Monday, March 5, 2012

Enable Archive mailbox in exchange 2010

Enable an Archive Mailbox
You can create an archive mailbox for a user's primary cloud-based mailbox. Users can use the archive mailbox, also called a personal archive, to store historical messaging data by moving or copying messages from their primary mailbox to their archive mailbox. The archived messages reside in the cloud, and users can access it from any computer using Microsoft Outlook 2010 or Outlook Web App.
This topic explains the following:
Why use archive mailboxes?
Archive mailboxes can help you implement and manage your organization's archiving strategy. Users typically use personal store (.pst) files to store historical messaging data on their local computer, network shares, or a USB drive. An archive strategy that relies on .pst files has many disadvantages:
  • The proliferation of .pst files that are stored in different locations
  • Limited access by administrators to .pst files that reside on a local computer or removable media
  • Risk of data theft because .pst files can reside on portable devices such as laptops, portable hard drives, and USB drives
  • Difficulty searching .pst files for data relevant to legal cases
These issues with .pst files make it hard for an organization to manage archived messages. Archive mailboxes help mitigate these issues in the following ways:
  • They provide users with a single, unified archive for managing their messaging data
  • They allow users to:
    • Access their archive messages from any computer, by using Outlook Web App.
    • Easily copy or move messages between their primary and archive mailboxes.
    • Search their entire mailbox in Outlook 2010 or Outlook Web App. Because the archive mailbox isn't cached locally on the user's computer, search results include items found in the users' archive mailbox.
  • They help address compliance needs in the following ways:
    • Archive mailboxes are searched when you perform a multi-mailbox search.
    • When litigation hold is enabled, a litigation hold applies to a user's primary and archive mailbox.
    • An archive mailbox contains its own Recoverable Items folder and is subject to the same Recoverable Items folder quotas as the primary mailbox. To learn more about recoverable items, see Recover Deleted E-mail Messages in Exchange Online.
    • When an archive mailbox is enabled, retention policy tags with a retention action of Move to Archive are applied. For a list of default retention tags that are configured with a Move to Archive action, see Retention settings in Exchange Online.
      Note   In Exchange Online, by default, messages are automatically moved to the archive mailbox after two years. This applies to all items in a mailbox that don't have a retention tag already applied.
Size of the archive mailbox
The default quota size for an archive mailbox depends on the type of user license assigned to the mailbox.
  • Exchange Online (Plan 1)   Users receive a combined total size of 25 GB for their primary mailbox and archive mailbox. Therefore, the size of the user’s archive mailbox can’t exceed 25 GB.
  • Exchange Online (Plan 2)   Users receive unlimited storage in their archive mailbox. However, a default quota of 100 GB is set on the archive mailbox. In the unlikely event that a user reaches this quota, contact Office 365 support to request more storage space for the archive mailbox.
Note   Administrators in a cloud-based organization can’t change the quota size for an archive mailbox.
Enable the archive mailbox
  1. Select Manage My Organization > Users & Groups > Mailboxes.
  2. Select the mailbox you want to enable the archive mailbox for and click Details.
  3. Under Mailbox Features, select Archive and click Enable.
  4. In the Archive Mailbox window, accept the default archive name (Archive Mailbox - <display name>) or type a new name.
  5. Click Save. Note that the status for Archive is now Enabled.
After you save the change, the archive icon is displayed in the mailbox list for the user's mailbox to indicate the archive mailbox is enabled.
Note   When you assign Full Access permissions to a mailbox, the delegate to which you assign the permissions can also access the corresponding archive mailbox. However, you can’t assign permissions directly to an archive mailbox.
Disable the archive mailbox
Caution   When you disable an archive mailbox, the contents of the archive are permanently removed. The archive won't be accessible by the user and you can't reconnect the archive mailbox to the corresponding primary mailbox.
  1. Select Manage My Organization > Users & Groups > Mailboxes.
  2. Select the mailbox to disable the archive mailbox for and click Details.
  3. Under Mailbox Features, select Archive and click Disable.
  4. In the warning window, click Yes to disable the archive. At this point, disabling the archive mailbox is pending. You have to save this change for the archive to be disabled.
  5. Click Save to complete the process.
If you enable the archive mailbox after disabling it, a new archive mailbox is created, and it won't contain the contents from the previous archive.
Enable archive mailboxes for all users in your organization by using Windows PowerShell
Before you begin   To learn how to install and configure Windows PowerShell and connect to the service, see Use Windows PowerShell in Exchange Online.
To enable an archive mailbox for all users in your organization, run the following command:
Get-Mailbox -ResultSize unlimited -Filter {(RecipientTypeDetails -eq 'UserMailbox')} | Enable-Mailbox -Archive
When you run this command, the archive mailbox name is set to “Online Archive – <display name>” by default. For example, the archive mailbox name for Chris Cannon is “Online Archive – Chris Cannon.” The archive mailbox is displayed in the folder list in the Navigation Pane in Outlook or Outlook Web App.
You can also configure a different archive name when you use Windows PowerShell to enable archive mailboxes. For example, to name archive mailboxes “Personal Archive - <display name>” when you enable archive mailboxes for all users in your organization, run the following commands:
$users = Get-Mailbox -ResultSize unlimited -Filter {(RecipientTypeDetails -eq 'UserMailbox')}
ForEach ($a in $users) {$a.ArchiveName.Add("Personal Archive - $a")}
$users | %{Enable-Mailbox $_.Identity -Archive -ArchiveName $_.ArchiveName}
Next steps
After you enable an archive mailbox, you can change its name. How? See Change the Name of an Archive Mailbox.

Change the Name of an Archive Mailbox

Applies to: Office 365 for professionals and small businesses, Office 365 for enterprises
Topic Last Modified: 2010-05-11
After you enable the archive mailbox for a user's primary mailbox, you can change the name of the archive mailbox if necessary.
1.       Select Manage My Organization > Users & Groups > Mailboxes.
2.       Select the user's mailbox and click Details.
3.       Under Mailbox Features, select Archive and click Edit.
4.       In the Archive Mailbox window, type a new name for the archive mailbox.
5.       Click Save.
The next time the user accesses their mailbox, the new name for the archive mailbox is displayed under the folder list in the left pane of Microsoft Outlook 2010 or Outlook Web App.

Reference from :
http://www.technet.microsoft.com/

Cross forest mailbox mover changes in Exchange 2010

There’s quite a few changes coming to a cross forest mailbox moves in Exchange 2010.  Well for one, in Exchange 2007, you would use Move-Mailbox.  In Exchange 2010, you would use New-MoveRequest.  The way these two cmdlets work in regards to cross forest mailbox moves is significant. Why?  Read on…
In Exchange 2007, when you did a Move-Mailbox to another forest, that cmdlet would be doing some checks against your target environment to see if this user exists.  What’s the algorithm you ask?  IT’S A SECRET!  No really, it is.  It’s not really documented anywhere.  But thanks to Dmitri Gavrilov from Microsoft, the algorithm is:

  • Match on objectSID – First try masterAccountSID then try objectSID and sidHistory
  • Match on source LegacyExchangeDN – look for an x500:LegacyExchangeDN in target directory
  • Match proxyaddresses – look for any smtp addresses in the proxyaddresses attribute that exist in the source proxyaddresses attribute
As you can see, there’s a lot of methods in which you can use.  Some may consider this bad and some may consider it good.  For Exchange 2010, Microsoft wanted to simplify the lookup process.  So instead of searching the target forest for any of the above attributes, New-MoveRequest will look for only one attribute only; msExchMailboxGuid.  Unlike Exchange 2007, the entire process for Exchange 2010 and exactly how you do this with Exchange 2010 will be fully documented. I consider this to be excellent news!
Some organizations will want to utilize ILM to bring over mail disabled users into the target forest so that New-MoveRequest will find the mail disabled user and use mail disabled user to associate a linked mailbox.  In this case, you will also want to bring over the msExchMasterAccountSid attribute which is required for linked mailboxes.
Thanks to Ian Lui from Microsoft, he provided the recommended attributes for bringing over a mail user:
  • altRecipient
  • deliverAndRedirect
  • mail
  • mailNickname
  • msExchMailboxGUID
  • proxyAddresses (in addition to sync source mailbox proxyAddresses, synchronized legacyExchangeDN of the source mailbox as X500 address in the ProxyAddresses attribute of the target mail user. The logic is the same when the target object is a contact.)
  • publicDelegates
  • msExchHideFromAddressLists
  • msExchMasterAccountSid  (needed for linked mailbox)
  • msExchRecipientDisplayType  (Assume the source mailbox is a user mailbox; for linked mailbox, value is equivalent to *unsigned* 0xC0000006; for regular mailbox, value is equivalent to *unsigned* 0×80000006)
  • msExchRecipientTypeDetails (MailUser = 0×80,    // 128)
    TargetAddress (synchronize the PrimarySMTPAddress of the source mailbox as the TargetAddress of the target mail user. The logic is the same when the target object is a contact.)
  • SAMAccountName
  • userAccountControl (Disabled User Account – ACCOUNTDISABLE | NORMAL_ACCOUNT; 0×202)
You can also bring over any other attributes such as givenName, SN, etc at your discretion.
Now keep in mind, that if you are going to be migrating with a tool such as ADMT, QMM, etc. you will want to make sure the tool brings over the above attributes so when you do a New-MoveRequest, it will successfully find the target user and associate the mailbox with that migrated user.  But if you are in a resource forest scenario, that’s where you’d want to bring the user over as a mail disabled account with the msExchMasterAccountSid attribute as noted above.
Now what about companies that don’t have ILM and aren’t going to be using ADMT either?  Well, Move-Mailbox would create the mail disabled user if it found no user in the target forest with the appropriate attributes.  New-MoveRequest will NOT do this.  One reason is Microsoft wanted to reduce the complexity with Move-Mailbox.  They wanted to simplify the attribute that is used, the algorithm, and wanted to separate the AD provisioning task to another process.  Because of this, Microsoft is working on another separate tool/script that will provide the provisioning process for this exact task which reduces replication delay with the Move-Mailbox among other things.
At first, I was skeptical about all this.  Why remove functionality that was built-into the Move-Mailbox cmdlet already?  After taking an objective look at the reasoning of how complex Move-Mailbox was across forests before, and why simplifying the attribute used as well as separating AD provisioning to Exchange provisioning helps simplify the cross-forest mailbox moves and possible failures due to replication delay if you’re using the cmdlet to create mail disabled user accounts, you will understand the reasoning behind this.
Microsoft has yet to release the actual documentation on this or the script, but I wanted to give people a heads up on what’s to come.  I will update this post as those things get released.  A big thanks goes out to Dmitri Gavrilov and Ian Lui for providing a lot of the information that you see above.
Update (12/25/2009) – The Microsoft documentation has been updated on what mandatory and optional attributes are required for running New-MoveRequest for Cross-Forest migrations.  You can view that here.  This article also has documentation on ILM syncing as well as using a script.  As of 12/25/2009, this information is in the document but there is no link as the script/ILM information is still unavailable.  Keep checking back at the linked to article as the script and ILM information will eventually be published.
Update (02/04/2010) – As Geoff has stated in the comments, the script I have mentioned in the