Lessons in this chapter: n Lesson 1: Managing Records 543 n Lesson 2: Implementing Compliance 568 Before You Begin In order to complete the exercises in the practice session in this ch
Trang 1tracking log files You can use the EMS but not the EMC to change the maximum size of each
message tracking log file on Edge Transport, Hub Transport, and Mailbox servers
To change the maximum size of each message tracking log file on Hub Transport
and Edge Transport servers, you can use the MessageTrackingLogMaxFileSize parameter of
the Set-TransportServer EMS cmdlet For example, the following command changes maximum
size of each message tracking log file on the Hub Transport server VAN-EX2 to 15 MB:
Set-TransportServer –Identity VAN-EX2 -MessageTrackingLogMaxFileSize 15MB
To change the maximum size of each message tracking log file on Mailbox servers, you can
use the MessageTrackingLogMaxFileSize parameter of the Set-MailboxServer EMS cmdlet For
example, the following command changes the maximum size of each message tracking log
file on the Mailbox server VAN-EX1 to 20 MB:
Set-MailboxServer –Identity VAN-EX1 -MessageTrackingLogMaxFileSize 20MB
Configuring the Maximum Size of the Message
Tracking Log Directory
By default, the maximum size of the message tracking log directory is 250 MB Circular
logging deletes the oldest message tracking log files when either a message tracking log file
reaches its specified maximum age or the message tracking log directory reaches its specified
maximum size You can use the EMS but not the EMC to reconfigure the maximum size of the
message tracking log directory on Edge Transport, Hub Transport, and Mailbox servers
For example, the following command changes the maximum size of the message tracking
log directory to 300 MB on Hub Transport server VAN-EX2:
Set-TransportServer –Identity VAN-EX2 -MessageTrackingLogMaxDirectorySize 300MB
The following command changes the maximum size of the message tracking log directory
to 400 MB on Mailbox server VAN-EX1:
Set-MailboxServer –Identity VAN-EX1 -MessageTrackingLogMaxDirectorySize 400MB
Quick Check
n What command changes maximum size of each message tracking log file on the
Hub Transport server VAN-HUB1 to 25 MB?
Quick Check Answer
n Set-TransportServer –Identity HUB-EX2 -MessageTrackingLogMaxFileSize 25MB
Configuring the Maximum Age of Message Tracking Logs
The maximum age for an individual message tracking log file is 30 days by default Circular
logging deletes the oldest message tracking log files if the message tracking log directory
reaches its specified maximum size or a message tracking log file reaches its specified
Trang 2maximum age You can use the EMS but not the EMC to reconfigure the maximum age for message tracking log files on a Hub Transport, Edge Transport, or Mailbox server.
For example, to change the maximum age of message tracking logs on the Hub Transport server VAN-EX2 to 25 days, you would enter the following command:
Set-TransportServer –Identity VAN-EX2 -MessageTrackingLogMaxAge 25.00:00:00
To change the maximum age of message tracking logs on the Mailbox server VAN-EX1 to
40 days, you would enter the following command:
Set-MailboxServer –Identity VAN-EX1 -MessageTrackingLogMaxAge 40.00:00:00
Configuring Message Subject Logging
By default, the subject line of an SMTP email message is stored in the message tracking log However, this setting can prove contentious Some users might not want you to be able to see the subjects of their email messages, while others might ask you to find a message that they can identify only by its subject You may be required to disable message subject logging
to comply with increased security or privacy requirements This is a managerial decision, and you need to verify your organization’s policy about revealing subject-line information You can enable or disable message subject logging on individual servers (but not on an individual user basis) However, organizational policy typically dictates that you use the same setting throughout an Exchange organization
You can use the EMS but not the EMC to enable or disable message subject logging in message tracking logs on Edge Transport, Hub Transport, and Mailbox servers For example,
to disable message subject logging in message tracking logs on the Hub Transport server VAN-EX2, you would enter the following command:
Set-TransportServer –Identity VAN-EX2 -MessageTrackingLogSubjectLoggingEnabled $false
To enable message subject logging in message tracking logs on the Mailbox server VAN-EX1 (assuming it had previously been enabled), you would enter the following command:Set-MailboxServer –Identity VAN-EX1 -MessageTrackingLogSubjectLoggingEnabled $true
EXAM TIP
It is important to know about message subject logging because it can be a contentious issue in a production organization.
Viewing Message Activity and Tracking Messages
The Tracking Log Explorer, part of the Troubleshooting Assistant, provides details of all
message activity as messages are transferred to and from an Exchange server that has the Hub Transport server role, the Mailbox server role, or the Edge Transport server role installed Exchange servers that have the Client Access server role or Unified Messaging server role installed (and none of the other three roles) do not have message tracking logs
Trang 3You access the Tracking Log Explorer by opening the EMC, clicking Toolbox,
and double-clicking Tracking Log Explorer The Welcome screen is shown in Figure 10-34 By
default, the RECEIVE EventID is enabled with a 10-minute interval specified, depending on
when you opened the tool You can specify parameters shown in the figure, such as Recipients,
Sender, Server, and so on If message subject logging is enabled, you can also specify Subject
FIGURE 10-34 The Welcome screen of the Tracking Log Explorer
You can use the EMS to locate all messages with a RECEIVE EventID (there are likely
to be a lot of them, so you would probably specify other parameters, such as Start, End,
and Sender) The command to access the same messages as would be listed by the settings
displayed in Figure 10-34 is as follows:
Get-MessageTrackingLog –EventID RECEIVE –Start 3/18/2010 5:37:00 AM –End 3/18/2010
5:47:00 AM
When you have specified all your search parameters on the Welcome screen, you click
Next An Executing Message Tracking Request screen appears, followed by a Message
Tracking Results screen If you want to repeat the request but change the search parameters,
you can click Restart Current Task on the left pane, respecify your settings, and repeat
the task If the request highlights message tracking problems, you can select a symptom
and obtain further information
When the Tracking Log Explorer successfully completes a tracking request, a result file is
generated You can view the results of previous tracking requests by clicking Select A Result
File To View on the left pane This aborts any tasks currently running (you receive a warning
and click OK) and accesses the Select A Result File To View screen, shown in Figure 10-35
Trang 4FIGURE 10-35 The Select A Result File To View screen
You can then double-click a report and either export it to a file for further analysis by reporting software or click View Results The View Results screen lets you view List Reports, Tree Reports, or Other Reports A Tree Report is illustrated in Figure 10-36 You can export the report, print it, or find a text string in the report
FIGURE 10-36 A Tree Report
Trang 5MORE INFO GET-MESSAGETRACKINGLOG
For more information about the Get-MessageTrackingLog cmdlet, see http://technet
.microsoft.com/en-us/library/aa997573.aspx.
Lesson Summary
n Connectivity logs record connection activity of outgoing message delivery queues
Protocol logs record SMTP activity between messaging servers as part of messaging
delivery The Message Tracking log records message activity Agent logs record activity
by anti-spam and antivirus agents Routing table logs record routing table data
Administrator Audit logs track the use of EMS cmdlets and parameters Exchange store
logs are central to the operation of Exchange databases
n Typically, you can configure the location of the various types of log files, the maximum
size and maximum age of individual log files, and the maximum size of log file
directories
n Log files in CSV format can be read by reporting software (typically based on Microsoft
Office Excel or Microsoft SQL Server) You can open CSV files with a text editor such as
Microsoft Notepad, but the result can be difficult to interpret
n The EMC provides a number of tools for viewing log files, such as the Tracking Log
Explorer and the Routing Log Viewer You can also use commands based on EMS
cmdlets (for example, Get-MessageTrackingLog) to view the information in log files
and generate reports
Lesson Review
You can use the following questions to test your knowledge of the information in Lesson 2,
“Managing Logging.” The questions are also available on the companion CD if you prefer to
review them in electronic form
NOTE ANSWERS
Answers to these questions and explanations of why each answer choice is correct or
incorrect are located in the “Answers” section at the end of the book
1. Written company policy requires that the facility to track messages by specifying
message subject be disabled You want to configure the relevant setting on the Edge
Transport server DEN-EDGE01 What command do you enter?
A. Set-TransportServer –Identity
DEN-EDGE01-MessageTrackingLogSubjectLoggingEnabled $true
B. Set-TransportServer –Identity
DEN-EDGE01-MessageTrackingLogSubjectLoggingEnabled $false
Trang 6C. Set-MailboxServer –Identity
A. Set-TransportServer –IntraOrgConnectorProtocolLoggingLevel Verbose
B. Set-TransportServer –IntraOrgConnectorProtocolLoggingLevel None
C. Set-MailboxServer –IntraOrgConnectorProtocolLoggingLevel Verbose
D. Set-MailboxServer –IntraOrgConnectorProtocolLoggingLevel None
3. What type of log files record all activity by anti-spam and antivirus agents?
A. Set-MailboxServer DEN-EX2 –ConnectivityLogMaxAge 30.00:00:00
B. Set-MailboxServer DEN-EX2 –ConnectivityLogMaxAge 30
C. Set-TransportServer DEN-EX2 –ConnectivityLogMaxAge 30.00:00:00
D. Set-TransportServer DEN-EX2 –ConnectivityLogMaxAge 30
5. What EMS command sets the maximum size of the routing table log directory to
70 MB on the Edge Transport server DEN-EDGE01
A. Set-TransportServer –Server DEN-EDGE01 -RoutingTableLogMaxDirectorySize 70MB
B. Set-TransportServer –Identity DEN-EDGE01 -RoutingTableLogMaxDirectorySize 70MB
C. Set-TransportServer –Identity DEN-EDGE01 -RoutingTableLogMaxAge 14.00:00:00
D. Set-MailboxServer –Identity DEN-EDGE01 -RoutingTableLogMaxDirectorySize 70MB
PRACTICE Using ExBPA to Generate a Health Report
In this practice session, you will use ExBPA to run a best practices analyzer health scan You will view the reports that the tool generates and export a report into a CSV file
Trang 7EXERCISE Generating a Health Scan Report
This exercise assumes that you have already opened ExBPA and have selected not to check for
updates and not to join the Customer Experience Improvement Program The tool will then
open at the Welcome screen If you have never opened the tool, configure these settings first
and then click Go To The Welcome Screen If you have configured the tool differently and it
starts to check for updates, cancel this action and go to the Welcome screen
1. Log on to the Exchange Server 2010 server VAN-EX1 as Kim Akers
2. Open the EMC and select Toolbox
3. Click Best Practices Analyzer and then click Open Tool
4. On the Welcome screen (shown previously in Figure 10-17), click Select Options For
A New Scan
5. In the Connect To Active Directory screen, shown in Figure 10-37, ensure that the Active
Directory Server is VAN-DC1 and then click Connect To The Active Directory Server
FIGURE 10-37 Specifying an Active Directory server
6. On the Start A New Best Practices scan screen, specify VAN-EX1HealthScan as the
identifying label, ensure that the VAN-EX1 server is the only server selected, select
Health Scan, and ensure that the Performance Baseline [2 Hours] check box is not
selected Do not change the Select The Speed Of The Network To Judge The Estimated
Time Value setting Your screen should look similar to Figure 10-38
Trang 8FIGURE 10-38 Specifying an ExBPA health scan
7. Click Start Scanning
8. When the scan completes, click View A Report Of This Best Practices Scan
9. On the View Best Practices Report page, select List Reports and look in turn at the Critical Issues, All Issues, Non-Default Settings, Recent Changes, and Informational Items tabs Note that depending on previous configuration (such as a decision to hide certain items), the Critical Issues tab might not be displayed Figure 10-39 shows the Recent Changes tab Your report might contain other items
10. Click the All Issues tab Select any issue and then click Tell Me More About This Setting
11. Read the resulting Help screen and then close it
12. Select Tree Reports and look in turn at the Detailed Review and Summary Review tabs Figure 10-40 shows the Detailed Review tab
13. Select Other Reports and view the Run-Time Log
14. Return to the All Issues tab in List Reports
15. Click Export Report
16. Identify the path to saved files, for example, C:\Users\Kim Akers.ADATUM\AppData\Roaming\Microsoft\ExBPA
Trang 9FIGURE 10-39 The Recent Changes tab in the List Report in an ExBPA health scan
FIGURE 10-40 Detailed Review tab in the Tree Report in an ExBPA health scan
Trang 1017. In the Export Report dialog box, click the report identified by EX1HealthScan and change the Save As Type to HTML, as shown in Figure 10-41.
ExBPA.VAN-FIGURE 10-41 Specifying the report to export and the file type
18. Click Save
19. Browse to the ExBPA folder you identified earlier This contains files such as those shown in Figure 10-42 Identify the HTML file that starts with ExBPA.VAN- EX1HealthReport Double-click this file to open it
FIGURE 10-42 Files in the ExBPA folder
Trang 1120. Figure 10-43 shows the file you created opened with Microsoft Internet Explorer
Optionally, if you have a spreadsheet package installed that can read CSV files (for
example, Microsoft Excel), you can save the file in CSV format and use that application
to open it If you have a third-party XML Reader installed, you can save the file in XML
format and use that application to open it Although you can open both CSV and XML
files in Microsoft Notepad, the result is less informative
FIGURE 10-43 ExBPA health scan report opened in Internet Explorer
PRACTICE Configuring Protocol and Agent Logging
In this practice, you will configure protocol logging for both Send and Receive connectors
You will amend the EdgeTransport.exe.config file to configure agent logging
EXERCISE 1 Configuring Send Connector Protocol Logging
In this exercise, you will set the maximum size of each Send connector protocol log file on a
Hub Transport server to 20 MB, the maximum age of the Send connector protocol log files to
35 days, and the maximum size of the Send connector protocol log directory to 350 MB
1. If necessary, log on to the VAN-EX1 Hub Transport server with the Kim Akers account
2. Open the EMS
3. Enter the following command:
Set-TransportServer –Identity VAN-EX1 -SendProtocolLogMaxFileSize 20MB
4. Enter the following command:
Set-TransportServer –Identity VAN-EX1 -SendProtocolLogMaxAge 35.00:00:00
Trang 125. Enter the following command:
Set-TransportServer –Identity VAN-EX1 -SendProtocolLogMaxDirectorySize 350MBFigure 10-44 shows these commands
FIGURE 10-44 Configuring protocol logs for a Send connector
EXERCISE 2 Configuring Receive Connector Protocol Logging
In this exercise, you will set the maximum size of each Receive connector protocol log file on
a Hub Transport server to 10 MB, the maximum age of the Receive connector protocol log files
to 25 days, and the maximum size of the Receive connector protocol log directory to 200 MB
1. If necessary, log on to the VAN-EX1 Hub Transport server with the Kim Akers account
2. Open the EMS
3. Enter the following command:
Set-TransportServer –Identity VAN-EX1 -ReceiveProtocolLogMaxFileSize 10MB
4. Enter the following command:
Set-TransportServer –Identity VAN-EX1 -ReceiveProtocolLogMaxAge 25.00:00:00
5. Enter the following command:
Set-TransportServer –Identity VAN-EX1 -ReceiveProtocolLogMaxDirectorySize 200MBFigure 10-45 shows these commands
FIGURE 10-45 Configuring protocol logs for a Receive connector
EXERCISE 3 Configuring Agent Logging
In this exercise, you will ensure that agent logging is enabled and then add keys to the EdgeTransport.exe.config file that enable you to set the maximum size of each agent log file
on a Hub Transport server to 20 MB, the maximum age of the agent log files to 35 days, and the maximum size of the agent log directory to 350 MB
1. If necessary, log on to the VAN-EX1 Hub Transport server with the Kim Akers account
2. Navigate to the C:\Program Files\Microsoft\Exchange Server\V14\Bin directory
3. Use Microsoft Notepad to open the EdgeTransport.exe.config file
Trang 134. Locate the AgentLogEnabled key directly under <appsettings> and ensure that this is
set to “true.”
5. Add the following lines to the EdgeTransport.exe.config file directly under the
AgentLogEnabled key:
<add key="AgentLogMaxDirectorySize" value="350MB" />
<add key="AgentLogMaxFileSize" value="20MB" />
<add key="AgentLogMaxAge" value="35.00:00:00" />
Figure 10-46 shows the amended file
FIGURE 10-46 Adding keys to the EdgeTransport.exe.config file
6. Open the Services Console on VAN-EX1
7. Locate the Microsoft Exchange Transport service Right-click this service, as shown in
Figure 10-47, and click Restart
FIGURE 10-47 Restarting the Microsoft Exchange Transport service
8. When the service restarts, close the Services Console
Trang 14Chapter Review
To further practice and reinforce the skills you learned in this chapter, you can perform the following tasks:
n Review the chapter summary
n Review the list of key terms introduced in this chapter
n Complete the case scenarios These scenarios set up real-world situations involving the topics of this chapter and ask you to create a solution
n Complete the suggested practices
n Take a practice test
n Exchange Server 2010 provides a range of log file types, such as Connectivity
logs, Protocol logs, the Message Tracking log, Agent logs, Routing table log,
and Administrator Audit logs, that enable you to track activity on your servers
and generate reports Transaction logs are central to the operation of Exchange databases You can manage logging by configuring various log parameters
n The EMC provides a number of tools for viewing log files, such as the Tracking Log Explorer and the Routing Log Viewer You can also use EMS cmdlets to view the information in log files
Key Terms
Do you know what these key terms mean?
n Administrator Audit logs
n Agent logs
n Connectivity logs
n Exchange Best Practices Analyzer (ExBPA)
n Exchange Server Mail Flow Troubleshooter
n Message Tracking logs
n Protocol logs
n Tracking Log Explorer
Trang 15Case Scenarios
In the following case scenarios, you will apply what you have learned about planning server
installs and upgrades You can find answers to these questions in the “Answers” section at the
end of this book
Case Scenario 1: Obtaining a Server Health Report
and Detecting Suboptimal Settings
You are a senior Exchange administrator at Trey Research You suspect that other
administrators in your team have configure suboptimal settings on Trey’s Exchange Server
2010 servers and Windows Server 2008 R2 domain controllers You need to investigate
and obtain health checks for all Exchange servers in the organization Answer the following
questions:
1. What tool can you use to examine your domain controllers and Exchange Server 2010
servers?
2. What type of information does this tool give you?
3. Do you need to examine each server separately?
4. What types of scan are available?
5. What report formats are available?
Case Scenario 2: Auditing Protocol Log Configuration
You are a senior Exchange administrator at NorthWind Traders You know that members
of your team are reconfiguring protocol logging on NorthWind Traders’ Edge Transport
and Hub Transport servers You want to audit this activity Answer the following questions:
1. What procedure do you use to do this?
2. What EMS cmdlets do you need to audit?
3. What parameters do you need to audit?
4. What EMS commands do you enter to set this up?
Suggested Practices
To help you master the examination objectives presented in this chapter, complete the
following tasks
Investigate the EMS Commands That Access Statistics
n Practice 1 Investigate the Get-MailboxStatistics and Get-MailboxFolderStatistics
cmdlets and the parameters they support Note that investigating the first of these
cmdlets is also a suggested practice in Chapter 9 Revisit the cmdlet It is important
Trang 16Investigate the PowerShell Commands and Clauses
That Enable You to Format Statistical Reports
n Practice 1 Investigate FL, FT, Export-CSV, Sort-Object, Select-Object, and the Where
clause Learn the parameters and switches they support Determine the effect of combining more than one of these commands
Further Investigate the ExBPA
n Practice 1 This is a powerful and significant tool You will use it in your job, and the examination will probably test your knowledge of the facilities it offers
Look at Log Files
n Practice 1 This chapter gives you the location of various log files Look at the content
of these files You may find it useful to install software, such as Microsoft Office Excel, that reads CSV files You may also get more information by examining the log files on
a production system The log files on your isolated test network are likely to contain very little information
Install or Access an Edge Transport Server (Optional)
n Practice 1 The examples in this chapter use a Hub Transport server (or a Mailbox server) Running the same EMS commands or graphics tools on an Edge Transport server can generate results that look different (although they are basically the same) Optionally, create a virtual machine that runs the Edge Transport server role, or if you have access to a production network that supports an Edge Transport server, look
at the output of the various tools and commands on it
Take a Practice Test
The practice tests on this book’s companion CD offer many options For example, you can test yourself on just one exam objective, or you can test yourself on all the 70-662 certification exam content You can set up the test so that it closely simulates the experience of taking
a certification exam, or you can set it up in study mode so that you can look at the correct answers and explanations after you answer each question
MORE INFO PRACTICE TESTS
For details about all the practice test options available, see the “How to Use the Practice Tests” section in this book’s Introduction.
Trang 17C H A P T E R 1 1 Managing Records and Compliance
Organizational email contains messages that are important from a business, legal, or
regulatory perspective Such messages may need to be retained for a certain period, depending on organizational policy or for legal reasons Other email messages may not have a retention value beyond a limited period, if at all In this chapter, you will learn how
to manage messages and control their retention behavior
Organizations frequently need to produce evidence during litigation or to provide documentation to prove that they are complying with regulations Checks must also be
in place to ensure that an organization is complying with its own internal regulations and written company policy An organization is implementing compliance when it plans its information technology infrastructure and, in particular, its email infrastructure to supply the required documentation on demand This chapter considers the various features in Exchange Server 2010 that can be configured for compliance and help you respond to current or future discovery requirements
Exam objectives in this chapter:
n Configure records management
n Configure compliance
Lessons in this chapter:
n Lesson 1: Managing Records 543
n Lesson 2: Implementing Compliance 568
Before You Begin
In order to complete the exercises in the practice session in this chapter, you need to have done the following:
n Installed the Windows Server 2008 R2 domain controller VAN-DC1 and the Windows Exchange 2010 Enterprise Mailbox, Hub Transport, and Client Access server VAN-EX1
as described in the Appendix, “Setup Instructions for Exchange Server 2010.”
Managing Records
and Compliance
Before You Begin
Lesson 1: Managing Records
Using MRMConfiguring Retention Tags and Retention Policies
Administrating Managed FoldersLesson Summary
Lesson ReviewLesson 2: Implementing Compliance
Configuring IRMConfiguring Journaling
Using MailTipsImplementing a Discovery Search
Placing a Mailbox on Legal HoldCreating and Configuring Ethical Walls
Lesson SummaryLesson Review
Chapter Review
Chapter SummaryKey Terms
Case ScenariosSuggested Practices
Use Retention Policies and Managed Folder Policies
Investigate the New-TransportRule EMS cmdlet
Revise IRMCreate Message Classifications, MailTips, and Ethical Walls
Trang 18n Created the Kim Akers account with the password Pa$$w0rd in the Adatum.com
domain This account should be placed in the Domain Admins security group and be
a member of the Organization Management role group
n Created the Don Hall account with the password Pa$$w0rd in the Adatum.com
domain This account should be placed in the Backup Operators security group (so that it can be used to log on to the domain controller) and should be in the Marketing organizational unit (OU)
n Created mailboxes for Kim Akers and Don Hall, accepting the default email address format for the email addresses
REAL WORLD
Ian McLean
Compliance is one of these issues that everyone thinks is important to
administrators and nobody else It’s a bit like parking an automobile Everyone thinks the rules are merely unnecessary fuss—until they find a vehicle blocking emergency access when they fall ill in a shopping mall.
Nobody wants restrictions on their email They want to send what they want to whomever they want Of course, they will act responsibly They would never dream
of sending confidential company information to an external recipient Well, clicking Reply All was an accident, wasn’t it? How were they to know that the innocent- looking distribution list they sent to contained members of an organization that most definitely should not have the information?
Compliance to company policy, industry rules, and national and international laws and regulations is indeed a fussy business I am not a lawyer, much less an international lawyer, and I want an email system that automatically prevents me from accidentally sending confidential information to where it should not go Not only that—I want what I send and receive recorded so that I can prove absolutely that whoever leaked that important piece of information, it wasn’t me.
Administration (forgive me if I’ve said this before) involves people skills as much
as technical skills You can configure the various aspects of compliance described
in this chapter You can and should take legal advice on what you can and cannot
do You still need to explain to the irate senior executive why his or her email bounced To have a good explanation, you need to know not only how to configure compliance and what your company’s policies are but also why a particular
configuration was essential—even when applied to your chief executive officer.
Trang 19Lesson 1: Managing Records
Typically, email messages related to business strategy, transactions, product development, or
customer interactions need to be retained, whereas messages such as newsletter subscriptions
or personal email likely do not In this lesson, you will look at two methods of managing
messaging records and implementing message retention—retention tags and policies and
managed folders—that together make up Message Records Management (MRM)
After this lesson, you will be able to:
n Create and configure retention tags of the three available types
n Create and configure retention policies that group retention tags
n Assign retention policies to user mailboxes
n Apply retention hold to a user mailbox
n Create and configure managed folders
n Create and configure managed folder policies
n Apply managed folder policies to user mailboxes
Estimated lesson time: 45 minutes
Using MRM
MRM helps you ensure that your Exchange Server 2010 organization retains the messages
needed to comply with company policy, government regulations, or legal needs and that
content that has no legal or business value is discarded MRM accomplishes this by using
retention policies or managed folders Chapter 2, “Exchange Databases and Address Lists,”
briefly introduced retention policies and retention tags
Retention policies use retention tags to apply retention settings Later in this lesson, you
will see how to create retention tags and link them to a retention policy Mailboxes that have
a retention policy applied to them are processed by the Managed Folder Assistant, which
runs when scheduled and provisions retention tags in mailboxes This utility is also described
in detail later in this lesson
Managed folders were introduced in Exchange Server 2007 and are also available in
Exchange 2010 You can apply managed content settings to managed folders This lesson
describes how you create managed folders and link them to a managed folder mailbox policy
Mailboxes that have managed folder mailbox policies applied are also processed by the
Managed Folder Assistant
When a message reaches its retention age, the retention action is taken as specified by
the retention tag or the managed content settings in a managed folder For example, a message
could be moved to the Deleted Items folder, moved to the Recoverable Items folder, or
Trang 20permanently deleted If you use retention tags, you can specify the additional option of moving the message to the user’s archive mailbox (if it exists) Managed content settings for managed folders provide the additional option of moving a message to a managed custom folder.
Comparing Retention Tags and Managed Folders
You can use managed folders to enforce basic MRM policies on default folders and
on the entire mailbox If you take this approach, users need to participate in the process
of classifying messages based on their nature and retention value
Alternatively, you can use retention tags to apply default retention settings to default folders, such as the Inbox folder, and apply a default policy tag (DPT) to the entire mailbox DPT retention settings are then applied to untagged items that may reside in folders without
a retention tag, such as custom folders created by the user Users are not required to store messages in folders based on the folder’s retention settings They can apply any personal tag to custom folders and also explicitly apply a different tag to individual messages
Configuring Retention Tags and Retention Policies
You can formulate your organization’s MRM policies to specify the retention period for different classes of email messages by creating and configuring retention tags and retention policies Typically you would assign a retention policy tag (RPT) An RPT is a retention tag applied to default folders, such as Inbox and Deleted Items You would apply a DPT to specific mailboxes to manage the retention of all untagged items A DPT is a retention tag that applies to all items in a mailbox that do not already have a retention tag applied You can apply only one DPT in a retention policy Optionally, you would assign personal tags (or allow users to assign them in Outlook or Outlook Web App [OWA]) A personal tag is a retention tag available to OWA and Outlook 2010 users for applying retention settings to custom folders and to individual items such as email messages
You use retention tags to apply retention settings to folders and individual items, such
as messages, notes, and contacts These settings specify how long a message remains in a mailbox and the action to be taken when the message reaches the specified retention age Retention tags allow users to tag mailbox folders and individual items for retention You can create three types of retention tags:
RPTs apply retention settings to default folders, such as Inbox, Deleted Items, and Sent Items Mailbox items in a default folder that have an RPT applied inherit the folder’s tag Users cannot apply a different tag to a default folder, but they can apply a different tag to the individual items within a default folder You cannot include more than one RPT for the same
Trang 21default folder type in a single retention policy For example, if a retention policy has an Inbox
tag, you cannot add another RPT of type Inbox to that retention policy
The folders to which you can apply retention tabs were listed in Chapter 2, but this
information is repeated here for convenience You can create RPTs for the following default
Exchange Server 2010 does not support RPTs for the Calendar, Contacts, Journal, Notes,
and Tasks default folders.
Personal tags are available to Outlook 2010 and OWA users as part of their retention
policies Users can apply personal tags to folders they create or to individual items, even if
those items already have a different tag applied You see how to create a personal tag later
in this lesson
Configuring Retention Age Limit Actions
You can select from one of the following actions to specify what retention action
should apply to a mailbox item when it reaches its retention age:
n MoveToArchive Messages are moved to a folder in the archive mailbox that
has the same name as the source folder in the user’s primary mailbox This allows users to more easily find messages in their archive mailbox
n MoveToDeletedItems This emulates the behavior experienced by users when
they delete a message Items in the Deleted Items folder can be moved back to the Inbox or any other mailbox folder
n DeleteAndAllowRecovery This emulates the behavior when the Deleted Items
folder is emptied or the user hard-deletes a message If deleted item retention
is configured for the mailbox database or the user, messages move to the Recoverable Items folder (or dumpster)
Trang 22n PermanentlyDelete This action permanently purges a message from the mailbox
n MarkAsPastRetentionLimit This action marks a message as past its retention limit Outlook 2010 and Office Outlook 2007 clients use strikethrough text when displaying messages that are past their retention limit
Creating and Configuring Retention Tags
You can use the Exchange Management Shell (EMS) but not the Exchange Management Console (EMC) to create and modify RPTs, DPTs, and personal tags For example, the following command creates an RPT for the default folder Deleted Items When the tag is applied to a mailbox, items in the Deleted Items folder are permanently deleted in 45 days:New-RetentionPolicyTag "Tag-EXAMPLE-DeletedItems" -Type "DeletedItems" -Comment
"Deleted Items purged in 45 days" -RetentionEnabled $true -AgeLimitForRetention
45 -RetentionAction PermanentlyDelete
Figure 11-1 shows some of the output from this command
FIGURE 11-1 Creating an RPT
NOTE THE MESSAGECLASS PARAMETER AND THE ISPRIMARY PARAMETER
The New-RetentionPolicyTag cmdlet supports the MessageClass parameter However, in
Windows Exchange Server 2010, only the default value of this parameter (*) is supported The IsPrimary parameter specifies that the tag should be displayed as the primary Default Tag in Microsoft Outlook 2010 A tag designated as primary should be of type All
A retention policy cannot have more than one tag set as primary.
Quick Check
n What types of retention tags can you create?
Quick Check Answer
n DPTs, RPTs, and personal tags.
Trang 23The following command creates a DPT When the tag is applied to a mailbox, items
without an inherited or explicitly applied retention tag are moved to the Deleted Items
folder after 180 days:
New-RetentionPolicyTag "Tag-EXAMPLE-Default" -Type All -Comment "Items
without a retention tag are deleted after 180 days." -RetentionEnabled $true
-AgeLimitForRetention 180 -RetentionAction MoveToDeletedItems
Figure 11-2 shows some of the output from this command
FIGURE 11-2 Creating a DPT
The following command creates a personal tag named Tag-PersonalArchive Items to
which the tag is applied are moved to the personal archive after 365 days:
New-RetentionPolicyTag "Tag-PersonalArchive" -Type Personal -Comment "Tagged messages
are moved to the archive after 365 days." -RetentionEnabled $true -AgeLimitForRetention
365 -RetentionAction MoveToArchive
The following command amends the RPT Tag-EXAMPLE-DeletedItems so that items in
the Deleted Items folder are permanently deleted after 30 days:
Set-RetentionPolicyTag "Tag-EXAMPLE-DeletedItems" –AgeLimitForRetention 30
MORE INFO NEW-RETENTIONPOLICYTAG AND SET-RETENTIONPOLICYTAG
For more information about the New-RetentionPolicyTag cmdlet, see http://technet
.microsoft.com/en-us/library/dd335226.aspx For more information about the
Set-RetentionPolicyTag cmdlet, see http://technet.microsoft.com/en-us/library/
dd298042.aspx.
MORE INFO RETENTION TAGS
For more information about retention tags, including an informative diagrammatic
illustration of how they work, see http://technet.microsoft.com/en-us/library/
dd297955.aspx.
Trang 24Creating a Retention Policy and Applying It to Mailboxes
You can use retention policies to group one or more retention tags and apply them to mailboxes Retention tags can be linked to or unlinked from a retention policy at any time, and a mailbox cannot have more than one retention policy
A retention policy can support one or more RPTs, one DPT of type All, and any number of personal tags Note that if you configure a retention policy with no retention tags linked to it, this may result in mailbox items that never expire
You create a retention policy in the EMS by entering a command with the following syntax:New-RetentionPolicy -Name <String> [-Confirm [<SwitchParameter>]] [-DomainController
<Fqdn>] [-Organization <OrganizationIdParameter>] [-RetentionPolicyTagLinks
<RetentionPolicyTagIdParameter[]>] [-WhatIf [<SwitchParameter>]]
For example, the following command creates a retention policy called Accounting that uses the RPT Tag-EXAMPLE-DeletedItems:
New-RetentionPolicy –Name "Accounting" -RetentionPolicyTagLinks
"Tag-EXAMPLE-DeletedItems"
Figure 11-3 shows the output from this command
FIGURE 11-3 Creating a retention policy
You can use a retention policy to group one or more retention tags and assign them to mailboxes and thus enforce message retention settings A mailbox cannot have more than one retention policy assigned to it at any one time If you assign a retention policy to an individual mailbox (or to a mailbox that is in a distribution group) that already has a policy assigned, the new policy assignment will overwrite the existing policy assignment You can use the EMS but not the EMC to assign a retention policy to a mailbox or a distribution group For example, the following command assigns the retention policy Accounting to the Don Hall mailbox:
Set-Mailbox "Don Hall" -RetentionPolicy "Accounting"
Figure 11-4 shows the output from this command Note that you receive a warning that this operation is not supported on client computers running Microsoft Office Outlook 2007
or earlier and that you need to confirm that you want the command to complete
Trang 25FIGURE 11-4 Applying a retention policy to a mailbox
If you assign a retention policy to a distribution group, the policy is assigned to all
mailboxes in the group Any mailbox that previously had a different policy assigned to
it would have its policy assignment overwritten The following command assigns the
Retention policy Accounting to members of the distribution group Accountants:
Get-DistributionGroupMember -Identity "Accountants" | Set-Mailbox -RetentionPolicy
"Accounting"
NOTE ADDING USERS TO OR REMOVING THEM FROM A DISTRIBUTION GROUP
When users are added to or removed from a distribution group, their mailbox retention
policy is not automatically updated To ensure that a policy is applied to new distribution
group members, you need to rerun the command that applies the policy Microsoft
recommends that you schedule commands that allocate retention policies to distribution
groups so that they run automatically at regular intervals.
MORE INFO GET-DISTRIBUTIONGROUPMEMBER AND SET-MAILBOX
For more information about the Get-DistributionGroupMember cmdlet, see http://technet
.microsoft.com/en-us/library/aa996367.aspx For more information about the Set-Mailbox
cmdlet, see http://technet.microsoft.com/en-us/library/bb123981.aspx.
The command to replace a current retention policy with a new retention policy is relatively
complex when compared to the commands that apply a retention policy to a mailbox or
distribution group You need to use the Get-RetentionPolicy cmdlet to obtain details of
the current policy and store these in a variable You then filter using this variable to obtain
the mailboxes that have the current retention policy applied to them and apply the new
policy to each of these mailboxes The following command applies the new retention policy
New -Retention-Policy to all mailboxes that currently have the policy Old-Retention-Policy
applied to them:
$OldPolicy={RetentionPolicy "Old-Retention-Policy"}.distinguishedName |
Get-Mailbox -Filter {RetentionPolicy -eq $OldPolicy} -Resultsize Unlimited | Set-Get-Mailbox
-RetentionPolicy "New-Retention-Policy"
MORE INFO GET-RETENTIONPOLICY AND GET-MAILBOX
For more information about the Get-RetentionPolicy cmdlet, see http://technet.microsoft
.com/en-us/library/dd298086.aspx For more information about the Get-Mailbox cmdlet,
see http://technet.microsoft.com/en-us/library/bb123685.aspx.
Trang 26NOTE RETENTION POLICY TAGS AND DEFAULT FOLDERS
RPTs are applied to default folders, such as Inbox, Deleted Items, and Sent Items, as
specified in the retention policy, and users cannot change the RPTs associated with default folders However, a user can apply a personal tag to an item in a default folder The item could then have a different retention setting than the folder in which it is stored A user can also assign a personal tag to a user-created folder and a different personal tag to
an item in that folder.
Starting, Stopping, and Scheduling the Managed Folder Assistant
The Managed Folder Assistant is a Mailbox Assistant utility that applies the message retention settings you configure using retention policies or managed folder mailbox policies If
a mailbox uses a managed folder mailbox policy, the Managed Folder Assistant also creates any managed folders required and applies managed content settings to them When the Managed Folder Assistant applies retention policies and managed folder mailbox policies
to user mailboxes it processes mailboxes that have an applied retention policy or a managed folder mailbox policy It applies the retention tags included in the policy to default folders and the entire mailbox Any personal tags included in the policy are provisioned and become available to users in Microsoft Outlook 2010 and Microsoft Office OWA
Messages that have some retention value are retained, although users can still delete
or remove messages from their mailboxes If your organization requires that messages be retained outside a user’s mailbox for long-term storage, you should consider implementing journaling as described in Lesson 2 of this chapter, “Implementing Compliance.”
The Managed Folder Assistant applies a retention policy by inspecting items in the
mailbox and determining whether they are subject to retention It then stamps items with the appropriate retention tags and takes the specified retention action on items that are past their retention age It does not take any action on messages that are not subject to retention When an item is not subject to retention, its retention tag’s RetentionEnabled property is set to $false You can manually set this property to $false to temporarily suspend items with
a particular tag from being processed
By default, the Managed Folder Assistant runs daily from 1:00 am until 5:00 am However, it stops as soon as all mailboxes are processed rather than running continuously until the end of the scheduled period You can schedule the assistant to run at a time when the Mailbox server
Trang 27is relatively idle or not under a heavy load If you decide to reschedule the Managed Folder
Assistant, you need to take into account other processes that compete for Mailbox server
resources, such as offline defragmentation of the mailbox database and antivirus scans
You can use either the EMC or the EMS to schedule the Managed Folder Assistant If you
use the EMC, the procedure is as follows:
1. Open the EMC and expand the tree in the Console pane
2. Under Server Configuration, click Mailbox
3. In the Result pane, right-click the Mailbox server for which you want to schedule
the Managed Folder Assistant and click Properties
4. Click the Messaging Records Management tab in the Properties dialog box
5. In the Schedule The Managed Folder Assistant box, select Use Custom Schedule
Click Customize
6. In the Select Schedule dialog box, shown in Figure 11-5, select the times and days
during which you want the Managed Folder Assistant to run
FIGURE 11-5 The Select Schedule dialog box
7. Click OK to close the Select Schedule dialog box Click OK again to close the
Properties dialog box
You can use the EMS to schedule the Managed Folder Assistant or to start it immediately
For example, the following command sets the Managed Folder Assistant schedule on Mailbox
server VAN-EX1 to start running at 15:00 (3:00 pm) on a Sunday and continue running until all
mailboxes are processed or until 13:00 (1:00 pm) on the following Sunday, whichever comes
first:
Set-MailboxServer -Identity VAN-EX1 -ManagedFolderAssistantSchedule "Sun.15:00
-Sun.13:00"
Trang 28When you manually start the Managed Folder Assistant, it continues running until all mailboxes on the Mailbox server are processed or until the Managed Folder assistant is stopped manually The following commands start and stop the Managed Folder Assistant, respectively:Start-ManagedFolderAssistant
Stop-ManagedFolderAssistant
When you stop the Managed Folder Assistant manually, you are prompted for confirmation
MORE INFO SET-MAILBOXSERVER, START-MANAGEDFOLDERASSISTANT,
AND STOP-MANAGEDFOLDERASSISTANT
For more information about the Set-MailboxServer cmdlet, see http://technet.microsoft
.com/en-us/library/aa998651.aspx For more information about the
Start-ManagedFolderAssistant cmdlet, see http://technet.microsoft.com/en-us/library/
aa998864.aspx For more information about the Stop-ManagedFolderAssistant cmdlet,
see http://technet.microsoft.com/en-us/library/bb123532.aspx.
NOTE MOVING ITEMS BETWEEN FOLDERS
A mailbox item moved from one folder to another inherits any tags applied to the folder
to which it is moved If you move an item to a folder that has no tag assigned, the DPT is applied to it If the item has a tag explicitly assigned to it, the assigned tag always takes precedence over any folder-level tags or the default tag.
Removing or Deleting a Retention Tag from a Retention Policy
When you remove a retention tag from the retention policy applied to a mailbox, the tag
is no longer available to the user and cannot be applied to items in the mailbox Existing items that have been stamped with the tag continue to be processed by the Managed Folder Assistant, and any retention action specified in the tag is applied to those messages Any existing mailbox items with the tag applied will continue to expire based on the tag’s settings
However, if you use the Remove-RetentionPolicyTag cmdlet to delete the tag, the tag
definition stored in Active Directory is removed The next time the Managed Folder Assistant runs, it processes all items that have the removed tag applied and restamps them
If you disable retention for a retention tag, the Managed Folder Assistant ignores items that have that tag applied Items that have a retention tag for which retention is disabled never expire Because these items are still considered tagged items, the DPT does not apply to them For example, if you want to troubleshoot retention tag settings, you can temporarily disable
a retention tag to stop the Managed Folder Assistant from processing messages with that tag
MORE INFO REMOVE-RETENTIONPOLICYTAG
For more information about the Remove-RetentionPolicyTag cmdlet, see http://technet
.microsoft.com/en-us/library/dd335092.aspx.
Trang 29Quick Check
n What EMS command manually stops the Managed Folder Assistant?
Quick Check Answer
n Stop-ManagedFolderAssistant
Placing a Mailbox on Retention Hold
When users are temporarily out of the office and do not have access to email, you can apply
retention to new messages Depending on the retention policy, messages may be deleted or
moved to a user’s personal archive, but you can temporarily suspend such retention policies
for a specified period by placing the mailbox on retention hold When you place a mailbox
on retention hold, you can specify a retention comment that informs the mailbox user
(or another user authorized to access the mailbox) about the retention hold, including when the
hold is scheduled to begin and end Retention comments are displayed in supported Outlook
clients You can also localize the retention hold comment in the user’s preferred language
During long absences from work, users may accrue a large amount of email Depending
on the volume of email and the length of absence, it may take these users several weeks
to sort through their messages In such cases, consider the additional time it may take the
users to catch up on their mail before removing mailboxes from retention hold Also, placing
a mailbox on retention hold does not affect how mailbox storage quotas are processed
Depending on the mailbox usage and applicable mailbox quotas, you should consider
temporarily increasing the mailbox storage quota for users when they are on vacation
or do not have access to email for an extended period
MORE INFO CONFIGURING STORAGE QUOTAS
For more information about configuring mailbox storage quotas, see http://technet
.microsoft.com/en-us/library/aa998353.aspx.
You can use the EMC or the EMS to place a mailbox on retention hold regardless of
whether the mailbox has a retention policy or a managed folder mailbox policy applied to it
To use the EMC, you access the Properties dialog box of the relevant mailbox and then
access the Message Records Management dialog box from the Mailbox Settings tab You
can then enable retention hold and configure start and stop dates and times
To configure retention hold through the EMS, you use the Set-Mailbox cmdlet to
set the RetentionHoldEnabled parameter to $true The StartDateForRetentionHold and
EndDateForRetentionHold parameters of the same cmdlet let you specify when the retention
hold starts and stops You can release a retention hold by setting the RetentionHoldEnabled
parameter to $false For example, the following command enables retention hold for the Kim
Akers mailbox and specifies retention start and stop dates:
Set-Mailbox –Identity "Kim Akers" –RetentionHoldEnabled $true –StartDateForRetentionHold
10-1-2011 –EndDateForRetentionHold 11-3-2011
Trang 30You use the EMC to configure a retention hold and the EMS to release that retention hold
in a practice session at the end of this chapter
MORE INFO RETENTION HOLD
For more information about how to place a mailbox on retention hold, see http://technet
.microsoft.com/en-us/library/dd335168.aspx.
Administrating Managed Folders
You can use the Exchange Server 2010 Managed Folders MRM feature to specify retention settings for default folders such as Inbox, Deleted Items, and Sent Items In addition, you can create custom managed folders and specify their retention settings Your users can classify messages for retention and move these messages to appropriate managed folders based on their retention requirements You can define two types of managed folders:
n Managed default folders These are managed folder objects created for default folders, such as Inbox, Deleted Items, Sent Items, and so on When you set up Exchange Server 2010, you create a set of managed default folders that are displayed
on the Managed Default Folders tab in the EMC Optionally, you can create additional folders for different sets of users
n Managed custom folders These are managed folder objects you can use to create custom folders in a user’s mailbox Managed custom folders are created under a top-level folder called Managed Folders Each mailbox that has managed custom folders requires an Exchange Server Enterprise client access license (CAL)
MORE INFO CLIENT ACCESS LICENSING
For more information about CAL on Windows Server 2008 R2, see http://www.microsoft
.com/windowsserver2008/en/us/client-licensing.aspx.
Managed content settings specify the retention and journaling settings for a managed folder You can configure settings for a specific message class (for example, email messages, calendar items, and tasks) or for all message classes You can specify multiple managed content settings for different message classes This lets you specify different retention settings for different types of items in the same folder
These retention settings include a message class, whether retention is enabled for the specified message class, the retention age, and a retention action The retention age specifies the period for which a message is retained in the mailbox The retention action specifies the action to take after the item is past its retention age For example, you can create a managed content setting for a managed default folder that moves all items to the Recovery Items folder after 100 days
Trang 31You can select from one of the following retention actions:
n Move to the Deleted Items folder
n Move to a managed custom folder you have previously created
n Delete and allow recovery This moves items to the Recoverable Items folder
Deleted items are available for recovery from this folder until the specified deleted
item retention time for the mailbox database or the user mailbox elapses
n Permanently delete
n Mark as past retention limit This marks items as expired after they reach their
retention age Items marked as expired are displayed by using strikethrough text in
Microsoft Outlook 2010 and Microsoft Office Outlook 2007
You can also specify whether the retention age is calculated from when a message is
delivered to a mailbox or from when it is moved to the folder it currently resides in For
calendar items and recurring tasks, the retention age is calculated from the end date of
the item Detailed procedures for creating managed content settings are described later
in this lesson, and you configure such settings in a practice exercise later in this chapter
MORE INFO RETENTION AGE
For more information about how the retention age is calculated, see http://technet
.microsoft.com/en-us/library/bb430780.aspx.
Creating Managed Default Folders and Managed Custom Folders
Before you can create managed content settings, you must have at least one managed
default folder or one managed custom folder to which you can apply these settings
A managed default folder is a mailbox folder (such as the Inbox folder) that appears in Office
Outlook 2007 and Office 2010 by default and to which MRM has been applied A managed
custom folder is a managed folder that is created by an Exchange administrator and placed in
a user mailbox for MRM purposes To use the EMC to create a managed default folder, carry
out the following procedure:
1. Open the EMC and expand the Console tree
2. Under Organization Configuration, click Mailbox
3. In the Actions pane, click New Managed Default Folder This starts the New
Managed Default Folder Wizard
4. On the New Managed Default Folder page, shown in Figure 11-6, complete the
following fields:
n Name This is the name of the managed folder object in Active Directory and does
not change the standard name of the default folder (such as Inbox) that appears in
user mailboxes This name can be up to 65 characters in length
Trang 32n Default Folder Type Select the type of default folder that you want to create (for example, Inbox) from the list provided.
n Display The Following Comment When The Folder Is Viewed In Outlook A typical comment might be “Messages are removed from this folder after 120 days.” The maximum length of this comment is 255 characters Note that you can use the
Set-ManagedFolder EMS cmdlet to configure comments localized to, for example,
different countries
n Do Not Allow Users To Minimize This Comment In Outlook You should select this check box to prevent Outlook users from minimizing the comment that you entered
in the preceding box
FIGURE 11-6 Completing the New Managed Default Folder page
5. Click New On the Completion page, a status of Completed indicates that the wizard completed the task successfully A status of Failed indicates that the task was not completed If the task fails, review the summary for an explanation and then click Back
to make any configuration changes required
Trang 33You can also use the EMS to create a managed default folder The following command
creates a managed default folder named Corporate-Inbox with the comment “Messages are
removed from the Inbox folder after 120 days.”:
New-ManagedFolder -Name "Corporate-Inbox" -DefaultFolderType Inbox -Comment "Messages
are removed from the Inbox folder after 120 days" -MustDisplayComment $true
Figure 11-7 shows the output from this command
FIGURE 11-7 Creating a managed default folder using the EMS
EXAM TIP
The New-ManagedFolder cmdlet creates a managed folder but cannot be used to
configure an existing one You can use the Set-ManagedFolder cmdlet to configure
an existing managed folder but not to create a new one.
The procedure to create a managed custom folder using the EMS is very similar to the
procedure described earlier for creating a managed default folder, except that you click New
Managed Custom Folder in the EMC Actions pane and start the New Managed Custom Folder
Wizard The New Managed Custom Folder page, shown in Figure 11-8, lets you configure the
following settings:
n Name This is the name of the new managed custom folder object in Active Directory
It does not appear in users’ mailboxes This name can be up to 65 characters in length
n Display The Following Name When The Folder Is Viewed In Office Outlook This is
the name that users see when they view the folder in Outlook By default, this
is the same name as the one you enter in the Name box This name can be up to
255 characters in length
n Storage Limit (KB) For This Folder And Its Subfolders You can select this check box
and specify the maximum size for the folder and its subfolders combined
n Display The Following Comment When The Folder Is Viewed In Outlook A typical
comment might be “The storage limit for this folder is 1 GB.” The maximum length of
this comment is 255 characters Note that you can use the Set-ManagedFolder EMS
cmdlet to configure comments localized to, for example, different countries
n Do Not Allow Users To Minimize This Comment In Outlook You should select this
check box to prevent Outlook users from minimizing the comment that you entered in
the preceding box
Trang 34FIGURE 11-8 The New Managed Custom Folder page
As with managed default folders, you can use the New-ManagedFolder EMS cmdlet to
create a managed custom folder, although different parameters are specified for the two types of folders For example, the following command creates the managed custom folder Business Critical with a folder quota of 1.5 GB and enables a folder comment:
New-ManagedFolder -Name "Business Critical" -FolderName "Business Critical"
-StorageQuota 1.5GB -Comment "This is a managed folder with a 1.5GB storage limit." -MustDisplayComment $true
Figure 11-9 shows the output from this command
FIGURE 11-9 Creating a managed custom folder using the EMS
MORE INFO NEW-MANAGEDFOLDER
For more information about the New-ManagedFolder cmdlet, see http://technet.microsoft
.com/en-us/library/bb125245.aspx.
Trang 35Creating and Configuring Managed Content Settings
Managed content settings are used to define message retention settings and retention action
for managed folders For example, the managed content settings that you apply to a user’s
Inbox folder could specify that its contents are automatically deleted or moved to another
folder after a specified number of days
You can control message life span by controlling content retention and removing content
that is no longer needed and by automatically copying important content to a separate
storage location outside the mailbox This is known as journaling The journaling storage
location can be any location that has a Simple Mail Transfer Protocol (SMTP) email address,
including another Exchange mailbox When an item is journaled, a label that indicates how
the user classified the item is applied to it Journaling is discussed in more detail in Lesson 2
You can use the EMC or the EMS to create managed content settings and configure
journaling The procedure using the EMC is as follows:
1. Open the EMC and expand the Console tree
2. Under Organization Configuration, click Mailbox
3. In the Result pane, click either the Managed Default Folders tab or the Managed
Custom Folders tab as appropriate Click the managed folder you want to configure
4. In the Actions pane, under the name of the folder you have selected, click New
Managed Content settings to start the New Managed Content Settings Wizard
5. On the Introduction page, shown in Figure 11-10, complete the following fields
as appropriate:
n Name Of The Managed Content Settings To Be Displayed In The Exchange
Management Console
n Message Type
n Length Of Retention Period (Days)
n Retention Period Starts
n Action To Take At End Of Retention Period
6. Click Next You can use journaling to automatically forward a copy of an item of the
specified message type to another location If you want to do this, select the Forward
Copies To check box and complete the following fields on the Journaling page:
n Assign The Following Label To The Copy Of The Message You can browse for a
suitable recipient
n Format Of Copied Message Attached To Journal Report This can be Exchange
Messaging Application Programming Interface Message Format or Outlook
Message Format
7. Click Next On the New Managed Content Settings page, review your configuration
settings If you are satisfied, click New to create the managed content settings
8. On the Completion page, review the status If the status is Completed, click Finish to
close the wizard Otherwise, click Back to review your settings
Trang 36FIGURE 11-10 The Introduction page of the New Managed Content Settings Wizard
You can use the New-ManagedContentSettings EMS cmdlet to create managed content
settings For example, the following command creates managed content settings for the managed default folder Calendar with the name MyCalendarContentSettings, the message class CalendarItems, the age limit for retention 30 days, and the retention action Move
to Deleted Items:
New-ManagedContentSettings -FolderName Calendar -MessageClass CalendarItems -Name MyCalendarContentSettings -RetentionEnabled $true -RetentionAction MoveToDeletedItems -AgeLimitForRetention 30
MORE INFO NEW-MANAGEDCONTENTSETTINGS
For more information about the New-ManagedContentSettings cmdlet, see http://technet
.microsoft.com/en-us/library/bb124565.aspx
As with creating managed content settings, you can reconfigure existing settings by using either the EMC or the EMS To use the EMC to configure managed content settings, carry out the following procedure:
1. Open the EMC and expand the Console tree
2. Under Organization Configuration, click Mailbox
Trang 373. Click either the Managed Default Folders tab or the Managed Custom Folders tab
(as appropriate) in the Result pane
4. Expand the managed folder the contents of which you want to reconfigure
Click the managed content settings
5. Click Properties under the name of the managed content settings in the Actions pane
NOTE YOU CANNOT CREATE A NEW MANAGED FOLDER BY ACCESSING
THIS PROPERTIES DIALOG BOX
You cannot create a new managed folder by using this procedure If the managed folder
does not exist, you need to use the New Managed Custom Folder Wizard or the
New-ManagedCustomFolder EMS cmdlet (as described previously in this section) to
create it.
6. Click the General tab, shown in Figure 11-11, and reconfigure managed content settings
(for example, retention period) The settings configurable on the General tab are the
same as those you specified when you configured managed content settings earlier,
for example, Name, Message Type, Length Of Retention Period (Days), and so on
FIGURE 11-11 The General tab of the managed folder Properties dialog box
7. Click the Journaling tab This lets you amend the journaling settings you configured
earlier
8. Click OK to confirm your changes and close the Properties dialog box Note that if you
decide not to amend any settings, you will get a warning to that effect
Trang 38You can also use the Set-ManagedContentSettings EMS cmdlet to configure managed
content settings The following command configures the managed content setting
“Management-Inbox settings” to apply a retention age of 100 days, delete messages
on expiration, and allow recovery
Set-ManagedContentSettings -Identity "Management-Inbox settings" -RetentionEnabled
$true -AgeLimitForRetention 100 -RetentionAction DeleteAndAllowRecovery
EXAM TIP
The Set-ManagedContentSettings cmdlet amends managed content settings you have
already configured but cannot be used to specify initial managed content settings for
a managed folder The New-ManagedContentSettings cmdlet specifies the initial managed
content settings for a managed folder but cannot be used to reconfigure existing managed content settings.
Creating and Reconfiguring a Managed Folder Mailbox Policy
You can use managed folder mailbox policies to create linked groups of managed folders When a managed folder mailbox policy is applied to users’ mailboxes, all the managed folders that linked to the policy are deployed in a single operation You can create as many managed folder mailbox policies as you need and add as many managed folders to each policy as you want However, each user mailbox can be linked to only one managed folder mailbox policy
If your organization has existing managed folders (including their corresponding managed content settings), you can add them to the managed folder mailbox policy as you create it You can also add or remove managed folders from a managed folder mailbox policy anytime after the policy is created After you assign a managed folder mailbox policy to a mailbox user, the managed folders and settings are applied to the mailbox when the Managed Folder Assistant (described earlier in this lesson) runs and processes the mailbox
NOTE THE ENTIRE MAILBOX MANAGED DEFAULT FOLDER
Managed content settings that are applied to the Entire Mailbox folder control every
folder in the mailbox except managed custom folders (and their subfolders) and managed default folders (and their subfolders) If a default folder in a mailbox is not linked to a
managed folder mailbox policy, then the Entire Mailbox policy will apply to that default folder.
To use the EMC to create a managed folder mailbox policy, carry out the following
procedure:
1. Open the EMC and expand the Console tree
2. Under Organization Configuration, click Mailbox
3. Click New Managed Folder Mailbox Policy in the Actions pane This starts the New Managed Folder Mailbox Policy Wizard
Trang 394. On the New Mailbox Policy page, shown in Figure 11-12, in the Managed Folder
Mailbox Policy Name section, complete the Specify The Managed Folders That You
Want To Link To This Policy field You can click Add and use the Select Managed Folder
dialog box to select the managed folders that you want to link to the policy, or you can
select a managed folder from the list and then click the Remove button (the red cross)
to remove it from the policy Note that only one folder of a given default folder type
(such as Inbox) can be linked to a managed folder mailbox policy
FIGURE 11-12 The New Mailbox Policy page of the New Managed Folder Mailbox Policy Wizard
5. On the Completion page, review the status If the status is Completed, click Finish to
close the wizard Otherwise, click Back to review your settings
You can use the New-ManagedFolderMailboxPolicy EMS cmdlet to create a managed
folder mailbox policy The following command creates the managed folder mailbox policy
MyManagedFolderMailboxPolicy and links the Inbox managed default folder and the
Business Critical managed customer folder to the policy:
New-ManagedFolderMailboxPolicy -Name "MyManagedFolderMailboxPolicy" -ManagedFolderLinks
Inbox,"Business Critical"
MORE INFO NEW-MANAGEDFOLDERMAILBOXPOLICY
For more information about the New-ManagedFolderMailboxPolicy cmdlet, see
http://technet.microsoft.com/en-us/library/aa996346.aspx.
Trang 40When you have created a managed folder mailbox policy, you might subsequently want
to amend it You can use both the EMC and the EMS to reconfigure managed folder mailbox policy settings To use the EMC for this purpose, carry out the following procedure:
1. Open the EMC and expand the tree in the Console pane
2. Under Organization Configuration, click Mailbox
3. Click the Managed Folder Mailbox Policies tab in the Result pane, expand the
appropriate managed folder, and then click the managed folder mailbox policy you want to configure
4. In the Actions pane, click Properties under the name of the managed folder mailbox policy you want to configure Note that the Properties dialog box lets you amend a policy You cannot use this procedure to create one
5. On the General tab, you can view or configure the following managed folder mailbox policy settings:
n Name This unlabeled box lets you view and, if required, modify the policy name
n Modified This field displays the most recent date and time that the managed folder mailbox policy was modified You cannot edit it
n Managed Folders That Are Associated With This Policy You can add or remove folders with the same procedure that you used to specify folders when you set up the policy
6. Click OK
You can also use the EMS to configure managed folder mailbox policies Note that you
use the Set-ManagedFolderMailboxPolicy cmdlet to amend an existing policy If you want
to create a new policy, you need to use the New-ManagedFolderMailboxPolicy cmdlet
The following command adds the Calendar managed default folder to the managed folder mailbox policy MyMailboxPolicy:
Set-ManagedFolderMailboxPolicy -Identity MyMailboxPolicy -ManagedFolderLinks Calendar
MORE INFO SET-MANAGEDFOLDERMAILBOXPOLICY
For more information about the Set-ManagedFolderMailboxPolicy cmdlet, see
http://technet.microsoft.com/en-us/library/bb124386.aspx.
Applying a Managed Folder Mailbox Policy to Users
When you apply a managed folder mailbox policy to user mailboxes, all the managed folders linked to the policy are deployed in a single operation As with retention policies, you can assign only one managed folder mailbox policy to a user mailbox If you assigned a managed folder policy to a mailbox that already had a managed folder policy (or a retention policy) assigned, the new retention settings would override the existing settings