Difference between revisions of "Exchange Module On-Premise"
(→Impersonation User) |
|||
| Line 21: | Line 21: | ||
[http://support2.gwava.com/kb/?View=entry&EntryID=2362 How to check the status of the Exchange Impersonation User] | [http://support2.gwava.com/kb/?View=entry&EntryID=2362 How to check the status of the Exchange Impersonation User] | ||
| − | [http://support2.gwava.com/kb/?View=entry&EntryID=2395 | + | [http://support2.gwava.com/kb/?View=entry&EntryID=2395 Determining if Basic Authentication Is Enabled on Your Network] |
| − | [http://support2.gwava.com/kb/?View=entry&EntryID=2450 | + | [http://support2.gwava.com/kb/?View=entry&EntryID=2450 How To Create The Retain User In Exchange 2013] |
[http://support2.gwava.com/kb/?View=entry&EntryID=2457 Setting up Basic Authentication in Exchange 2013] | [http://support2.gwava.com/kb/?View=entry&EntryID=2457 Setting up Basic Authentication in Exchange 2013] | ||
Revision as of 19:49, 1 April 2015
Contents |
Exchange Module On-Premise Basics
There are two major sections to setting up Retain to connect to an on-premise Exchange server.
One is the Impersonation User and the other is the Exchange Forest.
Impersonation User
In the Exchange Module the Impersonation User is formally called the Global Catalog User.
This user needs to exist in Exchange and will have a mailbox even though it won't be used. This user also needs to ApplicationImpersonation rights. Those rights can be added to a User in the 2013 Exchange Admin Console (EAC).
In the EAC under Permissions/admin roles, one of the choices should be Application Impersonation. Click on the pencil to edit and add the Impersonation user to the Members list.
If the Application Impersonation role is not already available in Permissions/Admin roles, you can create it by clicking on the plus sign. Give it a name and description and under Roles click the plus sign. Find the Display name ApplicationImpersonation and click Add ->, then ok. Add the user as a member and click save.
Appendix G of the Admin Guide describes how to set it up in Exchange 2010 & 2007.
How to check the status of the Exchange Impersonation User
Determining if Basic Authentication Is Enabled on Your Network
How To Create The Retain User In Exchange 2013
Setting up Basic Authentication in Exchange 2013
Exchange Forest
The tab may say Exchange Forest but we are actually talking about the Active Directory Domain Forest. You will find the Domain on the Exchange Server in Active Directory Domains and Trusts or Active Directory Users and Computers.
Active Directory Directory Services is Microsoft's implementation of a directory service, it is a way to organize users, computers and other assets in an organization.
That domain at the top of the stack is the Global Catalog Host. You may have other domains and organizational units under that, but that is the one you would most want to use. At the top you have the domain, that may have multiple forests. At the other end you have organizational units made up of users and computers.
This is can be a DNS domain name or IP address. The port is 3268 for Plain Text, and 3269 for SSL connections.
The final thing to set is the Search Base. This is formatted in LDAP so it needs more information. There are 4 major components to an LDAP query:
- DC=Domain Component
- OU=Organizational Unit
- CN=Common Name
- DN=Distinguishing Name
Exchange Setup for Archiving Shared Mailboxes, Rooms, and Equipment
Tuning Exchange
Exchange Module Setup Instructions
Exchange Job Settings for Best Performance
Retain Archive Job Slowing Down Exchange Server
Throttling policy
Changing Message Size Limits and Throttling for Exchange
Retain and Exchange Server 2013 Throttling Policies
Large Attachments and/or Messages Cannot Be Archived
Helpful tips
http://support2.gwava.com/kb/?View=entry&EntryID=2257
Connection Error When Configuring Exchange Module (LDAP Error codes)
PowerShell 2.0 and Cmdlets installation links for Retain and Exchange configuration
Users Can't Log In With Exchange Authentication In Retain
How to Make Exchange's Autodiscover Work When Retain and Exchange Point to Different DNS Servers
Hands On Activities
Hands On
What does it look like if the Retain User does not have Application Impersonation Rights.
*Create your own Impersonation User account and use it as part of your Retain Exchange Module. *Open the Exchange Admin Console. *Create a new user for your Retain system *Attempt to run a job. Note the error. *Now add Application Impersonation rights.
Hands On
What does it look like if Basic Authentication is not enabled.
*Go to IIS Manager on the Exchange system and disable Basic Authentication. *Attempt to run a job. Note the error. *Basic Authentication Check *Now re-enable Basic Authentication.
Hands On
What does it look like if the Search Base is incorrect. You would expect that pointing the search base of the LDAP query at the Users contain would be better as it would not have to search the entire AD forest.
*Go to Module Configuration/Exchange/Exchange Forest. *Add CN=Users to the Search Base. *Attempt to run a job. Note the error. *Remove CN=Users from the Search Base.
