Professional Documents
Culture Documents
Exchange Server 2013 Operation GuideV3 PDF
Exchange Server 2013 Operation GuideV3 PDF
RAJI SUBRAMANIAN
Email: mail2raji@hotmail.com
Blog:http://rajisubramanian.wordpress.com
http://rajisubramanian.blogspot.in
3/9/2014
Revision and Signoff Sheet
1 INTRODUCTION
This is the draft initial copy prepared for Exchange Server 2013 Operation Guide
The following figure shows the main components of the Exchange 2013 Admin Center:
Follow the instructions in this section to install the prerequisites on domain-joined Windows 7 64-bit computers where you want
to install the Exchange management tools.
After you've installed the operating system features, install the following software in the order shown:
Note: If you have User Access Control (UAC) enabled, you must run Setup.exe from an elevated command prompt.
The Exchange management tools can be installed on a domain-joined computer with a default install of Windows 8 or Windows
8.1 64-bit. Installing the Exchange 2013 management tools
1. Log on to the computer on which you want to install the Exchange 2013 management tools.
2. Navigate to the network location of the Exchange 2013 installation files.
3. At the command prompt, run the following command.
Note: If you have User Access Control (UAC) enabled, you must run Setup.exe from an elevated command prompt.
Example: New-RoleGroup -Name HelpdeskGroup -Roles “ExchangeAdmin”, “Mail Recipients”, “Mail Recipient
Creation”, “Delegated Setup” -RecipientOrganizationalUnitScope server.mail.com/Org – CustomConfigWriteScope
SCOPE-ORG-EXCHSRV
Syntax: New-Mailbox -Name '<LASTNAME>, <Firstname>' -Alias '<ALIAS>' -OrganizationalUnit '<OU>' UserPrincipalName
'<UPN>@int.cggveritas.com' -SamAccountName '<SAMACCOUNT>' -FirstName '<FIRSTNAME>' -LastName '<LASTNAME>' -
Password (Get-Credential).Password -ResetPasswordOnNextLogon $true -Database '<DATABASE>'
Example New-Mailbox -Alias Raji -Name "Raji Subramanian" -FirstName Raji -LastName Subramanian -DisplayName "Raji
Subramanian" -UserPrincipalName RajiS@mail.com -Password (ConvertTo-SecureString -String 'Pa$$word1' -AsPlainText -
Force)
This command will remove mailbox from Exchange server but not the AD account
This command will remove the user account from AD and mailbox from Exchange server
Get-Mailbox <ACCOUNT> | Remove-Mailbox
You can purge only against disconnected or soft-deleted mailboxes not on active mailbox
Add-MailboxPermission -Identity "SharedMailbox" -User Rajis -AccessRights FullAccess -InheritanceType all -AutoMapping
$false
Note: Access Rights can be FullAccess, ExternalAccount, DeleteItem, ReadPermission, ChangePermission, ChangeOwner
To Clean up Mailbox database after changes perfromed in the Active Directory or to sync with AD (i.e When account is disabled)
When mailbox is moved to a different database - the source mailbox will not be deleted from the source database. This source
mailbox is turned to soft-deleted state.
Get-MigrationUser | Get-MigrationUserStatistics
The below list of options need to be consider when adding members or removing members from the group
The below list of options need to be consider when for sending and receiving email from Group
Only senders inside my organization: Select this option to allow only senders in your organization to send messages to
the group. This means that if someone outside of your organization sends an email message to this group, it will be
rejected. This is the default setting.
Senders inside and outside of my organization: Select this option to allow anyone to send messages to the group.
Note: If you’ve configured the group to allow only senders inside your organization to send messages to the group, email
sent from a mail contact will be rejected, even if they are added to this list.
The below list of options need to be consider for Email approval for Sending message to the Group
Select moderation notifications Use this section to set how users are notified about message approval.
o Notify all senders when their messages aren't approved This is the default setting. Notify all senders, inside
and outside your organization, when their message isn't approved.
o Notify senders in your organization when their messages aren't approved When you select this option,
only people or groups in your organization are notified when a message that they sent to the group isn't
approved by a moderator.
o Don't notify anyone when a message isn't approved When you select this option, notifications aren't sent
to message senders whose messages aren't approved by the group moderators.
Set-MailboxRegionalConfiguration –Identity 'RajiS' –Language 'Es-es' –TimeZone 'Eastern Standard Time' –DateFormat 'dd-
mm-yyyy'
Set-MailboxMessageConfiguration -Identity 'RajiS' -AutoAddSignature $True –SignatureText 'Thanks & Regards - Raji
Subramanian'
Get-MessageTrackingLog -MessageSubject "This is Test Email" -Start "04/03/2014 00:00:00" -End "05/03/2014 00:00:00" -
server Server01
Get-MessageTrackingLog -MessageSubject "This is Test Email" -Start "04/03/2014 00:00:00" -End "05/03/2014 00:00:00" -
server Server01
Get-TransportService | Get-MessageTrackingLog -MessageSubject "This is Test Email" -Start "04/03/2014 00:00:00" -End
"05/03/2014 00:00:00"
ForEach ($server in Get-TransportServer) {Get-MessageTrackingLog -EventId EXPAND -Start "04/03/2014 00:00:00" -server
$server.name | ft Timestamp,Sender,RelatedRecipientAddress,Recipients,RecipientStatus -wrap -autosize}
5.7.10 Find NDR 5.4.6 routing loops in the last day from all transport servers
6 DAILY TASKS
To help ensure the availability and reliability of your Exchange 2013 organization, you must actively monitor the physical
platform, the operating system, and all important Exchange 2013 services. Preventive maintenance helps you identify
potential errors before any one of these errors cause problems with the operation of your Exchange organization.
Preventive maintenance combined with disaster recovery planning and regular backups help minimize problems if they
occur.
Monitoring your Exchange organization involves checking for problems with connections, services, server resources, and
system resources. You can also set alerts to notify administrators when problems occur. Microsoft Windows Server 2008
R2 and Exchange 2013 provide you with many monitoring tools and services to help make sure that your Exchange
organization is running smoothly. The key advantages to daily monitoring are as follows:
• Meeting the performance requirements of your service level agreements (SLAs).
• Completing successfully specific administrative tasks, such as daily backup operations, and checking server
health.
• Detecting and addressing issues, such as bottlenecks in the server performance or need for additional
resources before they affect productivity.
Daily maintenance tasks help you establish criteria for what is normal for your organization and to detect any abnormal
activity. It is important to implement these daily maintenance tasks so that you can capture and maintain data about your
Exchange organization, such as usage levels, possible performance bottlenecks, and administrative changes. See the
following topics for information about tasks that you should perform daily as a best practice:
• Performing Physical Environmental Checks
• Performing and Monitoring Backups
• Checking Disk Usage
• Checking the Event Viewer
• Monitoring Server Performance
• Monitoring Network Performance
7 WEEKLY TASKS
As a recommended practice, perform the following tasks and procedures weekly:
8 MONTHLY TASKS
As a recommended practice, perform the following tasks and procedures monthly:
• Security Checks - Depending on the level of security that your organization requires, it may be appropriate to
perform regular audits of security, including firewall rules, user rights, group membership, delegate rights, and so
on.
• Capacity Planning - Review capacity figures for the previous month, and produce a plan for any upgrades that may
be required in the coming months to keep the system operating within limits specified by the organization's service
level agreements (SLAs).
• Disaster Recovery Test - Perform a system recovery for a single server to test your organization's documented
recovery process. This test will simulate a complete hardware failure for one server, and make sure that the
resources, plans, and data are available for recovery. Try to rotate the focus of the test each month, so that you test
the failure of a different server or other piece of equipment every time.
Get-MailboxDatabasecopyStatus * | Format-List
Note: Make sure you have enough free disk space on the restored location
Step 2: Verify the database health status after the restoration of database file. Run the following command to verify the status
Step 3: If the database is Clean Shutdown move to next step. In case if it is dirty shutdown perform the soft recovery and if it fails
Step 9: Restoring them using the following Exchange PowerShell command based upon your requirement
Restoring the mailbox email in a seperate folder (Restore) on the user mailbox
Step 10: Check the status of mailbox restoration when completed check in the user mailbox on all restored emails.
Get-MailboxRestoreRequest
Step 11: Remove the completed mailbox restore using the following PowerShell command
4. Suspending activation for the database copies on the server being updated
5. To force all database to be activated on a particular Mailbox server, use this command:
6. Suspending the Exchange 2013 mailbox server MBX01 from the cluster
9. Verify there is no database mounted or active database on the server that will be under maintenance
9. Perform the maintenance in the server on installing the rollup or patches on Exchange server 2013
Test-ReplicationHealth
Test-ReplicationHealth
Migration from Exchange Server 2007 Managed Mailbox Folder Policy to Exchange Server 2013 Retention Policy
It uses MRM version 2.0 whereas Exchange 2007 hold MRM Version 1.0
In Exchange 2007 we have terms known as Managed Folder, Managed Folder Content, Managed Folder Policy these
are no more supported in Exchange 2013.
As similar ManagedFolderAssistantSchedule in Exchange 2007 Mailbox server we have workcycle for Exchange 2013
Mailbox Server
In Exchange 2007 SP1 when we use managed default folders we need Exchange Standard client access license
whereas on using managed custom folders then we need an Exchange Server Enterprise CAL.
Get-ManagedContentSettings
Get-ManagedFolderMailboxPolicy
Get-ManagedFolder
2. To schedule the mailbox folder assistance for Exchange 2007 Mailbox Server
3. To check the mailbox folder assistance schedule for Exchange 2007 Mailbox Server
1. Migration of Exchange 2007 Managed Folder to Exchange Server 2013 Retention Policy Tag
New-RetentionPolicyTag -Name 'Exchange 2013 Retention Tag' -ManagedFolderToUpgrade 'Exchange 2007 Managed
Folder’
New-RetentionPolicy 'Exchange 2013 Retention Policy' –RetentionPolicyTagLinks 'Exchange 2013 Retention Tag'
Set-RetentionPolicyTag "'Exchange 2013 Retention Policy " -Comment "This folder is under retention policy and Items
in the Deleted Items folder will be automatically deleted in 14 days"
Go to the mailbox folder where the retention policy is applied. On the email you see the below view
9.5 REMOVING ADDITIONAL NETWORK INTERFACE (BACKUP, ISCSI AND STORAGE) FROM EXCHANGE SERVER 2013 DAG
Whenever you add additional network to the DAG network for example additional interface for ISCSI, additional LAN Interface
for Storage or additional LAN interface to take backup this may leads to collide with Exchange 2013 DAG network automatically
and may result issue as follows,
It shows as Misconfigured.The cause for the issue is by default in Exchange 2013, DAG networks are automatically configured by
the system. Make sure the binding of the network interface that is newly added other than default DAG networks need to be
moved below. This can be achieved on selecting network connection – advance connection - bindings
Solution
9.5.10 Check the all the network informated connected to the server
Get-DatabaseAvailabilityGroupNetwork -Server <Server Name> | Select Name, MapiAccessEnabled, ReplicationEnabled,
IgnoreNetwork
Primary Active Manager which runs inside the Microsoft Exchange Replication Service used to notify and react in case of server
failure. The PAM owns the cluster quorum resource and holds the information about active, passive and mounted databases.
Standby Active Manager provides information of the server hosting the active copy of a mailbox database to the Client Access
or Transport services.
Datacenter Activation Coordination uses a protocol called Datacenter Activation Coordination Protocol (DACP) to avoid split
brain .When a DAG is running in DAC mode, When the server reboots, the Active Manager starts up the bit as 0 (Database
Quorum Details
Odd number of nodes ---> Node Majority
Even number of nodes (but not a multi-site cluster) ---> Node and Disk Majority
Even number of nodes, multi-site cluster ---> Node and File Share Majority
Even number of nodes, no shared storage ---> Node and File Share Majority
Continous replication uses initial File Mode to replicate 1 MB of file to the passive database. When File Mode completes it moves
to Block Mode for immediate updates
Port 3343 is used Nodes for listening incoming connections from other nodes of the DAG Members
I believe it more enough to know the definition let us move pratically what we do in our Exchange infra. It’s always good to have
documentaion of the below component information which will helps in case if our servers are in disaster.
AutoDatabaseMountDial:
To verify Quorum
Cluster /quorum
Get-Counter -ComputerName <> -Counter “\MSExchange Replication(*)\Continuous replication - block mode Active”
When the primary site fails due to disaster on the odd nodes due to power Outage or server failure follow the below steps
Use the Stop-DatabaseAvailabilityGroup to mark the primary site DAG members are in failed state.
Stop the cluster service in all the passive node of the secondary site
Stop-service clussvc
Use the Restore-DatabaseAvailablityGroup to remove the stoppedmailbox server from the DAG and re-establish the quorum
using the alternate Witness server
When the service or power is restored in the Primary site is up run Start-DatabaseAvailabilityGroup to revert the datacenter
Get-ClusterQuorum | fl
Still if it’s show the older quorum model execute the below powershell cmdlet