Upload
others
View
5
Download
0
Embed Size (px)
Citation preview
Managing your Exchange Architecture LEARN EXCHANGE – PART 2
© 2014 Veeam Software. All rights reserved. All trademarks are the property of their respective owners.
Niels Engelen System Engineer, Veeam Software [email protected]
Johan Huttenga System Engineer, Veeam Software [email protected]
Recap: Last Session
We’ve discussed: ‐ Exchange 2013 Architecture
‐ Deployment Planning
‐ Installing Exchange 2013
Last Time our session on the 21st of August
Session Overview
We’ll be discussing: ‐ Exchange Management
‐ Troubleshooting Mail Flow
‐ Compliance Policies (including DLP and Email Archiving)
‐ Monitoring Exchange (Events, SCOM, and Best Practice Analyzer)
© 2014 Veeam Software. All rights reserved. All trademarks are the property of their respective owners.
Co-Existence
Popular Question from last session
Co-Existence with Exchange 2010 and 2007
‐ You’ll need to plan carefully (will need Exchange 2010 SP3 or higher, Exchange 2007 SP3 rollup 10 or higher and Exchange 2013 CU2 or higher)
‐ Make sure that you’ve verified DNS namespaces, and that Outlook Anywhere is enabled on the older Exchange servers.
© 2014 Veeam Software. All rights reserved. All trademarks are the property of their respective owners.
Exchange Management
Management Tools Exchange 2013
Exchange Admin Center (http://<server>/ecp)
Exchange Management Shell
PowerShell baby! Exchange 2013
‐ Mailbox management: ‐ New-Mailbox, Get-Mailbox, Enable-Mailbox, Remove-Mailbox,...
‐ Mailbox configuration: ‐ New-MailboxFolder, Get-MailboxFolder, New-MailMessage
Remember: Get-Help <cmdlet>
For example, Get-Help Get-Mailbox
PowerShell baby! Exchange 2013
‐ Active Directory
‐ Anti-spam and anti-malware
‐ Client Access
‐ Cmdlet extension agent
‐ Email address and address book
‐ Federation and hybrid
‐ High availability
‐ Mail flow
‐ Mailbox
‐ Mailbox database
‐ Mailbox server
‐ Move and migration
‐ Organization
‐ Permissions
‐ Policy and compliance
‐ Security
‐ Server health, monitoring, and performance
‐ Sharing and collaboration
‐ Unified Messaging
‐ Users and groups
Certificate Management Exchange 2013
‐ You’ll need to configure split brain DNS, UPN (User Principal Names) accepted domains, and then setup certificates for public facing CAS servers.
‐ You can have a look at the details here: www.msexchange.org/articles-tutorials/exchange-server-2013/management-administration/managing-certificates-exchange-server-2013-part1.html
DAG Management Exchange 2013
‐ A single NIC for DAG members is supported, but members must have the same networks (for MAPI and Replication traffic). Remember binding order!
‐ Don’t use circular logging for VSS support.
‐ Having a few DAGs that are smaller instead of really large ones (improved
DAG replication), but having less disks reduces snapshot creation time for VM backup. Remember witness file shares!
‐ You can change heartbeats to avoid cluster failover (multi-site
deployments):
cluster /prop
Maintenance Mode for Mailbox Servers
‐ Ensures that your users wont be affected by patching and hardware maintenance.
Exchange 2013
Set-ServerComponentState <server> -Component HubTransport -State Draining -Requester Maintenance Restart-Service MSExchangeTransport #if server is multi-role: Restart-Service MSExchangeTransport Restart-Service MSExchangeFrontEndTransport Redirect-Message -Server <server> -Target <MailboxServerFQDN> Suspend-ClusterNode <server> Set-MailboxServer <server> -DatabaseCopyActivationDisabledAndMoveNow $True Get-MailboxServer <server> | Select DatabaseCopyAutoActivationPolicy Set-MailboxServer <server> -DatabaseCopyAutoActivationPolicy Blocked Set-ServerComponentState <server> -Component ServerWideOffline -State Inactive -Requester Maintenance
© 2014 Veeam Software. All rights reserved. All trademarks are the property of their respective owners.
Troubleshooting Mail Flow
Mail Transport
‐ SMTP is used to transfer messages (send and receive) in and out of the email organization.
Exchange 2013
Oh no, something is wrong
‐ Delivery reports can be run in the Exchange Admin Center
Troubleshooting Mail Flow
PowerShell baby!
‐ Exchange 2013 is all about PowerShell
‐ Test health and functionality of your servers
‐ All cmdlets start with Test-
‐ Pre-defined scripts! ‐ C:\Program Files\Microsoft\Exchange Server\V15\scripts
‐ Or using
Troubleshooting Mail Flow
Get-Command -Verb Test | Where Module -match $env:computername
PS: cd $exscripts
PowerShell baby!
‐ Creating the test user:
‐ Testing the mailflow:
‐ Testing DAG replication:
Troubleshooting Mail Flow
.\new-TestCasConnectivityUser.ps1
Test-MailFlow
Test-ReplicationHealth –Identity <server>
Get-MailboxDatabaseCopyStatus
‐ Testing the Outlook Web Service
‐ Testing if all the Mailbox Databases are ok
‐ Testing if you can use a mobile device to a mailbox
Test-ActiveSyncConnectivity
Test-OutlookWebServices
PowerShell baby! Troubleshooting Mail Flow
Test-MAPIConnectivity –Server <server>
© 2014 Veeam Software. All rights reserved. All trademarks are the property of their respective owners.
Compliance Policies
Messaging policy and compliance
‐ In-place eDiscovery & hold
‐ Auditing
‐ Data Loss Prevention
‐ Retention Policies
‐ Journaling
Compliance Management
In-place eDiscovery & hold
‐ In-place eDiscovery ‐ Search mailbox data
‐ Copy them to a Discovery mailbox
‐ In-place hold: preserve ESI! ‐ Search mailbox data
‐ Preserve messages from deletion, modification and tampering
Compliance Management
Auditing
‐ Reports to find changes made ‐ Mailboxes
‐ Configuration settings
‐ Even log administrators mailboxes!
‐ Enabled per mailbox
Compliance Management
Set-Mailbox -Identity “Johan" -AuditEnabled $true Set-Mailbox -Identity “Niels" -AuditEnabled $false
Data Loss Prevention
‐ Protect sensitive data from being send or deleted
‐ Comes pre-defined with regulatory standards
Compliance Management
Retention policies
‐ MRM: Messaging Records Management
‐ How long should messages be retained?
‐ Where should the messages be retained?
‐ Should all messages be retained for the same period?
Compliance Management
Journaling
‐ Not the same as archiving!
‐ Record all communications via a transport agent
‐ Can be configured on internal, external or all messages
‐ Reports can be generated for audits
Compliance Management
© 2014 Veeam Software. All rights reserved. All trademarks are the property of their respective owners.
Email Archiving
Making sure the Exchange server runs smoothly
‐ Exchange 2013 is designed to use less IOPS.
Exchange archiving
What do we need?
‐ An archive database
‐ Enable the archive option per mailbox
‐ Optional: multiple archives (used in most cases)
‐ Optional: automated archival
Exchange archiving
‐ Easy setup: all done via the Exchange Administration Center ‐ PowerShell is also supported!
What do we need?
‐ Creating the archive database
Exchange archiving
What do we need?
‐ Enabling archiving for a user
Exchange archiving
© 2014 Veeam Software. All rights reserved. All trademarks are the property of their respective owners.
Monitoring Exchange
Using Event Viewer
An overview of logs for monitoring, compliance and troubleshooting.
Exchange monitoring
Using SCOM
An overview of all components: state, health, and performance
Exchange monitoring
Using BPA
Is integrated with Office 365, and allows you to review your environment for issues, and provides additional information where necessary.
Exchange monitoring
Further Reading and References
We will be doing a third part of this series, and will publish some supporting material as well at veeam.com.
However if you’d like there is a lot more detailed information available (some of which
we used to create this series):
http://microsoftvirtualacademy.com
http://blogs.technet.com/b/exchange/ (you had me at EHLO)
Next time
We’ll be discussing: ‐ Exchange Security
‐ High Availability and Recovery
‐ Built-in and Veeam Instant Recovery as well Item-level recovery
‐ Exchange patch testing with Veeam’s Virtual Lab
Niels Engelen System Engineer, Veeam Software [email protected]
Johan Huttenga System Engineer, Veeam Software [email protected]
Questions?