30
RAJI SUBRAMANIAN Email: [email protected] Blog:http://rajisubramanian.wordpress.com http://rajisubramanian.blogspot.in 3/9/2014 Exchange Server 2013 Operation Guide

Exchange Server 2013 Operation Guide - TechNet Gallery · 4.4 Role Group Creation ... 5.2.1 Creating a mail contact using Exchange Admin Center ... Exchange Server 2013 Operation

Embed Size (px)

Citation preview

Page 1: Exchange Server 2013 Operation Guide - TechNet Gallery · 4.4 Role Group Creation ... 5.2.1 Creating a mail contact using Exchange Admin Center ... Exchange Server 2013 Operation

RAJI SUBRAMANIAN

Email: [email protected]

Blog:http://rajisubramanian.wordpress.com

http://rajisubramanian.blogspot.in

3/9/2014

Exchange Server 2013 Operation Guide

Page 2: Exchange Server 2013 Operation Guide - TechNet Gallery · 4.4 Role Group Creation ... 5.2.1 Creating a mail contact using Exchange Admin Center ... Exchange Server 2013 Operation

Exchange Server 2013 Operation Guide 1

Revision and Signoff Sheet

Date Author Version Change reference

07-Mar-14 Raji Subramanian 0.0 Initial Release. (Draft)

14-Mar-14 Raji Subramanian 0.1 Removal DAG network & Powershell cmdlet for Email client

20-Mar-14 Raji Subramanian 0.2 Added Exchange Server 2013 Email Tracking Powershell cmdlet

26-Mar-14 Raji Subramanian 0.3 Updated with Mailbox, Groups, Contact Powershell cmdlet

Page 3: Exchange Server 2013 Operation Guide - TechNet Gallery · 4.4 Role Group Creation ... 5.2.1 Creating a mail contact using Exchange Admin Center ... Exchange Server 2013 Operation

Exchange Server 2013 Operation Guide 2

TABLE OF CONTENTS

1 Introduction ............................................................................................................................................................................ 5

2 Exchange Admin Center .......................................................................................................................................................... 5

3 Installation of Exchange Server 2013 Management Tool ........................................................................................................ 5

3.1 Installation of Exchange Server 2013 Management Tool in Windows 7 ....................................................................... 5

3.2 Installation of Exchange Server 2013 Management Tool in Windows 8 ....................................................................... 6

4 Exchange 2013 Role Based Access Control ............................................................................................................................. 6

4.1 Built in Role Groups ....................................................................................................................................................... 6

4.2 Built In Management Role ............................................................................................................................................. 7

4.3 Exchange Server 2013 Scope Creation .......................................................................................................................... 8

4.4 Role Group Creation ...................................................................................................................................................... 8

4.5 Add Role Group Member .............................................................................................................................................. 8

5 Operations Management ........................................................................................................................................................ 9

5.1 Mailbox Management ................................................................................................................................................... 9

5.1.1 Creation of user mailbox using Exchange Admin Center ..................................................................................... 9

5.1.2 Creating & enabling user mailbox using Exchange Powershell ............................................................................ 9

5.1.3 Creating Bulk User Mailbox.................................................................................................................................. 9

5.1.4 Enabling and Disabling User Mailbox ................................................................................................................... 9

5.1.5 Connecting User Mailbox ................................................................................................................................... 10

5.1.6 Removing User Mailbox ..................................................................................................................................... 10

5.1.7 Creating Resource and Room Mailbox ............................................................................................................... 10

5.1.8 Purging message content of user mailbox ......................................................................................................... 10

5.1.9 Managing Mailbox Permission for user mailbox ................................................................................................ 10

5.1.10 Verifying the Mailbox Permission ...................................................................................................................... 10

5.1.11 Enabling and disabling Auto-reply & OOF for Mailbox ...................................................................................... 10

5.1.12 Cleaning Mailbox in Database ............................................................................................................................ 11

5.1.13 To check Soft Deleted Mailbox .......................................................................................................................... 11

5.1.14 To verify disconnected Mailbox ......................................................................................................................... 11

5.1.15 To Connect the disconnected Mailbox .............................................................................................................. 11

5.1.16 Moving Mailbox using Exchange Powershell ..................................................................................................... 11

5.1.17 Checking the Move request statistics ................................................................................................................ 11

5.1.18 Viewing Mailbox Statistics ................................................................................................................................. 11

5.1.19 Finding pressure on a mailbox database ........................................................................................................... 12

5.2 Contact Management .................................................................................................................................................. 12

5.2.1 Creating a mail contact using Exchange Admin Center ...................................................................................... 12

5.2.2 Creating a mail contact using Exchange Powershell .......................................................................................... 12

5.3 Distribution Group Management ................................................................................................................................ 12

5.3.1 Creating a Distribution Group using Exchange Admin Center ........................................................................... 12

Page 4: Exchange Server 2013 Operation Guide - TechNet Gallery · 4.4 Role Group Creation ... 5.2.1 Creating a mail contact using Exchange Admin Center ... Exchange Server 2013 Operation

Exchange Server 2013 Operation Guide 3

5.3.2 Creating a Distribution Group using Exchange Powershell ................................................................................ 12

5.3.3 Members approval to add in the Group ............................................................................................................ 12

5.3.4 Sending email from the Group ........................................................................................................................... 13

5.3.5 Email approval for Sending message to the Group ............................................................................................ 13

5.3.6 Restriction of Microsoft Outlook Version for single mailbox ............................................................................. 13

5.3.7 Restriction of Microsoft Outlook Version for mailbox server ............................................................................ 13

5.3.8 Blocking RPC over HTTP for Outlook Clients ...................................................................................................... 14

5.3.9 Enable Microsoft Exchange Cached Mode for Outlook Clients.......................................................................... 14

5.3.10 Disabling Pop3 and IMAP Protocol .................................................................................................................... 14

5.3.11 Disabling access to Outlook Web Access ........................................................................................................... 14

5.3.12 Disabling ActiveSync access ............................................................................................................................... 14

5.3.13 Exchange Server 2013 Service Administration with Powershell cmdlet ............................................................ 14

5.3.14 To Change Regional Time Zone of user mailbox ................................................................................................ 14

5.3.15 Adding additional folder on user mailbox .......................................................................................................... 14

5.3.16 Adding Email Signature on User Mailbox ........................................................................................................... 15

5.3.17 Checking the Mobile Device Statistics ............................................................................................................... 15

5.4 Exchange Server 2013 Email Tracking ......................................................................................................................... 17

5.4.1 Email tracking using Message ID ........................................................................................................................ 17

5.4.2 Email tracking using Start & End Date ID ........................................................................................................... 18

5.4.3 Email tracking using Message Subject on single Transport Server .................................................................... 18

5.4.4 Email tracking using on all the Transport Server ............................................................................................... 18

5.4.5 Email tracking for an specific sender email address .......................................................................................... 18

5.4.6 Email tracking for an specific recipient email address ....................................................................................... 18

5.4.7 Email tracking for the delivery failed messages ................................................................................................. 18

5.4.8 Finding logs for distribution list expansion ........................................................................................................ 18

5.4.9 Find logs for messages from the last 10 minutes ............................................................................................... 18

5.4.10 Find NDR 5.4.6 routing loops in the last day from all transport servers ............................................................ 18

6 Daily Tasks ............................................................................................................................................................................. 19

6.1 Performing Physical Environmental Checks ................................................................................................................ 19

6.2 Performing and Monitoring Backups ........................................................................................................................... 19

6.3 Checking Disk Usage .................................................................................................................................................... 20

6.4 Checking Disk Space .................................................................................................................................................... 20

6.5 Checking the Event Viewer .......................................................................................................................................... 20

6.6 Monitoring Server Performance .................................................................................................................................. 20

6.7 Monitoring the Operating System ............................................................................................................................... 20

7 Weekly Tasks ......................................................................................................................................................................... 20

8 Monthly Tasks ....................................................................................................................................................................... 21

9 Server Administration And Maintenance .............................................................................................................................. 21

Page 5: Exchange Server 2013 Operation Guide - TechNet Gallery · 4.4 Role Group Creation ... 5.2.1 Creating a mail contact using Exchange Admin Center ... Exchange Server 2013 Operation

Exchange Server 2013 Operation Guide 4

9.1 Verifying the Mailbox Database copy status ............................................................................................................... 21

9.2 Step By Step Exchange 2013 Database Recovery ........................................................................................................ 21

9.3 Installing Rollups and patches on Exchange Server 2013 ............................................................................................ 23

9.3.1 Bringing mailbox server MBX01 to Maintenance .............................................................................................. 23

9.3.2 Resuming Exchange server 2013 to normal transport processing ..................................................................... 23

9.3.3 Balancing the Exchange databases in DAG ........................................................................................................ 24

9.3.4 Moving the Primary Active Manager (Optional) ................................................................................................ 24

9.4 Exchange Server 2013 Retention Policy ...................................................................................................................... 24

9.5 Removing additional network interface (Backup, ISCSI and Storage) from Exchange Server 2013 DAG .................... 26

9.5.1 Enable the DAG network as manual .................................................................................................................. 26

9.5.2 Disabling the network in DAG ............................................................................................................................ 26

9.5.3 Verify the DAG network ..................................................................................................................................... 26

9.5.4 Verification of Network role Status in Cluster ................................................................................................... 26

9.5.5 Verifying the Cluster properities ........................................................................................................................ 27

9.5.6 Listing the Cluster Network properities ............................................................................................................. 27

9.5.7 Verifying the Cluster Network Interface status ................................................................................................. 27

9.5.8 Checking the Quorum Type ............................................................................................................................... 27

9.5.9 Check out the incoming and Outgoing Connection status ................................................................................. 27

9.5.10 Check the all the network informated connected to the server ........................................................................ 27

9.6 Step by Step Exchange 2013 DataCenter Failover ....................................................................................................... 27

9.6.1 Exchange DAG Terminology ............................................................................................................................... 27

9.6.2 Verification of Exchange 2013 DAG Components: ............................................................................................. 28

9.6.3 Exchange 2013 Datacenter SwitchOver ............................................................................................................. 29

Page 6: Exchange Server 2013 Operation Guide - TechNet Gallery · 4.4 Role Group Creation ... 5.2.1 Creating a mail contact using Exchange Admin Center ... Exchange Server 2013 Operation

Exchange Server 2013 Operation Guide 5

Exchange Server 2013 Operation Guide

1 INTRODUCTION

This is the draft initial copy prepared for Exchange Server 2013 Operation Guide

2 EXCHANGE ADMIN CENTER

1. Go to the following URL: https://server.mail.com/ecp/

2. Provide your credentials to log into Office 365.

3. Exchange admin center opens in your browser window:

The following figure shows the main components of the Exchange 2013 Admin Center:

3 INSTALLATION OF EXCHANGE SERVER 2013 MANAGEMENT TOOL

3.1 INSTALLATION OF EXCHANGE SERVER 2013 MANAGEMENT TOOL IN WINDOWS 7

Follow the instructions in this section to install the prerequisites on domain-joined Windows 7 64-bit computers where you want

to install the Exchange management tools.

Page 7: Exchange Server 2013 Operation Guide - TechNet Gallery · 4.4 Role Group Creation ... 5.2.1 Creating a mail contact using Exchange Admin Center ... Exchange Server 2013 Operation

Exchange Server 2013 Operation Guide 6

1. Open Control Panel, and then select Programs.

2. Click Turn Windows features on or off.

3. Navigate to Internet Information Services > Web Management Tools > IIS 6 Management Compatibility.

4. Select the check box for IIS 6 Management Console, and then click OK.

After you've installed the operating system features, install the following software in the order shown:

1. Microsoft .NET Framework 4.5

2. The version of Windows Management Framework that corresponds to the version of Exchange 2013 you're installing.

a. Exchange 2013 CU2 or CU3 Windows Management Framework 3.0

b. Exchange 2013 SP1 or later Windows Management Framework 4.0

3. Knowledge Base article KB974405 (Windows Identity Foundation)

Installing the Exchange 2013 management tools

1. Log on to the computer on which you want to install the Exchange 2013 management tools.

2. Navigate to the network location of the Exchange 2013 installation files.

3. At the command prompt, run the following command.

Note: If you have User Access Control (UAC) enabled, you must run Setup.exe from an elevated command prompt.

Setup.exe /Role:ManagementTools /IAcceptExchangeServerLicenseTerms

3.2 INSTALLATION OF EXCHANGE SERVER 2013 MANAGEMENT TOOL IN WINDOWS 8

The Exchange management tools can be installed on a domain-joined computer with a default install of Windows 8 or Windows

8.1 64-bit. Installing the Exchange 2013 management tools

1. Log on to the computer on which you want to install the Exchange 2013 management tools.

2. Navigate to the network location of the Exchange 2013 installation files.

3. At the command prompt, run the following command.

Note: If you have User Access Control (UAC) enabled, you must run Setup.exe from an elevated command prompt.

Setup.exe /Role:ManagementTools /IAcceptExchangeServerLicenseTerms

4 EXCHANGE 2013 ROLE BASED ACCESS CONTROL

4.1 BUILT IN ROLE GROUPS

Role group Description

Organization

Management

Administrators who are members of the Organization Management role group have administrative access

to the entire Exchange 2013 organization and can perform almost any task against any Exchange 2013

object, with some exceptions. By default, members of this role group can't perform mailbox searches and

management of unscoped top-level management roles.

View-Only

Organization

Management

Administrators who are members of the View Only Organization Management role group can view the

properties of any object in the Exchange organization.

Recipient

Management

Administrators who are members of the Recipient Management role group have administrative access to

create or modify Exchange 2013 recipients within the Exchange 2013 organization.

Page 8: Exchange Server 2013 Operation Guide - TechNet Gallery · 4.4 Role Group Creation ... 5.2.1 Creating a mail contact using Exchange Admin Center ... Exchange Server 2013 Operation

Exchange Server 2013 Operation Guide 7

UM

Management

Administrators who are members of the UM Management role group can manage features in the Exchange

organization such as Unified Messaging (UM) service configuration, UM properties on mailboxes, UM

prompts, and UM auto attendant configuration.

Discovery

Management

Administrators or users who are members of the Discovery Management role group can perform searches

of mailboxes in the Exchange organization for data that meets specific criteria and can also configure

litigation holds on mailboxes.

Records

Management

Users who are members of the Records Management role group can configure compliance features, such

as retention policy tags, message classifications, transport rules, and more.

Server

Management

Administrators who are members of this role group can configure server-specific configuration of

transport , client access, and mailbox features such as database copies, certificates, transport queues and

Send connectors, virtual directories, and client access protocols.

Help Desk

Users who are members of the Help Desk role group can perform limited recipient management of

Exchange 2013 recipients.

Hygiene

Management

Users who are members of the Hygiene Management role group can configure the anti-spam and anti-

malware features of Exchange 2013. Third-party programs that integrate with Exchange 2013 can add

service accounts to this role group to grant those programs access to the cmdlets required to retrieve and

configure the Exchange configuration.

Compliance

Management

Users who are members of the Compliance Management role group can configure and manage Exchange

compliance configuration in accordance with their policies.

Public Folder

Management

Administrators who are members of the Public Folder Management role group can manage public folders

on servers running Exchange 2013.

Delegated

Setup

Administrators who are members of the Delegated Setup role group can deploy servers running Exchange

2013 that have been previously provisioned by a member of the Organization Management role group.

4.2 BUILT IN MANAGEMENT ROLE

Built In Exchange 2013 Management Role

Active Directory Permissions Role My Custom Apps Role Organization Transport Settings Role

Address Lists Role My Marketplace Apps Role POP3 and IMAP4 Protocols Role

ApplicationImpersonation Role Mailbox Import Export Role Public Folders Role

ArchiveApplication Role Mailbox Search Role Receive Connectors Role

Audit Logs Role MailboxSearchApplication Role Recipient Policies Role

Cmdlet Extension Agents Role Message Tracking Role Remote and Accepted Domains Role

Data Loss Prevention Role Migration Role Reset Password Role

Database Availability Groups Role Monitoring Role Retention Management Rolet

Database Copies Role MyAddressInformation Role Role Management Role

Databases Role MyBaseOptions Role Security Group Creation and Membership Role

Disaster Recovery Role MyContactInformation Role Send Connectors Role

Distribution Groups Role MyDiagnostics Role Support Diagnostics Role

Edge Subscriptions Role MyDisplayName Role Team Mailboxes Role

E-Mail Address Policies Role MyDistributionGroupMembership Role TeamMailboxLifecycleApplication Role

Exchange Connectors Role MyDistributionGroups Role Transport Agents Role

Exchange Server Certificates Role MyMobileInformation Role Transport Hygiene Role

Exchange Servers Role MyName Role Transport Queues Role

Exchange Virtual Directories Role MyPersonalInformation Role Transport Rules Role

Page 9: Exchange Server 2013 Operation Guide - TechNet Gallery · 4.4 Role Group Creation ... 5.2.1 Creating a mail contact using Exchange Admin Center ... Exchange Server 2013 Operation

Exchange Server 2013 Operation Guide 8

Federated Sharing Role MyProfileInformation Role UM Mailboxes Role

Information Rights Management Role MyRetentionPolicies Role UM Prompts Role

Journaling Role MyTeamMailboxes Role Unified Messaging Role

Legal Hold Role MyTextMessaging Role Unscoped Role Management Role

LegalHoldApplication Role MyVoiceMail Role User Options Role

Mail Enabled Public Folders Role OfficeExtensionApplication Role UserApplication Role

Mail Recipient Creation Role Org Custom Apps Role View-Only Audit Logs Role

Mail Recipients Role Org Marketplace Apps Role View-Only Configuration Role

Mail Tips Role Organization Client Access Role View-Only Recipients Role

Move Mailboxes Role Organization Configuration Role

4.3 EXCHANGE SERVER 2013 SCOPE CREATION

1. Launch an Exchange management Shell console with Run as administrator privileges

2. Execute these commands

Set-AdserverSettings –ViewEntireForest $true

3. Creating custom scope for database

New-ManagementScope -Name <Scope Name> -DatabaseList <Database Name>

4. Creating custom scope for database

New-ManagementScope -Name <Scope Name> -ServerList <Server Name>

4.4 ROLE GROUP CREATION 1. Launch an Exchange Management Shell console with Run as administrator privileges.

2. Create Role group with this command:

New-RoleGroup -Name <Name> -Roles <Role Name> -CustomConfigWriteScope <SCOPE> - RecipientOrganizationalUnitScope “server.mail.com/OU”

Example: New-RoleGroup -Name HelpdeskGroup -Roles “ExchangeAdmin”, “Mail Recipients”, “Mail Recipient

Creation”, “Delegated Setup” -RecipientOrganizationalUnitScope server.mail.com/Org – CustomConfigWriteScope

SCOPE-ORG-EXCHSRV

4.5 ADD ROLE GROUP MEMBER 1. Connect to an Exchange 2010 server with an account that is member of Organization Management role group.

2. Launch an Exchange Management Shell console with Run as administrator privileges.

3. Execute these commands:

Add-RoleGroupMember "<ROLEGROUP>" -Member “<USERNAME>”

Example: Add-RoleGroupMember Helpdesk –Member Raji

Page 10: Exchange Server 2013 Operation Guide - TechNet Gallery · 4.4 Role Group Creation ... 5.2.1 Creating a mail contact using Exchange Admin Center ... Exchange Server 2013 Operation

Exchange Server 2013 Operation Guide 9

5 OPERATIONS MANAGEMENT

Operations management involves the administration of an organization's infrastructure components and includes the day-to-day

administrative tasks, both planned and on-demand, that are required to keep an IT system operating smoothly. Typically,

operations management tasks are covered by written procedures. These procedures provide all support staff with the same

standard tools and methods.

5.1 MAILBOX MANAGEMENT

5.1.1 Creation of user mailbox using Exchange Admin Center

1. Login in Exchange Admin Center - Navigate to Recipients > Mailboxes. 2. Click New > User mailbox. 3. On the New user mailbox page, in the Alias box, type the user’s alias 4. Select one of the following options:

a. Existing user Select to mail-enable and create a mailbox for an existing user. Click Browse to open the Select User – Entire Forest dialog box

b. New user Select to create a new user account in Active Directory and create a mailbox for this user. 5. If you selected New user in Step 4, complete the following boxes on the New user mailbox page. First name, Initials, Last

name, Display name, Name, Organizational unit, User logon name, New Password, Confirm password. 6. Click More options - Specify the mailbox database 7. When you're finished, click Save to create the mailbox.

5.1.2 Creating & enabling user mailbox using Exchange Powershell

Creating new user and mailbox

Syntax: New-Mailbox -Name '<LASTNAME>, <Firstname>' -Alias '<ALIAS>' -OrganizationalUnit '<OU>' UserPrincipalName

'<UPN>@int.cggveritas.com' -SamAccountName '<SAMACCOUNT>' -FirstName '<FIRSTNAME>' -LastName '<LASTNAME>' -

Password (Get-Credential).Password -ResetPasswordOnNextLogon $true -Database '<DATABASE>'

Example New-Mailbox -Alias Raji -Name "Raji Subramanian" -FirstName Raji -LastName Subramanian -DisplayName "Raji

Subramanian" -UserPrincipalName [email protected] -Password (ConvertTo-SecureString -String 'Pa$$word1' -AsPlainText -

Force)

Creating a Mailbox for an Existing AD User account

Syntax: Enable-Mailbox -Identity '<LOGIN>' -Alias '<LOGIN>' -Database '<DATABASE>'

Example Enable-Mailbox -Identity 'Raji' -Alias 'Raji' -Database 'DB01'

5.1.3 Creating Bulk User Mailbox

5.1.4 Enabling and Disabling User Mailbox

This command will remove mailbox from Exchange server but not the AD account

Get-Mailbox <ACCOUNT> | Disable-Mailbox

Get-Mailbox <ACCOUNT> | Enable-Mailbox

Page 11: Exchange Server 2013 Operation Guide - TechNet Gallery · 4.4 Role Group Creation ... 5.2.1 Creating a mail contact using Exchange Admin Center ... Exchange Server 2013 Operation

Exchange Server 2013 Operation Guide 10

5.1.5 Connecting User Mailbox

Connect-Mailbox -Identity "<MAILBOX-NAME>" -Database "<TARGET-DB>" -User "<NEWOWNER-LOGIN>"

5.1.6 Removing User Mailbox

This command will remove the user account from AD and mailbox from Exchange server

Get-Mailbox <ACCOUNT> | Remove-Mailbox

5.1.7 Creating Resource and Room Mailbox

Creating Resource mailbox

New-Mailbox -Name 'RoomA' -Alias 'RoomA' -OrganizationalUnit 'mail.com/Resources' -UserPrincipalName

'[email protected]' -SamAccountName 'RoomA' -FirstName 'Room' -LastName 'A' –Room

To verify room mailbox

Get-Mailbox –Filter {RecipientTypeDetails –eq 'RoomMailbox'}

Creating Room mailbox

New-Mailbox -Name 'ProjectorA' -Alias 'ProjA' -OrganizationalUnit 'mail.com/Resources' -UserPrincipalName

'[email protected]' -SamAccountName 'ProjA' -FirstName 'Projector' -Initials '' -LastName ‘A' –Equipment

To verify equipment mailbox

Get-Mailbox –Filter {RecipientTypeDetails –eq 'EquipmentMailbox'}

5.1.8 Purging message content of user mailbox

You can purge only against disconnected or soft-deleted mailboxes not on active mailbox

Remove-StoreMailbox -Database DB01 -Identity Raji -MailboxState SoftDeleted

Remove-StoreMailbox -Database DB01 -Identity "Raji" -MailboxState Disabled

5.1.9 Managing Mailbox Permission for user mailbox

Add-MailboxPermission -Identity "SharedMailbox" -User Rajis -AccessRights FullAccess -InheritanceType all -AutoMapping

$false

Note: Access Rights can be FullAccess, ExternalAccount, DeleteItem, ReadPermission, ChangePermission, ChangeOwner

Add-ADPermission -Identity SharedMailbox -User Rajis -ExtendedRights "Send As"

5.1.10 Verifying the Mailbox Permission

Get-MailboxPermission -Identity <mailbox> -User Rajis

5.1.11 Enabling and disabling Auto-reply & OOF for Mailbox

To configure auto-reply for mailbox

Page 12: Exchange Server 2013 Operation Guide - TechNet Gallery · 4.4 Role Group Creation ... 5.2.1 Creating a mail contact using Exchange Admin Center ... Exchange Server 2013 Operation

Exchange Server 2013 Operation Guide 11

Set-MailboxAutoReplyConfiguration -Identity 'Rajis' -StartTime '03/27/2014 19:30' -AutoReplyState Enabled -EndTime

'03/29/2014 07:00' –InternalMessage 'I am on vacation and will respond to your message after I return'–ExternalMessage 'I

am on vacation' –ExternalAudience 'Known'

To turn off auto-reply for mailbox:

Set-MailboxAutoReplyConfiguration –Identity 'Rajis' –AutoReplyState Disabled

5.1.12 Cleaning Mailbox in Database

To Clean up Mailbox database after changes perfromed in the Active Directory or to sync with AD (i.e When account is disabled)

Get-MailboxStatistics -Database DB01 | ForEach { Update-StoreMailboxState -Database $_.Database -Identity $_.MailboxGuid

-Confirm:$false }

5.1.13 To check Soft Deleted Mailbox

When mailbox is moved to a different database - the source mailbox will not be deleted from the source database. This source

mailbox is turned to soft-deleted state.

Get-MailboxDatabase -id <source database> | Get-MailboxStatistics | Where { $_.DisconnectReason -eq "SoftDeleted" } | ft

DisplayName,Database,DisconnectDate

5.1.14 To verify disconnected Mailbox

Get-MailboxStatistics -Database DB01 | Where { $_.DisconnectReason -ne $null }

5.1.15 To Connect the disconnected Mailbox

Connect-Mailbox -Identity "TestS" -Database DB01 -User "RajiS" -Alias Rajis

5.1.16 Moving Mailbox using Exchange Powershell

New-MoveRequest –Identity 'Rajis' –TargetDatabase DB01

New-MigrationBatch –Name 'BatchMove' –Local –CSVData ([System.IO.File]::ReadAllBytes("C:\MailboxMoves\Users.CSV")) –

TargetDatabases DB01 –AutoStart –AutoComplete –NotificationEmails "[email protected]"

5.1.17 Checking the Move request statistics

Get-MigrationUser | Get-MigrationUserStatistics

Get-MoveRequestStatistics –Identity 'RajiS' | Select DisplayName, Status, TotalMailboxSize, TotalMailboxItemCount,

PercentComplete, BytesTransferred, ItemsTransferred, BytesTransferredPerMinute

To clear move request

Get-MoveRequest –MoveStatus "Completed" | Remove-MoveRequest

5.1.18 Viewing Mailbox Statistics

To list statistics of Mailbox Server

Page 13: Exchange Server 2013 Operation Guide - TechNet Gallery · 4.4 Role Group Creation ... 5.2.1 Creating a mail contact using Exchange Admin Center ... Exchange Server 2013 Operation

Exchange Server 2013 Operation Guide 12

Get-MailboxStatistics –Server 'MBXServer1'

To list statistics of Database

Get-MailboxStatistics –Database 'DB01'

To list statistics of User Mailbox

Get-MailboxStatistics –Identity 'RajiS' | Select DisplayName, ServerName, Database, LastLogonTime, ItemCount,

DeletedItemCount, AssociatedItemCount, TotalItemSize, TotalDeletedItemSize

5.1.19 Finding pressure on a mailbox database

Get-StoreUsageStatistics -Database Database01

5.2 CONTACT MANAGEMENT

5.2.1 Creating a mail contact using Exchange Admin Center

1. Login in Exchange Admin Center - Navigate to Recipients > Contacts.

2. Click New > Mail contact. 3. Complete the following boxes on the New mail contact page:

a. First name, Initials, Last name, Display name, Name, Alias, External email address, Organizational unit 4. When you've finished, click Save.

5.2.2 Creating a mail contact using Exchange Powershell

To create mail contact New-MailContact -Name "Raji Subramanian" -ExternalEmailAddress [email protected] -OrganizationalUnit Users

To configure mail-enable on existing contact Enable-MailContact -Identity "Raji Subramanian" -ExternalEmailAddress [email protected]

5.3 DISTRIBUTION GROUP MANAGEMENT

5.3.1 Creating a Distribution Group using Exchange Admin Center

1. Login in Exchange Admin Center - Navigate to Recipients > Groups. 2. Click New Distribution Group. 3. Complete the following boxes on the New distribution group page:

a. Display name, Name, Alias, Organizational unit, Owners, Members 4. When you've finished, click Save.

5.3.2 Creating a Distribution Group using Exchange Powershell

New-DistributionGroup -Name "IT Exchange Administrators" -Alias ExAdmin -MemberJoinRestriction open

5.3.3 Members approval to add in the Group

The below list of options need to be consider when adding members or removing members from the group

Page 14: Exchange Server 2013 Operation Guide - TechNet Gallery · 4.4 Role Group Creation ... 5.2.1 Creating a mail contact using Exchange Admin Center ... Exchange Server 2013 Operation

Exchange Server 2013 Operation Guide 13

When user need to get add in the group o Open: Anyone can join this group without being approved by the group owners o Closed: Members can be added only by the group owners. All requests to join will be rejected automatically o Owner Approval: All requests are approved or rejected by the group owners

When user needs leaves the group o Open: Anyone can leave this group without being approved by the group owners o Closed: Members can be removed only by the group owners. All requests to leave will be rejected

automatically .

5.3.4 Sending email from the Group

The below list of options need to be consider when for sending and receiving email from Group

Only senders inside my organization: Select this option to allow only senders in your organization to send messages to the group. This means that if someone outside of your organization sends an email message to this group, it will be rejected. This is the default setting.

Senders inside and outside of my organization: Select this option to allow anyone to send messages to the group.

Note: If you’ve configured the group to allow only senders inside your organization to send messages to the group, email sent from a mail contact will be rejected, even if they are added to this list.

5.3.5 Email approval for Sending message to the Group

The below list of options need to be consider for Email approval for Sending message to the Group

Messages sent to this group have to be approved by a moderator Senders who don't require message approval

Select moderation notifications Use this section to set how users are notified about message approval. o Notify all senders when their messages aren't approved This is the default setting. Notify all senders, inside

and outside your organization, when their message isn't approved. o Notify senders in your organization when their messages aren't approved When you select this option,

only people or groups in your organization are notified when a message that they sent to the group isn't approved by a moderator.

o Don't notify anyone when a message isn't approved When you select this option, notifications aren't sent to message senders whose messages aren't approved by the group moderators.

5.3.6 Restriction of Microsoft Outlook Version for single mailbox

Set-CASMailbox -Identity <UserName> -MAPIBlockOutlookVersions 'Outlook Version Build Number'

5.3.7 Restriction of Microsoft Outlook Version for mailbox server

Set-RPCClientAccess -Server <Server Name> -BlockedClientVersions 'Outlook Version Build Number'

Outlook 2007: 12.4518.1014

Outlook 2007 SP1: 12.6425.1000

Outlook 2010: 14.0.4760.1000

Outlook 2013 RTM: 15.0.4481.1003

Page 15: Exchange Server 2013 Operation Guide - TechNet Gallery · 4.4 Role Group Creation ... 5.2.1 Creating a mail contact using Exchange Admin Center ... Exchange Server 2013 Operation

Exchange Server 2013 Operation Guide 14

5.3.8 Blocking RPC over HTTP for Outlook Clients

Set-CASMailbox <Identity> -MAPIBlockOutlookRpcHTTP $false

5.3.9 Enable Microsoft Exchange Cached Mode for Outlook Clients

Set-CASMailbox <Identity> MAPIBlockOutlookNonCachedMode $false

5.3.10 Disabling Pop3 and IMAP Protocol

Set-CASMailbox –Identity RajiS –PopEnabled $False

Set-CASMailbox –Identity RajiS –ImapEnabled $False

5.3.11 Disabling access to Outlook Web Access

Set-CASMailbox –Identity <User Name> –OWAEnabled $False

5.3.12 Disabling ActiveSync access

Set-CASMailbox –Identity <User Name> –ActiveSyncEnabled $False

5.3.13 Exchange Server 2013 Service Administration with Powershell cmdlet

Starting the service

Start-Service -Service msExchangeImap4Backend

Stopping the service

Stop-Service -Service msExchangeImap4

Restarting the service

Restart-Service -Service msExchangeImap4

Setting the service to Automatic

Set-Service msExchangeImap4 -StartupType Automatic

Set-Service msExchangeImap4Backend -StartupType Automatic

5.3.14 To Change Regional Time Zone of user mailbox

Set-MailboxRegionalConfiguration –Identity 'RajiS' –Language 'Es-es' –TimeZone 'Eastern Standard Time' –DateFormat 'dd-

mm-yyyy'

5.3.15 Adding additional folder on user mailbox

New-MailboxFolder -Parent 'RajiS' -Name 'Exchange 2013 Alert'

Page 16: Exchange Server 2013 Operation Guide - TechNet Gallery · 4.4 Role Group Creation ... 5.2.1 Creating a mail contact using Exchange Admin Center ... Exchange Server 2013 Operation

Exchange Server 2013 Operation Guide 15

5.3.16 Adding Email Signature on User Mailbox

Set-MailboxMessageConfiguration -Identity 'RajiS' -AutoAddSignature $True –SignatureText 'Thanks & Regards - Raji

Subramanian'

5.3.17 Checking the Mobile Device Statistics

Get- MobileDeviceStatistics –Mailbox "RajiS"

5.3.18 How to hide user from GAL

Set-mailbox -id [email protected] -HiddenFromAddressListsEnabled $True

5.3.19 Setting quota limit for the user mailbox

Set-Mailbox -Identity "RajiS" -IssueWarningQuota 2GB -ProhibitSendQuota 2.5GB -ProhibitSendReceiveQuota 3GB -

UseDatabaseQuotaDefaults $false

5.3.20 Adding\Removing SMTP Email Address

Set-Mailbox "Raji" -EmailAddresses @{add="[email protected]","[email protected]"}

Set-Mailbox "Raji" -EmailAddresses @{remove="[email protected]"}

5.3.21 Setting up Primary SMTP Email Address

Set-mailbox raji -EmailAddressPolicyEnabled:$false -PrimarySmtpAddress [email protected]

5.3.22 Setting up Email Forwarders

Set-Mailbox -Identity "RajiS" -ForwardingAddress "[email protected]" -DeliverToMailboxAndForward $true

5.3.23 Setting up email forwarder

Set-Mailbox -Identity "RajiS" -ForwardingAddress "[email protected]" -DeliverToMailboxAndForward $true

5.3.24 Setting up Recipient Limits

Set-Mailbox -Identity "RajiS" -RecipientLimits 100

5.3.25 Email Message Size Restriction

Set-Mailbox -Identity "RajiS" -MaxSendSize 1GB -MaxReceiveSize 1GB

5.3.26 Email Message Delivery Restriction

Set-Mailbox -Identity "RajiS" -AcceptMessagesOnlyFrom "Peter","Jack" -AcceptMessagesOnlyFromDLMembers "ExAdmin

Team"

Page 17: Exchange Server 2013 Operation Guide - TechNet Gallery · 4.4 Role Group Creation ... 5.2.1 Creating a mail contact using Exchange Admin Center ... Exchange Server 2013 Operation

Exchange Server 2013 Operation Guide 16

5.4 GROUPS ADMINISTRATION

5.4.1 Distribution Group Creation

New-DistributionGroup -Name "IT Exchange Administrators" -Alias ExAdmin -MemberJoinRestriction

open

5.4.2 Distribution Group Modification

Set-DistributionGroup -Identity Executives -ModerationEnabled $true -ModeratedBy administrator -

SendModerationNotifications Internal

Set-DistributionGroup -Identity Sales -AcceptMessagesOnlyFrom 'Bob','John'

Set-DistributionGroup -Identity Sales -AcceptMessagesOnlyFromSendersOrMembers [email protected]

Set-DistributionGroup -Identity Executives -RejectMessagesFromSendersOrMembers HourlyEmployees

Set-DistributionGroup -Identity HelpDesk -RequireSenderAuthenticationEnabled $false

5.4.3 Security Group Creation

New-DistributionGroup -Name "FolderAdmin" -Alias fsadmin -Type security

5.4.4 Security Group Modification

Set-DistributionGroup "FolderAdmin" -EmailAddresses

SMTP:[email protected],smtp:[email protected]

5.4.5 Dynamic Distribution Group Creation

New-DynamicDistributionGroup -Name Accounting -Alias Accounting -IncludedRecipients

MailboxUsers,MailContacts -OrganizationalUnit Accounting -ConditionalDepartment accounting,finance -

RecipientContainer mail.com

5.4.6 Dynamic Distribution Group Modification

Set-DynamicDistributionGroup -Name Accounting -HiddenFromAddressListsEnabled $true -

MaxReceiveSize 5MB -ModerationEnabled $true -ModeratedBy administrator

5.4.7 To create mail contact

New-MailContact -Name "Raji Subramanian" -ExternalEmailAddress [email protected] -

OrganizationalUnit Users

5.4.8 To configure mail-enable on existing contact

Enable-MailContact -Identity "Raji Subramanian" -ExternalEmailAddress [email protected]

5.4.9 To create mail user

New-MailUser -Name ‘RajiS’ -Alias Rajis -UserPrincipalName [email protected]

5.4.10 Creating Resource mailbox

New-Mailbox -Name 'RoomA' -Alias 'RoomA' -OrganizationalUnit 'mail.com/Resources' -

UserPrincipalName '[email protected]' -SamAccountName 'RoomA' -FirstName 'Room' -LastName 'A' –

Room

Page 18: Exchange Server 2013 Operation Guide - TechNet Gallery · 4.4 Role Group Creation ... 5.2.1 Creating a mail contact using Exchange Admin Center ... Exchange Server 2013 Operation

Exchange Server 2013 Operation Guide 17

5.4.11 To verify room mailbox

Get-Mailbox –Filter {RecipientTypeDetails –eq 'RoomMailbox'}

5.4.12 Creating Room mailbox

New-Mailbox -Name 'ProjectorA' -Alias 'ProjA' -OrganizationalUnit 'mail.com/Resources' -

UserPrincipalName '[email protected]' -SamAccountName 'ProjA' -FirstName 'Projector' -Initials '' -

LastName ‘A' –Equipment

5.4.13 To verify equipment mailbox

Get-Mailbox –Filter {RecipientTypeDetails –eq 'EquipmentMailbox'}

5.5 TRANSPORT RULE ADMINISTRATION

5.5.1 Creating Transport Rule

New-TransportRule -Name "Mark messages from the Internet to Sales DG" -FromScope

NotInOrganization -SentTo "SalesGroup" -PrependSubject "External message to Sales DG:"

5.5.2 Displaying Transport Rule

Get-TransportRule "Sender is a member of marketing" | Format-List

5.5.3 Disabling Transport Rule

Disable-TransportRule "Sender is a member of marketing"

5.5.4 Enabling Transport Rule

Enable-TransportRule "Sender is a member of marketing"

5.5.5 Removing Transport Rule

Remove-TransportRule "Sender is a member of marketing"

5.6 MAILBOX MOVE REQUEST ADMINISTRATION

5.6.1 Creating Mailbox Move Request

New-MoveRequest -Identity '[email protected]' -TargetDatabase "DB01"

5.6.2 Modifying Mailbox Move Request

Set-MoveRequest -Identity [email protected] -BadItemLimit 5

5.6.3 Removing Mailbox Move Request

Remove-MoveRequest -Identity '[email protected]'

5.6.4 Viewing Mailbox Move Request Statistics Get-MoveRequestStatistics -Identity [email protected] -IncludeReport | Export-CSV C:\MRStats.csv

5.7 EXCHANGE SERVER 2013 EMAIL TRACKING

5.7.1 Email tracking using Message ID Get-MessageTrackingLog -MessageId '[email protected]'

Page 19: Exchange Server 2013 Operation Guide - TechNet Gallery · 4.4 Role Group Creation ... 5.2.1 Creating a mail contact using Exchange Admin Center ... Exchange Server 2013 Operation

Exchange Server 2013 Operation Guide 18

5.7.2 Email tracking using Start & End Date ID Get-MessageTrackingLog -MessageSubject "This is Test Email" -Start "04/03/2014 00:00:00" -End "05/03/2014 00:00:00" -

server Server01

5.7.3 Email tracking using Message Subject on single Transport Server Get-MessageTrackingLog -MessageSubject "This is Test Email" -Start "04/03/2014 00:00:00" -End "05/03/2014 00:00:00" -

server Server01

5.7.4 Email tracking using on all the Transport Server Get-TransportService | Get-MessageTrackingLog -MessageSubject "This is Test Email" -Start "04/03/2014 00:00:00" -End

"05/03/2014 00:00:00"

5.7.5 Email tracking for an specific sender email address Get-MessageTrackingLog -Sender "[email protected]" -Start "04/03/2014 00:00:00" | ft Timestamp,Recipients, RecipientStatus,

Sender -wrap –autosize

5.7.6 Email tracking for an specific recipient email address

Get-MessageTrackingLog -Recipient "[email protected]" -Start "04/03/2014 00:00:00" -server server01 | ft Timestamp,

Recipients, RecipientStatus, Sender -wrap –autosize

5.7.7 Email tracking for the delivery failed messages Get-MessageTrackingLog -EventId FAIL -Start "04/03/2014 00:00:00" -server server01 | ft

TimeStamp,Source,EventID,Recipients,Sender,RecipientStatus -wrap -autosize

5.7.8 Finding logs for distribution list expansion

ForEach ($server in Get-TransportServer) {Get-MessageTrackingLog -EventId EXPAND -Start "04/03/2014 00:00:00" -server

$server.name | ft Timestamp,Sender,RelatedRecipientAddress,Recipients,RecipientStatus -wrap -autosize}

5.7.9 Find logs for messages from the last 10 minutes

ForEach ($server in Get-TransportServer) {Get-MessageTrackingLog -start (Get-Date).AddMinutes(-10) -server $server.name

| ft Timestamp,Sender,RelatedRecipientAddress,Recipients,RecipientStatus -wrap -autosize}

5.7.10 Find NDR 5.4.6 routing loops in the last day from all transport servers

Page 20: Exchange Server 2013 Operation Guide - TechNet Gallery · 4.4 Role Group Creation ... 5.2.1 Creating a mail contact using Exchange Admin Center ... Exchange Server 2013 Operation

Exchange Server 2013 Operation Guide 19

foreach ($server in Get-TransportServer) {Get-MessageTrackingLog -resultsize unlimited -EventId FAIL -Start (Get-

Date).AddDays(-1) -server $server.name | where {$_.RecipientStatus -like '*5.4.6*'} | ft

Timestamp,Recipients,RecipientStatus,Sender -wrap -autosize}

6 DAILY TASKS

To help ensure the availability and reliability of your Exchange 2013 organization, you must actively monitor the physical

platform, the operating system, and all important Exchange 2013 services. Preventive maintenance helps you identify

potential errors before any one of these errors cause problems with the operation of your Exchange organization.

Preventive maintenance combined with disaster recovery planning and regular backups help minimize problems if they

occur.

Monitoring your Exchange organization involves checking for problems with connections, services, server resources, and

system resources. You can also set alerts to notify administrators when problems occur. Microsoft Windows Server 2008

R2 and Exchange 2013 provide you with many monitoring tools and services to help make sure that your Exchange

organization is running smoothly. The key advantages to daily monitoring are as follows:

• Meeting the performance requirements of your service level agreements (SLAs).

• Completing successfully specific administrative tasks, such as daily backup operations, and checking server

health.

• Detecting and addressing issues, such as bottlenecks in the server performance or need for additional

resources before they affect productivity.

Daily maintenance tasks help you establish criteria for what is normal for your organization and to detect any abnormal

activity. It is important to implement these daily maintenance tasks so that you can capture and maintain data about your

Exchange organization, such as usage levels, possible performance bottlenecks, and administrative changes. See the

following topics for information about tasks that you should perform daily as a best practice:

• Performing Physical Environmental Checks

• Performing and Monitoring Backups

• Checking Disk Usage

• Checking the Event Viewer

• Monitoring Server Performance

• Monitoring Network Performance

6.1 PERFORMING PHYSICAL ENVIRONMENTAL CHECKS Before you check performance, availability, and functionality of your Microsoft Exchange organization, you should check

the physical environment. For example, the server room temperature might need to be lowered or a network cable might

need to be replaced. Perform the following physical environmental inspections:

• Physical security measures - Physical security protection such as locks, doors, and restrictedaccess rooms must be

secured. Check for any unauthorized and forced entries and signs of equipment damage.

• Temperature and humidity - High temperature and humidity can cause hardware components to overheat. Check

temperature and humidity to help make sure that the environmental systems such as heating and air conditioning

can maintain acceptable conditions and function within the hardware manufacturer's specifications.

• Devices and components - Your Exchange organization relies on a functioning physical network and related

hardware. Check to make sure that routers, switches, hubs, physical cables, and connectors are operational.

6.2 PERFORMING AND MONITORING BACKUPS Performing backups of your servers is your first line of defense in planning for a disaster. You must have a well-planned

and well-rehearsed disaster recovery plan for your Microsoft Exchange organization. Your disaster recovery plan should

include backing up Exchange data and Active Directory service data daily. You must back up all critical data from many

sources, including server configuration, the Active Directory database, and the Microsoft Exchange Information Store

service. You should also back up all logged event and performance data. Make sure that you back up records such as Active

Directory data, application software, Exchange Server 2013 message tracking log files, databases and log files.

Page 21: Exchange Server 2013 Operation Guide - TechNet Gallery · 4.4 Role Group Creation ... 5.2.1 Creating a mail contact using Exchange Admin Center ... Exchange Server 2013 Operation

Exchange Server 2013 Operation Guide 20

Proactively monitoring the successful completion of your Exchange backups is critical to success of your disaster recovery

plan. Regular testing of the disaster recovery plan for your organization's Exchange infrastructure should be performed in

a lab environment that mimics your production environment as closely as practicable.

Note: Ensure that Exchange aware backup product is used to backup Exchange infrastructure.

6.3 CHECKING DISK USAGE

Hard disks drives are a critical component of your Exchange organization. Without sufficient free disk volume, neither the

operating system nor the Exchange databases can function correctly. You must monitor the Exchange store statistics daily

to make sure that you do not run out of disk space and to prepare to add storage resources as required. When the Microsoft

Exchange Information Store service runs out of hard drive space, it logs Event ID 1113 in the application event log to indicate

the problem.

6.4 CHECKING DISK SPACE Exchange Server needs hard disk space to store its databases and transaction logs. You can check free disk space by using

the following methods:

Windows Explorer Use Windows Explorer to check for disk space on volumes that store Exchange logs and

databases. You should monitor the disk space regularly to make sure that the Microsoft Exchange Information Store

service will not be negatively affected because of insufficient storage resources. Comparing and maintaining

statistical information about available disk space on each Exchange volume and expected growth of the databases

and transaction log files, helps you with capacity planning and adding storage when the storage resources are

required. To accommodate troubleshooting and disaster recovery situations, it is recommended that available free

volume space be equal or greater than 110% of the size of database.

6.5 CHECKING THE EVENT VIEWER You can use Event Viewer to obtain information about service failures, replication errors in the Active Directory service,

and warnings about system resources such as virtual memory and disk space. Use Event Viewer to view and manage event

logs; obtain information about hardware, software, and system problems that must be resolved; and identify trends that

require future action.

Event Viewer maintains logs about application, security, and system events on your computer. Both Microsoft Exchange

Server and Microsoft Windows report warnings and error conditions to the event logs. Therefore, make sure that you

review event logs daily.

6.6 MONITORING SERVER PERFORMANCE Microsoft Exchange performance is affected by many factors such as user profiles, system architecture, software, and

hardware components. Make sure that Windows is functioning correctly because, if it is not, your Exchange performance

will be affected.

Monitoring server performance helps to make sure that your servers are functioning correctly and helps you identify

bottlenecks in the system. You can use the performance monitoring data to identify problems and apply corrective action.

You can also use the monitoring data to enhance the performance of your servers by identifying areas that need additional

resources. For example, you may need to increase your storage capacity to handle the growing number of users in your

organization.

6.7 MONITORING THE OPERATING SYSTEM Monitoring the performance of all servers and components on an Exchange Server, such as the

Microsoft Exchange Information Store service, is vital. You can use System Monitor, which is a Windows Server 2008

component.

7 WEEKLY TASKS

As a recommended practice, perform the following tasks and procedures weekly:

Page 22: Exchange Server 2013 Operation Guide - TechNet Gallery · 4.4 Role Group Creation ... 5.2.1 Creating a mail contact using Exchange Admin Center ... Exchange Server 2013 Operation

Exchange Server 2013 Operation Guide 21

• Check for Security Updates - Identify any new service packs, hotfixes, or updates. If appropriate, test these in a test

lab and use the change control procedures to arrange for deployment to the production servers.

• Review Performance Figures - Check the key performance data for the previous week. Review performance against

this week. Identify trends and items that have not met their targets.

• Environmental Tests - Check periodically and maintain air conditioning, temperature and humidity monitors, and

physical security measures.

• Site Link Utilization – Weekly utilization reports of the network link should be provided by the Network Team

8 MONTHLY TASKS

As a recommended practice, perform the following tasks and procedures monthly:

• Security Checks - Depending on the level of security that your organization requires, it may be appropriate to

perform regular audits of security, including firewall rules, user rights, group membership, delegate rights, and so

on.

• Capacity Planning - Review capacity figures for the previous month, and produce a plan for any upgrades that may

be required in the coming months to keep the system operating within limits specified by the organization's service

level agreements (SLAs).

• Disaster Recovery Test - Perform a system recovery for a single server to test your organization's documented

recovery process. This test will simulate a complete hardware failure for one server, and make sure that the

resources, plans, and data are available for recovery. Try to rotate the focus of the test each month, so that you test

the failure of a different server or other piece of equipment every time.

9 SERVER ADMINISTRATION AND MAINTENANCE

9.1 VERIFYING THE MAILBOX DATABASE COPY STATUS

Get-MailboxDatabasecopyStatus * | Format-List

Update-MailboxDatabaseCopy -Identity <DATABASE>\<SRV_NAME> -SourceServer <MBX_SERVER>

Update-MailboxDatabaseCopy -Identity DB1\MBX1 –CatalogOnly

Update-MailboxDatabaseCopy -Identity DB1\MBX1 –DatabaseOnly

9.2 STEP BY STEP EXCHANGE 2013 DATABASE RECOVERY

Step 1: Provide the folder path location to the backup team where the database and log file needs to restore.

Note: Make sure you have enough free disk space on the restored location

Step 2: Verify the database health status after the restoration of database file. Run the following command to verify the status

eseutil.exe /mh E:\Recovery\RDB.edb | select-string “State:”, “Log Required”

Step 3: If the database is Clean Shutdown move to next step. In case if it is dirty shutdown perform the soft recovery and if it fails

move to hard recovery

Step 4: Create Recovery database using the following commands

New-MailboxDatabase -Recovery RDB01 -Server MBX01 -EdbFilePath E:\Recovery\RDB.edb

Page 23: Exchange Server 2013 Operation Guide - TechNet Gallery · 4.4 Role Group Creation ... 5.2.1 Creating a mail contact using Exchange Admin Center ... Exchange Server 2013 Operation

Exchange Server 2013 Operation Guide 22

Step 5: Verify the database is in mounted state

Get-MailboxDatabase RDB01 -status | fl Name, Mounted

Step 6: Mount the database

Mount-Database RDB01 –Verbose

Step 7: Verify the database mounted status

Get-MailboxDatabase RDB01 -status | fl Name, Mounted

Step 8: Verify the mailbox statistics of the restored database

To find all mailbox in the recovery database - Get-MailboxStatistics -Database RDB01

To find specific mailbox w.r.t to user account or GUID –

Get-MailboxStatistics -Database RecoveryDB | ?{$_.DisplayName -like ‘Raji*’} | fl DisplayName,MailboxGuid,DisconnectDate

Step 9: Restoring them using the following Exchange PowerShell command based upon your requirement

Restoring the complete user mailbox

New-mailboxrestorerequest –sourcedatabase “RDB01” –sourcestoremailbox “Raji” –targetmailbox “[email protected]

Restoring the mailbox using guid

New-MailboxRestoreRequest -SourceDatabase “RDB01” -SourceStoreMailbox 4a1d2118-b8cc-456c-9fd9-cd9af1f549d0 -

TargetMailbox Raji

Restoring the source mailbox to different user mailbox

New-MailboxRestoreRequest -SourceDatabase “RDB01” -SourceStoreMailbox ‘Raji’ -TargetMailbox Subramanian -

TargetRootFolder Restore -AllowLegacyDNMismatch

Restoring the mailbox email in a seperate folder (Restore) on the user mailbox

New-MailboxRestoreRequest -SourceDatabase “RDB01” -SourceStoreMailbox ‘Raji’ -TargetMailbox ‘Raji’ -TargetRootFolder

Restore -IncludeFolders ‘#Inbox#/#Test#/*’ –AllowLegacyDNMismatch

Step 10: Check the status of mailbox restoration when completed check in the user mailbox on all restored emails.

Get-MailboxRestoreRequest

Step 11: Remove the completed mailbox restore using the following PowerShell command

Get-MailboxRestoreRequest -status Completed | Remove-MailboxRestoreRequest

Page 24: Exchange Server 2013 Operation Guide - TechNet Gallery · 4.4 Role Group Creation ... 5.2.1 Creating a mail contact using Exchange Admin Center ... Exchange Server 2013 Operation

Exchange Server 2013 Operation Guide 23

9.3 INSTALLING ROLLUPS AND PATCHES ON EXCHANGE SERVER 2013

9.3.1 Bringing mailbox server MBX01 to Maintenance

1. Verifying the HubTransport Component in Mailbox Server is Active State

Get-ServerComponentState –Identity MBX01 –Component HubTransport | fl

2. Bringing HubTransport Component in Mailbox Server to Draining State

Set-ServerComponentState –Identity MBX01 –Component HubTransport –State Draining –Requester Maintenance

3. Redirecting queue to another mailbox server MBX02

Redirect-Message -Server MBX01 -Target MBX02

4. Suspending activation for the database copies on the server being updated

Get-MailboxDatabaseCopyStatus -Server <SRV_NAME> | Suspend-MailboxDatabaseCopy -ActivationOnly -

Confirm:$False -SuspendComment "Install E2010 rollup <BUILDNUMBER>"

5. To force all database to be activated on a particular Mailbox server, use this command:

Move-ActiveMailboxDatabase -Server <SRV_NAME> -ActivateOnServer <TARGET_SRV>

6. Suspending the Exchange 2013 mailbox server MBX01 from the cluster

Suspend-ClusterNode –Name MBX01 –Verbose

7. Disabling the Databasecopy activation in mailbox server MBX01

Set-MailboxServer –Identity MBX01 –DatabaseCopyActivationDisabledAndMoveNow $True –Verbose

8. Disabling the Databasecopy activation policy in mailbox server MBX01

Set-MailboxServer –Identity MBX01 –DatabaseCopyAutoActivationPolicy Blocked –Verbose

8. Bringing all the component of MBX01 server to offline

Set-ServerComponentState –Identity MBX01 –Component ServerWideOffline –State InActive –Requester Maintenance

–Verbose

9. Verify there is no database mounted or active database on the server that will be under maintenance

[PS] E:\Program Files\Microsoft\Exchange Server\V15\Scripts>.\RedistributeActiveDatabases.ps1 -DagName DAG01 -

ShowDatabaseDistributionByServer | ft –AutoSize

9. Perform the maintenance in the server on installing the rollup or patches on Exchange server 2013

9.3.2 Resuming Exchange server 2013 to normal transport processing

1. Verifying the HubTransport Component in Mailbox Server is Active State

Page 25: Exchange Server 2013 Operation Guide - TechNet Gallery · 4.4 Role Group Creation ... 5.2.1 Creating a mail contact using Exchange Admin Center ... Exchange Server 2013 Operation

Exchange Server 2013 Operation Guide 24

Get-ServerComponentState –Identity MBX01 –Component HubTransport | format-list

2. Bringing HubTransport Component in Mailbox Server to active State

Set-ServerComponentState –Identity MBX01 –Component ServerWideOffline –State Active –Requester Maintenance

3. Resuming the Exchange 2013 server MBX01 from the cluster

Resume-ClusterNode –Name MBX01

Set-MailboxServer –Identity MBX01 –DatabaseCopyAutoActivationPolicy Unrestricted –Verbose

Set-MailboxServer –Identity MBX01 –DatabaseCopyActivationDisabledAndMoveNow $False –Verbose

Set-ServerComponentState –Identity MBX01 –Component HubTransport –State Active –Requester Maintenance

5. Verify the replication health

Test-ReplicationHealth

9.3.3 Balancing the Exchange databases in DAG

[PS] E:\Program Files\Microsoft\Exchange Server\V15\Scripts>.\RedistributeActiveDatabases.ps1 -DagName DAG01 -

BalanceDbsByActivationPreference| format-table –AutoSize

Verifying the database distribution

[PS] E:\Program Files\Microsoft\Exchange Server\V15\Scripts>.\RedistributeActiveDatabases.ps1 -DagName GURDAG01

-ShowDatabaseDistributionByServer | Format-Table –AutoSize

[PS] E:\Program Files\Microsoft\Exchange Server\V15\Scripts>.\RedistributeActiveDatabases.ps1 -DagName DAG01 -

ShowDatabaseCurrentActives | Format-Table –AutoSize

9.3.4 Moving the Primary Active Manager (Optional)

1. Verify the cluster group

Cluster DAG01 group

2. Move the cluster to the another DAG node

Cluster.exe "DAG01" Group "Cluster Group" /MoveTo:MBXV01

Get-DatabaseAvailabilityGroup -Identity DAG -Status | fl name,primaryactivemanager

3. Verify the replication health check

Test-ReplicationHealth

9.4 EXCHANGE SERVER 2013 RETENTION POLICY

Migration from Exchange Server 2007 Managed Mailbox Folder Policy to Exchange Server 2013 Retention Policy

Page 26: Exchange Server 2013 Operation Guide - TechNet Gallery · 4.4 Role Group Creation ... 5.2.1 Creating a mail contact using Exchange Admin Center ... Exchange Server 2013 Operation

Exchange Server 2013 Operation Guide 25

MRM which denotes as Messaging Record Management uses Retention Tag and Retention Policy to perform their operation using

the Mailbox Assistant service in Exchange server 2013. The below steps indicates the migration from Exchange Server 2007

Managed Mailbox Folder Policy to Exchange Server 2013 Retention Policy. The same procedure can also be used if you have only

Exchange 2013 server skipping the Exchange 2007 MRM configuration

Few important points:

It uses MRM version 2.0 whereas Exchange 2007 hold MRM Version 1.0

In Exchange 2007 we have terms known as Managed Folder, Managed Folder Content, Managed Folder Policy these

are no more supported in Exchange 2013.

As similar ManagedFolderAssistantSchedule in Exchange 2007 Mailbox server we have workcycle for Exchange 2013

Mailbox Server

In Exchange 2007 SP1 when we use managed default folders we need Exchange Standard client access license

whereas on using managed custom folders then we need an Exchange Server Enterprise CAL.

Let’s make it simple and understand Exchange Server 2007 MRM …

1. To verify the MRM in Exchange 2007

Get-ManagedContentSettings

Get-ManagedFolderMailboxPolicy

Get-ManagedFolder

2. To schedule the mailbox folder assistance for Exchange 2007 Mailbox Server

Set-MailboxServer -Identity MailboxServer -ManagedFolderAssistantSchedule "Sun.14:00-Sun.13:00"

3. To check the mailbox folder assistance schedule for Exchange 2007 Mailbox Server

Get-MailboxServer -Identity MailboxServer | fl Name, ManagedFolderAssistantSchedule

4. To applying MRM policy for user mailbox

Set-Mailbox -Identity Raji -ManagedFolderMailboxPolicy "Delete_14Days"

5. To remove MRM policy for user mailbox

Set-Mailbox -Identity Raji –RemoveManagedFolderAndPolicy

6. To run Mailbox Assistant forcibly for Exchange 2007 user mailbox

Start-ManagedFolderAssistant -Mailbox Raji

Exchange Server 2013 Retention Policy

1. Migration of Exchange 2007 Managed Folder to Exchange Server 2013 Retention Policy Tag

New-RetentionPolicyTag -Name 'Exchange 2013 Retention Tag' -ManagedFolderToUpgrade 'Exchange 2007 Managed

Folder’

2. Adding the Retention Policy Tag to the Retention Policy

New-RetentionPolicy 'Exchange 2013 Retention Policy' –RetentionPolicyTagLinks 'Exchange 2013 Retention Tag'

3. To change the user display content of Retention Policy Tag

Set-RetentionPolicyTag "'Exchange 2013 Retention Policy " -Comment "This folder is under retention policy and Items

in the Deleted Items folder will be automatically deleted in 14 days"

Page 27: Exchange Server 2013 Operation Guide - TechNet Gallery · 4.4 Role Group Creation ... 5.2.1 Creating a mail contact using Exchange Admin Center ... Exchange Server 2013 Operation

Exchange Server 2013 Operation Guide 26

4. To applying MRM policy for user mailbox

Set-Mailbox -Identity Raji -RetentionPolicy "Exchange 2013 Retention Policy "

5. To run Mailbox Assistant forcibly for Exchange 2013 user mailbox

Start-ManagedFolderAssistant -Identity Raji

6. To check the Work cycle of Exchange 2013 Mailbox Server

Get-MailboxServer <ServerName> | Format-List Name, *WorkCycle*

7. Checking the Retention Policy in OWA 2013

Go to the mailbox folder where the retention policy is applied. On the email you see the below view

9.5 REMOVING ADDITIONAL NETWORK INTERFACE (BACKUP, ISCSI AND STORAGE) FROM EXCHANGE SERVER 2013 DAG

Whenever you add additional network to the DAG network for example additional interface for ISCSI, additional LAN Interface

for Storage or additional LAN interface to take backup this may leads to collide with Exchange 2013 DAG network automatically

and may result issue as follows,

Random disrupt on the email connecitivity

Issue on the email flow

Queue in the transport service.

This can be verified on running the cmdlet

Get-DatabaseAvailabilityGroupNetwork | format-list Subnet

It shows as Misconfigured.The cause for the issue is by default in Exchange 2013, DAG networks are automatically configured by

the system. Make sure the binding of the network interface that is newly added other than default DAG networks need to be

moved below. This can be achieved on selecting network connection – advance connection - bindings

Solution

9.5.1 Enable the DAG network as manual Set-DatabaseAvailabilityGroup <DAGName> -ManualDagNetworkConfiguration $true

9.5.2 Disabling the network in DAG Set-DatabaseAvailabilityGroupNetwork -Identity DAG2\DAGNetwork02 -ReplicationEnabled:$false -IgnoreNetwork:$true

9.5.3 Verify the DAG network Get-DatabaseAvailabilityGroupNetwork | format-list Subnet

9.5.4 Verification of Network role Status in Cluster Check the Network role status in the cluster service (New Network 01)

if Role 0 (0×0) tells the cluster not to use the network;

if Role 1 (0×1) tells the cluster that this is a private network;

if Role 3 (0×3) tells the cluster that this is a public network.

C:\Windows\system32>cluster network 'New Network 01' /prop

Listing properties for 'New Network 01':

Page 28: Exchange Server 2013 Operation Guide - TechNet Gallery · 4.4 Role Group Creation ... 5.2.1 Creating a mail contact using Exchange Admin Center ... Exchange Server 2013 Operation

Exchange Server 2013 Operation Guide 27

T Network Name Value

-- -------------------- ------------------------------ -----------------------

SR Cluster Network 1 Name Cluster Network 1

MR Cluster Network 1 IPv6Addresses

MR Cluster Network 1 IPv6PrefixLengths

MR Cluster Network 1 IPv4Addresses 100.200.26.0

MR Cluster Network 1 IPv4PrefixLengths 24

SR Cluster Network 1 Address 100.200.26.0

SR Cluster Network 1 AddressMask 255.255.255.0

S Cluster Network 1 Description

D Cluster Network 1 Role 3 (0x3)

D Cluster Network 1 Metric 10000 (0x2710)

D Cluster Network 1 AutoMetric 1 (0x1)

If role is not 0 then set the Role to 0:

Cluster network 'New Network 01' /prop Role=0

9.5.5 Verifying the Cluster properities [PS] C:\Windows\system32>cluster /prop

9.5.6 Listing the Cluster Network properities [PS] C:\Windows\system32>cluster network /prop

9.5.7 Verifying the Cluster Network Interface status [PS] C:\Windows\system32>cluster netint

9.5.8 Checking the Quorum Type [PS] C:\Windows\system32>cluster /quorum

9.5.9 Check out the incoming and Outgoing Connection status Get-MailboxDatabaseCopyStatus * -ConnectionStatus | Select-Object MailboxServer, ID, *Connections, *network | Export-Csv

C:\temp\repl.csv

9.5.10 Check the all the network informated connected to the server Get-DatabaseAvailabilityGroupNetwork -Server <Server Name> | Select Name, MapiAccessEnabled, ReplicationEnabled,

IgnoreNetwork

9.6 STEP BY STEP EXCHANGE 2013 DATACENTER FAILOVER

9.6.1 Exchange DAG Terminology

Few terminology should be known by Exchange Administrator regarding their environment:

Primary Active Manager which runs inside the Microsoft Exchange Replication Service used to notify and react in case of server failure. The PAM owns the cluster quorum resource and holds the information about active, passive and mounted databases.

Standby Active Manager provides information of the server hosting the active copy of a mailbox database to the Client Access or Transport services.

Datacenter Activation Coordination uses a protocol called Datacenter Activation Coordination Protocol (DACP) to avoid split brain .When a DAG is running in DAC mode, When the server reboots, the Active Manager starts up the bit as 0 (Database

Page 29: Exchange Server 2013 Operation Guide - TechNet Gallery · 4.4 Role Group Creation ... 5.2.1 Creating a mail contact using Exchange Admin Center ... Exchange Server 2013 Operation

Exchange Server 2013 Operation Guide 28

Dismount state). It communicates with other members in the DAG when it responds the bit set to 1 and allowed to mount database

Quorum Details Odd number of nodes ---> Node Majority Even number of nodes (but not a multi-site cluster) ---> Node and Disk Majority Even number of nodes, multi-site cluster ---> Node and File Share Majority Even number of nodes, no shared storage ---> Node and File Share Majority

Continous replication uses initial File Mode to replicate 1 MB of file to the passive database. When File Mode completes it moves to Block Mode for immediate updates

Port 3343 is used Nodes for listening incoming connections from other nodes of the DAG Members

I believe it more enough to know the definition let us move pratically what we do in our Exchange infra. It’s always good to have documentaion of the below component information which will helps in case if our servers are in disaster.

9.6.2 Verification of Exchange 2013 DAG Components:

To verify Primary Active Manager

Get-DatabaseAvailabilityGroup <DAG NAme> -status |fl Name, PrimaryActiveManager

To move PAM on different DAG Member

Cluster group "Cluster Group" /MoveTo:<DAG Server Name>

AutoDatabaseMountDial:

Get-Mailboxserver <MailboxServerName> | FL Name, AutoDatabaseMountDial

BestAvailability (default) - Copy queue length of ≤12 Logs count GoodAvailability - Copy queue length ≤6 Logs count. Lossless - Copy queue length Zero Log Count

Datacenter Activation Coordination (DAC)

Get-DatabaseAvailablityGroup –Identity <DAGName> | FL Name, DataCenterActivationModel

To verify Quorum

Cluster /quorum

To verify Continuous Replication Mode

Get-Counter -ComputerName <> -Counter “\MSExchange Replication(*)\Continuous replication - block mode Active”

To check replication network

Get-MailboxDatabaseCopyStatus -Server <Severname> -ConnectionStatus | FL Name, Incominglogcopyingnetwork, Seedingnetwork

Page 30: Exchange Server 2013 Operation Guide - TechNet Gallery · 4.4 Role Group Creation ... 5.2.1 Creating a mail contact using Exchange Admin Center ... Exchange Server 2013 Operation

Exchange Server 2013 Operation Guide 29

To Check DagNetworkConfiguration

Get-DatabaseAvailabilityGroup | FL Name, ManualDagNetworkConfiguration

Check the Exchange server location in AD site

Get-ExchangeServer –Identity <server_name> -Status | FL

9.6.3 Exchange 2013 Datacenter SwitchOver

When the primary site fails due to disaster on the odd nodes due to power Outage or server failure follow the below steps

Verify the Started Server and Stopped servers in the DAG

Get-DatabaseAvailabilityGroup <DAGName> -Status | FL Name, *Servers

Use the Stop-DatabaseAvailabilityGroup to mark the primary site DAG members are in failed state.

Stop-DatabaseAvailabilityGroup –Identity <DAGName> -ActiveDirectorySite PrimarySite

Verify the Started Server and Stopped servers in the DAG

Get-DatabaseAvailabilityGroup <DAGName> -Status | FL Name, *Servers

Stop the cluster service in all the passive node of the secondary site

Stop-service clussvc

Use the Restore-DatabaseAvailablityGroup to remove the stoppedmailbox server from the DAG and re-establish the quorum using the alternate Witness server

Restore-DatabaseAvailabilityGroup <DAGName> -Activedirectorysite DR

When the service or power is restored in the Primary site is up run Start-DatabaseAvailabilityGroup to revert the datacenter

Start-DatabaseAvailabilityGroup <DAGName> -ActiveDirectorySite ProductionSite

Check out the Quorum model

Get-ClusterQuorum | fl

Still if it’s show the older quorum model execute the below powershell cmdlet

Set-DatabaseAvailabilityGroup -Identity DAG01