Difference between revisions of "Archiving Emails from Microsoft Exchange 2007"
[unchecked revision] | [unchecked revision] |
Line 73: | Line 73: | ||
''' Add Permission''' | ''' Add Permission''' | ||
− | |||
Get-PublicFolderDatabase | Add-AdPermission -User serviceAccount ' | Get-PublicFolderDatabase | Add-AdPermission -User serviceAccount ' | ||
-ExtendedRights ms-Exch-EPI-May-Impersonate | -ExtendedRights ms-Exch-EPI-May-Impersonate | ||
Line 79: | Line 78: | ||
''' Check Permission''' | ''' Check Permission''' | ||
− | + | Get-PublicFolderDatabase | Get-Adpermission -User serviceAccount | ' | |
− | |||
Format-List * | Format-List * | ||
''' Delete Permission''' | ''' Delete Permission''' | ||
+ | Get-PublicfolderDatabase | Remove-AdPermission -User serviceAccount ' | ||
+ | -ExtendedRights ms-Exch-EPI-May-Impersonate | ||
[[de:Microsoft_Exchange_2007]] | [[de:Microsoft_Exchange_2007]] |
Revision as of 13:39, 19 May 2010
Creating a Central User to Access Mailboxes
With MailStore, some or all mailboxes of an Exchange server can be archived in a single step. All necessary preparations, such as creating MailStore users, can be made automatically. The archiving process can be executed manually or automatically according to a schedule.
Before the archiving process can be set up in MailStore, a user with access to all mailboxes to be archived has to be created.
The following prerequisites are required to configure Exchange Impersonation:
- Administrative credentials for the computer that is running Exchange 2007 that has the Client Access server role installed
- Domain Administrator credentials
All following commands can be executed from the Microsoft Exchange Management Shell.
Add access rights
Get-ClientAccessServer | Add-AdPermission -User serviceAccount ' -ExtendedRights ms-Exch-EPI-Impersonation
Get-MailboxDatabase | Add-AdPermission -User serviceAccount ' -ExtendedRights ms-Exch-EPI-May-Impersonate
serviceAccount is the user account you want to use as in UPN notation. Please take care that this user is not a member of an Exchange or Windows administrative group.
Check access rights
Get-ClientAccessServer | Get-Adpermission -User serviceAccount | ' Format-List *
Get-MailboxDatabase | Get-Adpermission -User serviceAccount | ' Format-List *
Remove access rights
Get-ClientAccessServer | Remove-AdPermission -User serviceAccount ' -ExtendedRights ms-Exch-EPI-Impersonation
Get-MailboxDatabase | Remove-AdPermission -User serviceAccount ' -ExtendedRights ms-Exch-EPI-May-Impersonate
Setting Up Journaling
Before the archiving process can be set up in MailStore, Journaling has to be set up for the Exchange server. Please proceed as follows:
Step 1: Creating a Mailbox for Journaling
To set up a new Exchange user with a meaningful name, e.g. journal, please proceed as follows:
- Start the Exchange Management Console and click on Recipient Configuration.
- Click on New Mailbox.
- Select User Mailbox and confirm by clicking on Next.
- Select New User and confirm by clicking on Next.
- Enter journal as user name (see screen shot below) and confirm by clicking on Next.
- Click on Browse to select a Mailbox database and confirm by clicking on Next.
- Confirm the summary by clicking on New. The user journal is created.
Step 2: Configuring a New Mailbox as Journal Mailbox
Open the Exchange Management Console. In the tree structure, open Organization Configuration and then Hub Transport. Click on the register card Journaling and in the area on the right on New Journal Rule.
The dialog window New Journal Rule opens:
- Enter a name for the Journaling rule, e.g. journal.
- Click on Browse and select the user "journal" just created.
- Under Scope, choose Global to capture all messages, Internal to capture internally sent messages only, or External to capture only those message with an external sender or recipient.
- Make sure that the control checkbox Enable Rule is activated.
- Click on New to activate the rule. Please keep in mind that in complex Microsoft Exchange environments it may take several minutes until the new rule becomes effective.
Important notice: Before MailStore can access the new Journal mailbox for archiving, it may be necessary for you to log on to this mailbox once using Outlook Web Access (OWA), for example.
Public Folders
If you want to use Impersonation for a Service Account to archive Public Folders hosted on an Exchange 2007 Server, please use the following command:
Add Permission
Get-PublicFolderDatabase | Add-AdPermission -User serviceAccount ' -ExtendedRights ms-Exch-EPI-May-Impersonate
Check Permission
Get-PublicFolderDatabase | Get-Adpermission -User serviceAccount | ' Format-List *
Delete Permission
Get-PublicfolderDatabase | Remove-AdPermission -User serviceAccount ' -ExtendedRights ms-Exch-EPI-May-Impersonate