Difference between revisions of "Preparing Exchange for Retain"
(Created page with "==Preparing Exchange for Retain== ===Create Impersonation User=== In the EAC/Mailboxes there is a nice big plus sign. That is the add button and that is where you can create n...") |
(→Journaling Mailbox) |
||
| (11 intermediate revisions by one user not shown) | |||
| Line 14: | Line 14: | ||
*User cannot change password | *User cannot change password | ||
*Password never expires | *Password never expires | ||
| + | |||
| + | ===kb articles=== | ||
| + | *Exchange Module Setup Instructions http://support.gwava.com/kb/?View=entry&EntryID=2223 | ||
| + | *Users Can't Log In With Exchange Authentication In Retain http://support.gwava.com/kb/?View=entry&EntryID=2146 | ||
| + | *How to Make Exchange's Autodiscover Work When Retain and Exchange Point to Different DNS Servers http://support.gwava.com/kb/?View=entry&EntryID=2233 | ||
| + | *Location of Exchange Logs http://support.gwava.com/kb/?View=entry&EntryID=2257 | ||
| + | *Worker Diagnostic Tool: Testing Access to a Mailbox http://support.gwava.com/kb/?View=entry&EntryID=2298 | ||
| + | *Retain and Exchange Server 2013 Throttling Policies http://support.gwava.com/kb/?View=entry&EntryID=2343 | ||
| + | *Connection Error When Configuring Exchange Module http://support.gwava.com/kb/?View=entry&EntryID=2323 | ||
| + | *How to check the status of the Exchange Impersonation User http://support.gwava.com/kb/?View=entry&EntryID=2362 | ||
| + | *How to Test Exchange / O365 Connectivty http://support.gwava.com/kb/?View=entry&EntryID=2378 | ||
| + | *PowerShell 2.0 and Cmdlets installation links for Retain and Exchange configuration http://support.gwava.com/kb/?View=entry&EntryID=2370 | ||
| + | *Multi-domain Login of Exchange Users http://support.gwava.com/kb/?View=entry&EntryID=2401 | ||
| + | *A collection of LDAP troubleshooting articles http://support.gwava.com/kb/?View=entry&EntryID=2405 | ||
| + | *Determining if Basic Authentication is enabled on your network http://support.gwava.com/kb/?View=entry&EntryID=2395 | ||
| + | *Creating a DNS SRV record for Exchange http://support.gwava.com/kb/?View=entry&EntryID=2402 | ||
| + | *Restarting IIS http://support.gwava.com/kb/?View=entry&EntryID=2394 | ||
| + | *Exchange archive with In-Place Hold http://support.gwava.com/kb/?View=entry&EntryID=2406 | ||
| + | |||
===Other things=== | ===Other things=== | ||
| Line 41: | Line 60: | ||
==Exchange Archiving Strategies== | ==Exchange Archiving Strategies== | ||
| − | Exchange does not have a positive retention system, that is it has no way to signal that | + | Exchange does not have a positive retention system, that is it has no way to signal that an individual message has been backed up or not. So we have to jump through some hoops to have a reasonable chance at archiving all messages in the system. |
Under default operating procedures all we would have is a snapshot of what was in Exchange when the job was run. It would not be a true archive. A message that was received, replied to, trashed, emptied from trash and then purged from "Recoverable Items" would be missed completely. | Under default operating procedures all we would have is a snapshot of what was in Exchange when the job was run. It would not be a true archive. A message that was received, replied to, trashed, emptied from trash and then purged from "Recoverable Items" would be missed completely. | ||
| − | Not to say Exchange doesn't have an archive system built it | + | Not to say Exchange doesn't have an archive system built it. |
| − | Very simply you can tell Exchange to put a hold on a mailbox. That means that no messages will be allowed to be permanently deleted and that does the job very well. However, it doesn't take some users, often the most important users, very long to reach that 2GB mailbox limit. | + | Very simply you can tell Exchange to put a hold on a mailbox. That means that no messages will be allowed to be permanently deleted and that does the job very well. However, it doesn't take some users, often the most important users, very long to reach that 2GB mailbox limit. Exchange can even send old messages to an archive folder to free up space in the main mailbox. |
| − | + | However, Exchange has limits on mailboxes, Recoverable Items folders, Archive mailboxes and archive mailbox recoverable item folders. http://technet.microsoft.com/en-us/library/exchange-online-limits.aspx | |
| + | We have learned by hard experience that Exchange will become unable to serve a mailbox if it grows beyond 100GB, however it is known that mailbox performance will degrade if critical path mailbox folders (Calendar, Contacts, Inbox, and Sent Item folder) begin to exceed 2500-5000 items. http://blogs.technet.com/b/exchange/archive/2005/03/14/395229.aspx | ||
| + | |||
| + | Retain will get messages off the system allowing Exchange to run lean and mean. | ||
| + | |||
| + | If you wish to be even more sophisticated you can have Retain wait to archive for a week, which would be long enough for almost all email to have been dealt with in some way, then archive it. | ||
| + | |||
| + | One customer setup up they system such that nothing was archived for the first 30 days, but then it would be deleted after 90 days. | ||
===Journaling Mailbox=== | ===Journaling Mailbox=== | ||
| − | This method is not recommended | + | This method is not recommended by GWAVA however it is recommended by Microsoft. |
| + | |||
| + | Exchange can be set to create a journaling mailbox that receives a copy of all messages received by a database.[[https://technet.microsoft.com/en-us/library/jj651670%28v=exchg.150%29.aspx]] You must configure a journaling mailbox for each database. | ||
| + | |||
| + | Retain's ImpersonationApplication user can access that mailbox and archive the messages, deleting them when that is accomplished. | ||
| − | The major issue comes when the system becomes large or if there is an issue and the journaling mailbox cannot be cleared | + | The major issue comes when the system becomes large or if there is an issue and the journaling mailbox cannot be cleared. |
| − | To | + | To increase resilience of the email system you will want to spread users over several mailbox databases. |
===In-Place Hold=== | ===In-Place Hold=== | ||
| − | Exchange | + | Exchange also has holds: In-Place Hold and Litigation Hold. |
| − | + | This is more resilient method of archiving message from Exchange. | |
| − | A hold prevents a user from completely deleting a message though it may be gone from their inbox and trash. It continues to exist in their | + | A hold prevents a user from completely deleting a message though it may be gone from their inbox and trash. It continues to exist in their Recoverable Items folder until the hold is released. It will even hold onto messages in the archive folder of a user. However, you still have the issue of mailbox size limits. If a user's mailbox gets too big it will no longer receive messages. Leaving all your users data on your production server is often a bit much just for data retention compliance. |
http://blogs.technet.com/b/exchange/archive/2013/12/11/litigation-hold-and-in-place-hold-in-exchange-2013-and-exchange-online.aspx | http://blogs.technet.com/b/exchange/archive/2013/12/11/litigation-hold-and-in-place-hold-in-exchange-2013-and-exchange-online.aspx | ||
| Line 69: | Line 99: | ||
There are some odd steps to deal with making sure things are locked down. | There are some odd steps to deal with making sure things are locked down. | ||
| + | ===Additional Information=== | ||
Interesting 2013 has a purges folder | Interesting 2013 has a purges folder | ||
http://www.msexchange.org/articles-tutorials/exchange-server-2013/compliance-policies-archiving/exchange-2013-place-hold-and-place-ediscovery-part2.html | http://www.msexchange.org/articles-tutorials/exchange-server-2013/compliance-policies-archiving/exchange-2013-place-hold-and-place-ediscovery-part2.html | ||
| − | Purges - users delete an item from the Recoverable Items folder (by using the Recover Deleted Items tool), the item is moved to the Purges folder. Items that exceed the deleted item retention period are also moved to | + | Purges - users delete an item from the Recoverable Items folder (by using the Recover Deleted Items tool), the item is moved to the Purges folder. Items that exceed the deleted item retention period are also moved to the Purges folder. Items in this folder are not visible to users if they use the Recover Deleted Items tool. When the mailbox assistant processes the mailbox, items in the Purges folder are purged from the mailbox database unless the mailbox is on hold;but maybe we should recommend using Messaging Records Management instead? |
Messaging Records Management | Messaging Records Management | ||
http://technet.microsoft.com/en-us/library/dd297955(v=exchg.150).aspx | http://technet.microsoft.com/en-us/library/dd297955(v=exchg.150).aspx | ||
| − | The best thing to do is to create a rolling In-Place Hold that lasts for a "short" period of time | + | The best thing to do is to create a rolling In-Place Hold that lasts for a "short" period of time e.g. 90 days, that should be enough time for a user to put the email where they desire it to be and for issues with archiving to be discovered and resolved. |
| − | + | ||
| − | + | ||
| − | + | ||
| − | + | ||
This is how you do a hold for one mailbox | This is how you do a hold for one mailbox | ||
Latest revision as of 20:35, 6 October 2015
Contents |
[edit] Preparing Exchange for Retain
[edit] Create Impersonation User
In the EAC/Mailboxes there is a nice big plus sign. That is the add button and that is where you can create new users and mailboxes.
At the very least you need to create an Impersonation Account for Retain.
So add a user and make sure the user does not have to change password after next login.
Then go on the left sidebar and select Permissions. Under Admin Role click add. Add Role and select ApplicationImpersonation, press Add-> and then OK. Add the Impersonation User to the Role Group. Click OK.
ProTip: Go into Server Manager/Tools/Active Directory Users and Groups. Choose the impersonation account. Set the Account expires to Never.
Go to the Account tab, then set in the Account Options:
- User cannot change password
- Password never expires
[edit] kb articles
- Exchange Module Setup Instructions http://support.gwava.com/kb/?View=entry&EntryID=2223
- Users Can't Log In With Exchange Authentication In Retain http://support.gwava.com/kb/?View=entry&EntryID=2146
- How to Make Exchange's Autodiscover Work When Retain and Exchange Point to Different DNS Servers http://support.gwava.com/kb/?View=entry&EntryID=2233
- Location of Exchange Logs http://support.gwava.com/kb/?View=entry&EntryID=2257
- Worker Diagnostic Tool: Testing Access to a Mailbox http://support.gwava.com/kb/?View=entry&EntryID=2298
- Retain and Exchange Server 2013 Throttling Policies http://support.gwava.com/kb/?View=entry&EntryID=2343
- Connection Error When Configuring Exchange Module http://support.gwava.com/kb/?View=entry&EntryID=2323
- How to check the status of the Exchange Impersonation User http://support.gwava.com/kb/?View=entry&EntryID=2362
- How to Test Exchange / O365 Connectivty http://support.gwava.com/kb/?View=entry&EntryID=2378
- PowerShell 2.0 and Cmdlets installation links for Retain and Exchange configuration http://support.gwava.com/kb/?View=entry&EntryID=2370
- Multi-domain Login of Exchange Users http://support.gwava.com/kb/?View=entry&EntryID=2401
- A collection of LDAP troubleshooting articles http://support.gwava.com/kb/?View=entry&EntryID=2405
- Determining if Basic Authentication is enabled on your network http://support.gwava.com/kb/?View=entry&EntryID=2395
- Creating a DNS SRV record for Exchange http://support.gwava.com/kb/?View=entry&EntryID=2402
- Restarting IIS http://support.gwava.com/kb/?View=entry&EntryID=2394
- Exchange archive with In-Place Hold http://support.gwava.com/kb/?View=entry&EntryID=2406
[edit] Other things
Backup the IIS config file. http://technet.microsoft.com/en-us/library/cc754617(v=ws.10).aspx
[edit] Storage strategy
You would want separate partitions for the OS, the main mailbox databases, the archive databases and the log files.
http://exchangeserverpro.com/exchange-2013-move-database-to-new-folder-path/
http://careexchange.in/how-to-move-database-path-and-log-folder-path-in-exchange-2013/
[edit] Powershell stuff
Reporting Mailbox Folder Sizes with PowerShell http://exchangeserverpro.com/reporting-mailbox-folder-sizes-with-powershell/
Disk Space Monitoring and Early Warning with PowerShell https://www.simple-talk.com/sysadmin/powershell/disk-space-monitoring-and-early-warning-with-powershell/
Exchange 2010/2007 to 2013 Migration and Co-existence Guide http://msexchangeguru.com/2013/05/10/exchange2013-migration/
[edit] Exchange Archiving Strategies
Exchange does not have a positive retention system, that is it has no way to signal that an individual message has been backed up or not. So we have to jump through some hoops to have a reasonable chance at archiving all messages in the system. Under default operating procedures all we would have is a snapshot of what was in Exchange when the job was run. It would not be a true archive. A message that was received, replied to, trashed, emptied from trash and then purged from "Recoverable Items" would be missed completely.
Not to say Exchange doesn't have an archive system built it. Very simply you can tell Exchange to put a hold on a mailbox. That means that no messages will be allowed to be permanently deleted and that does the job very well. However, it doesn't take some users, often the most important users, very long to reach that 2GB mailbox limit. Exchange can even send old messages to an archive folder to free up space in the main mailbox.
However, Exchange has limits on mailboxes, Recoverable Items folders, Archive mailboxes and archive mailbox recoverable item folders. http://technet.microsoft.com/en-us/library/exchange-online-limits.aspx We have learned by hard experience that Exchange will become unable to serve a mailbox if it grows beyond 100GB, however it is known that mailbox performance will degrade if critical path mailbox folders (Calendar, Contacts, Inbox, and Sent Item folder) begin to exceed 2500-5000 items. http://blogs.technet.com/b/exchange/archive/2005/03/14/395229.aspx
Retain will get messages off the system allowing Exchange to run lean and mean.
If you wish to be even more sophisticated you can have Retain wait to archive for a week, which would be long enough for almost all email to have been dealt with in some way, then archive it.
One customer setup up they system such that nothing was archived for the first 30 days, but then it would be deleted after 90 days.
[edit] Journaling Mailbox
This method is not recommended by GWAVA however it is recommended by Microsoft.
Exchange can be set to create a journaling mailbox that receives a copy of all messages received by a database.[[1]] You must configure a journaling mailbox for each database.
Retain's ImpersonationApplication user can access that mailbox and archive the messages, deleting them when that is accomplished.
The major issue comes when the system becomes large or if there is an issue and the journaling mailbox cannot be cleared.
To increase resilience of the email system you will want to spread users over several mailbox databases.
[edit] In-Place Hold
Exchange also has holds: In-Place Hold and Litigation Hold.
This is more resilient method of archiving message from Exchange.
A hold prevents a user from completely deleting a message though it may be gone from their inbox and trash. It continues to exist in their Recoverable Items folder until the hold is released. It will even hold onto messages in the archive folder of a user. However, you still have the issue of mailbox size limits. If a user's mailbox gets too big it will no longer receive messages. Leaving all your users data on your production server is often a bit much just for data retention compliance.
http://blogs.technet.com/b/exchange/archive/2013/12/11/litigation-hold-and-in-place-hold-in-exchange-2013-and-exchange-online.aspx Limited to 10k users, but you can create another hold policy for the next 10k.
http://www.msexchange.org/articles-tutorials/exchange-server-2013/compliance-policies-archiving/exchange-2013-place-hold-and-place-ediscovery-part3.html There are some odd steps to deal with making sure things are locked down.
[edit] Additional Information
Interesting 2013 has a purges folder http://www.msexchange.org/articles-tutorials/exchange-server-2013/compliance-policies-archiving/exchange-2013-place-hold-and-place-ediscovery-part2.html
Purges - users delete an item from the Recoverable Items folder (by using the Recover Deleted Items tool), the item is moved to the Purges folder. Items that exceed the deleted item retention period are also moved to the Purges folder. Items in this folder are not visible to users if they use the Recover Deleted Items tool. When the mailbox assistant processes the mailbox, items in the Purges folder are purged from the mailbox database unless the mailbox is on hold;but maybe we should recommend using Messaging Records Management instead?
Messaging Records Management http://technet.microsoft.com/en-us/library/dd297955(v=exchg.150).aspx
The best thing to do is to create a rolling In-Place Hold that lasts for a "short" period of time e.g. 90 days, that should be enough time for a user to put the email where they desire it to be and for issues with archiving to be discovered and resolved.
This is how you do a hold for one mailbox http://technet.microsoft.com/en-us/library/jj150573(v=exchg.150).aspx
For all mailboxes http://technet.microsoft.com/en-us/library/dn767952(v=exchg.150).aspx
