Per a request from a client to implement a 90-day limit on items in the Inbox & Sent Items and a 14-day limit on items in Deleted Items, I’m now going to show you how to set up message retention policies on an Exchange 2007 server, and how to do it in such a way that you don’t have a mutiny on your hands when people’s messages up and disappear.
Here are the steps (all done through the Exchange Management Console):Step 1: Define a “Managed Custom Folder” (if you’re feeling fancy) or use one of the existing “Managed Default Folder(s)” (recommended)
If you double-click on any of these folders, it will bring up a Properties window that allows you to add a “Comment” to the folder in question... Here we can see a comment I added for the client on their Inbox folder:
Step 2: Add “Managed Content Settings” to the folder in question
Now you have a wizard in which you can define what the criteria is that you’re looking for. Please name the Managed Content Settings something helpful...
You have other options here:
“Mark as Past Retention Limit” is interesting in that it will put a strikethrough through messages that are outside of policy. Folks can then choose to move the affected messages out of the managed folder in question. Please make sure to clarify with users:If you apply Managed Content Settings to the Inbox “Default Folder,” all subfolders of Inbox will also be affected. This means that putting items in subfolders of Inbox is not a valid way to “hide” from the retention policy. You should create a subfolder of “Mailbox – Stewie Griffin” instead of Sewie’s inbox.Step 3: Create a “Managed Folder Mailbox Policy” and add the “Managed Content Settings”-enabled folders into the policy
Name the policy something useful:
Add the managed folders to the policy:
Step 4: Verify that the Messaging Records Management feature of the server is enabled & scheduled
Note: This is not enabled by default, so it won’t matter if you apply the policy to mailboxes or not at this point, because the policy will never get processed until you schedule the Messaging Records Management process!
Step 5: Apply the policy to mailboxes
IMPORTANT: When you create a new user, you must remember to select the mailbox policy. For existing users, these policies are NOT enabled by default.
You still have to know what you’re doing when you’re using Autoruns to remove superfluous startup entries—namely to know the difference between what is a legitimate startup entry and what isn’t strictly necessary, so please be carefulwith this utility. But hey, you’re already feeling confident enough to selectively disable certain Startup Items, so why not take the next step and remove them properly?
There’s an excellent, in-depth article here about which types of programs can be safely removed here:
If you’ve worked with me long enough, you’ll know that one of the first questions out of my mouth when you ask me for help with random Exchange crashes is, “Is the Symantec Information Foundation Mail Security for Microsoft Exchange fully up-to-date?”
I wish I didn’t have to ask this question—SMSMSE is an ancillary product in many cases—it supplements the AV scanning engine of whatever the client’s Anti-Spam solution is. Very few clients use the SMSMSE’s anti-spam capability, in favor of a third-party appliance (usually a SonicWALL E-Mail Security) or a hosted service (such as Postini); however, by virtue of having been licensed for Symantec’s full protection suite, we frequently like to install SMSMSE as a “second safety-net,” given that the Anti-Spam solutions typically use a virus scanning engine other than Symantec’s.
Unfortunately, when troubleshooting an Exchange issue, which may include:
ØCrashing the Microsoft Exchange Transport service
ØStopping mail flow without errors in the Event Log
ØBlue screen (STOP) errors
…the last place that folks think to check is the SMSMSE, yet (in my experience), 80% of these issues are caused by an out-of-date SMSMSE conflicting with a recent security update or patch.
At two clients recently (also including us), we were running version 188.8.131.52, which caused ASP.net error shown below. In one case, this same error was the precursor to a halt to mail flow:
Agent Time: [REDACTED]
Event Time: [REDACTED]
Description: ISAPI 'C:\WINDOWS\Microsoft.NET\Framework64\v2.0.50727\aspnet_isapi.dll' reported itself as unhealthy for the following reason: 'Deadlock detected'.
After having set up a custom monitor set to catch this error, all three servers that were experiencing this all had one thing in common… version 184.108.40.206 of SMSMSE:
…hence my recommendation in the bubble above. If the “Currently available version” of SMSMSE is greater than the “Installed version,” I’d highly recommend installing the update ASAP.
The upgrade from 6.0.X to 6.5.X, and from 6.5.2.X to 6.5.2.Y is quite simple, takes about 15 minutes (after you download the ~400MB installation file from FileConnect), and only restarts the Microsoft Exchange Transport service.
During the installation (upgrade), you’ll notice that it registers some new types with ASP.NET 2.0.50727.1433 (also the same ASP.NET version loaded on all three problematic servers), thus also confirming my suspicions that the issue relates to an incompatibility between ASP.NET 2.0.50727.1433 and SMSMSE 220.127.116.11:
At the time of this writing, the most recent available version is 18.104.22.168… when scrolling through the list on FileConnect, make sure you’re getting the latest iteration of 6.5, as the list sorting is a bit wacky. Just look for the correct file with the most recent date:
Again, you’ll be surprised how many Exchange-related issues this upgrade will fix—and why that’s usually the first question I ask.
Microsoft BPOS (Business Productivity Online Suite) is the 2007-based iteration (Exchange 2007, Office Live Communicator, etc.) of Microsoft’s Online Services offering. Microsoft Office 365 is the 2010-based iteration (Exchange 2010, Lync 2010, etc.). At present, BPOS is live, and Office 365 has a “target release date” of mid-summer this year (2011). A future article will cover the migration path from BPOS to Office 365, once said migration path is released to the beta users.
For details on the differences between Microsoft BPOS and Office 365, please see the links below:
2) Once you log in, you’ll see a link to “Download Sign In”… go ahead and click the link:
…which in turn takes you to the Microsoft Download Center, where you must click another download button:
…and save the DMG file somewhere you can find and mount it.
3) Once you’ve mounted (opened) the DMG file you just downloaded, go ahead and drag-and-drop it into your Applications folder:
4) Navigate to your Applications folder and double-click on the “Microsoft Online Services Sign In” application:
…and click Open if you get this security warning:
5) Run through the setup, accepting the default options (Next > Accept > Next > Finish)
6) Put in your username and password, check both the boxes for “Remember my user name” and “Remember my password,” and click the “Sign in” button:
7) Once logged in, the sign in application will search your Mac for supported applications and will configure them automatically for you… but with a HUGE Gotcha. Unless you’re an Entourage 2008 user, the Microsoft Single Sign In application will not automatically configure your e-mail client for you. Sorry Mail and Outlook 2011 users… as of the time of this writing, your e-mail application is not supported by the Single Sign In application.
For Entourage 2008 users, you’re done. Enjoy BPOS!
For Outlook 2011 and Mail users, please read on.
Outlook 2011 BPOS Configuration for Mac
1) Quit out of Outlook completely, including the “Office Reminders” helper application:
2) Hold down the “Option” key on your Mac’s keyboard, and then click on the Outlook icon… keep holding down the “Option” key until the Microsoft Database Utility appears, at which point you’ll want to click the “+” button to add a new identity:
3) Name the identity something useful, and then right-click (control-left-click) the identity and choose “Set Default,” at which point you’ll notice that the identity you just created is in bold:
4) Close the Microsoft Database Utility, and then re-open Outlook 2011… then go to Tools > Accounts:
5) On the Accounts screen, choose “Exchange Account”:
6) Put in your e-mail address twice, your password once, make sure that “Configure automatically” is checked, and click the “Add Account” button:
7) Check the “Always use my response for this server” checkbox and click the Allow button:
…and remember… patience, grasshopper. This takes a minute or two to auto-configure.
8) Change the “Account description” to something helpful, then close out of the Accounts screen.
You’re all set! You should now see your mail, contacts & calendar in Outlook.
Mail BPOS Configuration for Mac
Note: This assumes a first-time configuration, as I have not had reason to set up Mail prior to writing this How To article. If you already have Mail configured and want to add BPOS Exchange as an additional account, I’d recommend watching the following video:
(Thanks to Virorum Ltd for taking the time to make this video!)
1) Start up Mail
2) Put in your name, e-mail address and password, and click Continue:
…and remember… patience, grasshopper. This too takes a minute or two to auto-configure.
3) Once your settings are auto-configured, ensure that “Address Book contacts” and “iCal calendars” are both checked and click the Create button:
Thankfully, Microsoft has correctly configured the Autodiscover service correctly such that many different e-mail clients (Outlook 2007, 2010, 2011, Mail) can connect. You’ll also notice a similarly simple procedure when connecting your iPod, iPad, iPhone, Android, Palm or Windows Mobile device.
HUGE Gotcha for iOS users (iPhone, iPod, iPad): You must be running iOS 4.2 or above for the Autodiscover service on Microsoft BPOS to work correctly. This is straight from Microsoft and has been verified by testing with an iOS 4.1 and an iOS 4.2 device—the iOS 4.1 device will not automatically discover the e-mail server settings correctly. You must upgrade to iOS 4.2 or later (which simply amounts to plugging the iOS device into your computer, firing up iTunes, and clicking the “Yes” button when prompted to back up and upgrade your device).