Difference between revisions of "Exchange Module On-Premise"
(→KBs) |
(→Throttling policy) |
||
| Line 60: | Line 60: | ||
===Throttling policy=== | ===Throttling policy=== | ||
| − | + | [http://support.gwava.com/kb/?View=entry&EntryID=2343 Retain and Exchange Server 2013 Throttling Policies] | |
| − | + | [http://support.gwava.com/kb/?View=entry&EntryID=2089 Large Attachments and/or Messages Cannot Be Archived] | |
| − | http://technet.microsoft.com/en-us/library/dd351264%28v=exchg.150%29.aspx | + | [http://technet.microsoft.com/en-us/library/dd351264%28v=exchg.150%29.aspx Get-ThrottlingPolicy] |
===KBs=== | ===KBs=== | ||
Revision as of 19:10, 1 April 2015
Contents |
Exchange Module On-Premise Basics
There are two major sections to setting up Retain to connect to an on-premise Exchange server.
One is the Impersonation User and the other is the Exchange Forest.
Impersonation User
In the Exchange Module the Impersonation User is formally called the Global Catalog User.
This user needs to exist in Exchange and will have a mailbox even though it won't be used. This user also needs to ApplicationImpersonation rights. Those rights can be added to a User in the 2013 Exchange Admin Console (EAC).
In the EAC under Permissions/admin roles, one of the choices should be Application Impersonation. Click on the pencil to edit and add the Impersonation user to the Members list.
If the Application Impersonation role is not already available in Permissions/Admin roles, you can create it by clicking on the plus sign. Give it a name and description and under Roles click the plus sign. Find the Display name ApplicationImpersonation and click Add ->, then ok. Add the user as a member and click save.
Appendix G of the Admin Guide describes how to set it up in Exchange 2010 & 2007.
Exchange Forest
The tab may say Exchange Forest but we are actually talking about the Active Directory Domain Forest. You will find the Domain on the Exchange Server in Active Directory Domains and Trusts or Active Directory Users and Computers.
Active Directory Directory Services is Microsoft's implementation of a directory service, it is a way to organize users, computers and other assets in an organization.
That domain at the top of the stack is the Global Catalog Host. You may have other domains and organizational units under that, but that is the one you would most want to use. At the top you have the domain, that may have multiple forests. At the other end you have organizational units made up of users and computers.
This is can be a DNS domain name or IP address. The port is 3268 for Plain Text, and 3269 for SSL connections.
The final thing to set is the Search Base. This is formatted in LDAP so it needs more information. There are 4 major components to an LDAP query:
- DC=Domain Component
- OU=Organizational Unit
- CN=Common Name
- DN=Distinguishing Name
You should become familiar with the most common errors that relate to Exchange systems.
Hands On
What does it look like if the Retain User does not have Application Impersonation Rights.
*Create your own Impersonation User account and use it as part of your Retain Exchange Module. *Open the Exchange Admin Console. *Create a new user for your Retain system *Attempt to run a job. Note the error. *Now add Application Impersonation rights.
Hands On
What does it look like if Basic Authentication is not enabled.
*Go to IIS Manager on the Exchange system and disable Basic Authentication. *Attempt to run a job. Note the error. *Basic Authentication Check *Now re-enable Basic Authentication.
Hands On
What does it look like if the Search Base is incorrect. You would expect that pointing the search base of the LDAP query at the Users contain would be better as it would not have to search the entire AD forest.
*Go to Module Configuration/Exchange/Exchange Forest. *Add CN=Users to the Search Base. *Attempt to run a job. Note the error. *Remove CN=Users from the Search Base.
Throttling policy
Retain and Exchange Server 2013 Throttling Policies
Large Attachments and/or Messages Cannot Be Archived
