Crear un archive point desde utilitario

EV FSA posee una utilidad llamada archive point que nos permite setear el punto de archivado en una estructura de discos.

Cuando se crea un volumen para ser archivado, si se lo crea por primera ves automáticamente se realizara archive, para definirlo manualmente en el root, podemos hacerlo al incluir una carpeta root con el "\".

http://treadstoneso.blogspot.com.ar/2017/11/enterprise-vault-fsa-politicas.html?m=1

Cuando incluimos un volumen administrativamente (hidden  leter$), el procedimiento anterior fallarà:

Como dice el warning anterior, debemos usar una utilidad de linea de comando:

To create a new Archive Point:
1. On the Enterprise Vault (EV) Server that has the FSA Task, open command prompt (cmd.exe)
2. Browse to \Program Files\Enterprise Vault\

Type the following:
archivepoints.exe create <Insert file share path>

Nota: No se recomiendan realizar puntos de montaje desde un root volumen para proteger archivos inherentes al SO (system volumen information), e incompatibilidad con mount points, en este punto es recomendable setear como volumen un root shared contenido en una carpeta del volumen.

https://www.veritas.com/support/en_US/article.000019306

Enterprise Vault FSA Politicas

Las políticas de FSA se pueden definir a nivel volumen o a nivel folder (contenidas en el volumen), la única diferencia entre ambas es que en volúmenes nos permite definir quota a diferencia de las de folder, el resto de las configuraciones están disponibles en ambas:

NOTA: Cuando se genera un volumen por primera vez, el punto de archive es el root del volumen, si el volumen formo parte alguna vez del sistema de EV, y se definieron carpetas, los archive point serán las mismas ignorando el root folder (volumen), para tratar este tipo de situaciones, esta nota describe el uso de políticas.

En el ejemplo a continuación, se ha creado un volumen donde ya existe archive points, la carpeta principal de donde se quiere hacer archive se llama "Info", en este primer ejemplo es descartada:

El reporte dice 6 carpetas por q cuenta las subfolders dentro de los archive points:

La solución a esta configuración es definir la folder de donde se desea realizar archive o simplemente utilizar el "\" al crear una  folder, lo cual realizara el archive en todo el volumen, podemos definir usar la politica del volumen o de la folder:

Nuevo punto de archive a nivel Volumen:

Cuando se ejecuta la tarea se evidencia que se ha escaneado el volume completo:

Nota: si se elimina la carpeta que se agrego previamente "\", se conservara el archive point a nivel volumen, en dicho caso se deberá eliminar el archive point y setear a nivel carpeta el nuevo deseado.

Enterprise Vault FSA Demo archive

La pregunta mas común al momento de usar esta solución es cuanto espacio vamos a recuperar al momento de correr una tarea de archive, esto dependerá del tipo de información, si esta duplicada, si ya esta comprimida etc etc.

Si bien se define un método de archivado, el mismo define una política de manejo de archivos, donde habrá compresión, deduplicacion y depuración de archivos que cumplan por la política de retención de información, en resumen habrá control!!

Esta demo muestra el posible ahorro de espacio en un file server en producción:


Antes del archivado:

EV server vault store partition antes del archivado:

Para crear una clara diferencia, se genero una politica de archivado de archivos office (sin inclir visio), y zip files:

Vault store partition (1 GB de incremento post archive):

File server (2,8GB de ahorro en disco) :

La gráfica siguiente es muy interesante por que evidencia el espacio total de los archivos y el consumido en disco, el cual en algunos casos es 0 ya que el placeholder creado ocupa bits:

Notemos que los archivos vsd y pdf están excluidos de la política, entonces se evidencia claramente que el tamaño es el mismo que el alocado.  

Conceptos Generales

1. Configuring Domain Security in Exchange Server 2013

Domain Security refers to the set of functionality in Microsoft Exchange Server 2010 and Microsoft Office Outlook 2007 that provides a relatively low-cost alternative to S/MIME or other message-level security solutions. The purpose of the Domain Security feature set is to provide administrators a way to manage secured message paths over the Internet with business partners. After these secured message paths are configured, messages that have successfully traveled over the secured path from an authenticated sender are displayed to users as Domain Secured in the Outlook and Microsoft Office Outlook Web App interface.

Domain Security uses mutual Transport Layer Security (TLS) authentication to provide session-based authentication and encryption. Mutual TLS authentication differs from TLS as it's usually implemented. Typically, when TLS is implemented, the client verifies that the connection securely connects to the intended server by validating the server's certificate. This is received as part of TLS negotiation. In this scenario, the client authenticates the server before the client transmits data. However, the server doesn't authenticate the session with the client.

https://www.youtube.com/watch?v=2zWbdK8d3hk

2. Outlook protection rules

Every day, information workers exchange sensitive information by email, including financial reports and data, customer and employee information, and confidential product information and specifications. In Microsoft Exchange Server 2013, Microsoft Outlook, and Microsoft Office Outlook Web App, users can apply Information Rights Management (IRM) protection to messages by applying an Active Directory Rights Management Services (AD RMS) rights policy template. This requires an AD RMS deployment in the organization. For more information about AD RMS, see Active Directory Rights Management Services.

However, when left to the discretion of users, messages may be sent in clear text without IRM protection. In organizations that use email as a hosted service, there's a risk of information leakage as a message leaves the client and is routed and stored outside the boundaries of an organization. Although email hosting companies may have well-defined procedures and checks to help mitigate the risk of information leakage, after a message leaves the boundary of an organization, the organization loses control of the information. Outlook protection rules can help protect against this type of information leakage.

Predicates in Outlook protection rules

Outlook protection rules allow you to use three predicates to automatically apply IRM protection in Outlook 2010:

FromDepartment   The FromDepartment predicate looks up the sender's department attribute in Active Directory and automatically IRM-protects the message if the sender's department matches the department specified in the rule. For example, you can create an Outlook protection rule to automatically protect all messages sent by the Research department.

SentTo   Your organization may need to protect messages sent to certain sensitive recipients, such as the All Company or Finance distribution groups. Using the SentTo predicate, you can create an Outlook protection rule to automatically IRM-protect messages sent to specified recipients.

SentToScope   The SentToScope predicate allows you to create an Outlook protection rule to automatically IRM-protect messages sent inside or outside the organization. For example, you can use theSentToScope predicate with the FromDepartment predicate to IRM-protect messages sent by a particular department to internal users.

https://www.youtube.com/watch?v=MS_t9zbHXYw

3.Understanding and Implementing Federated Sharing

https://www.youtube.com/watch?v=wgS2MIgE_ig

4. Datacenter Switchovers Site Resilience

Esta operación varia notablemente dependiendo si la funcionalidad de DAG-DAC esta activada o no, en caso de q no, en la activación del segundo datacenter incluye comando para detener el servicio de cluster y haciendo EVIC de los nodos del primer datacenter, esta nota lo explica muy bien:

https://technet.microsoft.com/en-us/library/dd351049(v=exchg.150).aspx

5. Building a Hybrid Microsoft Exchange Server 2013 Deployment in Less than 75 Minutes 

https://www.youtube.com/watch?v=voX4GhX3hpQ

Set-MailboxAuditBypassAssociation

Other Versions

Applies to: Exchange Online, Exchange Server 2016
This cmdlet is available in on-premises Exchange Server 2016 and in the cloud-based service. Some parameters and settings may be exclusive to one environment or the other.
Use the Set-MailboxAuditBypassAssociation cmdlet to configure mailbox audit logging bypass for user or computer accounts such as service accounts for applications that access mailboxes frequently.
For information about the parameter sets in the Syntax section below, see Syntax.
Syntax

Examples

Example 1

This example bypasses the Svc-MyApplication account from mailbox audit logging.
Set-MailboxAuditBypassAssociation -Identity "Svc-MyApplication" -AuditBypassEnabled $true

Example 2

This example removes the bypass association for the Svc-MyApplication account.
Set-MailboxAuditBypassAssociation -Identity "Svc-MyApplication" -AuditBypassEnabled $false

Retention Hold and Litigation Hold in Exchange 2010

In Exchange 2010, you can place a mailbox on retention hold or legal hold. Both holds serve a different purpose. It's important to understand the functionality provided by both.

Retention Hold: As the Messaging Records Management page in the EMC suggests (see Figure 1), retention hold is used to halt retention policy, which means the Managed Folder Assistant (MFA) does not move or delete items from the mailbox. It's typically used when a user may not have mailbox access for an extended duration, for example, when the user's on vacation. You can also use retention hold during the initial phase of MRM deployment and remove it as users become more comfortable with MRM functionality.

Should users access their mailbox when it’s on retention hold, they may notice that items aren’t being deleted or moved to archive. Mailbox size increases as more email accumulates and you may need to raise the user's mailbox quotas to ensure mail flow to and from the mailbox isn’t interrupted.

The mailbox owner or any user (or process) with mailbox access can delete messages when the mailbox is on retention hold. Deleted messages are not treated any differently when a mailbox is on retention hold. Deleted items are retained until the deleted item retention period (14 days by default) and then deleted permanently. See the Retention Hold section in Understanding Retention Tags and Retention Policies for more details.

When placing a mailbox on retention hold, you can specify a start date and an end date. This allows you to configure retention hold in advance, and have it end at a predetermined date. Takeaway: retention hold is for planned activity, suspends move or delete actions taken by the MFA. If you haven't deployed either MRM feature (Retention Tags or Managed Folders), retention hold is unnecessary.

Note: When you archive-enable a mailbox, the Default Archive and Retention Policy is automatically applied to the mailbox if it doesn't have a retention policy.

Litigation Hold: Litigation hold, also known as legal hold, is used to preserve mailbox items for discovery before and during legal proceedings, investigations or similar events. The goal is to preserve mailbox items from inadvertent or purposeful modification or deletion by the mailbox owner or any user with mailbox access, and also automated deletion by processes such as the MFA. Unlike retention hold, you can’t configure litigation hold to start and end at a specified date – it’s either enabled or not. Until the hold is removed, deleted items are not purged from the mailbox database. If mailbox items are modified, a copy of the original item is also retained. These are returned in Discovery searches performed when the mailbox is on litigation hold. See Understanding Litigation Hold for more details.

When you place a mailbox on litigation hold, Exchange also populates the LitigationHoldDate and the LitigationHoldOwner properties, which can be useful for tracking purposes. Note that an administrator can modify both of these properties. Administrator Audit Logging is the best place if you're looking for reliable audit trail of admin actions.

Tip: You can run a litigation hold report from the Exchange Control Panel by going to Roles & Auditing > Auditing > Run a litigation hold report....

Create an Outlook Protection Rule

Applies to: Exchange Server 2013

Topic Last Modified: 2012-12-04

Using Microsoft Outlook protection rules, you can protect messages with Information Rights Management (IRM) by applying an Active Directory Rights Management Services (AD RMS) template in Outlook 2010 before the messages are sent.

For additional management tasks related to IRM, see Information Rights Management procedures.

What do you need to know before you begin?

• Estimated time to completion: 1 minute.
• You need to be assigned permissions before you can perform this procedure or procedures. To see what permissions you need, see the "Rights protection" entry in theMessaging policy and compliance permissions topic.
• You must have an AD RMS server deployed in the same Active Directory forest as your server running Microsoft Exchange Server 2013.
• If you configure Outlook protection rules to IRM-protect messages, consider enabling transport decryption to allow transport agents, including the Transport Rules agent, to decrypt and access the message. If you use journaling, you should also consider enabling journal report decryption to allow the Journaling agent to save an unencrypted copy of the message in the journal report. For more information, see Journal report decryption.
• You can't use the Exchange Administration Center (EAC) to create Outlook protection rules. You must use the Shell.
• For information about keyboard shortcuts that may apply to the procedures in this topic, see Keyboard shortcuts in the Exchange admin center.

Tip:
Having problems? Ask for help in the Exchange forums. Visit the forums at Exchange Server, Exchange Online, or Exchange Online Protection.

Use the Shell to create an Outlook protection rule

This example creates the Outlook protection rule Project Contoso. The rule protects messages sent to the ContosoPMs distribution group with the AD RMS template Business Critical.

New-OutlookProtectionRule -Name "Project Contoso" -SentTo "DL-ContosoPMs@contoso.com" -ApplyRightsProtectionTemplate "Business Critical"

Note:
When you use the SentTo predicate for an Outlook protection rule and specify a distribution group, only messages addressed to the distribution group in the To, Cc, or Bcc fields are IRM-protected. IRM protection isn't applied to messages addressed to individual members of the distribution group.

You can also use the FromDepartment and SentToScope predicates to apply IRM protection to messages sent from users in the specified department or messages sent to the specified scope (InOrganization for internal messages, All for all recipients).

For detailed syntax and parameter information, see New-OutlookProtectionRule.

How do you know this worked?

To verify that you have successfully created an Outlook protection rule, do the following:

• Run the Get-OutlookProtectionRule cmdlet to make sure that the rule has been created and to view the rule’s properties. For an example of how to retrieve an Outlook protection rule, see Examples in Get-OutlookProtectionRule.
• Use Outlook 2010 to create a test message that meets the rule’s condition and make sure the rule is triggered on the client.

  Note:
  It may take some time for an Outlook protection rule to be available in Outlook.

Safety Net

Applies to: Exchange Server 2013

Topic Last Modified: 2015-03-09

In Microsoft Exchange Server 2013, the primary mechanism of mailbox high availability is the database availability group (DAG). For more information about DAGs, see Managing database availability groups. The transport dumpster was first introduced in Exchange 2007, and was further improved in Exchange 2010 to provide redundant copies of messages after they're successfully delivered to mailboxes in DAGs. In Exchange 2010, the transport dumpster helped protect against data loss by maintaining a queue of successfully delivered messages that hadn't replicated to the passive mailbox database copies in the DAG. When a mailbox database or server failure required the promotion of an out-of-date copy of the mailbox database, the messages in the transport dumpster were automatically resubmitted to the new active copy of the mailbox database.

The transport dumpster has been improved in Exchange 2013 and is now called Safety Net.

Here's how Safety Net is similar to the transport dumpster in Exchange 2010:

• Safety Net is a queue that's associated with the Transport service on a Mailbox server. This queue stores copies of messages that were successfully processed by the server.
• You can specify how long Safety Net stores copies of the successfully processed messages before they expire and are automatically deleted. The default is 2 days.

Here's how Safety Net is different in Exchange 2013:

• Safety Net doesn't require DAGs. For Mailbox servers that don't belong to a DAGs, Safety Net stores copies of the delivered messages on other Mailbox servers in the local Active Directory site.
• Safety Net itself is now redundant, and is no longer a single point of failure. This introduces the concept of the Primary Safety Net and the Shadow Safety Net. If the Primary Safety Net is unavailable for more than 12 hours, resubmit requests become shadow resubmit requests, and messages are re-delivered from the Shadow Safety Net.
• Safety Net takes over some responsibility from shadow redundancy in DAG environments. Shadow redundancy doesn't need to keep another copy of the delivered message in a shadow queue while it waits for the delivered message to replicate to the passive copies of mailbox database on the other Mailbox servers in the DAG. The copy of the delivered message is already stored in Safety Net, so the message can be resubmitted from Safety Net if necessary.
• In Exchange 2013, transport high availability is more than just a best effort for message redundancy. Exchange 2013 attempts to guarantee message redundancy. Because of this, you can't specify a maximum size limit for Safety Net. You can only specify how long Safety Net stores messages before they're automatically deleted.

Contents

How Safety Net works

Message resubmission from Safety Net

Message resubmission from Shadow Safety Net

How Safety Net works

Shadow redundancy keeps a redundant copy of the message while the message is in transit. Safety Net keeps a redundant copy of a message after the message is successfully processed. So, Safety Net begins where shadow redundancy ends. The same concepts about shadow redundancy, including the transport high availability boundary, primary messages, primary servers, shadow messages and shadow servers also apply to Safety Net. For more information, see Shadow redundancy.

The Primary Safety Net exists on the Mailbox server that held the primary message before the message was successfully processed by the Transport service. This could mean the message was delivered to the Mailbox Transport service on the destination Mailbox server. Or, the message could have been relayed through the Mailbox server in an Active Directory site that's designated as a hub site on the way to the destination DAG or Active Directory site. After the primary server processes the primary message, the message is moved from the active queue into the Primary Safety Net on the same server.

The Shadow Safety Net exists on the Mailbox server that held the shadow message. After the shadow server determines the primary server has successfully processed the primary message, the shadow server moves the shadow message from the shadow queue into the Shadow Safety Net on the same server. Although it may seem obvious, the existence of the Shadow Safety Net requires shadow redundancy to be enabled, and shadow redundancy is enabled by default in Exchange 2013.

The parameters used by Safety Net are described in the following table.

 

Parameter	Default value	Description
SafetyNetHoldTime on Set-TransportConfig	2 days	The length of time successfully processed primary messages are stored in Primary Safety Net, and acknowledged shadow messages are stored in Shadow Safety Net. You can also specify this value in the Exchange Administration Center (EAC) at Mail flow > Receive connectors > More options  > Organization transport settings > Safety Net > Safety Net hold time. Unacknowledged shadow messages eventually expire from Shadow Safety Net after the sum of SafetyNetHoldTime andMessageExpirationTimeout on Set-TransportService. To avoid data loss during Safety Net resubmits, the value of SafetyNetHoldTime must be greater than or equal to the value ofReplayLagTime on Set-MailboxDatabaseCopy for the lagged copy of the mailbox database.
ReplayLagTime on Set-MailboxDatabaseCopy	Not configured	The amount of time that the Microsoft Exchange Replication service should wait before replaying log files that have been copied to the passive database copy. Setting this parameter to a value greater than 0 creates a lagged copy of the mailbox database. The maximum value is 14 days. To avoid data loss during Safety Net resubmits, the value of ReplayLagTime must be less than or equal to the value ofSafetyNetHoldTime on Set-TransportConfig for the lagged copy of the mailbox database.
MessageExpirationTimeouton Set-TransportService	2 days	How long a message can remain in a queue before it expires.
ShadowRedundancyEnabledon Set-TransportConfig	$true	$true enables shadow redundancy on all transport servers in the organization. $false disables shadow redundancy on all transport servers in the organization. A redundant Safety Net requires shadow redundancy to be enabled.

https://technet.microsoft.com/en-us/library/jj657495(v=exchg.150).aspx

How Safety Net Works

While Shadow Redundancy preserves a redundant copy of the e-mail while this is in transit, Safety Net preserves a redundant copy of the e-mail after this is processed successfully. Basically, safety net begins where shadow redundancy ends. Safety net uses the same concepts of boundary of transport high availability, primary e-mails, primary servers, shadow e-mails and shadow servers.

Figure 3.1: Exchange 2013 Transport High Availability

The Primary Safety Net, seen in the picture above, is located on the server that was holding the primary e-mail before it was processed successfully by the Transport service. This does not necessarily mean the destination Mailbox server, as the e-mail could have come through a Mailbox server in an AD site configured as a hub site. After the primary e-mail is processed by the primary server, it is moved to the Primary Safety Net on the same server from the active queue.

Shadow Safety Net, also seen in the picture above, is located on the server that was holding the shadow e-mail. When the shadow server determines the e-mail was processed successfully, it moves the shadow e-mail to the Shadow Safety Net on the same server from the shadow queue.

As Safety Net and Shadow Redundancy are very much interlinked, Shadow Redundancy needs to be enabled for Shadow Safety Net to work, which it is by default.

The following Set-TransportConfig parameters are used by Safety Net:

• ShadowRedundancyEnabled enables ($True) or disables ($False) Shadow Redundancy for all transport servers. Remember that Shadow Redundancy needs to be enabled for a redundant Safety Net;
• SafetyNetHoldTime specifies how long (2 days by default) successfully processed e-mails are kept in the Primary Safety Net and how long acknowledged shadow e-mails are stored in Shadow Safety Net. You can also set this value using the EAC by navigating to more options in the Receive connectors pane. Shadow e-mails that are not acknowledged expire from Shadow Safety Net after SafetyNetHoldTime +MessageExpirationTimeout. When using lagged database copies, in order to prevent data loss during Safety Net resubmits, SafetyNetHoldTime has to be the same or greater than ReplayLagTime on Set-MailboxDatabaseCopy.

The MessageExpirationTimeout parameter on Set-TransportService specifies how long an e-mail remains in a queue before expiring (2 days by default).

Please note that when running Get-TransportConfig we can still see the MaxDumpsterSizePerDatabase andMaxDumpsterTime parameters:

Figure 3.2: Legacy Dumpster Parameters

However, both these parameters are only used by Exchange 2010 and not 2013. MaxDumpsterSizePerDatabase has no replacement in Exchange 2013 while MaxDumpsterTime is replaced by the SafetyNetHoldTime parameter as already discussed.

Retention tags and retention policies

Applies to: Exchange Online, Exchange Server 2013

Topic Last Modified: 2016-02-01

In Microsoft Exchange Server 2013 and Exchange Online, Messaging records management (MRM) helps organizations to manage email lifecycle and reduce legal risks associated with e-mail and other communications. MRM makes it easier to keep messages needed to comply with company policy, government regulations, or legal needs, and to remove content that has no legal or business value.

Looking for management tasks related to MRM? See Messaging Records Management Procedures.

Contents

Messaging Records Management strategy

Retention tags

Retention policies

Managed Folder Assistant

Retention hold

Messaging Records Management strategy

MRM in Exchange 2013 and Exchange Online is accomplished by using retention tags and retention policies. Before discussing the details about each of these retention features, it's important to learn how the features are used in the overall MRM strategy. This strategy is based on:

• Assigning retention policy tags (RPTs) to default folders, such as the Inbox and Deleted Items.
• Applying default policy tags (DPTs) to mailboxes to manage the retention of all untagged items.
• Allowing the user to assign personal tags to custom folders and individual items.
• Separating MRM functionality from users' Inbox management and filing habits. Users aren't required to file messages in managed folders based on retention requirements. Individual messages can have a different retention tag than the one applied to the folder in which they're located.

The following figure illustrates the tasks involved in implementing this strategy.

Return to top

Retention tags

As illustrated in the preceding figure, retention tags are used to apply retention settings to folders and individual items such as e-mail messages and voice mail. These settings specify how long a message remains in a mailbox and the action to be taken when the message reaches the specified retention age. When a message reaches its retention age, it's moved to the user’s In-Place Archive or deleted.

Retention tags allow users to tag their own mailbox folders and individual items for retention. Users no longer have to file items in managed folders provisioned by an administrator based on message retention requirements.

Types of retention tags

Retention tags are classified into the following three types based on who can apply them and where in a mailbox they can be applied.

 

Type of retention tag	Applied...	Applied by...	Available actions…	Details
Default policy tag (DPT)	Automatically to entire mailbox A DPT applies to untagged items, which are mailbox items that don’t have a retention tag applied directly or by inheritance from the folder.	Administrator	Move to archive Delete and allow recovery Permanently delete	Users can’t change DPTs applied to a mailbox.
Retention policy tag (RPT)	Automatically to a default folder Default folders are folders created automatically in all mailboxes, for example: Inbox, Deleted Items, and Sent Items. See the list of supported default folders inDefault folders that support Retention Policy Tags.	Administrator	Delete and allow recovery Permanently delete	Users can’t change the RPT applied to a default folder.
Personal tag	Manually to items and folders Users can automate tagging by using Inbox rules to either move a message to a folder that has a particular tag or to apply a personal tag to the message.	Users	Move to archive Delete and allow recovery Permanently delete	Personal tags allow your users to determine how long an item should be retained. For example, the mailbox can have a DPT to delete items in seven years, but a user can create an exception for items such as newsletters and automated notifications by applying a personal tag to delete them in three days.

More about personal tags

Personal tags are available to Outlook 2010 and Outlook Web App users as part of their retention policy. In Outlook 2010 and Outlook Web App, personal tags with theMove to Archive action appear as Archive Policy, and personal tags with the Delete and Allow Recovery or Permanently Delete actions appear as Retention Policy, as shown in the following figure.

Users can apply personal tags to folders they create or to individual items. Messages that have a personal tag applied are always processed based on the personal tag's settings. Users can apply a personal tag to a message so that it's moved or deleted sooner or later than the settings specified in the DPT or RPTs applied to that user's mailbox. You can also create personal tags with retention disabled. This allows users to tag items so they're never moved to an archive or never expire.

Note:
Users can apply archive policies to default folders, user-created folders or subfolders, and individual items. Users can apply a retention policy to user-created folders or subfolders and individual items (including subfolders and items in a default folder), but not to default folders.

Users can also use the Exchange Administration Center (EAC) to select additional personal tags that aren't linked to their retention policy. The selected tags then become available in Outlook 2010 and Outlook Web App. To enable users to select additional tags from the EAC, you must add the MyRetentionPolicies role to the user's role assignment policy. To learn more about role assignment policies for users, see Understanding management role assignment policies. If you allow users to select additional personal tags, all personal tags in your Exchange organization become available to them.

Note:
Personal tags are a premium feature. Mailboxes with policies that contain these tags (or as a result of users adding the tags to their mailbox) require an Exchange Enterprise client access license (CAL).

Return to top

Retention age

When you enable a retention tag, you must specify a retention age for the tag. This age indicates the number of days to retain a message after it arrives in the user's mailbox.

The retention age for non-recurring items (such as email messages) is calculated differently than items that have an end date or recurring items (such as meetings and tasks). To learn how retention age is calculated for different types of items, see How retention age is calculated.

You can also create retention tags with retention disabled or disable tags after they're created. Because messages that have a disabled tag applied aren't processed, no retention action is taken. As a result, users can use a disabled personal tag as a Never Move tag or a Never Delete tag to override a DPT or RPT that would otherwise apply to the message.

Retention actions

When creating or configuring a retention tag, you can select one of the following retention actions to to be taken when an item reaches its retention age:

 

Retention action	Action taken…	Except…
Move to Archive 1	Moves the message to the user's archive mailbox Only available for DPTs and personal tags For details about archiving, see: In-Place Archiving in Exchange 2013 Archive mailboxes in Exchange Online	If the user doesn't have an archive mailbox, no action is taken.
Delete and Allow Recovery	Emulates the behavior when the user empties the Deleted Items folder. Items are moved to the Recoverable Items folder in the mailbox and preserved until the deleted item retention period. Provides the user a second chance to recover the item using the Recover Deleted Items dialog box in Outlook or Outlook Web App	If you’ve set the deleted item retention period to zero days, items are permanently deleted. For details, see Change the deleted item retention period for a mailbox in Exchange Online.
Permanently Delete	Permanently deletes messages. You can’t recover messages after they’re permanently deleted.	If mailbox is placed on In-Place Hold and Litigation Hold or Litigation Hold, items are preserved in the Recoverable Items folder based on hold parameters. In-Place eDiscoverywill still return these items in search results.
Mark as Past Retention Limit	Marks a message as expired. In Outlook 2010 or later, and Outlook Web App, expired items are displayed with the notification stating 'This item has expired' and 'This item will expire in 0 days'. In Outlook 2007, items marked as expired are displayed by using strikethrough text.	N. A.

Note:

1   In an Exchange hybrid deployment, you can enable a cloud-based archive mailbox for an on-premises primary mailbox. If you assign an archive policy to an on-premises mailbox, items are moved to the cloud-based archive. If an item is moved to the archive mailbox, a copy of it isn't retained in the on-premises mailbox. If the on-premises mailbox is placed on hold, an archive policy will still move items to the cloud-based archive mailbox where they are preserved for the duration specified by the hold.

For details about how to create retention tags, see Create a Retention Policy.

Return to top

Retention policies

To apply one or more retention tags to a mailbox, you must add them to a retention policy and then apply the policy to mailboxes. A mailbox can't have more than one retention policy. Retention tags can be linked to or unlinked from a retention policy at any time, and the changes automatically take effect for all mailboxes that have the policy applied.

A retention policy can have the following retention tags:

 

Retention tag type	Tags in a policy
Default policy tag (DPT)	One DPT with the Move to Archive action One DPT with the Delete and Allow Recovery or Permanently Delete actions One DPT for voice mail messages with the Delete and Allow Recovery or Permanently Delete action
Retention policy tags (RPTs)	One RPT for each supported default folder Note: You can't link more than one RPT for a particular default folder (such as Deleted Items) to the same retention policy.
Personal tags	Any number of personal tags Tip: Many personal tags in a policy can confuse users. We recommend adding no more than 10 personal tags to a retention policy.

Note:
Although a retention policy doesn't need to have any retention tags linked to it, we don't recommend using this scenario. If mailboxes with retention policies don't have retention tags linked to them, this may cause mailbox items to never expire.

A retention policy can contain both archive tags (tags that move items to the personal archive mailbox) and deletion tags (tags that delete items). A mailbox item can also have both types of tags applied. Archive mailboxes don't have a separate retention policy. The same retention policy is applied to the primary and archive mailbox.

When planning to create retention policies, you must consider whether they'll include both archive and deletion tags. As mentioned earlier, a retention policy can have one DPT that uses the Move to Archive action and one DPT that uses either the Delete and Allow Recovery or Permanently Delete action. The DPT with the Move to Archive action must have a lower retention age than the DPT with a deletion action. For example, you can use a DPT with the Move to Archive action to move items to the archive mailbox in two years, and a DPT with a deletion action to remove items from the mailbox in seven years. Items in both primary and archive mailboxes will be deleted after seven years.

For a list of management tasks related to retention policies, see Messaging Records Management Procedures.

Default retention policy

Exchange Setup creates the retention policy Default MRM Policy. The Default MRM Policy is applied automatically to new mailboxes in Exchange Online. In Exchange Server, the policy is applied automatically if you create an archive for the new user and don’t specify a retention policy

You can modify tags included in the Default MRM Policy, for example by changing the retention age or retention action, disable a tag or modify the policy by adding or removing tags from it. The updated policy is applied to mailboxes the next time they’re processed by the Managed Folder Assistant.

For more details, including a list of retention tags linked to the policy, see Default Retention Policy in Exchange Online and Exchange Server.

Return to top

Managed Folder Assistant

The Managed Folder Assistant, a mailbox assistant that runs on Mailbox servers, processes mailboxes that have a retention policy applied.

The Managed Folder Assistant applies the retention policy by inspecting items in the mailbox and determining whether they're subject to retention. It then stamps items subject to retention with the appropriate retention tags and takes the specified retention action on items past their retention age.

The Managed Folder Assistant is a throttle-based assistant. Throttle-based assistants are always running and don't need to be scheduled. The system resources they can consume are throttled. You can configure the Managed Folder Assistant to process all mailboxes on a Mailbox server within a certain period (known as a work cycle). Additionally, at a specified interval (known as the work cycle checkpoint), the assistant refreshes the list of mailboxes to be processed. During the refresh, the assistant adds newly created or moved mailboxes to the queue. It also reprioritizes existing mailboxes that haven't been processed successfully due to failures and moves them higher in the queue so they can be processed during the same work cycle.

You can also use the Start-ManagedFolderAssistant cmdlet to manually trigger the assistant to process a specified mailbox. To learn more, see Configure the Managed Folder Assistant.

Note:
The Managed Folder Assistant doesn't take any action on messages that aren't subject to retention, specified by disabling the retention tag. You can also disable a retention tag to temporarily suspend items with that tag from being processed.

Moving items between folders

A mailbox item moved from one folder to another inherits any tags applied to the folder to which it's moved. If an item is moved to a folder that doesn't have a tag assigned, the DPT is applied to it. If the item has a tag explicitly assigned to it, the tag always takes precedence over any folder-level tags or the default tag.

Applying a retention tag to a folder in the archive

When the user applies a personal tag to a folder in the archive, if a folder with the same name exists in the primary mailbox and has a different tag, the tag on that folder in the archive changes to match the one in the primary mailbox. This is by design to avoid any confusion about items in a folder in the archive having a different expiry behavior than the same folder in the user’s primary mailbox. For example, the user has a folder named Project Contoso in the primary mailbox with a Delete – 3 years tag and a Project Contoso folder also exists in the archive mailbox. If the user applies a Delete – 1 year personal tag to delete items in the folder after 1 year. When the mailbox is processed again, the folder reverts to the Delete – 3 Years tag.

Removing or deleting a retention tag from a retention policy

When a retention tag is removed from the retention policy applied to a mailbox, the tag is no longer available to the user and can't be applied to items in the mailbox.

Existing items that have been stamped with that tag continue to be processed by the Managed Folder Assistant based on those settings and any retention action specified in the tag is applied to those messages.

However, if you delete the tag, the tag definition stored in Active Directory is removed. This causes the Managed Folder Assistant to process all items in a mailbox and restamp the ones that have the removed tag applied. Depending on the number of mailboxes and messages, this process may significantly consume resources on all Mailbox servers that contain mailboxes with retention policies that include the removed tag.

Important:
If a retention tag is removed from a retention policy, any existing mailbox items with the tag applied will continue to expire based on the tag's settings. To prevent the tag's settings from being applied to any items, you should delete the tag. Deleting a tag removes it from any retention policies in which it's included.

Disabling a retention tag

If you disable a retention tag, the Managed Folder Assistant ignores items that have that tag applied. Items that have a retention tag for which retention is disabled are either never moved or never deleted, depending on the specified retention action. Because these items are still considered tagged items, the DPT doesn't apply to them. For example, if you want to troubleshoot retention tag settings, you can temporarily disable a retention tag to stop the Managed Folder Assistant from processing messages with that tag.

Note:
The retention period for a disabled retention tag is displayed to the user as Never. If a user tags an item believing it will never be deleted, enabling the tag later may result in unintentional deletion of items the user didn't want to delete. The same is true for tags with the Move to Archive action.

Return to top

Retention hold

When users are temporarily away from work and don't have access to their e-mail, retention settings can be applied to new messages before they return to work or access their e-mail. Depending on the retention policy, messages may be deleted or moved to the user's personal archive. You can temporarily suspend retention policies from processing a mailbox for a specified period by placing the mailbox on retention hold. When you place a mailbox on retention hold, you can also specify a retention comment that informs the mailbox user (or another user authorized to access the mailbox) about the retention hold, including when the hold is scheduled to begin and end. Retention comments are displayed in supported Outlook clients. You can also localize the retention hold comment in the user's preferred language.

Note:
Placing a mailbox on retention hold doesn't affect how mailbox storage quotas are processed. Depending on the mailbox usage and applicable mailbox quotas, consider temporarily increasing the mailbox storage quota for users when they're on vacation or don't have access to e-mail for an extended period. For more information about mailbox storage quotas, see Configure storage quotas for a mailbox.

During long absences from work, users may accrue a large amount of e-mail. Depending on the volume of e-mail and the length of absence, it may take these users several weeks to sort through their messages. In these cases, consider the additional time it may take the users to catch up on their mail before removing them from retention hold.

If your organization has never implemented MRM, and your users aren't familiar with its features, you can also use retention holds during the initial warm up and training phase of your MRM deployment. You can create and deploy retention policies and educate users about the policies without the risk of having items moved or deleted before users can tag them. A few days before the warm up and training period ends, you should remind users of the warm-up deadline. After the deadline, you can remove the retention hold from user mailboxes, allowing the Managed Folder Assistant to process mailbox items and take the specified retention action.

For details about how to place a mailbox on retention hold, see Place a mailbox on retention hold.

Video: Retention Policies

http://www.msexchange.org/articles-tutorials/exchange-server-2010/management-administration/video-retention-policies.html