Using PowerShell to determine the state of MAPI Encryption on Exchange Servers

In specifically, or even 2007/2010 mixed orgs you can easily detect which servers require .

The easiest would be to run Get-RPCClientAccess, which returns all Exchange 2010 servers  hosting MAPI Endpoints and all encryption levels as well as if the server carries  MAPI client and/or public folder responsibility.

clip_image002

The output above may be a bit confusing, since the client MAPI end point is the server, however LON-MLT has CAS/HUB and mailbox roles installed on it. These are Exchange 2010 RTM servers only.

clip_image004

Let's contrast that with the servers in the org.

Red-MBX-2007 is the client MAPI endpoint (mailbox server), RED-MBX-1/2 and LON-MLT all host Public folders only and as far as Exchange 2007 is concerned.

The next question may be, how do you know what versions of Exchange are deployed on each server – Glad you asked, Get-ExchangeServer to the rescue

clip_image006

Obviously you can specify specific Exchange servers on the command line to interrogate each server individually if you want to.