Exchange 2013 Sample Architecture Part 3: Design Feature Overview and Virtualization Considerations

Overview

In this part of the Sample Architecture Series, we will hone in on several elements of the Exchange Solution design, namely a description of the overall Exchange 2013 solution design, followed by some basic system configuration parameters as well as virtualization considerations.

Design Features

Exchange 2013 Design

The Exchange 2013 Environment for Chimp Corp features the following design elements:

  • Internal Client Access: Internal clients can automatically locate and connect to available CAS Servers through the Availability and Autodiscover services. CAS Servers are configured in arrays for high-availability and the locations of the CAS servers are published through Service Connection Points (SCPs) in Active Directory.
  • External Client Access:  External clients can connect to Exchange via Outlook Web Access (OWA), Outlook Anywhere and Exchange ActiveSync. Exchange 2013 now supports L4 load balancing for stateless failover of connections between CAS servers in the same Array. Client traffic arrives at the Network Load Balancer, which uses Service Connection Points to locate the internal Mailbox servers and distribute load accordingly.
  • Single Domain Name URL: Exchange 2013 relies on a feature in the TCP/IP protocol stack of client computers that supports the caching of multiple IP addresses that correspond to the same name resolved from DNS. In the event of an individual site failure, the IP address corresponding to the CAS array in that site will become unresponsive. Clients automatically connect to the next cached IP address for the CAS Array in order to reestablish client connections. This IP address corresponds to the CAS Servers in the alternative site and failover occurs without any intervention.
  • Mailbox High availability: This feature is  provided by implementing Database Availability Groups (DAG). A single DAG will be configured to protect the messaging service.  It is preferred to deploy a high number of smaller mailbox databases in order to reduce mailbox restoration or reseed times in the event of a failure of a database copy.
  • Message Routing: All External SMTP traffic will be routed securely via Microsoft’s Exchange Online Protection (EOP) cloud-based services and the Internet. Inter-site messages between the premise and online users will also be routed via EOP. Internal messages between on-premise users in either datacenter site will be routed automatically via the transport service on the on-premise Mailbox servers.
  • Hybrid Deployment: The Exchange 2013 environment will be deployed in tandem with an Exchange Online Organization. The purpose of the Exchange Online Organization will be to host mailbox accounts that have been flagged as non-compliance sensitive and reduce the costs of the on-premises deployment. The hybrid implementation will feature a seamless experience between users in the on-premise and online environments, including Single Sign-on for users through the configuration of trusts between the Microsoft Online ID and the on-premises Active Directory Forest; unified GAL access and the ability for online and on-premise users to share free/busy information through the configuration of a Federation Trust with the Microsoft Federation Gateway; as well as secure encrypted message transport between on-premise and online environments, encrypted, authenticated and transported via Transport Layer Security (TLS)
  • Message Archiving: All Messages will be transferred to the Exchange 2013 via the Exchange Online Archiving Service. The existing on-premises archiving solution will be decommissioned after existing message archives are ingested into the Exchange Online Archive.

Exchange 2013 Virtualization

All Exchange 2013 server roles are fully supported for virtualization by Microsoft. Virtualization can assist an organization in consolidating its computing workload and enjoying benefits from cost reduction and efficient hardware resource utilization. According to Microsoft recommended Best Practices, load calculations when provisioning Exchange deployments in a virtual environment must accommodate for additional overheads from the virtualization hypervisor. Therefore, this solution design has factored in an additional resource overhead of 12% to accommodate virtualization.

The following server roles will be virtualized:

  •     Exchange 2013 Mailbox Servers
  •     Exchange 2013 CAS Servers

Microsoft provides further guidance on implementing Exchange Server 2013 in a virtualized environment. Relevant factors have been listed below:

  1. Exchange Servers may be combined with virtual host-based failover clustering migration technology, provided that the virtual machines are configured to not save and restore disk state when moved or taken offline. Host-based failover must result in a cold boot when the virtual machine is activated on a target node.
  2. The root machine should be free of all applications save the virtual hypervisor and management software.
  3. Microsoft does not support taking a snapshot of an Exchange virtual machine.
  4. Exchange supports a Virtual Processor to Physical Processor ratio of no greater than 2:1 and Microsoft recommends an ideal processor ratio of 1:1. Furthermore, virtual CPUs required to run the host OS should be included in the processor ratio count
  5. The disk size allocated to each Exchange Virtual machine must use a disk that is of size equal to 15GB plus the size of virtual memory allocated to the virtual server.
  6. The storage allocated for Exchange data can either be virtual storage of a fixed site, such as fixed Virtual Hard Disks (VHDs), SCSI pass-through storage or iSCSI storage.
  7. Exchange 2013 does not support NAS storage. However, fixed VHDs that are provisioned on block level storage and accessed via SMB 3.0 on Windows Server 2012 Hyper-V are supported.
  8. Exchange 2013 is designed to make optimal usage of memory allocations and as such, dynamic memory features for Exchange are not supported.

Conclusion

Subsequent sections of this series will focus on the Exchange Mailbox Design and CAS Design, as well as the Hybrid Implementation and additional features.

Please click here for the next part: Exchange 2013 Mailbox Server Role Design.

Exchange 2013 Sample Architecture Part 2: High-level Architectural Design Document

Overview:

This section provides an introduction into the key elements of the Exchange 2013 Architectural solution. It provides high-level solution overview and is suitable for all technical project stakeholders. The excerpts of the final design document are listed under this post and the full High Level Design document can be downloaded here: RoadChimp Sample Architectural Doc (ADOC) v1.1

1. Messaging Infrastructure function

The Messaging Infrastructure serves the primary function of providing electronic mail (E-mail) functionality to Chimp Corporation. The messaging infrastructure supports E-mail access from network connected computers and workstations as well as mobile devices. E-mail is a mission critical application for Chimp Corp and it serves as an invaluable communications tool that increases efficiencies and productivity, both internally to an organization, and externally to a variety of audiences. As a result, it is of paramount importance for the Chimp Corp to maintain a robust infrastructure that will meet present and future messaging needs.

Key requirements of the messaging infrastructure are as follows:

  • Accommodate service availability requirements
  • Satisfy archiving requirements
  • Satisfy growth requirements
  • Provide required business continuity and disaster recovery capabilities

1.A. About IT Services (ITS)

The IT Services Organization is responsible for managing the IT environment for the Chimp Corp as well as ensuring adherence to published standards and operational compliance targets throughout the enterprise.

1.B. Service Level Agreement (SLA)

The Email infrastructure is considered mission critical and, therefore, has an SLA requirement of 99.99% availability.
The full SLA for the messaging environment can be found in the document <Link to SharePoint: Messaging SLA> 

1.C.  Locations

The messaging infrastructure is hosted from two separate datacenters being at:

  • Datacenter A (DCA)
    Chimp Center Prime
    1 Cyber Road,
    Big City
  • Datacenter B (DCB)
    Chimp Center Omega
    10 Jungle Way,
    Banana Town

The messaging infrastructure is supported by the IT Services Support Organization located at:

  • Chimp Corp Headquarters
    Chimp Center Prime
    Bldg 22, 1 Cyber Road,
    Big City

1.D.     E-mail User Classifications

The primary users of the messaging system are Chimp Corp employees. The user base is divided in two groups as follows:

  •     Exec: users performing Senior or Critical corporate functions
  •     Normal: the rest of the user population

2. Existing Platform

This section of the Asset document provides an overview of the present state of the asset, as well as a chronological view of changes based on organizational or technological factors.

2.A.     Existing Exchange 2003 design

A third-party consulting company performed the initial implementation of the messaging environment in 2000. The messaging platform was Microsoft Exchange 2003 and Windows 2003 Active Directory. The diagram below provides a representation of the existing design blueprint.

Exchange 2003 Environment

Fig. 1 Existing Messaging Environment

A single unified Active Directory Domain namespace chimpcorp.com was implemented in a Single Domain, single Forest design.

2.B. Change History

Over the years the Chimp Corp messaging environment has undergone various changes to maintain service level and improve functionality. The timeline below shows the changes over time.

Chimpcorp Timeline
Fig. 2 Chimp Corp Messaging Infrastructure Timeline

2.B.1   Initial Implementation

The Exchange 2003 messaging infrastructure was implemented by IT Services in 2005 and the entire user base was successfully migrated over to Exchange 2003 by September 2005.

2.B.2   Linux Virtual Appliances deployed for Message Hygiene

A decision was made by IT to deploy a Message Hygiene environment for the company in Windows 2013.

 This change was scheduled as maintenance and was executed early 2009.

2.B.3   Additional Datacenter Site (Omega)

In order to improve infrastructure availability and to support additional growth of the corporate environment, a second datacenter site, codenamed Omega was commissioned and fully completed by March of 2009.

2.B.4   Two Exchange Mailbox Clusters (A/P) deployed in the Omega Datacenter Site

To improve the availability of e-mail for users and also to meet plans for storage and user growth, two additional Exchange Mailbox Servers were deployed in Datacenter Omega (DCB).

2.B.5   Third-party archiving solution

A third party archiving solution was deployed by IT Services in 2010 as part of efforts to mitigate growth of the Exchange Information Stores, based on recommendations from their primary technology vendor. The archiving solution incorporates a process known as e-mail stubbing to replace messages in the Exchange Information Stores with XML headers.

2.B.6   Acquisition by Chimp Corp

After being acquired by Chimp Corp in September 2011, immediate plans were laid out to perform a technology refresh across the entire IT infrastructure.

2.B.7   Active Directory 2008 R2 Upgrade

The Windows Active Directory Domain was updated to version 2008 R2 in native mode in anticipation of impending upgrades to the Messaging infrastructure. The replacement Domain Controllers were implemented as Virtual Machines hosted in the Enterprise Virtual Server environment running VMWare vSphere 5. This change was completed in March 2012.

2.C. Existing Hardware Configuration

The current hardware used in the messaging platform consists of the following elements:

2.C.1   Servers

Existing server systems comprising the messaging environment include:

    • 12 x HP DL 380 G4 servers at DCA with between 2 – 4 GB of RAM
    • 10 x HP DL 380 G4 servers at DCB with between 2 – 4 GB of RAM

2.C.2   Storage characteristics

Exchange storage used for databases, backups, transaction logs and public folders have been provisioned on:

    • 2 TB of FC/SAN attached storage provisioned for 5 Exchange Storage Groups and 21 Databases and Transaction Logs
    • 2 TB ISCSI/SAN attached storage Archiving

2.D. Network Infrastructure

The Chimp Corp email infrastructure network has two main physical locations at the DCA and DCB datacenter sites. These are currently connected via the Chimp Corp LAN/WAN. The core switches interconnecting all hardware are Cisco 6500 Series Enterprise class switches.

2.E.  Present Software Configuration

Software and licenses presently in use include:

  • Microsoft Windows 2003 Standard
  • Microsoft Windows 2003 Enterprise
  • Microsoft Exchange 2003 Standard
  • Microsoft Exchange 2003 Enterprise
  • Third Party SMTP Appliances
  • A Stub-based third-party Email Archiving Tool

3. Messaging Infrastructure Requirements

The design requirements for the Exchange 2013 messaging environment have been obtained from the project goals and objectives, as listed in the Project Charter for the E13MAIL Project.

The primary objective for the E13MAIL Project is to ensure continued reliability and efficient delivery of messaging services to users and applications connecting to Chimp Corp from a variety of locations. Stated design goals are to increase performance, stability and align the operational capabilities of the messaging environment with Industry Best Practices.

The requirements/objectives for the messaging infrastructure are:

  • Redundant messaging solution deployed across 2 datacenter locations; DCA and DCB.
  • Capable of Audit and Compliance requirements
  • High Availability (99.99%)
  • Monitoring of services and components
  • Accurate configuration management for ongoing support
  • Adherence to Industry Best Practices for optimal support by vendors and service delivery organizations
  • Reliable Disaster-Recoverable backups, with object level recovery options
  • Message Archiving functionality with a maximum retention period of 7 years

4. Design Components

The primary messaging solution is to deploy new Exchange 2013 environment that spans Chimp Corp’s physical data center locations and extends into Microsoft’s Office 365 cloud to take advantage of the latest user productivity and collaboration features of Microsoft Office 2013.

The main goals for this solution are:

  • Minimize end-user impact: Minimizing the end-user impact is a key goal for Chimp Corp. Significant effort must be made to ensure that the transition of all e-mail related services are seamless to the end-user.
  • Reliable delivery of services: The messaging environment is a mission critical component of Chimp Corps IT infrastructure and adheres to strict Change Management practices. The solution must be able to integrate with existing Operational and Change processes.
  • Longevity of solution: The new messaging solution must endure beyond the initial implementation as it evolves into a production state. This requires the necessary attention to ensuring that operational knowledge is transferred to IT Services technical teams such that they can maintain uptime requirements.

The individual design components were subjected to a stringent evaluation process that included the following design criteria:

  •     Costs of Ownership
  •     Technological engineering quality
  •     Scalability
  •     Fault Tolerance / Reliability
  •     Industry best practices
  •     Supportability
  •     Ease of administration
  •     Compatibility with existing systems
  •     Reliability
  •     Vendor specifications

4.A. Hardware technology

IT Services researched the server solutions from a number of hardware vendors and made a final decision in favor of HP, Brocade and Cisco vendor equipment.

4.A.1   Server hardware

The server platform used is the eighth generation (G8) HP Blade 400-series server. This is an Intel based server system. The CPUS’s in these systems are standardized to Intel Xeon E5-2640 processors; these are hex-core processors with a 2.5 GHz speed. The servers are equipped with 128 GB of memory to accommodate their specific functions. The blade servers are provisioned in HP Blade C 7000 class enclosures.

4.A.2   Storage hardware

To accommodate the storage requirements two storage arrays are implemented. The primary array is an HP EVA 6400 class Storage Area Network. This array is equipped with 25TB of RAW storage and is used for on-line, active data. The secondary array is an HP P2000 G3 MSA class storage area network. This array is equipped with 15TB of RAW storage and is used for secondary storage like archives, backups etc.

4.A.3   Interconnect technology

HP’s Virtual Connect technology is used to accommodate network connectivity to both the storage network and the data networks. The virtual connect technology acts as a virtual patch panel between uplink ports to the core switching infrastructure and the blade modules. The virtual connect backplane will connect the network connections into a Cisco based core network. The storage area network is interconnected via a Brocade switch fabric.

4.A.4   Server Operating Systems technology

The majority of the messaging infrastructure components will be deployed onto the Microsoft Windows Server 2012 Operating System platform, licensed to the Enterprise version of the operating system. For systems that do not support Windows Server 2012, Windows Server 2008/R2 will utilized.

4.A.5   Messaging platform technology

A pristine Microsoft Exchange Server 2013 will be implemented in a hybrid configuration, featuring two major components:

  • On-premise Exchange 2013: The on-premise environment to support core business functions that cannot be moved to the cloud due to compliance reasons.
  • Office 365: All non-compliance restricted users will be migrated onto the Office 365 cloud.

The hybrid deployment will feature full interoperability between on-premise and cloud-based users, featuring single sign-on, sharing of calendar Free/busy information and a single unified OWA login address.

4.A.6   Back-end Database technology

Microsoft SQL Server 2012 was selected as the database platform to support all non-Exchange application requirements. The selection criterion for this product was partly dictated by the usage of technologies that depend on the SQL server back-end. As part of simplification and unification, it is preferred to keep all back-end databases in the messaging infrastructure on the same database platform.

4.A.7   Systems Management Solution

Due to the diversity of software applications and hardware in this infrastructure, a mix of management tools and products are used to manage all aspects of the messaging infrastructure. Major components are listed below:

(a)    Server hardware management: Vendor provided HP System Insight Manager hardware tools are used in combination with Microsoft System Center Operations Manager (SCOM) to provide hardware-level monitoring and alerting.

(b)    Server event management: Microsoft Systems Center Operations Manager (SCOM) 2012 is used for server event consolidation, management and alerting.

(c)     Server Applications management: Server software management comprises of systems patch management and server provisioning.

    • Systems patch management: Windows Systems Update Server (WSUS) integrated into Systems Center Configurations Manager (SCCM) provides patch management of all Windows Server Operating Systems in the messaging environment.
    • Server Provisioning: Server Provisioning for both bare metal and virtual server deployments are managed via the HP rapid deployment pack (HP/RDP)

4.A.8   Message Security and Protection technology

The following Security and Protection products have been selected:

  • Server Virus protection: McAfee Antivirus has been selected to protect the server operating system.
  • Message hygiene: Microsoft Exchange Online Protection (EOP) will be used for message hygiene and protection.
  • Security events auditing: Microsoft SCOM has been selected to capture information such as security auditing and alerting events that are generated from the server platforms.

4.B. Functional Blueprint

The blueprint below illustrates the desired messaging infrastructure:

Exchange 2013 Design

Figure 3 Chimp Corp Functional Messaging Design 

Conclusion

In the next section we will cover more detailed aspects of the Exchange 2013 design, as well as Server Virtualization Considerations for deploying Exchange 2013.

For the next part of this post, please click here.

Exchange 2013 – 70-342 (Advanced Solutions of Microsoft Exchange Server 2013)

Hi all,

I took the Exchange 70-342 exam – Advanced Solutions of Microsoft Exchange Server 2013 while it was still in Beta in November 2012 and there weren’t many resources available for assist us with preparation, so I ended up reading through most of Technet.

As a friendly sort of chimp, I decided that many of you guys out there would be able to benefit from some short summarized info docs explaining the various features, components and commands for the knowledge areas tested in Exchange 2013. So here’s what I’ve done, I’ve posted up a number of short articles, called Road Chimp’s Exchange 2013 Briefs.

You can reach them at the menu section on the top of this blog. I’ve also decided to post links below. Put a like on this post if you’ve found it useful. 🙂

1. Exchange Unified Messaging
2. Site Resilience
3. Information Rights Management
4. Mailbox and Administrative Auditing
5. In-Place Archiving
6. Data Loss Prevention
7. Message Records Management
8. In-place eDiscovery
9. In-place Hold
10. Coexistence with Exchange Online (Hybrid)
11. Coexistence with Legacy Systems
12. Cross-Forest Coexistence
13. Exchange Federation

Exchange 2013 Sample Architecture Part 1: Implementation Scenario

Scenario Overview:

Chimp Corp has recently completed the acquisition of a competitor, Bananas Inc. As part of the core infrastructure architecture team, you have been brought in to design and implement Exchange 2013 as part of a large Enterprise systems refresh. The Project Charter has been signed off by senior stakeholders with the objective of upgrading the existing messaging environment from Exchange 2003 SP2 to Exchange 2013. Senior Management has expressed a desire to migrate the messaging environment to the cloud in order to take advantage of cost benefits, however the compliance department has mandated that specific components of the messaging environment must stay on-premises in order to meet regulatory requirements.

Management has decided to deploy a Hybrid Exchange 2013 environment in a new Active Directory Forest that is Federated to an Exchange Online organization. The on-premise environment will host approximately 60% of the Organization’s mailboxes and the remaining 40% of the Organization’s mailboxes are considered to be non-sensitive and the compliance department has approved their migration onto the cloud. This scenario represents the path of least resistance, as Microsoft Exchange 2013 does not support direct upgrade path from Exchange 2003 to Exchange 2013 and due to the considerable size of the corporate messaging environment (15,000 Mailboxes), a swing migration to Exchange 2007/2010 and then to Exchange 2013 was considered to be impractical.

Existing Environment:

Exchange 2003 Environment

The messaging environment features Exchange 2003 SP2 with Active Directory 2008, featuring four Clustered Exchange Mailbox Servers implemented across two datacenters with dedicated Network Load Balanced Exchange Front End Servers in each location. Third-party SMTP Message Hygiene appliances were configured in each site to provide Spam Filtering and Anti Virus Scanning and in addition, a number of applications were configured to relay SMTP messages via one of the SMTP appliances. A third-party Archiving tool was deployed across both sites and client access was provisioned primarily via Outlook RPC, OWA; Blackberry Enterprise Servers and Microsoft ActiveSync.

Requirements:

The following solution requirements were distilled from theRequest for Proposal (RFP) document. The solution must:

  • Conform to Microsoft Best Practices
  • Accommodate 99.99% high availability standards
  • Adhere to Disaster Recovery, High Availability and Business Continuity standards
  • Provide a fully redundant and load balanced design
  • Accommodate 9,000 Mailboxes across 2 datacenters
  • Accommodate 6,000 Mailboxes on an Exchange Online organization
  • Average Mailbox Size 1 GB
  • Anticipated Storage Growth per year of 20%
  • Store Archived Emails for 7 years
  • Adhere to Retention,  Legal Hold and eDiscovery requirements
  • Perform Email Archiving whenever a mailbox reaches 1GB or whenever messages are 1 year old.
  • Network Access Bandwidth: 1 Gbps
  • Storage Access: Minimum bonded Gigabit Connections or Fibre Channel
  • Client Access: Outlook 2007 and later, Internet Explorer, Safari and Firefox using OWA, PDA access from RIM Blackberries, IP Phones and Microsoft Windows Mobile 6 and later.

Proposed Solution:

Based on stipulated requirements in the RFP, the Proposed Solution must include a number of components including the following:

  1. Methodology used to implement Exchange 2013 and related architectural components
  2. Related hardware and software builds
  3. Related costs of implementing the solution
  4. Annual cost of ownership
  5. A high level project plan detailing the responsibilities of various stakeholders

The final solution proposed an implementation of Exchange 2013 configured as a Hybrid environment. The Exchange 2013 environment would feature the following benefits:

  • Scalability and flexibility of moving users to the cloud
  • Virtualization of on-premises Exchange environment
  • Migration of Archives to Exchange Online Archiving
  • Deployment of High Availability using native Microsoft technologies
  • Unified Management via Microsoft Exchange Administration Center
  • Systems Management via Microsoft System Center Configuration Manager (SCCM) 2012

Solution Components:

The solution featured a high-level design that was broken into the following components:

  • Exchange Server
  • Infrastructure Services
  • Email Archiving
  • Storage Design
  • Backup and Recovery
  • Systems Management
  • Client Access

Conclusion:

Successive sections in this series will provide you with the various design components of the final solution, as well as related Project Implementation plans.

For Part 2: High-level Architectural Design Document, click here.

Exchange 2013 Architecture Samples

I’m posting a set of Sample Architectural Design documents that were adapted from a real-world Multi-site Hybrid Exchange deployment. The documents are built entirely on Best Practices and I’ve taken the liberties of updating elements of the design to reflect changes in the Exchange 2013 Architecture (and of course to remove and sensitive confidential information).

This was a fairly large implementation and took the combined efforts of a large team of engineers to complete all of the deliverables, who inspired me and continue to do so. You may not need all of these document components, but it’s good to see how a large Messaging Environment can be broken down into its constituent components and architected in detail.

Read First: These design documents were derived from detailed research and consulting with expert engineers. Feel free to use as a reference, but always verify the requirements of your project against the data in these guides. Roadchimp takes no responsibility for any implementation issues that you encounter. Make sure that you implement licensed copies of Microsoft Software with valid Microsoft Support in place prior to making any changes to a production environment. Further more, make sure that you consult with Microsoft’s  resources to ensure that your hardware is fully supported by Microsoft for deploying Exchange 2013, Windows Active Directory and other architectural components.

I will start posting links to these templates here:

Exchange 2013 Brief – Hybrid Deployments

Executive Overview

The cloud offers consumers more options for deploying their applications and is attractive from the perspective of predictable costs, reliability and scalability. However, not every component of an Organization’s environment may be fully suited for the cloud due to a variety of reasons including confidentiality and compliance. With the increasing trend of organizations to move parts of IT onto the cloud and retain core aspects of their business within their datacenters, it becomes important for us to understand how Exchange 2013 interoperates between on-premises and cloud. Exchange 2013 is designed from the ground up to support coexistence with the cloud. From both the administrator and end-user’s perspective, Exchange 2013 and Office 365 provide a seamless and feature rich experience. We will explore some of these features in this post.

Notable Features

  • Secure mail routing
  • Mail routing with the same domain space
  • Unified GAL and Free/Busy sharing
  • Centralized Egress of Messages
  • Unified OWA login
  • Centralized Management
  • Mailbox Migrations
  • Cloud-based Message Archiving

Architecture/Components

  • Architecture Components: A hybrid Exchange 2013 environment comprises of the following components.
    • Exchange servers: You may have a combination of Exchange 2013, Exchange 2010 or earlier Exchange Servers and roles deployed on-premises. You will need a minimum of one Exchange 2013 Client Access and one Exchange 2013 Mailbox Server if you deploy Exchange 2013 on-premises in your organization.
    • Microsoft Office 365: This is Microsoft’s feature-rich cloud based service that includes cloud-based email, instant messaging and online conferencing, Office Web Apps including Word, Excel, Powerpoint and OneNote and Email Archiving. You will need the Midsize Business and Enterprise Plan (E3) in order to configure Active Directory Synchronization with your on-premises environment. You will also need to configure an Exchange Online organization to enable hybrid deployments.
    • Exchange Online Protection (EOP): EOP is included in all Office 365 Enterprise tenant subscriptions. EOP enables secure message delivery between cloud and on-premises Exchange Organizations and can also be configured to manage message routing between the Internet and your on-premises Exchange Organization.
    • Hybrid Configuration wizard: The Hybrid Configuration wizard is used to manage the hybrid configuration through the Exchange Administrative Center (EAC). The Hybrid Configuration Wizard first performs prerequisite and topology checks, tests account credentials between on-premise and Exchange Online organizations and then subsequently performs the necessary configuration changes to create and enable the hybrid deployment, this includes adding the HybridConfiguration object in the on-premise Active Directory environment.
    • Microsoft Federation Gateway: On-premises Exchange Organizations must configure a federation trust with the Microsoft Federation Gateway before they can enable a hybrid configuration with an Exchange Online organization. The Microsoft Federation Gateway acts as a trust broker between the on-premises Exchange and the Online Exchange organizations and federation trusts can be configured manually or via the Hybrid Configuration Wizard. A Federation Trust is necessary for your on-line and on-premise users to be able to share free/busy information.
    • Active Directory Synchronization: AD synchronization enables a unified GAL across Online and on-premises users in your Exchange deployment. AD Sync feature requires you to download and install the tool on a separate server (Physical or Virtual) in your on-premises environment. Note that the default limit of 20,000 objects that can be replicated between on-premises Active Directory and the online organization can be increased by contacting the Microsoft Online Services team.
    • Active Directory Federation Services (Optional): the AD FS server implementation will enable users in your organization to use their existing network credentials for logging on to the on-premises and Exchange Online organizations using “Single Sign-on”. This is facilitated by configuring trusts between the on-premises Active Directory Forest and the Microsoft Online ID.
    • Certificates: To support secure communications between the on-premises and Online environments, Microsoft recommends that you purchase a Subject Alternative Name (SAN) SSL certificate that can be used to secure access to the following services:
      • Primary shared SMTP domain: This is your primary email domain and needs to be installed on local Client Access and Mailbox Servers. ie. chimpcorp.com
      • Autodiscover: The autodiscover services supports the configuration of remote clients (Outlook and Exchange Active-sync), is installed on your CAS servers and should be provisioned according to the external Autodiscover FQDN of your Exchange 2013 CAS server. ie. autodiscover. chimpcorp.com
      • Transport: This is installed on your Exchange 2010 SP3 Edge Transport Servers and matches the external FQDN of your edge transport servers. ie. edge.chimpcorp.com
      • AD FS (optional): A certificate is required to establish trust between web clients and federation server proxies and to sign and decrypt security tokens.
      • Exchange Federation: A self-signed certificate is required to establish a secure connection between the on-premises Exchange 2013 servers and the Microsoft Federation Gateway.
      • Client Access: An SSL certificate is required for use by clients such as OWA and Exchange ActiveSync and Outlook Anywhere. ie. webmail.chimpcorp.com
  • Message Transport: Messages between the on-premises and online organizations are encrypted, authenticated and transferred via Transport Layer Security (TLS). Depending on how you choose to configure your hybrid environment, messages can flow either one of the following ways:
    • Centralized Mail Transport: All Internet-bound email is delivered via the on-premises Exchange Organization. The Exchange on-premises organization is responsible for message transport and relays all Internet messages from the Exchange Online organization. This configuration is preferable if your organization has compliance or regulatory requirements and must monitor a single point of egress for all messages outside of your organization. Ensure that you provision sufficient bandwidth between the on-premises and online environments to process all outbound messages.
    • Online-centric Transport: All Internet-bound email in the Organization is delivered via the Exchange Online organization. In this case, all external outbound messages from the on-premises Exchange Organization are relayed to servers in the Exchange Online organization. This is preferable if you wish to use Microsoft’s Exchange Archiving and Exchange Online Protection (EOP) solutions, as it supports the most efficient flow of messaging traffic.
    • Independent message routing: All Internet-bound email from recipients in the Exchange Online organization are delivered directly to the Internet, taking an independent path from your on-premises Exchange 2013 Organization.
    • Edge Routing: On-premises endpoint for Exchange and Exchange Online organizations must be an Exchange 2013 CAS Server, or Exchange 2010 SP3 Edge Transport Server. Communications between Exchange Online and older versions of Exchange, SMTP hosts or appliances  are not supported.
  • Client Access: In Exchange 2013 client access is supported from Outlook via RPC/HTTP and Outlook Web App. Clients connecting to the on-premises Client Access server are redirected to either the on-premises Exchange 2013 Mailbox Server or provided with a link to logon to the Exchange Online organization.

Common Administrative Tasks

  1. Set up an Office 365 account: Via the Office 365 online portal here.
  2. Enabling a Hybrid Deployment: Use the Hybrid Deployment Wizard in the EAC.
  3. Configure  or modify the Hybrid Deployment Options: Via the Hybrid Deployment Wizard in the EAC or Powershell
    Set-HybridConfiguration -Features OnlineArchive,MailTips,OWARedirection,FreeBusy,MessageTracking
  4. Verify the configuration was successful: Via PowerShell
    Get-HybridConfiguration
  5. Sharing Free/Busy information: Steps on how to configure Federation Trusts
  6. Configuring Active Directory Synchronization: Steps to download the AD Synchronization tool from the Office 365 portal.

Top PowerShell Commands/Tools:

– Set|Update|Get-HybridConfiguration

Click here to read more briefs on Exchange 2013.

References/Links

PowerShell Command Reference for Hybrid Configuration
Technet: Article on the Hybrid Configuration Wizard
Technet: Article on Hybrid Certificate Requirements
Technet: Article on configuring message routing
Labs on AD Synchronization

Exchange 2013 Configuration Guides

A warm Ook and hello from your banana loving primate friend! I’ve decided to put up a list of configuration guides for Exchange 2013 in an easy to access part of this blog. The configuration guides will help you to perform (hopefully) some tasks that you may find useful. I will post links to various guides on this page.

1. Exchange 2013 in Windows Azure

2. Configuring a Hybrid Exchange 2013 Deployment

 

I hope to get more posts out there. Thanks for all your comments and likes!

Road Chimp saying Ook!

 

 

Exchange 2013 Architecture Series – Part 3: Mailbox and Storage Design

Hello all, in this third section on Exchange 2013 Architecture, we will look into the Exchange storage subsystem and build around some best practices on Exchange 2013 design.

Exchange Storage Types

Before you start provisioning your Exchange Server 2013 environment, it’s useful to think about the different types of storage that a healthy Exchange environment uses. Each storage classification has its own unique performance requirements, and a well-architected Exchange storage architecture will be designed in order to support these needs.

  • Operating System and Page File Volumes: At the most fundamental level, all Exchange Servers run on top of an Operating System. In addition to storing the OS Kernel, the Operating System volume manages all I/O operations on the Exchange Server, as well as memory allocation and disk management.
  • Exchange Binaries: These volumes contain the actual application files that Exchange needs to run and follows the path: <Drive:>Program FilesMicrosoftExchange ServerV15. Microsoft requires at least 30GB of free space on the drive you wish to install the Exchange binaries on.
  • Exchange Database Volumes: These volumes store the actual Exchange Database files, which follow the format ‘.edb’. Enhancements in the Exchange Server database engine have resulted in reductions in disk resource requirements. However, database volumes should still be optimized for high performance and commonly use RAID striped volumes with parity to support high IOPS.
  • Exchange Database Log Volumes: Exchange 2013 uses a relational database technology that utilizes transaction logs to record changes to the Exchange Databases. The database log volumes are write intensive in nature.
  • Exchange Transport Database Volumes: Changes to how Exchange 2013 manages mailflow have resulted in the creation of several new features known as Shadow Redundancy and Safety Net. Read my previous post for more information on these new features. For Shadow Redundancy, the transport server makes a redundant copy of any messages it receives before it acknowledges successfully receiving the message back to the sending server. The Safety Net feature is an updated version of the Transport Dumpster and retains copies of retained messages in a database for a default of 2 days, via the SafetyNetHoldTime parameter. You should design your storage to accommodate two full days of additional e-mails within a high-availability boundary.
  • Backup/Restore Volumes: With database replication and resiliency features of Exchange now providing fault tolerance and high availability, backup and restore services are less crucial. However, they must be considered in the event of restoring historical or archived data. Most organizations consider less expensive storage types such as WORM (Write one, read many)

Storage hardware technologies

Exchange 2013 supports the following storage hardware technologies:

  • Serial ATA (SATA): SATA disks are cost effective, high capacity storage options that come in a variety of form factors. Microsoft recommends that you do not store your Exchange databases across a spanned volume comprising of multiple SATA drives.
  • Serial-attached SCSI: SCSI is a mature disk access technology that supports higher performance than SATA, but at a higher cost.
  • Fibre Channel (FC): Fibre Channel (note the spelling) support high performance and more complex configuration options such as connectivity to a SAN at a higher cost. FC disks are typically used in a collection of disks known as an Array and support the high-speed transmission of data (up to 16Gbps and 3200 MBps) and potentially require expensive fibre-channel infrastructure (known as switch-fabric) supporting single-mode or multi-mode fiber cables. The advantages of Fibre-channel are that the disks can be colocated a significant distance away from the actual servers (hundreds of meters up to Kilometers) without experiencing any loss in performance, which means that an organization can consolidate the disks used by numerous applications into one part of the datacenter and configure them optimally with high-redundancy features. This is the basic justification for a SAN.
  • Solid-state Drive (SSD): SSD drives use flash-type memory to store data and have a number of advantages of conventional SATA and SCSI based disk technologies which still employ rotary mechanical operations to access and write data on spinning platters. SSD drives are a relatively newer technology and currently support lower disk capacities but feature very high performance, boasting low disk access times (0.1ms compared to SCSI 4-12ms times). Due to their high cost, it is common for organizations to build servers with a combination of disk types, using SSD for Operating System partitions as well as volumes that benefit from write-heavy access, such as transaction log volumes for relational database systems.

Logical Storage Architectures

Exchange 2013 has changed how it addresses storage architecture from the ground up. Since the Extensible Storage Engine was rewritten via managed code and optimized for multiple threading, the storage design for Exchange has had to change as well to keep up. Microsoft provides the following recommendations with respect to the following storage architectures:

  • Direct/Locally Attached Storage (DAS): DAS storage architecture featured disks and arrays that are locally attached to the Exchange Server and are commonly supported by Microsoft Exchange 2013 and include Serial ATA (SATA) and SCSI hardware architectures.
  • Storage Area Networks (SANS): SAN architecture is fully supported in Microsoft Exchange 2013 both over Fibre and iSCSI interfaces.
    • Microsoft recommends that you allocate dedicated volumes (spindles) to Exchange Server and not share the same underlying physical disks with other applications on your SAN.  This recommendation is in support of ensuring that you have reliable and predictable storage performance for Exchange and not have to worry about resource contention and bottlenecks that may be common in poorly designed or managed SAN environments.
    • Fibre-channel over Ethernet (FCoE): Microsoft has yet to release any design information pertaining to whether Exchange 2013 supports implementations of FCoE. While technically, FCoE should have no issues supporting the latency requirements and frame sizes of an Exchange 2013 environment, I would recommend that you proceed with caution when implementing any Microsoft technology over a non-supported environment. In the event of a support incident, Microsoft support has the right to declare that your environment is non-supportable due to inconsistencies with their Hardware Compatibility list (HCL).
  • Network Attached Storage (NAS): At this point in time, Exchange Server 2013 does not suppor the use of NAS-based storage devices for either Physical or Virtual implementations of Exchange.

Allocating Storage

Let’s start with the basic storage requirements of Exchange Server 2013. Microsoft indicates that Exchange 2013 requires that you allocate the following amount of storage space to accommodate the following Storage Types:

  • Exchange System Volumes: At least 200 MB of available disk space on the system drive
  • Exchange binaries: At least 30GB of free space on the drive you wish to install the Exchange binaries on. With an additional 500 MB of available disk space for each Unified Messaging (UM) language pack that you plan to install
  • Exchange Database Volumes: Amount of storage required would vary depending on a number of factors including the number of and size of mailboxes in your organization, the mailbox throughput (average number of emails sent/received), high availability features (database copies), as well as email retention policies (how long you need to store emails). These factors will determine an optimal number of mailboxes per database, number of databases and database copies and finally the amount of storage allocated for growth.
  • Exchange Database Log Volumes: You should provision sufficient storage to handle the transaction log generation volume of your organization. Factors that affect the rate of transaction log generation include message throughput (number of sends/receives), size of message payloads and high-availability features such as database copies. If you plan to move mailboxes on a regular basis, or need to accomodate large numbers of mailbox migrations (import/export to Exchange), this will result in a higher number of transaction logs generated. If you implement lagged database copies, then you need to provision additional storage on the transaction log volume for the number of days of lag you have configured. The following requirements exist for log file truncation when lagged copies are configured:
    • The log file must be below the checkpoint for the database.
    • The log file must be older than ReplayLagTime + TruncationLagTime.
    • The log file must have been truncated on the active copy.
  • Message Queue Database: A hard disk that stores the message queue database on with at least 500 MB of free space.

Volume Configuration

Microsoft recommends the following configuration settings for each volume that hosts Exchange-related data:

  • Partitioning: GPT is a newer technology over traditional MBR partitioning formats to accommodate much larger disk sizes (up to 256 TB), While MBR is supported, Microsoft Recommends that you use GPT partitions to deploy Exchange. Partitions should also be  aligned to 1MB.
  • File System: NTFS is the only supported file system type supported by Exchange 2013. Microsoft recommends an optimal allocation unit size of 64KB for both Exchange Database and Log File volumes. NTFS features such as NTFS Compression, Defragmentation and Encrypted File System (EFS) are not supported by Exchange 2013.
  • Windows BitLocker: BitLocker is a form of Drive Encryption supported in newer versions of Microsoft Windows. BitLocker is supported for all Exchange Database and Log File volumes. However, there is limited supportability for Windows BitLocker on Windows Failover Clusters. Link here.
  • SMB 3.0: SMB is a Network File Sharing Protocol over TCP/IP with the latest version available in Windows Server 2012. SMB 3.0 is only supported in limited deployment configurations of Exchange 2013, where fixed virtual hard disks (VHDs) are provisioned via sMB 3.0 only in the Windows Server 2012 Hyper-V or later version. Direct storage of Exchange data is not supported on SMB. Read this article.

Storage Best Practices

The following best practices offer useful guidelines on how to configure your Exchange 2013 Environment

  • Large Disk Sector Sizes: With ever-increasing disk capacities in excess of 3TB, hardware manufacturers have introduced a new physical media format known as Advanced Format that increases physical sector sizes. Recent versions of the Windows Operating System, including Windows Vista, Windows 7 and Windows Servers 2008, 2008 R2 and 2012 with certain patches applied (link) support a form of logical emulation known as 512e which presents a logical sector size of 512k, whereas the physical hardware can actually read or write to a larger sector size, known as atomicity.
  • Replication homogeneity: Microsoft does not support Exchange databases copies that are stored across different disk types. For example, if you store one copy of an Exchange database on a 512-byte sector disk, you should not deploy database copies to volumes on another Exchange server that are configured with a different sector size (commonly 4KB).
  • Storage Infrastructure Redundancy: If you choose externally attached storage such as a SAN solution, Microsoft recommends that you implement multi-pathing or other forms of path redundancy in order to ensure that the Exchange  Server’s access to the storage networks remains resilient to single points of failure in the hardware and interconnecting infrastructure (Ethernet for iSCSI and Fibrechannel for conventional SCSI-based SANs).
  • Drive Fault Tolerance: While RAID is not a requirement for Exchange 2013, Microsoft still recommends RAID deployments especially for Stand-alone Exchange servers. The following RAID configurations are recommended based on the type of storage:
    • OS/System or Pagefile Volume: RAID 1/10 is recommended, with dedicated LUNs being provisioned for the System and Page file volumes.
    • Exchange Database Volume: For standalone (non-replicating) Servers, Microsoft recommends deploying a RAID 5 with a maximum array size of 7 disks and surface scanning enabled. For larger array sizes, Microsoft recommends deploying RAID 6 (5+1) for added redundancy. For high-availability configurations with database replication, redundancy is provided by deploying more than one copy of any single Exchange Database, therefore Microsoft recommends less stringent hardware redundancy requirements. You should have at least 2 or more lagged copies of each database residing on separate servers and if you can deploy three or more database copies, you should have sufficient database redundancy to rely on JBOD (Just a Bunch of Disks) storage. The same recommendations for RAID 5/6 apply for high-availability configurations. In both cases of standalone and high-availability configurations that use slower disk speeds (5400 – 7200 rpm), Microsoft recommends deploying disks in a RAID 1/10 for better performance.
    • Exchange Mailbox Log Volumes: For all implementations, Microsoft supports all RAID types, but recommends RAID 1/10 as a best practice, with JBOD storage only being used if you have at least three or more replica copies of an Exchange Database. If deploying lagged database copies, you should implement JBOD storage only if you have two or more copies of a database.
    • RAID configuration parameters: Furthermore, Microsoft recommends that any RAID array be configured with a block size of 256KB or greater and with storage array cache settings configured for 75% write cache and 25% read cache. Physical disk write caching should be disabled when a UPS is not in use.
  • Database volume size and placement: Microsoft Exchange Server 2013 supports database sizes of up to 16TB, however for optimal database seeding, replication and restore operations, Microsoft recommends that you limit each database size to 200GB and provision the size of each volume to accommodate a 120% of the maximum database size.
  • Transaction Log volume size and placement: Microsoft recommends implementing Database and Log file isolation by deploying your database files and transaction log files in separate volumes. This is actually a good practice, since the performance requirements of databases and transaction logs differ.
  • Basic and Dynamic Disk types: The Windows Operating System supports a form of  disk initialization known as Dynamic Disks, which allows you to configure options such as software-based RAID and dynamic volume sizes. While Dynamic Disks are a supported storage type in Exchange 2013, Microsoft recommends that you deploy Exchange on the default Basic Disk storage.

Conclusion:

In this section, we explored the various storage components supported by Microsoft Exchange Server 2013 and reviewed some deployment best practices for implementing Exchange. There are a number of different types of storage that the various components of Exchange utilize and a well architected storage solution should seek to optimize performance of these various components.

Reference:

Link to Microsoft Technet article on Storage Configuration Options.

Article on MSDN site on Windows support for Advanced Format disk types

Link to Microsoft Technet article on Virtualization Support

PMP Exam Prep – Part 5: The Project Management Processes

In this section, we will explore the basic structure of the PMBOK and how PMI has chosen to organize the 42 different Project Management Processes into five basic categories. Knowledge of how the PMBOK is structured will be key in your efforts to prepare for the certification exam as well as to apply the PMBOK in a practical setting.

Process Groups Definition

Candidates need to know what these process groups are and what they produce.  Also interesting to note that within a project, the different phases within the lifecycle of the project will also go through these process groups. For example, during the concept phase of a product, the project team will perform several processes just for that single phase. First you initiate the phase, then you plan it, execute it and finally you close it before moving on to the next phase.

Please refer to Table 3-1 in the PMBOK. You must learn to understand the nature of process interactions. Time spent on this chart is well spent. Memorize this chart. I’ve included a copy of the chart at the bottom of this post, just scroll to the bottom to see it.

It lists all of the 42 Project Management processes listed in the PMBOK that are categorized into 5 Project Management Process Groups. In the exam, you will have to know which of these come from which different process areas. For example, Develop Project Charter is an initiating process.

Knowledge beyond the PMBOK

PMI recognizes that there is more to an effective Project Manager than knowledge of the PMBOK. Figure 3 below highlights some of the different realms of knowledge that PMI believes we should be aware of.

01

Fig. 5-1 Project Management Realms of Knowledge

For example, under General Management Knowledge and Skills a manager would be responsible for performing activities that would encompass a greater scope than an individual project, such as performing periodic performance evaluations of her staff.

Process Group Interactions

02

 

 

 

Fig. 5-2 Process Group Interactions

Process groups typically are an iterative process and run serially from Initiating to Planning.  You initiate a project and then you begin to plan it and then you execute it. But during your execution, you control it, which may then cause you to re-plan. So there is overlap there until you eventually finish this process group and continue on to the closing processes.

It is important to note that process groups frequently run in parallelto one another, as process groups are not always discrete or separate and there can be some overlap between the various process groups during the course of a project.

In later parts of this course, you will learn that activities relating to Risk Management and Cost management typically run continually throughout the project and do not have a distinct ending point from one process to another.

03

 

 

 

 

 

 

 

 

 

Table 3-1 Project Management Process Groups and Knowledge Areas Mapping

You will have to become intimately familiar with this table in order to do well in the exam. Think of the table as encompassing  the entire ‘universe’ of activities that are necessary to managing a project successfully. All of these processes are interwoven together, as the outputs of one process may become the inputs of others.

It is quite likely that you will see more than one question in the PMP exam testing you on your understanding of a particular process. For example, you may be asked to identify the correct outputs of the Quality Assurance process, or since this is a Multiple Choice Examination, you might be given four options, and three are the correct ones and the other option is incorrect.

In my opinion, these are the preferred examination options, as you will see that it only takes hard work and a bit of memorization to get these types of questions 100% correct. No guess work required. My monkey brain likes that!

Conclusion

In this section, we learnt about Project Management Process Groups and how PMI has chosen to divvy up all 42 Project Management Processes into five general Categories: Initiating, Planning, Executing, Monitoring and Controlling and Closing. We were also introduced to Table 3-1 of the PMBOK, which is an important learning tool for the exam.

In the next section, we will piece together the first 5 sections of the PMP Exam Prep posts and go over an introduction to the Project Management Knowledge Areas, the real meat of the PMBOK.

I hope you guys liked reading this! Feel free to post your comments and feedback. It’s greatly appreciated!

Ook! Road Chimp, signing out.

Exchange 2013 Brief – Mailbox Audit Logging

Executive Overview

Due to the wide-spread prevalence of e-mail and the potential that e-mails contain sensitive information that may be of high impact to a business or contain personal information, there is a need for many IT departments to be able to track access to mailboxes. Mailbox audit logging enables an organization to identify mailbox access by mailbox owners, delegates and administrators.

Notable Features

  • Mailbox Audit Logon Types
  • Mailbox Audit Log

Architecture/Components

  • Mailbox Audit Logon Types: In Exchange 2013, you can distinguish between three classes of users when they access a mailbox. These classes are:
    • Mailbox Owners: The account designated to access the mailbox. (Primarily Users)
    • Mailbox Delegates: Alternate accounts that have been granted permissions to access a mailbox
    • Administrators: Administrators typically access an account during the following three instances: Firstly, when In-Place eDiscovery is used to search a mailbox. Secondly, when the New-MailboxExportRequest cmdlet is used to export a mailbox; and Thirdly, the Microsoft Exchange Server MAPI Editor is used to access a mailbox.
  • Mailbox Audit Logs: Mailbox audit logs are generated for each mailbox that has mailbox audit logging enabled. Log entries are retained in the mailbox by default for 90 days in the Audits subfolder of the audited mailboxRecoverable Items folder. Mailbox Audit logs allow you to specific what types of important information should be logged for a specific logon type. These include:
    • User Actions (Accessing, copying, creating, moving or deleting a message)
    • Performing SendAs or SendOnBehalf actions
    • Reading or previewing a message
    • Client IP adress
    • Client Host name
    • Process that client used to access the mailbox

Common Administrative Tasks

  1. Enabling or Disabling Mailbox Audit Logging: via EAC or PowerShell
    Set-Mailbox -Identity “Road Chimp” -AuditEnabled $true to enable &
    Set-Mailbox -Identity “Road Chimp” -AuditEnabled $false to disable
  2. Enabling/Disabling Mailbox Audit Logging for various logon types:
    Set-Mailbox -Identity “Road Chimp” -AuditOwner or
    Set-Mailbox -Identity “Road Chimp”
     -AuditDelegate or
    Set-Mailbox -Identity “Road Chimp” -AuditAdmin
  3. Verify Mailbox Audit Logging was configured: via Powershell
    Get-Mailbox “Road Chimp | Format-List *audit*
  4. Create a Mailbox Audit Log Search: via EAC or PowerShell
    New-MailboxAuditLogSearch “Admin and Delegate Access” -Mailboxes “Road Chimp”,”Chief Peeler” -LogonTypes Admin,Delegate -StartDate 1/1/2012 -EndDate 12/01/2012 -StatusMailRecipients “auditors@chimpcorp.com”
  5. Searching Mailbox Audit Log for a specific search term: via EAC or PowerShell
    Search-MailboxAuditLog -Identity “Road Chimp” -LogonTypes Admin,Delegate -StartDate 1/1/2012 -EndDate 12/31/2012 -ResultSize 2000
  6. Bypass a User Account from Mailbox Audit Logging: via EAC or Powershell
    Set-MailboxAuditBypassAssociation -Identity “Road Chimp” -AuditBypassEnabled $true

Top PowerShell Commands/Tools:

– Set-Mailbox -AuditEnabled
– Set-Mailbox -AuditDelegate |AuditAdmin | AuditOwner
– Get-Mailbox

References/Links

Technet: Article on Mailbox Audit Logging
Cmdlets: For Mailbox Audit Logging