Preparing Exchange for Retain

From GWAVA Technologies Training
Revision as of 15:39, 24 November 2014 by Stephanf (Talk | contribs)

Jump to: navigation, search

Contents

Preparing Exchange for Retain

Create Impersonation User

In the EAC/Mailboxes there is a nice big plus sign. That is the add button and that is where you can create new users and mailboxes.

At the very least you need to create an Impersonation Account for Retain.

So add a user and make sure the user does not have to change password after next login.

Then go on the left sidebar and select Permissions. Under Admin Role click add. Add Role and select ApplicationImpersonation, press Add-> and then OK. Add the Impersonation User to the Role Group. Click OK.

ProTip: Go into Server Manager/Tools/Active Directory Users and Groups. Choose the impersonation account. Set the Account expires to Never.

Go to the Account tab, then set in the Account Options:

  • User cannot change password
  • Password never expires

Exchange Module Setup Instructions http://support.gwava.com/kb/?View=entry&EntryID=2223

Other things

Backup the IIS config file. http://technet.microsoft.com/en-us/library/cc754617(v=ws.10).aspx

Storage strategy

You would want separate partitions for the OS, the main mailbox databases, the archive databases and the log files.

http://exchangeserverpro.com/exchange-2013-move-database-to-new-folder-path/

http://careexchange.in/how-to-move-database-path-and-log-folder-path-in-exchange-2013/

http://social.technet.microsoft.com/wiki/contents/articles/22479.move-logging-in-exchange-2013-via-powershell.aspx

Powershell stuff

Reporting Mailbox Folder Sizes with PowerShell http://exchangeserverpro.com/reporting-mailbox-folder-sizes-with-powershell/

Disk Space Monitoring and Early Warning with PowerShell https://www.simple-talk.com/sysadmin/powershell/disk-space-monitoring-and-early-warning-with-powershell/

Exchange 2010/2007 to 2013 Migration and Co-existence Guide http://msexchangeguru.com/2013/05/10/exchange2013-migration/


Exchange Archiving Strategies

Exchange does not have a positive retention system, that is it has no way to signal that a message has been backed up or not. So we have to jump through some hoops to have a reasonable chance at archiving all messages in the system. Under default operating procedures all we would have is a snapshot of what was in Exchange when the job was run. It would not be a true archive. A message that was received, replied to, trashed, emptied from trash and then purged from "Recoverable Items" would be missed completely.

Not to say Exchange doesn't have an archive system built it, it just runs into its own limitations too quickly for comfort. Very simply you can tell Exchange to put a hold on a mailbox. That means that no messages will be allowed to be permanently deleted and that does the job very well. However, it doesn't take some users, often the most important users, very long to reach that 2GB mailbox limit.

Now you can get around that by allowing users to have archive folders in their mailboxes, but do you want to try keeping 10 years of data attached to your production system when most of it is never referenced again or only very rarely.

Journaling Mailbox

This method is not recommended but will be discussed as it was popular to us. Exchange can be set to create a mailbox that receives a copy of all messages received by the system. Retain's ImpersonationApplication user could access that mailbox and archive all the messages, deleting them when done.

The major issue comes when the system becomes large or if there is an issue and the journaling mailbox cannot be cleared in time that it can never be cleared because Exchange can't give the messages to Retain. Exchange has an issue that when a mailbox becomes very large it is unable to serve the messages in it. That is why there is a 2GB limit on mailboxes.

To make this system more resilient, create a separate mailbox database for the journaling mailbox and be prepared to create new journaling mailboxes as they reach that 2GB limit so there is a chance to clear them.

In-Place Hold

Exchange does have holds: In-Place Hold and Litigation Hold

The way holds are described in the Exchange literature it is really good at slamming the barn door shut after the horse is gone. The whole point of data retention is to comply with legal and regulatory requirements that require storage in the long term.

A hold prevents a user from completely deleting a message though it may be gone from their inbox and trash. It continues to exist in their Deleted Items folder until the hold is released. It will even hold onto messages in the archive folder of a user. However, you still have the issue of mailbox size limits. If a user's mailbox gets too big it will no longer receive messages. Leaving all your users data on your production server is often a bit much just for data retention compliance.

http://blogs.technet.com/b/exchange/archive/2013/12/11/litigation-hold-and-in-place-hold-in-exchange-2013-and-exchange-online.aspx Limited to 10k users, but you can create another hold policy for the next 10k.

http://www.msexchange.org/articles-tutorials/exchange-server-2013/compliance-policies-archiving/exchange-2013-place-hold-and-place-ediscovery-part3.html There are some odd steps to deal with making sure things are locked down.

Interesting 2013 has a purges folder http://www.msexchange.org/articles-tutorials/exchange-server-2013/compliance-policies-archiving/exchange-2013-place-hold-and-place-ediscovery-part2.html

Purges - users delete an item from the Recoverable Items folder (by using the Recover Deleted Items tool), the item is moved to the Purges folder. Items that exceed the deleted item retention period are also moved to thePurges folder. Items in this folder are not visible to users if they use the Recover Deleted Items tool. When the mailbox assistant processes the mailbox, items in the Purges folder are purged from the mailbox database unless the mailbox is on hold;but maybe we should recommend using Messaging Records Management instead?

Messaging Records Management http://technet.microsoft.com/en-us/library/dd297955(v=exchg.150).aspx

The best thing to do is to create a rolling In-Place Hold that lasts for a "short" period of time 1-6 months, that should be enough time for a user to put the email where they desire it to be and for issues with archiving to be discovered and resolved.

If you wish to be even more sophisticated you can have Retain wait to archive for a week, which would be long enough for almost all email to have been dealt with in some way, then archive it.

One customer setup up they system such that nothing was archived for the first 30 days, but then it would be deleted after 90 days.

This is how you do a hold for one mailbox http://technet.microsoft.com/en-us/library/jj150573(v=exchg.150).aspx

For all mailboxes http://technet.microsoft.com/en-us/library/dn767952(v=exchg.150).aspx

Retrieved from "https://traininggwava.microfocus.net/index.php?title=Preparing_Exchange_for_Retain&oldid=11337"
Personal tools
Namespaces

Variants
Actions
Home
Exchange
GroupWise
JAVA
Linux
MTK
Retain
GW Monitoring and Reporting (Redline)
GW Disaster Recovery (Reload)
GW Forensics (Reveal)
GWAVA
Secure Messaging Gateway
GW Mailbox Management (Vertigo)
Windows
Other
User Experience
Toolbox
Languages
Toolbox