How to move a folder using MFCMAPI

Had a user today complain that their “Junk Mail” folder got moved to a subfolder of “Notes”.  Couldn’t move it back via Outlook.  Found this handy website to help:


Convert a mail-enabled public folder to a shared mailbox in Exchange 2007

  1. Create the new Shared mailbox per the instructions here.
    1. Give it the same name as the public folder being converted.
    2. Make sure the users who have access to the public folder are added to the MBX_xxxxxx security group so they have Full Access and Send-As rights to the new mailbox.
  2. Using PowerShell , note the LegacyExchangeDN of the mail-enabled public folder:
    1. Get-MailPublicFolder <pf-smtpaddress> | Select LegacyExchangeDN
    2. (i.e. /O=ORG/OU=ADMIN GROUP/CN=RECIPIENTS/CN=Folder-Name887CE6C3409E34A2848C4BB5E42229C7547F86)
  3. Using PowerShell, note the SMTP addresses assigned to the public folder
    1. (Get-MailPublicFolder <pf-smtpaddress>| Select emailaddresses).emailaddresses | where {$_.prefixstring -eq ‘smtp’}
    2. (SmtpAddress     :

      AddressString   :

      ProxyAddressString :

      Prefix : SMTP

      IsPrimaryAddress   : False

      PrefixString    : smtp}

  4. Mail-disable the public folder and allow a few minutes for AD to replicate this change.  Mail destined to the original public folder may bounce during this time frame.
  5. Add the LegacyExchangeDN value to the new shared mailbox as an X.500 email address.  This will allow mail originally destined for the public folder to be delivered to the new shared mailbox instead.  This is to support replies to older messages and new messages sent using the Outlook Name cache.
  6. Add the SMTP addresses to the new shared mailbox if they are not already auto-assigned by the email address policy.

Script to create Shared Mailboxes consistently

If you’ve followed the instructions for creating shared mailboxes using PowerShell you know its a little clugey.   However, since the parameters for setting one up is fairly consistent except for the name and who has access to it, I’ve created the following script that can be used to create them.



You must have the following components installed in order to run it.


Exchange 2007 Management Console and Shell

Quest ActiveRoles snap-in for Powershell (free download here)

PowerShell must be run in the context of a user account that has rights to create new objects in AD

You must set your PowerShell execution policy to Unrestricted (open PowerShell, type Set-ExecutionPolicy Unrestricted)


When you run the script from within PowerShell, it will perform the following:


1.    Check to make sure the Exchange & Quest Snap-ins are present and if not, add them

2.    Query the user for information about the new shared mailbox (name of the mailbox, etc).

3.    Based on the information provided, it will create the new mailbox in one of two OUs (Site1 or Site2)

4.    It will then create a new security group in AD with a MBX_ prefix and grant members of this group Full Access and Send-As rights to the new mailbox

5.    Log all of this in a log file found in the same folder as the script for troubleshooting purposes.


Once the script completes and creates the mailbox and security group, all you have to do to complete the process is use AD Users & Computers to add user accounts to the new security group to grant them access.


You’ll need to edit the script to fit your environment (OU paths and Exchange server names, etc)


The script…



# ===================================================


# This PowerShell script does the following:

# 1. Queries the user for information about a new shared mailbox

# 2. Creates a new shared mailbox based on that information

# 3. Creates an AD security group based on that information

# 4. Grants the new security group full access and send-as rights on the new shared mailbox.


# Written by: David Smith

# Last modified: 05/03/2010

# Notes:


# ===================================================

### Define functions




= (Get-Date).datetime


$datetime : $stringtowrite



### Setup the log file


[string]$logfilename =

if (Test-Path
$logfilename) {Write-Host
“Log file exists.”;$logfile
$logfilename} Else {Write-Host
“Creating log file $logfilename;$logfile

“===== Beginning new-sharedmailbox.ps1 =====”


### Add the Exchange 2007 Snap-ins if they aren’t already and prepare credentials

“Checking Exchange 2007 Snapins”

if ((Add-PSSnapin
SilentlyContinue) -and (Add-PSSnapin

“Added Exchange 2007 Snapins”}




“Exchange 2007 Snapins present.”}


### Add the Quest Active-Roles Snap-ins if they aren’t already and prepare credentials


“Checking Exchange 2007 Snapins”


if (Add-PSSnapin


“Added Quest Snapins”}




“QuestSnapins present.”}


### Set the variables


[string]$HelpDeskTicket =
“Enter HelpDesk #”

[string]$notesstring =
“Created per HelpDesk Ticket #”

[string]$sharedmbxname =
“Enter New Shared Mailbox Name”

[string]$upn =
$sharedmbxname.Replace(” “,“”) + ‘’

[string]$secgrpname =
$sharedmbxname.Replace(” “,“”)

[string]$secgrpupn =

“Mailbox Server to host new mailbox:”

“Should this new mailbox be placed in Site1 or Site2?”


$Site2 = New-Object System.Management.Automation.Host.ChoiceDescription “&Site2″, `”The new mailbox will be created in Site2.”

[System.Management.Automation.Host.ChoiceDescription[]]($Site1, $Site2)

$host.ui.PromptForChoice($title, $message, $options,



($result) {

0 {[string]$mbxOU =
‘ Objects/Site1-Resource Accounts’

[string]$secgroupOU =
‘ Groups’

[string]$mbxdatabase =

1 {[string]$mbxOU =
‘ Objects/Site2-Resource Accounts’

[string]$secgroupOU =
‘ Groups’

[string]$mbxdatabase =
‘site2exchangesite2exchange-sg1site2exchange-db1’} }


“HelpDesk Ticket: $HelpDeskTicket

“Shared Mailbox Name: $sharedmbxname

“Security Group Name: $secgrpname

“Mailbox OU: $mbxOU

“Security Group OU: $secgroupou

“Mailbox Database: $mbxdatabase

$sharedmbxname.Replace(” “,“”) -Name

‘Mailbox Policy Name’





‘Use AD Users & Computers to add the users with access to this shared mailbox to the $secgrpname security group’

Script to add Public Folder replicas all the way down a subtree

I’m in the process of trying to migrate my public folders from Exchange 2003 to Exchange 2007.  As part of the process (since my public folder database is SO HUGE!) I’m moving small subsets of folders at a time instead of performing a “Move All Replicas” task.

To facilitate this I’m adding the new 2007 pub databases to the replica list of a sub-folder first, allowing replication to happen and then removing the 2003 pub databases from the replica list.

The trick is getting the 2 new 2007 pub databases added to the list without necessarily knowing what’s already in the replica list and doing all of this in a script, not a GUI.

Below is the script I wrote to do this.  I simply type the script name at the PowerShell command line and then pass the path of the root folder I want to start with on the command line.  The script starts from that root folder and adds my 2 new 2007 servers to the list all the way down the tree.

[string]$path = $args[0]
Write-Host $path
$server1 = Get-PublicFolderDatabase -Server servername1
$server2 = Get-PublicFolderDatabase -Server servername2

$folders = Get-PublicFolder $path -Recurse
foreach ($rootfolder in $folders) {
 $rootfolder.Replicas +=$server1.Identity
 $rootfolder.Replicas +=$server2.Identity
 $rootfolder | Set-PublicFolder}