We began day 2 of the Exchange 2010 Maestro seminar with a review of the topics covered in day 1. A spirited discussion occurred about the notion of “backupless” Exchange. In other words, some commentators have advanced the thought that the advent of the Database Availability Group (DAG) and the new ability to run multiple database copies within the DAG means that you don’t need to take backups of the databases anymore.
Life is full of choices and it’s entirely your option to plunge into the world of operations without the safety net that a nice warm backup provides. We discussed:
- The need for sufficient database copies to provide security. Two copies is not enough. Three is good. Four is better. A lagged copy is an option, but it is a solution for specific circumstances rather than general-purpose recovery.
- The need to enable circular logging on the databases so that disks don’t fill up with transaction logs. Remember, good full backups clean up transaction logs for Exchange databases by truncating the log set and removing the logs that are no longer necessary. This won’t happen if you’re not taking full backups. Circular logging is one solution, manual deletion of logs is another – but definitely not recommended.
- The need to uncheck the database property that controls whether deleted items are kept until a good backup occurs. The reason here is that if you tell Exchange to keep deleted items and then never perform a full backup, you end up in a situation where all the deleted items and mailboxes are kept forever – even after they exceed their deleted items retention period. The command
Set-MailboxDatabase -Identity 'Database' -RetainDeletedItemsUntilBackup $Falsewill do the trick.
I didn’t perceive a great desire from the group to plunge into the world of backupless Exchange. To those who say that Microsoft IT is happy to run in this mode (or so the anecdotes report), my response is that I’d be similarly happy if I had the entire Windows and Exchange development groups available on the same site and could call on them if problems happy. This isn’t the normal state of affairs for most other companies!
Following a review of the labs, we plunged into the rest of the day. The agenda looked like this:
09:00 Review of Day
09:15 Role Based Access Control – Paul
11:00 Mailbox Replication Service (MRS) – Tony
12:15 Exchange 2010 Transport – Paul
14:00 Compliance – Tony
15:15 Compliance Part 2 – Tony
18:00 End of day
We’d actually spent quite a bit of time on Wednesday night to ponder on the feedback received from day 1 and made some changes to the agenda to get through the amount of content that we knew we had to deliver. Some heavy-duty sessions were delivered today. Starting with RBAC is never easy (if you’re not used to RBAC), and the intricacies of the Mailbox Replication Service (moving mailboxes, importing and exporting data, and so on) was tough.
Of course, the best laid plans of mice and men began to unravel as soon as we began and the RBAC and MRS sessions both turned into mega-monsters. We eventually got to lunch at 13:00 only 45 minutes behind schedule by postponing the Transport session. The audience interaction and interest was great and loads of questions were asked and to their credit, everyone stayed tuned in until the last slide.
Lunch was a welcome relief and we stole some time by beginning again at 13:50 when Paul started to talk about Exchange 2010 Transport. This session didn’t attempt to cover every single aspect of transport as that would take hours, but it was important to reveal the differences that exist between Exchange 2003/2007 and Exchange 2010 routing and transport as well as the improvements that Microsoft has made in Exchange 2010 SP1. Paul finished this session at 15:10, some 20 minutes over time. We were on a downwards slope in terms of scheduling…
Compliance was the next fun topic, which we started at 15:25. Personal archives, dumpster V2, retention and litigation hold, retention policies and tags, the workings of the Managed Folder Assistant (MFA), discovery searches, annotation of search results, and much more occupied us until we broke at 17:15 and then went back to work again with labs at 17:20.
We take a pretty liberal attitude to labs as we think that everyone has their own learning pace and style. Some like to work through labs in a structured environment with instructors around and stay in the room until we throw them out. Others like to go and sink a cold beer to clear their head from the hubris of the day and then go and work on the labs in their own room. We provide the virtual machines used for the labs on a hard disk to allow the freedom of choice and this seems to have gone down well with participants. In addition, people can take the VMs on the disk away with them when they leave the seminar and can continue to use the VMs for learning afterwards.
One interesting point raised after the compliance session was the total lack of support for compliance features within public folders. Retention policies don’t apply to public folders, discovery searches don’t search them, litigation hold doesn’t apply, and so on. This isn’t altogether surprising because the compliance features operate on mailboxes (primary and archive) but it may come as a surprise for organizations who have invested a lot of time and money in public folders. The only solution is to move data into mailboxes… not a great answer.
The fact that Microsoft has released some guidance to say that Outlook 2010 Professional Plus is the only version of Outlook that can access personal archives (as per this posting) came as an unpleasant surprise to many. One often missed aspect is that Professional Plus is only available through volume licensing, so this would imply that no one could buy a version of Outlook through any other route and expect to connect it to an archive mailbox. For example, someone who upgraded their home PC with Office 2010 Home and Student and then logged into their office server to use Exchange would not be able to see their online archive, which seems like a bad thing. Actually, there’s some inconsistency across different pages on the Microsoft site because this page says “Personal Archive is available only when you use Outlook 2010 as part of Microsoft Office Professional 2010 or Microsoft Office Professional Plus 2010 with a volume license.” I believe that the correct situation is that Outlook 2010 Professional Plus is required. But then again, I use Office Professional Plus and I have not tried any other edition of Outlook 2010, professional or otherwise, so that’s something to do when I get some time. It’s also worth noting that Outlook 2010 Professional is needed to support the display of retention tags. In reality, this requirement shouldn’t be a big deal for most large organizations as they will purchase Office from Microsoft through volume deals and so end up with Outlook Professional Plus.
Of course, Microsoft has promised to release an update for Outlook 2007 that will enable access to archives for this client, but no public details are yet available as to when the code might be available. If in doubt there’s always Outlook Web App… which can get to personal archives, reveal retention and archive tags, and so on… so in some respects OWA is the most functional client for folks who don’t have access to a “proper” version of Outlook 2010.
Another question raised covered the capability of Discovery Search to search through mailboxes. Most people make an assumption that searches can find stuff in Exchange 2003 and Exchange 2007 servers if they’re in the same organization as Exchange 2010 servers. However, the fact is that discovery searches rely on the content indexes that Exchange 2010 mailbox servers maintain for their databases and cannot locate anything on legacy servers. Therefore, the sooner you move mailboxes to Exchange 2010, the sooner you will be able to generate true organization-wide discovery searches.
As always, the interaction and questioning in seminars like this provoke lots of debate and help people to tease out the lesser-known operational details that contribute enormously to successful deployments.