public:microsoft_exchange_mail_level
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
public:microsoft_exchange_mail_level [2019/08/20 14:43] ronnie.chan |
public:microsoft_exchange_mail_level [2022/11/28 11:05] (current) kirk.lim Last modified: 2019/08/27 17:03 by ronnie.chan |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| - | ====== Microsoft Exchange Mail Level Backup Set ====== | + | ====== Microsoft Exchange Server 2007/2010/2013 Mail Level Backup Set ====== |
| + | |||
| + | Last modified: 2019/08/27 (Note: Content written for AhsayCBS v7+v8, and may generally apply to latest product release) | ||
| AhsayOBM allows you to back up individual mailboxes in your Microsoft Exchange Server with the MS Exchange Mail Level Backup Module. This module provides a set of tools to protect your mailboxes and public folders on Microsoft Exchange Server 2007/2010/2013. This includes backup and recovery of individual emails, contacts, calendars and other mail items in your mailboxes and public folders, with snapshots / versioning, and retention policy to protect even email that you may have accidentally deleted from your Exchange 2007/2010/2013 mailboxes or public folders. | AhsayOBM allows you to back up individual mailboxes in your Microsoft Exchange Server with the MS Exchange Mail Level Backup Module. This module provides a set of tools to protect your mailboxes and public folders on Microsoft Exchange Server 2007/2010/2013. This includes backup and recovery of individual emails, contacts, calendars and other mail items in your mailboxes and public folders, with snapshots / versioning, and retention policy to protect even email that you may have accidentally deleted from your Exchange 2007/2010/2013 mailboxes or public folders. | ||
| Line 25: | Line 27: | ||
| To optimize performance of AhsayOBM on Windows, and to avoid conflict with your antivirus software, refer to this [[public:8014_faq:suggestion_on_antivirus_exclusions|list of processes and directory paths that should be added to all antivirus software white-list / exclusion list]] | To optimize performance of AhsayOBM on Windows, and to avoid conflict with your antivirus software, refer to this [[public:8014_faq:suggestion_on_antivirus_exclusions|list of processes and directory paths that should be added to all antivirus software white-list / exclusion list]] | ||
| - | <WRAP indent><code> | + | <WRAP info> |
| - | NOTE | + | |
| For AhsayOBM version 8.1 or above, the bJW.exe process is automatically added to Windows Defender exclusion list for Windows 10 and 2016, during installation / upgrade via installer or upgrade via AUA. | For AhsayOBM version 8.1 or above, the bJW.exe process is automatically added to Windows Defender exclusion list for Windows 10 and 2016, during installation / upgrade via installer or upgrade via AUA. | ||
| - | </code> | ||
| </WRAP> | </WRAP> | ||
| Line 145: | Line 145: | ||
| </WRAP> | </WRAP> | ||
| Reboot the Exchange Server after executing the command. | Reboot the Exchange Server after executing the command. | ||
| + | </WRAP> | ||
| + | ==== Windows User Account Permission ==== | ||
| + | The Active Directory account used to authenticate the backup must be a member of the following security groups. | ||
| + | |||
| + | <WRAP indent> | ||
| + | === Exchange Server 2007 === | ||
| + | * Microsoft Exchange Security \ Exchange Organization Administrators | ||
| + | * Microsoft Exchange Security \ Exchange Servers | ||
| + | * Users \ Domain Admins \\ {{public:ahsay_wiki_module_exchange_2007_mail_04.png?640}} | ||
| + | |||
| + | === Exchange Server 2010 / 2013 === | ||
| + | * Microsoft Exchange Security \ Organization Management | ||
| + | * Users \ Administrator | ||
| + | * Users \ Domain Admins | ||
| + | * Users \ Enterprise Admins \\ {{public:ahsay_wiki_module_exchange_2007_mail_05.png?640}} | ||
| + | |||
| + | === Steps to check the current settings === | ||
| + | - Click Start > Control Panel > Administrative Tools, and then click Active Directory Users and Computers. | ||
| + | - Browse to the organization unit containing the corresponding operating system account. | ||
| + | - Right click on the user, and select Properties. | ||
| + | - Select the Member Of tab to check on the membership setting. | ||
| + | </WRAP> | ||
| + | |||
| + | ==== Enabling Mailbox on Windows User Account ==== | ||
| + | Make sure the Windows account used to authenticate the backup has a mailbox enabled. Follow the steps below to verify. | ||
| + | <WRAP indent> | ||
| + | === Exchange Server 2007 / 2010 === | ||
| + | - Click Start > Microsoft Exchange Server 2007/2010, and then click Exchange Management Console. | ||
| + | - Click to expand the Recipient Configuration menu tree, and then select Mailbox. | ||
| + | - Right click on the user and select Properties. | ||
| + | - Select the General tab to check the settings. Make sure the Hide from Exchange address lists box is not checked. \\ {{public:ahsay_wiki_module_exchange_2007_mail_06.png?640}} \\ **Note:** A mailbox-enabled user is a Windows Active Directory user that has one or more Exchange Server mailboxes associated with it. | ||
| + | |||
| + | === Exchange Server 2013 === | ||
| + | Refer to the following article from Microsoft for more details on how to check if an account is mailbox enabled. | ||
| + | [[https://docs.microsoft.com/en-us/exchange/create-user-mailboxes-exchange-2013-help]] | ||
| </WRAP> | </WRAP> | ||
| - | + | ||
| + | ==== Remote Exchange Management Shell ==== | ||
| + | For setup on MS Exchange Server 2010 / 2013, the Remote Exchange Management Shell must be enabled for the operating system account used for the backup. | ||
| + | |||
| + | Enter the following command in Exchange Management Shell to enable this feature. | ||
| + | <code> | ||
| + | >Set-User "%os_username%" -RemotePowerShellEnabled $True | ||
| + | </code> | ||
| + | |||
| + | Reboot the Exchange Server after executing the command. | ||
| + | |||
| + | <WRAP info> | ||
| + | Remote Shell in Microsoft Exchange Server enables you to manage your server running Exchange. | ||
| + | </WRAP> | ||
| + | |||
| + | ==== Collaboration Data Objects (CDO) 1.2.1 ==== | ||
| + | The latest version of CDO must be installed on the Exchange Server for the mail level backup job to work properly. | ||
| + | |||
| + | Download and install the latest version CDO via the URL below. If you already have CDO installed on the Exchange Server but are not sure if it is the latest version, you are recommended to uninstall the current version and re-install via the URL below. | ||
| + | <WRAP indent> | ||
| + | === Exchange Server 2007 / 2010 === | ||
| + | Exchange Server with MS Outlook 2007 | ||
| + | [[https://www.microsoft.com/en-us/download/details.aspx?id=3671]] | ||
| + | |||
| + | Exchange Server without MS Outlook 2007 | ||
| + | [[https://www.microsoft.com/en-gb/download/details.aspx?id=42040]] | ||
| + | |||
| + | === Exchange Server 2013 === | ||
| + | [[https://www.microsoft.com/en-gb/download/details.aspx?id=42040]] | ||
| + | </WRAP> | ||
| + | |||
| + | ==== LAN Manager Authentication Level ==== | ||
| + | <WRAP indent> | ||
| + | === Exchange Server 2013 === | ||
| + | The LAN Manager Authentication level configured on the Exchange Server must be level 3 or above. Follow the steps below to check the settings. | ||
| + | - Click Start > Control Panel > Administrative Tools, and then click Local Security Policy. \\ {{public:ahsay_wiki_module_exchange_2007_mail_07.png?640}} | ||
| + | - Under Security Settings, expand Local Policies > Security Options, then click Network security: LAN Manager authentication level. | ||
| + | - Make sure that the setting is configured to use NTLMv2, for example: | ||
| + | - Send NTLMv2 response only | ||
| + | - Send NTLMv2 response only. Refuse LM | ||
| + | - Send NTLMv2 response only. Refuse LM & NTLM \\ {{public:ahsay_wiki_module_exchange_2007_mail_08.png?640}} | ||
| + | </WRAP> | ||
| + | |||
| + | ==== Windows PowerShell 2.0 Engine ==== | ||
| + | Make sure the Windows PowerShell 2.0 Engine is installed. | ||
| + | <WRAP indent> | ||
| + | === Exchange Server 2013 === | ||
| + | To install the feature: | ||
| + | - Navigate to Server Manager > Manage, then select Add Roles and Features. | ||
| + | - On the Select installation type screen, select Role-based or feature-based installation. | ||
| + | - Select the target server. | ||
| + | - On the Select features screen, go to the Features option, check the box next to Windows PowerShell 2.0 Engine. \\ {{public:ahsay_wiki_module_exchange_2007_mail_09.png?640}} | ||
| + | </WRAP> | ||
| + | |||
| + | ==== MS Exchange related Windows Services ==== | ||
| + | Ensure that all MS Exchange related services have been started, particularly the MS Exchange Information Store Services. | ||
| + | |||
| + | To verify this setting, launch the Services menu by clicking Start then typing “Services” in the search box. All Exchange related services should be started by default, in case if it is not, turn it on by right clicking the item and then select Start. | ||
| + | |||
| + | {{public:ahsay_wiki_module_exchange_2007_mail_10.png?640}} | ||
| + | |||
| + | ==== MS Exchange Database Status ==== | ||
| + | Ensure the MS Exchange Mailbox and Public Folder databases are mounted. | ||
| + | |||
| + | Example: MS Exchange 2010 \\ {{public:ahsay_wiki_module_exchange_2007_mail_11.png?640}} | ||
| + | |||
| + | Example: MS Exchange 2013 \\ {{public:ahsay_wiki_module_exchange_2007_mail_12.png?640}} | ||
| + | |||
| + | ==== IISAuthenticationMethods Setting ==== | ||
| + | Verify if the IISAuthenticationMethods is set to Basic only. If so, change the setting with the commands below. | ||
| + | <WRAP indent> | ||
| + | === Exchange Server 2013 === | ||
| + | |||
| + | - Click Start > Microsoft Exchange Server > Exchange Management Shell. | ||
| + | - Enter the following command to check on the IISAuthenticationMethods setting: <code>>Get-OutlookAnywhere</code> | ||
| + | - If it is set to {Basic} only, enter the following command to modify the setting:<code>>Set-OutlookAnywhere -Identity:"%Server%\Rpc (Default Web Site)" -IISAuthenticationMethods Basic,NTLM,Negotiate</code> | ||
| + | - Reboot the Exchange server. | ||
| + | </WRAP> | ||
| + | |||
| + | ==== Connection to Exchange Management Shell (EMS) or Exchange Management Console (EMC) ==== | ||
| + | Confirm on the connection to the Exchange Management Shell (EMS) or Exchange Management Console (EMC). | ||
| + | |||
| + | Ensure that the HTTP binding on the Default Web Site in Internet Information Services (IIS) is correctly configured by following the steps below. | ||
| + | |||
| + | - Click Start > Control Panel > Administrative Tools, and then click Internet Information Services (IIS) Manager. | ||
| + | - Navigate to Default Web Site, then right-click and select Edit Bindings. \\ {{public:ahsay_wiki_module_exchange_2007_mail_13.png?640}} | ||
| + | - Create a new binding that has no host name and a value of All Unassigned for the IP address. \\ {{public:ahsay_wiki_module_exchange_2007_mail_14.png?640}} | ||
| + | - Restart IIS. | ||
| + | |||
| + | ==== Net Framework 3.5 Features ==== | ||
| + | If you are using Exchange server 2013 on Windows server 2012, please install .Net Framework 3.5 Features. | ||
| + | |||
| + | This feature can be enabled by accessing Server Manager > Dashboard > Add Roles and Features Wizard > Feature Page. | ||
| + | |||
| + | {{public:ahsay_wiki_module_exchange_2007_mail_15.png?640}} | ||
| + | |||
| + | ---- | ||
| + | |||
| + | ===== Backup Process Overview ===== | ||
| + | The following steps are performed during an MS Exchange mail level backup job: | ||
| + | |||
| + | {{public:ahsay_wiki_module_exchange_2007_mail_16.png?800}} | ||
| ===== Documentation ===== | ===== Documentation ===== | ||
public/microsoft_exchange_mail_level.1566283395.txt.gz · Last modified: 2019/08/20 14:43 by ronnie.chan