Difference between revisions of "Exchange Module On-Premise"
(→Helpful tips) |
(→Exchange Module On-Premise Basics) |
||
| Line 1: | Line 1: | ||
== Exchange Module On-Premise Basics == | == Exchange Module On-Premise Basics == | ||
| + | |||
| + | To size your Retain system you can run this report [http://www.stevieg.org/2011/06/exchange-environment-report/] to determine the current size of your Exchange system. | ||
There are two major sections to setting up Retain to connect to an on-premise Exchange server. | There are two major sections to setting up Retain to connect to an on-premise Exchange server. | ||
Latest revision as of 22:07, 4 June 2015
Contents |
[edit] Exchange Module On-Premise Basics
To size your Retain system you can run this report [1] to determine the current size of your Exchange system.
There are two major sections to setting up Retain to connect to an on-premise Exchange server.
One is the Impersonation User and the other is the Exchange Forest.
[edit] Impersonation User
In the Exchange Module the Impersonation User is formally called the Global Catalog User.
This user needs to exist in Exchange and will have a mailbox even though it won't be used. This user also needs to ApplicationImpersonation rights. Those rights can be added to a User in the 2013 Exchange Admin Console (EAC).
In the EAC under Permissions/admin roles, one of the choices should be Application Impersonation. Click on the pencil to edit and add the Impersonation user to the Members list.
If the Application Impersonation role is not already available in Permissions/Admin roles, you can create it by clicking on the plus sign. Give it a name and description and under Roles click the plus sign. Find the Display name ApplicationImpersonation and click Add ->, then ok. Add the user as a member and click save.
Appendix G of the Admin Guide describes how to set it up in Exchange 2010 & 2007.
How to check the status of the Exchange Impersonation User
Determining if Basic Authentication Is Enabled on Your Network
How To Create The Retain User In Exchange 2013
Setting up Basic Authentication in Exchange 2013
[edit] Exchange Forest
The tab may say Exchange Forest but we are actually talking about the Active Directory Domain Forest. You will find the Domain on the Exchange Server in Active Directory Domains and Trusts or Active Directory Users and Computers.
Active Directory Directory Services is Microsoft's implementation of a directory service, it is a way to organize users, computers and other assets in an organization.
That domain at the top of the stack is the Global Catalog Host. You may have other domains and organizational units under that, but that is the one you would most want to use. At the top you have the domain, that may have multiple forests. At the other end you have organizational units made up of users and computers.
This is can be a DNS domain name or IP address. The port is 3268 for Plain Text, and 3269 for SSL connections.
The final thing to set is the Search Base. This is formatted in LDAP so it needs more information. There are 4 major components to an LDAP query:
- DC=Domain Component
- OU=Organizational Unit
- CN=Common Name
- DN=Distinguishing Name
Exchange Setup for Archiving Shared Mailboxes, Rooms, and Equipment
[edit] Tuning Exchange
Exchange Module Setup Instructions
Exchange Job Settings for Best Performance
Retain Archive Job Slowing Down Exchange Server
[edit] Throttling policy
Changing Message Size Limits and Throttling for Exchange
Retain and Exchange Server 2013 Throttling Policies
Large Attachments and/or Messages Cannot Be Archived
[edit] Helpful tips
Connection Error When Configuring Exchange Module (LDAP Error codes)
PowerShell 2.0 and Cmdlets installation links for Retain and Exchange configuration
[edit] Troubleshooting
Users Can't Log In With Exchange Authentication In Retain
How to Make Exchange's Autodiscover Work When Retain and Exchange Point to Different DNS Servers
[edit] Hands On Activities
[edit] Hands On
What does it look like if the Retain User does not have Application Impersonation Rights.
*Create your own Impersonation User account and use it as part of your Retain Exchange Module. *Open the Exchange Admin Console. *Create a new user for your Retain system *Attempt to run a job. Note the error. *Now add Application Impersonation rights.
[edit] Hands On
What does it look like if Basic Authentication is not enabled.
*Go to IIS Manager on the Exchange system and disable Basic Authentication. *Attempt to run a job. Note the error. *Basic Authentication Check *Now re-enable Basic Authentication.
[edit] Hands On
What does it look like if the Search Base is incorrect. You would expect that pointing the search base of the LDAP query at the Users contain would be better as it would not have to search the entire AD forest.
*Go to Module Configuration/Exchange/Exchange Forest. *Add CN=Users to the Search Base. *Attempt to run a job. Note the error. *Remove CN=Users from the Search Base.
