Professional Documents
Culture Documents
Client Access Server Client Access Server Client Access Server Client Access Server
• Export eDiscovery search results (from Exchange) to PST file(s) with appropriate metadata
stored in EDRM XML
Mailbox Server
Mailbox databases, and the components previously associated with other Exchange Server 2007/2010 server Transport Service
roles (Unified Messaging, Client Access, Hub Transport) are hosted on the Mailbox server. All processing for a
Mailbox Server The Transport Service on the Mailbox server is
specific mailbox happens on the Mailbox server that hosts the active copy of the user’s mailbox. Client Outlook Web App responsible for all mail flow inside the organization. It’s
Exchange ActiveSync
connectivity takes place through the Client Access server. Client Remote also where DLP rules, transport rules, journaling
Transport RPCProxy Exchange Web Services
Access PowerShell Exchange Admin Center Unified policies, and Information Rights Management policies
In-Place Archive Recoverable Items Folder Offline Address Book POP/IMAP Transport
Messaging are applied.
• Provides users with an alternate storage These folders are not visible to the user. They Internet Information Services
location to store historical messaging data include the Audits sub-folders, which contain Anti-Malware: The Malware Agent is enabled by
• Appears below the user’s primary mailbox in mailbox audit and calendar logging entries. Unified Messaging
RPC Client default in the Transport service on Mailbox servers to
Outlook or Outlook Web App Database Exchange
• Deletions: Items soft-deleted from Deleted Access help protect the organization from malware and other
• Search across primary and archive mailboxes Managed Store Search
Items folder. Accessed through Outlook unwanted content.
in Outlook and Outlook Web App Extensible Exchange Search
“Recover Deleted Items”
• Sets archive quota separately from primary Storage Engine Anti-Spam Agents in Transport: All built-in anti-
• Versions: Original and modified copies of items
mailbox spam agents are disabled by default, but they can be
when either In-Place Hold or Single Item
Mailbox Server
• Exchange Online Archiving provides a cloud-
Mailbox Server Mailbox Server Mailbox Server
Mailbox
Recovery are enabled Database enabled by running a PowerShell script. The following
based archive for on-premises mailboxes anti-spam agents are available in the Transport service
• Purges: Hard-deleted items when either In- User mailboxes
In-Place Hold and Litigation Hold Place Hold or Single Item Recovery are enabled on a Mailbox server:
Archive mailboxes
• Query-based In-Place Hold on specific items • Discovery Holds: Data that matches the • Content Filter agent
Public Folder mailboxes
in a mailbox-based query (keywords) In-Place Hold criteria is saved to this folder .. .
• Sender ID agent
• Time-based In-Place Hold retains items for a • Sender Filter agent
Types of Mailboxes
specified duration
There are several types of mailboxes
Mailbox Server Role Components Active Passive Lagged
• Protocol Analysis agent for sender reputation
• Litigation Hold can also be used to place an Transport service Categorizer filtering
in Exchange 2013: Note: The Connection Filtering agent, the Attachment
indefinite or time-based hold on the user’s Agent Processing
mailbox • Arbitration: Used for handling moderated Managed Store Submitted Messages Filtering agent and the Recipient Filter agent are
recipients and distribution group membership The Managed Store is the name of the newly rewritten Information Store available on Edge Transport servers.
In-Place eDiscovery processes in Exchange 2013. The new Managed Store is written in C# and
approval Recipient Resolution
• Enables use of the NEAR operator, allowing tightly integrated with the Microsoft Exchange Replication service
• Archive: Used as a secondary mailbox for users Protocol Agents Mailbox Server Mailbox Transport Service
you to search for a word or phrase that’s in (MSExchangeRepl.exe). It leverages the worker process model and a static
• Discovery Search: Used to store results from The Mailbox Transport Service on the Mailbox server is
proximity to another word or phrase database caching algorithm to provide higher availability through improved DB1 DB1 DB1 DB1 SMTP Receive Routing
an In-Place eDiscovery search Delivery Queue SMTP Send the broker between the Transport service and the
• Enhanced management experience and resiliency. TCP25 or TCP2525
• Equipment: Used for resources that are not mailbox databases. The Mailbox Transport service
search query improvement DB2 DB2 DB2 DB2
location specific, such as a portable computer, Exchange Search DB1 Content Conversion
communicates directly with local mailbox databases
• Preserves the results of the query which Log 1 DB1 DB1 DB1 Routing Agents
projector, microphone, or a company car Exchange Search is different from full-text indexing available in previous DB1 using RPC, and with the Transport service on local and
allows for scoped immutability across DB3 DB3 Log 1 DB3 Log 1 DB3 Log 1
• Room: Used with room-based solutions, such versions of Exchange Server. Exchange Search includes numerous Log 2 DB1 DB1 DB1 Categorizer Agent Processing remote Mailbox servers using SMTP.
mailboxes Log 2 Log 2 Log 2 Submission Queue Routed Messages
as Lync Room Systems innovations in performance, content indexing, and search. New items are DB1 Delivery Agents
• Federated discovery using the SharePoint DB4 DAS Log 3 DB4 DAS DB4 DAS DB4 DAS
• Linked: Used for users in a separate, trusted indexed in the transport pipeline or almost immediately after they're created for other
eDiscovery Center allows you to search and
forest or delivered to the mailbox, providing users with a fast, stable, and more protocols Message Packaging
preserve data across Exchange, SharePoint,
• Public Folder: Used for public folders and
Pickup/Replay
and Lync reliable way of searching mailbox data. Content indexing is enabled by Delivery Queue
public folder content default, and there's no initial setup or configuration required.
• Using Exchange 2013 only, you can create a
• User: User for typical user to send, receive and Transport Pipeline
discovery search using the Exchange Admin store messages, appointments, tasks, notes, and The underlying content indexing engine has been replaced with Microsoft
Categorizer
Multiple Databases Per Volume and Continuous Replication
Center or the Exchange Management Shell documents Search Foundation, which provides performance and functionality
• Primary and Archive mailboxes are searched, improvements and serves as the common underlying content indexing
Mailbox Transport service The Categorizer processes all email messages and determines what rules
including items in the Recoverable Items and policies need to be applied based on the final recipient of the message.
engine in Exchange 2013 and SharePoint 2013.
folder Transport Agents applied at “Agent Processing Submitted Messages” stage:
SMTP Send SMTP Receive
TCP475 • RMS Decryption agent: Decrypt Active Directory Rights Management
Multiple Databases Per Volume High Availability Message Flow Services (AD RMS) protected messages
Exchange 2013 is optimized so that it can use large disks 1. A Mailbox server receives a message from any SMTP server Mailbox Server • Malware agent: Provides built-in anti-malware protection
Managed Availability multi-terabyte disks in a JBOD configuration more that's outside the Transport high availability boundary. The Selector • Journaling agent: Generates a journal report when a message matches
Sampling Detection Recovery efficiently. With multiple databases per disk, you can Transport high availability boundary is a DAG or an Active a journal rule
Both Exchange 2013 server roles include a new monitoring and high availability feature have the same size disks storing multiple database Directory site in non-DAG environments.
known as Managed Availability. copies, including lagged copies. The goal is to drive the Mailbox MBX Submit
Probe Engine 2. Before acknowledging receipt of the primary message, the Mailbox
distribution of users across the number of volumes that primary Mailbox server initiates a new SMTP session to a Assistants Agents Deliver Agents Transport Agents applied at “Recipient Resolution” stage:
Managed Availability includes three main asynchronous components that are constantly
Probe Definition Monitor Definition Responder Definition exist, providing you with a symmetric design where shadow Mailbox server within the Transport high availability • Transport Rule agent: Apply transport rules and DLP policies to
doing work. Administrators remain in control with the ability to configure server-specific Store Driver Submit Store Driver Deliver
during normal operations each DAG member hosts a boundary and makes a shadow copy of the message. In DAG messages, based on the specified conditions
and global overrides.
combination of active, passive, and optional lagged environments, a shadow server in a remote Active Directory Mailbox Transport Submission Mailbox Transport Delivery
Probe Monitor Responder copies on the same volumes. Another benefit of using
Probe Engine: Responsible for taking measurements on the server and collecting the data; Results Results Results site is preferred. Transport Agents applied at “Content Conversion” and “Agent Processing
results of those measurements flow into the monitor. multiple databases per disk is that it reduces the amount
(Samples) (Alerts) (Responses) 3. The primary server processes the primary message and Routed Messages” stages:
of time to restore data protection in the event of a failure MAPI MAPI • Journal Report Decryption agent: Decrypt journal reports that contain
delivers it to users within the Transport high availability
Monitor: Contains business logic used by the system to determine whether something is Monitor States that necessitates a reseed (for example, disk failure).
boundary or relays it to the next hop. The primary server RMS-protected messages
healthy, based on the data that is collected and the patterns that emerge from all collected • RMS Encryption agent: Applies Information Rights Management
queues a discard status for the shadow server that indicates
measurements. AutoReseed protection to messages flagged by the Transport Rules agent and re-
the primary message was successfully delivered, and the
AutoReseed is designed to automatically restore
Healthy primary server moves the primary message into the local encrypts transport-decrypted messages
Responder Engine: Responsible for recovery actions. When something is unhealthy, the database redundancy after a disk failure by using spare Mailbox Store
Primary Safety Net. • Prelicensing agent: Requests an AD RMS Usage License on behalf
first action is to attempt to recover that component via multi-stage recovery actions that disks that have been provisioned on the system. In the
4. The shadow server periodically polls the primary server for the of the recipient
can include: 00:00:00 T1 Restart Service Responder event of a disk failure where the disk is no longer
discard status of the primary message. • Journaling agent: The Journaling agent is also applied here so
Notification Item available to the operating system, or is no longer
• Restarting an application pool modified messages can't bypass the Journaling agent
00:00:10 writable, a spare volume is allocated by the system, and 5. When the shadow server determines the primary server
T2 Failover Responder Principles of Transport High Availability
• Restarting a service the affected database copies are reseeded automatically. successfully delivered the primary message or relayed it to the • Messages in transit are redundantly persisted before their receipt is acknowledged to the sending SMTP
Bugchecker Responder
Offline Responder next hop, the shadow server moves the shadow message into server
• Restarting a server; and the local Shadow Safety Net.
DAGs without Administrative Access Points • Redundant copies of messages processed by Transport are kept in Safety Net for resubmission in the event
• Removing a server from service 00:00:30 T3 Escalate Responder Exchange 2013 SP1 supports creating a DAG without a 6. The message is retained in the Primary Safety Net and the of a mailbox failover, and Safety Net itself is made redundant on another server
cluster administrative access point as a new optional Shadow Safety Net until the message expires. • Message resubmissions due to queue database loss or mailbox database failover are fully automatic and
If recovery actions are unsuccessful, Managed Availability escalates the issue to a human configuration. Creating a DAG without an AAP reduces do not require any manual intervention
through event log notifications. Copyright © 2014 Microsoft Corporation - All Rights Reserved
the complexity of your DAG and simplifies DAG
Poster Feedback: eapf@microsoft.com
management. Not all listed features are compatible with legacy versions of Exchange, SharePoint or Lync