530 likes | 733 Views
Book giveaway and e-mail notice. Please give me a piece of paper with your name for drawing Include your e-mail address or give me a business card if you want: 20% discount code for Directory Update software Notification e-mail when Mastering Exchange Server 2007 is available
E N D
Book giveaway and e-mail notice • Please give me a piece of paper with your name for drawing • Include your e-mail address or give me a business card if you want: • 20% discount code for Directory Update software • Notification e-mail when Mastering Exchange Server 2007 is available • Keep an eye out for Mastering Exchange Server 2007 – Due out in late April
Exchange 2003Best Practices Day-to-Day Jim McBee ITCS Hawaii jim@somorita.com
Jim McBee – Shameless self promotion • Consultant, Writer, MCSE, MVP, and MCT – Honolulu, Hawaii • Principal clients are SAIC, Dell, and Microsoft • Author – Exchange 2003 24Seven (Sybex) • Contributor – Exchange and Outlook Administrator • Blog – Mostly Exchange – http://mostlyexchange.blogspot.com • Directory Update – • http://www.directory-update.com
Audience Assumptions • Level 200 session • You have at least a few months experience running Exchange 2000 or 2003 • You have worked with Active Directory • You can install and configure Windows and Exchange
Session’s coverage • Presentation – About 65 minutes • Daily tasks • Monitoring and health checks • Event logs • “Worst practices’ • Book give away – Drop off your business card or write your name on a slip of paper • Questions and answers – 10 – 15 minutes • Catch me afterwards also, I’m here all week
“Leave Exchange Alone” • Single server? No more than 30 minutes work a day on a typical day • For the most part, Exchange does not require a lot of “direct” or “hands on” management • Monitoring is more important • Daily tasks consist of mostly checking things and verifying that the server is operating as expected • Almost all tasks can be performed remotely (not at the console)
Preparing to Monitor • The problem with logging is you don’t know you need it until after the fact • Set larger event log sizes • Windows auditing • Exchange diagnostics logging • Message tracking • Protocol logging
Recommended Event Log Sizes • System – 50MB • Security – 50MB • Application – 200MB • See http://tinyurl.com/syua3
Windows Auditing • These are for security purposes and not necessarily to tell you anything about Exchange • Auditing changes to Exchange configuration must be done on domain controllers
Message Tracking • Can be anywhere from a few KB to hundreds of MB per day • Some third party reporting utilities use these logs • Purged automatically
Protocol Logging • Logging for SMTP or HTTP • Enable on FE/BH servers • Gives you an “audit trail” of Internet activity • Logs do not automatically purge • For sample script, see: • http://tinyurl.com/nztyy
The Big Five - Critical Daily Tasks • Verify successful backups • Check available disk space • Examine the inbound and outbound queues • Review the event logs • Confirm message hygiene system’s health
Automate or Manual • Most of the tasks in this presentation can be automated • Logic can be placed in scripts that determines if an alert should be raised • “Missing, but expected” events are just as important • Knowledge of these tasks is still important
Those Wild And Crazy Event Logs • Exchange is very good at recording information to the application event logs • Confirming online maintenance completion is important • Confirming backup completion • Be on the lookup for system or application problems
Online maintenance • Nightly each store has a series of maintenance tasks that ensure efficient database operation • Purge deleted items and mailboxes • Reorganize unused space • Cleanup of stale indexes • If online maintenance does not run • Store will continually to grow • Database will become fragmented • Performance will suffer • If online backup starts on any store in a storage group, online maintenance on the other stores will halt. Do not overlap online maintenance and backups.
Database White Space – Event 1221 • Indicates the amount of empty space in the database file • Space will be reused before database file grows • No action required unless space is 25% or more of total database file size • Online backups will back up the entire file (white space and all)
Much Ado About Backups • Probably the most important daily task you will perform • Exchange-aware backup programs: • Use a backup API to backup the database “page-by-page” and verify the integrity of each page • Purge the transaction logs after a “Normal” or an “Incremental” backup • Backups should not overlap online maintenance schedule (default 1:00AM – 5:00AM)
Emerging trend in backups • Backup software backs up data to disk • Two or three days worth of backups retained on disk • Backup files then backed up to tape • Faster Exchange backup and restore • Usually need the most recent backup
What indicates a successful backup? • Examine the backup application’s logs • Review the Application event log for specific events • Good automated system will check for the absence of these events! • Look at Database properties of store for date and time of last backup • Transaction logs will be purged
ESE: Logging/Recovery Event 221 • Indicates completion of backup of an STM or EDB file • You should see this event once for each backup job for each ESB and STM file
ESE: Logging/Recovery - Event 223 • Starting the backup of a storage group’s transaction logs • This should be seen for each storage group selected in a backup set
ESE: Logging/Recovery – Event 224 • Indicates storage group’s transaction logs are being purged • You should see this event once for each storage group selected for backup
Backups will HALT if store corruption is detected • It’s a feature • This is an event you DO NOT want to see • If EDB file has page-level corruption, you get the infamous -1018 error • STM file does not generate this error
Message Hygiene Checkups • Message hygiene is the applications, tools, or utilities you use to protect your server from: • Malware (worms, viruses, Trojan horses) • Spam and phishing • Are there signs of an outbreak? • Signature and scanning engine • Update signatures every 1 to 2 hours • Update scanning engine technology (if applicable) weekly • Does the quarantine need to be reviewed?
History Repeats Itself • Availability of historical information can help you • Project needs in the future • Identify trends • Identify unusual activity
Keep a log of… • Record disk space usage • Record store sizes • Save mailbox space usage report to text file • Virus statistics • Archive the Application, System, and Security event logs • Archive the HTTP and SMTP protocol logs
Sample script • Exchange MVP Glen Scales mailbox and disk usage report • http://tinyurl.com/j3cgm
Closed Mailboxes • MSExchange IS: General – Event ID 8528 • Indicates that a mailbox is full
Periodic Best Practices • Things you don’t need to do every day • Perform test restores • Check performance monitor • Run the ExBPA
I know I backed it up…. • But can you restore it • Create a recovery storage group • Restore databases periodically to recovery storage group • Confirm that you know how to perform this procedure • See KB 824126 • See http://technet.microsoft.com/en-us/aa998782.aspx
Checking Performance • Verify memory usage • Check IOPS capacity • Confirm RPC latency • Check database cache hits • Verify CPU is not overloaded • See http://preview.tinyurl.com/2oqznb
Quick Assessments - ExBPA • Exchange Best Practices Analyzer • http://www.exbpa.com
Quick Assessments - MSBA • Microsoft Baseline Security Analyzer • http://tinyurl.com/2e5fe
More Best Practices • Impose limits • Tune up Active Directory • Improve OWA security • Apply at least two levels of message hygiene
What is an optimal mailbox store size? • Base this on your ability to restore data • The time it takes to restore • Recommendations vary between 35GB and 100GB • 100GB is about the largest recommended store size
What are common mailbox limits? • Based on organization requirements • Varies from organization to organization • Probably grow in the future • META Group estimates legitimate mail volume grows 15 – 25% annually. • Could increase with Unified Messaging • Could decrease due to archival systems • Calculate based on your tolerance for maximum store sizes and backup/restore times • Meet your users needs or get more disk space and faster backups!
What are common message size limits? • Default message size limits are good for most organizations • I think maximum recipients should be dropped to about 100 for organization and overridden for VIPs.
Active Directory • Ensure that the System State is backed up on your domain controllers regularly • Get your Active Directory Site architecture tuned up
Can I securely allow Internet access to OWA? • Allowing direct access to OWA is okay if all patches are applied and SSL is used. • Best solution is to use “reverse proxy” (such as ISA Server) • Best protection for OWA, ActiveSync, and RPC over HTTPS clients • See: • KB 837354 • http://tinyurl.com/ba2tj
How do I create an OWA logon page? • This is called Forms Based Authentication (FBA) • Enabled on HTTP virtual server properties • Requires SSL • Provides connection timeouts • LOGON.ASP can be customized • See KB 830827
Worst practices: Resume producing events (Or how to lose your job with Exchange) • There are a few things that will definitely get you sent to the human resources department. • Mailbox surfing (reading other user’s mail) • Office automation tasks from the server console (word processing, doing e-mail, surfing the web) • Running a file-based virus scanner that scans EDB, STM, LOG, or CHK files or that scans the Queue folders • Deleting transaction logs manually
Worst practices (cont) • Applying service packs immediately • Wait 3 – 4 weeks • Read the release notes thoroughly • Make a full backup first • Applying critical updates immediately • Wait 1 – 2 weeks (unless you need the fix right away) • Installing Outlook on the server • Not paying attention to available disk space and letting the server run out of free disk space
Worst practices (cont) • Avoid “over administration” • Mailbox stores rarely need offline compaction or offline maintenance of any sort • Excessive reboots (more than once a week) • If you need to do this, you have a bigger problem • Don’t make big changes the day before your vacation
Worst practices (cont) • Not using SSL for Internet clients • Setting up an open SMTP relay • Not calling for help when you get in over your head • Making significant, unscheduled changes without notifying the user community • Ignoring critical fixes and updates • Making the same mistakes over and over again
Book Giveaway • Has everyone given me something to draw from?
Questions? • You can always catch me this week if you don’t get your questions answered. • Thanks for attending! • My blog is Mostly Exchange – http://mostlyexchange.blogspot.com • Copies of these slides will be posted at the end of April 2006 on my blog