From: Carl Lee [mailto:cleellacer@gmail.com]
Sent: Thursday, August 19, 2010 5:10 PM
Subject: LDAP to OPATH powershell script. the help at the beginning of the script is good.

# Powershell script to convert LDAP filter (purportedSearch) to OPATH filter

#

#################################################################################

#

# This script is not officially supported by Microsoft, use it at your own risk.

# Microsoft has no liability, obligations, warranty, or responsibility regarding

# any result produced by use of this file.

#

#################################################################################

#

# Examples on ways to use this script in Powershell…

#

# To convert a manually entered filter and display the result:

#

# .\ConvertFrom-LdapFilter "(&(mailnickname=*))"

#

# To convert the LDAP filter on an existing address list and display the result:

#

# .\ConvertFrom-LdapFilter (Get-AddressList "My Address List").LdapRecipientFilter

#

# To convert the LDAP filter on an existing address list and update the address list with the new filter:

#

# Set-AddressList "My Address List" -RecipientFilter ( .\ConvertFrom-LdapFilter (Get-AddressList "My Address List").LdapRecipientFilter )

#

# To convert all existing legacy address lists and display the result without actually updating them:

#

# Get-AddressList | WHERE { $_.RecipientFilterType -eq ‘Legacy’ } | foreach { .\ConvertFrom-LdapFilter $_.LdapRecipientFilter }

#

# To convert all existing legacy address lists and output the name, current LDAP filter, and the generated OPATH to a tab-delimited file without actually updating the address lists:

#

# Get-AddressList | WHERE { $_.RecipientFilterType -eq ‘Legacy’ } | foreach { $_.Name + [char]9 + $_.LdapRecipientFilter + [char]9 + (.\ConvertFrom-LdapFilter $_.LdapRecipientFilter) } > C:\suggestedfilters.txt

#

# To convert all existing legacy address lists and actually update the address lists without prompting:

#

# Get-AddressList | WHERE { $_.RecipientFilterType -eq ‘Legacy’ } | foreach { Set-AddressList $_.Name -RecipientFilter (.\ConvertFrom-LdapFilter $_.LdapRecipientFilter) -ForceUpgrade }

#

# To convert all legacy address lists, GALs, and email address policies, without prompting, run three commands:

#

# Get-AddressList | WHERE { $_.RecipientFilterType -eq ‘Legacy’ } | foreach { Set-AddressList $_.Name -RecipientFilter (.\ConvertFrom-LdapFilter $_.LdapRecipientFilter) -ForceUpgrade }

# Get-GlobalAddressList | WHERE { $_.RecipientFilterType -eq ‘Legacy’ } | foreach { Set-GlobalAddressList $_.Name -RecipientFilter (.\ConvertFrom-LdapFilter $_.LdapRecipientFilter) -ForceUpgrade }

# Get-EmailAddressPolicy | WHERE { $_.RecipientFilterType -eq ‘Legacy’ } | foreach { Set-EmailAddressPolicy $_.Name -RecipientFilter (.\ConvertFrom-LdapFilter $_.LdapRecipientFilter) -ForceUpgrade }

#

 

trap

{

        write-host $_.Exception.Message -fore Red

        continue

}

 

function convert-filter

{

        $output = BuildFilterFromString

        return $output

 

}

 

function BuildFilterFromString

{

        $script:filterString = $script:filterString.Trim()

        [string[]]$conditions = GetConditionsFromString

        if ($conditions.Length -gt 1)

        {

               throw "Invalid filter string."

        }

       

        return $conditions

}

 

function GetConditionsFromString

{

        $script:filterString = $script:filterString.Trim()

        $exitThisLevel = $false;

              

        while (!($exitThisLevel))

        {

               # Special cases for default filters

               # This is so that we match the ones given on the msexchangeteam.com blog

               if ($script:filterString.StartsWith("(&(objectClass=user)(objectCategory=person)(mailNickname=*)(msExchHomeServerName=*))"))

               {       # All Users

                       $script:filterString = $script:filterString.Remove(0, 83).Trim()

                       return "RecipientType -eq ‘UserMailbox’"

               }

               if ($script:filterString.StartsWith("(& (mailnickname=*) (| (objectCategory=group) ))"))

               {       # All Groups

                       $script:filterString = $script:filterString.Remove(0, 47).Trim()

                       return "( RecipientType -eq ‘MailUniversalDistributionGroup’ -or RecipientType -eq ‘MailUniversalSecurityGroup’ -or RecipientType -eq ‘MailNonUniversalGroup’ -or RecipientType -eq ‘DynamicDistributionGroup’ )"

               }

               if ($script:filterString.StartsWith("(& (mailnickname=*) (| (&(objectCategory=person)(objectClass=contact)) ))"))

               {       # All Contacts

                       $script:filterString = $script:filterString.Remove(0, 72).Trim()

                       return "RecipientType -eq ‘MailContact’"

               }

               if ($script:filterString.StartsWith("(& (mailnickname=*) (| (objectCategory=publicFolder) ))"))

               {       # Public Folders

                       $script:filterString = $script:filterString.Remove(0, 54).Trim()

                       return "RecipientType -eq ‘PublicFolder’"

               }

               if ($script:filterString.StartsWith("(& (mailnickname=*) (| (&(objectCategory=person)(objectClass=user)(!(homeMDB=*))(!(msExchHomeServerName=*)))(&(objectCategory=person)(objectClass=user)(|(homeMDB=*)(msExchHomeServerName=*)))(&(objectCategory=person)(objectClass=contact))(objectCategory=group)(objectCategory=publicFolder)(objectCategory=msExchDynamicDistributionList) ))"))

               {       # Default Global Address List

                       $script:filterString = $script:filterString.Remove(0, 336).Trim()

                       return "( Alias -ne `$null -and (ObjectClass -eq ‘user’ -or ObjectClass -eq ‘contact’ -or ObjectClass -eq ‘msExchSystemMailbox’ -or ObjectClass -eq ‘msExchDynamicDistributionList’ -or ObjectClass -eq ‘group’ -or ObjectClass -eq ‘publicFolder’) )"

               }

               # End of default filter cases

 

               if ($script:filterString.StartsWith("("))

               {

                       $script:filterString = $script:filterString.Remove(0, 1).Trim()

               }

               else

               {

                       throw "Invalid filter string."

               }

              

               if ($script:filterString.StartsWith("("))

               {

                       GetConditionsFromString

               }

               else

               {

                       $isNegative = $script:filterString.StartsWith("!")

                       $mustBeValueComparison = $false

                       if ($isNegative)

                       {

                               $script:filterString = $script:filterString.Remove(0, 1).Trim()

                               if ($script:filterString.StartsWith("("))

                               {

                                      $script:filterString = $script:filterString.Remove(0, 1).Trim()

                               }

                               else

                               {

                                      $mustBeValueComparison = $true

                               }

                       }

                      

                       $op = ""

                       if ($script:filterString.StartsWith("|(homeMDB=*)(msExchHomeServerName=*))"))

                       {

                               $script:filterString = $script:filterString.Remove(0, 36)

                               $newCondition = " ( recipientType -eq ‘UserMailbox’ )"

                               if ($isNegative)

                               {

                                      $newCondition = " -not (" + $newCondition + " )"

                               }

                               $newCondition

                       }

                       elseif ($script:filterString.StartsWith("&") -or $script:filterString.StartsWith("|"))

                       {

                               if ($mustBeValueComparison)

                               {

                                      throw "Invalid filter string."

                               }

                               if ($script:filterString.StartsWith("&"))

                               {

                                      $op = "and"

                               }

                               else

                               {

                                      $op = "or"

                               }

                              

                               $script:filterString = $script:filterString.Remove(0, 1).Trim()

                              

                               if ($script:filterString.StartsWith("("))

                               {

                                      [string[]]$theseConditions = GetConditionsFromString

                                     

                                      $newCondition = ""

                                      for ([int]$x = 0; $x -lt $theseConditions.Length; $x++)

                                      {

                                              $newCondition = $newCondition + $theseConditions[$x]

                                              if (($x + 1) -lt $theseConditions.Count)

                                              {

                                                     $newCondition = $newCondition + " -" + $op

                                              }

                                      }

                                     

                                      if ($isNegative)

                                      {

                                              $newCondition = " -not (" + $newCondition + " )"

                                      }

                                      elseif ($theseConditions.Length -gt 1)

                                    &nb