The Autodiscover service couldn't be located."
    • I´m guessing you have still a hybrid and the DNS of Autodiscover is pointing to on prem.
      If this is the case, you can use: xx@company.onmicrosoft.com . Within this you will not have any problems with autodiscover to O365. :)
      
      For sure you can try this also without a hybrid configuration.
      
      BR
    • If the credentials are valid on-prem & in the tenant, it should follow the redirect. That said, you can override Autodiscover using the Server parameter, e.g. -Server outlook.office365.com
  • Office 365 message throttling and suppressing removal warning
    2 Posts | Last post February 12, 2020
    • Hi Michel
      Is there an update on the issue with Office 365 message throttling?
      Also is it possible to suppress "Removal" warning.
      
      Thank you
      
    • Script uses common parameters, so you can use -Confirm:$false to control the confirmation, just like -WhatIf:$true to see what it would do. Throttling (or rather failure) should be detected, and the script should back off with increasing intervals to resume operation.
  • "Unauthorized" in Office 365
    4 Posts | Last post February 12, 2020
    • I used the script successfully in on-prem Exchange, but somehow can't get it to work against Office 365.
      
      The user running this has ApplicationImpersonation role as well as Full Access to the mailbox in question:
      
      .\Remove-MessageClassItems.ps1 -MessageClass "IPM.NOTE.EnterpriseVault.Shortcut"  -Mailbox <smtpaddress> -ScanAllFolders -DeleteMode HardDelete -Verbose -Server  outlook.office365.com -Impersonation
      
      Regardless if I specify "-Impersonation" or not, the result is always the same:
      
      VERBOSE: Loading C:\Program Files\Microsoft\Exchange\Web Services\2.2\\Microsoft.Exchange.WebServices.dll
      VERBOSE: Loaded EWS Managed API v15.00.0913.015
      VERBOSE: Set to trust all certificates
      Processing mailbox <smtpaddress> (<smtpaddress>)
      VERBOSE: Using <smtpaddress> for impersonation
      VERBOSE: Using Exchange Web Services URL https://outlook.office365.com/EWS/Exchange.asmx
      VERBOSE: DeleteMode is HardDelete
      VERBOSE: Removing messages of class IPM.NOTE.EnterpriseVault.Shortcut
      VERBOSE: Constructing folder matching rules
      WARNING: Cannot bind to MsgFolderRoot - skipping. Error: Exception calling "Bind" with "2" argument(s): "The request failed. The remote server returned an error: (401) Unauthorized."
      WARNING: Cannot bind to ArchiveMsgFolderRoot - skipping. Error: Exception calling "Bind" with "2" argument(s): "The request failed. The remote server returned an error: (401) Unauthorized."
      VERBOSE: Processing <smtpaddress> finished
    • I'm missing providing creds (through Credential parameter) in your call.
    • Yes, though I tried also with credentials, but we are using MFA, and probably I did not wait long enough after assigning permissions.
      
      Now I created a service account that does not use MFA, granted permission to that, and specify that with the -Credentials parameter. And it's working. Thanks!
    • Glad you got it working. MFA-enabled accounts are not supported atm. 
  • Does this script work with MFA
    2 Posts | Last post February 12, 2020
    • My admin account requires MFA to connect to Exchange online.  How do I set the -Credentials so that MFA is checked? I previously performed "Connect-EXOPSSession" so I am connected already.
      
      Thanks
      
      
    • Connect will set up an remote PowerShell session; the script leverages Exchange Web Services, which is another way to interact (mailbox manipulation versus management). That said, currently the script doesn't allow using MFA-enabled accounts. It's on the list; in the mean time, you need to leverage a (service) account with (impersonation) permissions on the mailbox(es).
  • EWS URL
    2 Posts | Last post October 30, 2019
    • hello Mike,
      
      Great script. Only one comment, would it be possible to integrate a variable to specify an EWSUrl for those of us in hybrid?
    • It should follow the Autodiscover redirect. What's your scenario?
  • I get the following error:
    2 Posts | Last post October 30, 2019
    • Load-EWSManagedAPIDLL : This script requires EWS Managed API 1.2 installed or the DLL in the current folder
      
      
    • From https://eightwone.com/2013/05/16/removing-messages-by-message-class-from-mailbox/
      "Using this script requires .. and Exchange Web Services Managed API 2.0 (or later) which you can download here". Here: https://www.microsoft.com/en-us/download/details.aspx?id=42951
  • nothing deleted?
    3 Posts | Last post May 26, 2017
    • Hi Michel, the script looks great, and I'm not getting errors, but nothing seems to delete when I check the mailbox
      
      In office365/exchange online
      I run 
      Remove-MessageClassItems.ps1 -Identity "user" -Impersonation -Verbose -DeleteMode softdelete -MessageClass IPM.Note.EnterpriseVault.Shortcut -MailboxOnly
      
      it comes back with 
      VERBOSE: Total number of items removed: 14298
      So it's finding the items, saying it removed them, but when I open the mailbox, all the vault stubs are still there, also if I check recover deleted items, there's not 14298 items there.
      
      Any ideas why it says it's deleting, but actually isnt?
      
      If I run the exact same command again, it finds nothing to delete.
      
      when I check the mailbox, Im on online mode, or OWA, and find the same results, so doesnt seem to be a caching issue.
      
      Thanks
      
    • My mistake. Because I hadn't set the server, it was deleting from the local exchange server, not offfice 365 which I'm about to migrate to.
      
      I've tried using -server outlook.office365.com but then has errors. Not sure how to get it to work without autodiscover.
    • nevermind, have it working now.
      excellent script, all the issues were my own fault
      
      You're an MVP Michel!
  • Impersionation error.
    2 Posts | Last post May 16, 2017
    • For every account we want to handle:
      Add-MailboxPermission -Identity <some user> -User <admin account> -AccessRights FullAccess -InheritanceType All -Automapping $false -confirm:$False
      
      This is executed only once:
      New-ManagementRoleAssignment –Name:AdminAllUsersImpersonationAssignment –Role:ApplicationImpersonation –User:<admin account>
    • I just added this info because it took some time for me to figure it out... maybe this helps somebody.
  • Deletion limit
    2 Posts | Last post May 12, 2017
    • Hi Michel ,
      
      Firstly thank you very much for your amazing script. I moved our users from On-Premise Exchange to Exchange Online and when I try to delete "IPM.Note.EnterpriseVault.Shortcut" shortcut via your script on "Exchange Online Powershell" it works fine but if user has about more than 10.000 shortcut I always get the following error.
      
      How can we overcome this problem?
      
      Process-Mailbox : Problem removing items: Exception calling "DeleteItems" with "4" argument(s): "The server cannot service this request right now. Try again later."
      At C:\Users\peakup\Desktop\ShortcutEV\Remove-MessageClassItems_Old.ps1:452 char:24
      +                 If(! ( Process-Mailbox $RootFolder)) {
      +                        ~~~~~~~~~~~~~~~~~~~~~~~~~~~
          + CategoryInfo          : NotSpecified: (:) [Write-Error], WriteErrorException
          + FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,Process-Mailbox
    • It's throttling kicking in. Working on a solution. For you, you may adjust the batch size (in code) and insert a small pause after the deletion action.
  • Where to find version 1.53 ??
    3 Posts | Last post April 26, 2017
    • Sorry Michel, but when you use the link the version is the 1.52. Having the EWS 2.2 and obtaining the same error as L_Herzog.
      Are there any place where I can obtain the latest version.
      Thanks
    • Ugh, updated everything but forgot to upload last version. Should be OK now.
    • Thanks Michel!!! The new version works like a charm (impersonation needed).Excellent work!!!
1 - 10 of 35 Items