SEF Presentation
Download
Report
Transcript SEF Presentation
Name of speaker (optional)
Configuring EDiscovery between
SharePoint 2013 and Exchange
2013
Steve Smith
@stevesmithck
[email protected]
What Can you Discover and Export ?
• Documents: Documents are discoverable from SharePoint and file shares.
•
•
•
•
•
Documents and their versions are exported from SharePoint Server 2013.
Lists: If a list item was included in the eDiscovery query results, the
complete list is exported as a comma-separated values (.csv) file.
Pages: SharePoint pages, such as wiki pages or blogs, are exported as
MIME HTML (.mht) files.
Exchange objects: Items in an Exchange Server 2013 mailbox, such as
tasks, calendar entries, contacts, email messages, and attachments, are
exported as a .pst file.
WebSites: Pages and Content
Lync Content: Providing Lync 2013 is setup to archive to Exchange 2013
• Exported in Electronic Discovery Reference Model (EDRM) specification
•
•
•
•
•
•
Install the Exchange Server cert to the SharePoint Server(s)
Install the Exchange Api on all SharePoint 2013 Front End
Servers
Configure Server to Server trust between SharePoint and
Exchange using the Secure Token Service (STS)
Configure Server to Server trust between Exchange and
SharePoint using STS
Add the SharePoint EDiscovery users to the Discovery
Management group in Exchange
Add the SharePoint EDiscovery users to a read only Web
Application Policy in SharePoint
• Note – For Office 365 this is not possible so you need to add them
as site collections admins
•
•
•
•
•
•
Create an EDiscovery Site Collection
Create a Search Result Source in the EDiscovery Site
Collection to the Exchange Server
If Discovering content on file Shares ensure the EDiscovery
officers have read access to the content (NTFS)
Ensure all Search Crawls have run
Grant security to view crawl log to EDiscovery user PowerShell
or via Search Administration in CA
If you wish to include Lync content ensure you have setup Lync
to archive to Exchange.
Exchange Api & Server to Server Trusts
Export Exchange Server trusted root certificate authority cert and import to SharePoint Server
C:\exchangeapi>msiexec /i EwsManagedApi.msi
addlocal="ExchangeWebServicesApi_Feature,ExchangeWebServicesApi_Gac“
In SharePoint PowerShell
new-sptrustedsecuritytokenissuer -name exchange -metadataendpoint
https://dcexch.combined.com/autodiscover/metadata/json/1
$exchange=Get-SPTrustedSecurityTokenIssuer
$app=Get-SPAppPrincipal -Site https://intranet.combined.com -NameIdentifier $exchange.NameId
$site=Get-SPSite https://intranet.combined.com
Set-SPAppPrincipalPermission -AppPrincipal $app –Site $site.RootWeb -Scope sitesubscription -Right
fullcontrol –EnableAppOnlyPolicy
From Exchange Management Console
[PS] C:\program files\microsoft\exchange server\v15\scripts>
.\Configure-EnterprisePartnerApplication.ps1 -AuthMetadataUrl
https://intranet.trainsbydave.com/_layouts/15/metadata/json/1 -ApplicationType SharePoint
Grant rights to Discovery Management group in
Exchange 2013
Optional - Grant Web Application Policy if not site
collection Administrator (On Prem only)
Create the EDiscovery Site Collection
Configure the Result Source in the EDiscovery
site collection
https://dcexch.combined.com/ews/exchange.asmx
Or use AutoDiscover option
Grant access to the crawl log for exporting
For On Prem you can use the following command or configure Read access to the logs via
the Search Service App Administration page
Set-SPEnterpriseSearchCrawlLogReadPermission -SearchApplication
(GetSPEnterpriseSearchServiceApplication) -UserNames "<eDiscoveryUsers>“
For Office 365 you must use the following PowerShell.
$ssa = Get-SPEnterpriseSearchServiceApplication$crawlLogPermission = GetSPEnterpriseSearchCrawlLogReadPermission -SearchApplication $ssa –Tenant "000000000000-0000-0000-000000000001"Set-SPEnterpriseSearchCrawlLogReadPermission Identity $crawlLogPermission -SearchApplication $ssa -UserNames "user1;user2” -Tenant
"00000000-0000-0000-0000-000000000001"
Reference Links
•
•
•
•
•
•
•
http://technet.microsoft.com/en-us/library/fp161514(v=office.15).aspx
http://technet.microsoft.com/en-us/library/fp161516(v=office.15).aspx
http://technet.microsoft.com/en-us/library/fp161512(v=office.15).aspx
http://technet.microsoft.com/en-us/library/jj219532(v=office.15).aspx
http://technet.microsoft.com/en-us/library/jj683115(v=office.15).aspx
http://technet.microsoft.com/en-us/library/jj219817(v=office.15).aspx
http://technet.microsoft.com/en-us/library/jj218665(v=exchg.150)
Thank You for listening
Questions ?