PUBLISHED BY Microsoft Press A Division of Microsoft Corporation One Microsoft Way Redmond, Washington 98052-6399 Copyright © 2010 by Tony Redmond All rights reserved No part of the contents of this book may be reproduced or transmitted in any form or by any means without the written permission of the publisher Library of Congress Control Number: 2010935972 ISBN: 978-0-7356-4061-0 Printed and bound in the United States of America Microsoft Press books are available through booksellers and distributors worldwide For further information about international editions, contact your local Microsoft Corporation office or contact Microsoft Press International directly at fax (425) 936-7329 Visit our Web site at www.microsoft.com/mspress Send comments to mspinput @microsoft.com Microsoft and the trademarks listed at http://www.microsoft.com/about/legal/en/us/IntellectualProperty /Trademarks/EN-US.aspx are trademarks of the Microsoft group of companies All other marks are property of their respective owners The example companies, organizations, products, domain names, e-mail addresses, logos, people, places, and events depicted herein are fictitious No association with any real company, organization, product, domain name, e-mail address, logo, person, place, or event is intended or should be inferred This book expresses the author’s views and opinions The information contained in this book is provided without any express, statutory, or implied warranties Neither the authors, Microsoft Corporation, nor its resellers, or distributors will be held liable for any damages caused or alleged to be caused either directly or indirectly by this book Acquisitions Editor: Martin DelRe Developmental Editor: Karen Szall Project Editor: Karen Szall Editorial Production: nSight, Inc Technical Reviewer: Paul Robichaux; Technical Review services provided by Content Master, a member of CM Group, Ltd Cover: Tom Draper Design Body Part No X17-21593 www.it-ebooks.info Contents at a Glance Chapter Introducing Microsoft Exchange 2010 Chapter 15 Compliance 973 Chapter Installing Microsoft Exchange 2010 39 Chapter 16 Rules and Journals 1083 Chapter The Exchange Management Shell 75 Chapter 17 The Exchange Toolbox 1129 Chapter Role-Based Access Control 147 Chapter Exchange Management Console and Control Panel 181 Chapter Managing Mail-Enabled Recipients 255 Chapter The Exchange 2010 Store 357 Chapter Exchange’s Search for High Availability 425 Chapter Backups and Restores 527 Chapter 10 Clients 555 Chapter 11 Client Access Server 651 Chapter 12 Mailbox Support Services 707 Chapter 13 The Exchange Transport System 801 Chapter 14 Message Hygiene 907 www.it-ebooks.info iii Table of Contents Foreword xix Introduction xxii Service Pack xxii Writing style and general approach to content xxii Examples used in the book xxiii Thanks xxiv In conclusion xxvi Support for this book xxvi We want to hear from you xxvii Chapter 1: Introducing Microsoft Exchange 2010 The motivation to upgrade Moving from Exchange 2003 or Exchange 2007 Testing and beta versions Fundamental questions before you upgrade No in-place upgrades What version of Windows? 10 Preparing for Exchange 2010 11 The test plan 12 Testing for operational processes 14 Testing for programming and customizations 14 Bringing Exchange 2007 up to speed 16 Deploying earlier versions of Exchange servers alongside Exchange 2010 17 Web-based Deployment Assistant 18 Exchange 2010 editions 18 Active Directory 19 The strong link between Exchange and Active Directory 20 ADSIEdit 22 What you think of this book? We want to hear from you! Microsoft is interested in hearing your feedback so we can continually improve our books and learning resources for you To participate in a brief online survey, please visit: www.microsoft.com/learning/booksurvey/ www.it-ebooks.info v vi Table of Contents Types of Active Directory deployments that support Exchange The role of ADAccess Planning for global catalogs Preparing Active Directory for Exchange The joys of a customizable schema Ready-to-go custom attributes Let’s install 23 25 29 31 34 35 37 Chapter 2: Installing Microsoft Exchange 2010 39 Approaching the installation 39 Running /PrepareAD 41 Installing prerequisite system components 42 Installing the Microsoft Filter Pack 46 Running Setup 46 Setup logs 49 Uninstalling Exchange 51 Repairing Exchange 53 Installing an edge server 54 Language packs 54 Recovering a failed server 55 Customer Experience Improvement Program 58 The services of Exchange 60 Versions, roll-up updates, and service packs 63 Exchange 2010 Service Pack 65 Version numbers 66 Object versions 68 Reporting licenses 69 Security groups and accounts created by Exchange 71 Contemplating management 74 Chapter 3: The Exchange Management Shell 75 How Exchange leverages Windows PowerShell 76 Remote PowerShell 79 Flowing remotely 81 Connecting to remote PowerShell 84 Be careful where you execute 86 A more complex environment to manage 86 Advantages of remote PowerShell 91 EMS basics 93 Command editing 96 Handling information returned by EMS 99 Selective output 100 Using common and user-defined variables 103 Identities 106 Piping 109 Adding recipient photos 111 OPATH filters 113 www.it-ebooks.info Table of Contents vii Server-side and client-side filters Transcripts Bulk updates Code changes required by remote PowerShell Command line versus Integrated Scripting Environment Calling scripts Profiles Script initialization Active Directory for PowerShell Setting the right scope for objects in a multidomain forest Some useful EMS snippets Looking for large folders Outputting a CSV file Creating a report in HTML Finding disconnected mailboxes Creating and sending messages from the shell Reporting database size and mailbox count via email Verbose PowerShell Setting language values Execution policies Testing cmdlets Test-SystemHealth Test-ServiceHealth Test-MAPIConnectivity Test-ReplicationHealth Test-ExchangeSearch Test-OWAConnectivity Test-ECPConnectivity Test-MRSHealth Testing POP3 and IMAP4 Connectivity Testing mail flow But we need some control 114 117 118 120 122 123 124 125 126 127 129 129 130 131 132 132 134 136 136 137 139 139 140 141 141 142 143 143 144 144 145 146 Chapter 4: Role-Based Access Control 147 RBAC basics Roles Using role assignment policy to limit access Creating roles for specific tasks Scopes Role groups Creating a new role group Role assignment Specific scopes for role groups Special roles Unscoped roles What role groups I belong to? Assignment policies www.it-ebooks.info 148 151 152 154 155 156 159 160 162 164 165 166 168 viii Table of Contents RBAC enhancements in SP1 Managing role groups through ECP Database scoping Implementing a split permissions model RBAC reports in ExBPA RBAC validation rules Exchange Control Panel and roles Figuring out RBAC On to management 170 170 174 175 178 179 179 179 180 Chapter 5: Exchange Management Console and Control Panel 181 Exchange Management Console Changes to EMC in Exchange 2010 A different console philosophy from Exchange 2003 Managing objects across Exchange 2010 and Exchange 2007 EMC startup How EMC accesses Exchange data Changing EMC columns Auto-generated PowerShell commands Using EMS command logs Naming conventions Organizational health data Managing multiple organizations Sharing policies Certificate management Exchange Control Panel SP1 updates for ECP An overview of the ECP application Basic ECP user options Inbox rules Delivery reports ECP administrator options Administrator searches for delivery reports Running ECP without an Exchange mailbox Managing groups with ECP Defining a default group location and group naming policy Creating new groups Creating security groups with ECP Users and groups Allowing users to create new groups through ECP Planning for user-created groups Maintain groups but don’t create! Setting diagnostics for Exchange servers But what will we manage? 182 182 185 187 188 190 194 195 197 199 201 204 205 208 213 215 215 216 220 224 227 228 235 237 238 242 243 244 247 248 249 251 253 Chapter 6: Managing Mail-Enabled Recipients 255 Stop and think 255 Mailbox naming conventions 257 www.it-ebooks.info Table of Contents ix Creating new mailboxes Completing the new mailbox setup Creating new room and resource mailboxes Mailbox provisioning agent and database allocation Languages and folders Manipulating mailbox settings Bulk mailbox creation Setting quotas What’s in a mailbox? Removing or disabling mailboxes Reconnecting mailboxes Email address policies Email policy priority Creating a new email address policy Creating email address policies with custom filters Setting priority for an email address policy Virtual list view (VLV) for Exchange address lists Discovery mailboxes Creating additional discovery mailboxes Setting mailbox permissions Mail flow settings The difference between Send on Behalf and Send As Managing full access permission Sending messages on behalf of other users Opening another user’s mailbox Distribution groups Room lists Group owners Group expansion Protected groups Self-maintaining groups Viewing group members Tracking group usage Dynamic distribution groups OPATH queries Creating new dynamic distribution groups Creating dynamic groups using custom filters Moderated recipients Moderation requests Moderated mailboxes Mail-enabled contacts Mail users Resource mailboxes Defining custom properties for resource mailboxes Providing policy direction to the Resource Booking Attendant Processing meeting requests according to policy Equipment mailboxes Data, data, everywhere 259 264 265 265 269 273 277 279 284 285 286 290 292 293 297 297 299 299 301 303 303 304 306 309 310 312 314 316 318 319 321 322 324 324 325 326 329 334 337 340 341 342 343 345 347 352 355 355 www.it-ebooks.info x Table of Contents Chapter 7: The Exchange 2010 Store 357 Long live Jet! Maximum database size Database limits for the standard edition Mailboxes per database (or per server) Dealing with I/O Maintaining contiguity A new database schema Database management Creating new mailbox databases Updating mailbox databases after installation Background maintenance Scheduling background maintenance Content maintenance tasks Tracking background maintenance Corrupt item detection and isolation Backups and permanent removal Protection against high latency Protection against excessive database or log growth Store driver fault isolation The death of ISINTEG Controlling named properties Database defragmentation Using ESEUTIL Database usage statistics Transaction logs Log sets Transactions, buffers, and commitment Transaction log checksum Transaction log I/O The question of circular logging Noncircular logging Reserved logs And now for something completely different 358 359 361 362 364 370 372 374 377 381 383 387 388 390 391 394 395 396 397 398 401 404 406 407 409 410 413 417 418 419 421 422 423 Chapter 8: Exchange’s Search for High Availability 425 Breaking the link between database and server Introducing Database Availability Groups The dependency on Windows clustering Active Manager Automatic database transitions Best copy selection ACLL: Attempt copy last logs Transaction log replay: The foundation for DAG replication Transaction log compression Block replication Transaction log truncation www.it-ebooks.info 426 428 431 433 435 437 439 440 445 446 448 Table of Contents xi Incremental resynchronization Seeding a database Unique database names Changes in message submission within a DAG Day-to-day DAG management and operations Building the DAG Investigating DAG problems Managing DAG properties DAG networks Using circular logging with database copies Adding new database copies to a DAG Handling initial seeding errors Monitoring database copies Reseeding a database copy Adding database copies with EMS Using a lagged database Activating a mailbox database copy Applying updates to DAG servers Dealing with a failed server AutoDatabaseMountDial and potential issues moving databases Activation blocks Moving database locations within a DAG Removing database copies Removing servers from a DAG Handling storage hangs Upgrading servers in a DAG Datacenter Activation Coordination Planning for datacenter resilience Managing cross-site connections Crimson events Approaching DAG designs Scripts to help with DAG management On to protecting data 449 451 451 455 455 462 468 469 471 475 477 479 480 481 482 484 488 492 493 495 499 500 502 506 507 508 510 511 513 514 515 520 525 Chapter 9: Backups and Restores 527 An interesting philosophical question The Windows Server Backup plug-in for Exchange Exchange and Volume ShadowCopy Services Making an Exchange 2010 backup The backup complexities posed by passive database copies Restoring to a recovery database Performing a restore Validating the recovered database Mounting a recovery database Restoring mailbox data Complete server backups Clients www.it-ebooks.info 527 530 531 533 537 538 540 543 544 547 552 553 xii Table of Contents Chapter 10: Clients 555 The Outlook question Missing functionality when using earlier versions of Outlook Why new mail notifications seem slower on Outlook Forcing faster Outlook Anywhere connections Conversation views Conflict resolution Listing client connections Blocking client connections to a mailbox Blocking client access to a mailbox server Outlook Web App A refresh for OWA provided by Exchange 2010 SP1 OWA functionality deprecated in Exchange 2010 Different browsers, different experiences OWA configuration file Missing favorites Forwarding meeting requests OWA Web parts Long signatures Sharing calendars Sharing calendars with Internet users Mailbox quota exceeded Handling attachments OWA themes and customizations OWA mailbox policies and feature segmentation More than just segmentation Attachment processing Applying an OWA mailbox policy POP3 and IMAP4 clients Configuring the IMAP4 server Configuring IMAP4 client access Exchange ActiveSync Setting ActiveSync policies Generating ActiveSync reports Reporting synchronized devices Blocking types of mobile devices Blocking devices on a per-user basis Wiping lost devices Debugging ActiveSync Testing mobile connectivity ActiveSync for BlackBerry Client throttling Unified Messaging Voice mail preview Fax integration Exchange 2010 APIs Exchange Web Services A common connection point www.it-ebooks.info 557 559 561 562 563 567 569 570 573 574 575 578 579 583 584 585 586 587 588 590 594 595 597 600 604 608 609 610 612 615 618 620 622 623 626 631 632 635 636 636 637 641 642 647 647 648 650 ... that Outlook Web App is available within every Exchange 2010 deployment In addition, huge variation exists in the feature set available in the Outlook versions supported by Exchange 2010; Outlook... same performance that Microsoft Exchange Server 2007 uses to support GB mailboxes The user experience is further enhanced with new functionality in Microsoft Outlook 2010, Outlook Web App, and... functionality, and better reporting and management alerts Exchange has supported message journaling since Microsoft Exchange Server 2003 and Microsoft Exchange Server 2007 introduced features such as managed