Book giveaway and e-mail notice • Please give me a piece of paper with your name for drawing • Include your e-mail address or give.
Download ReportTranscript Book giveaway and e-mail notice • Please give me a piece of paper with your name for drawing • Include your e-mail address or give.
Book giveaway and e-mail notice • Please give me a piece of paper with your name for drawing • Include your e-mail address or give me a business card if you want: ● ● 20% discount code for Directory Update software Notification e-mail when Mastering Exchange Server 2007 is available • Keep an eye out for Mastering Exchange Server 2007 – Due out in late April Exchange 2003 Best Practices Day-to-Day Jim McBee ITCS Hawaii [email protected] Jim McBee – Shameless self promotion • Consultant, Writer, MCSE, MVP, and MCT – Honolulu, Hawaii Principal clients are SAIC, Dell, and Microsoft Author – Exchange 2003 24Seven (Sybex) Contributor – Exchange and Outlook Administrator Blog – Mostly Exchange – http://mostlyexchange.blogspot.com Directory Update – • • • • • ● http://www.directory-update.com Audience Assumptions • • • • Level 200 session You have at least a few months experience running Exchange 2000 or 2003 You have worked with Active Directory You can install and configure Windows and Exchange Session’s coverage • Presentation – About 65 minutes ● ● ● ● • • • Daily tasks Monitoring and health checks Event logs “Worst practices’ Book give away – Drop off your business card or write your name on a slip of paper Questions and answers – 10 – 15 minutes Catch me afterwards also, I’m here all week “Leave Exchange Alone” • Single server? No more than 30 minutes work a day on a typical day • For the most part, Exchange does not require a lot of “direct” or “hands on” management • Monitoring is more important • Daily tasks consist of mostly checking things and verifying that the server is operating as expected • Almost all tasks can be performed remotely (not at the console) Preparing to Monitor • The problem with logging is you don’t know you need it until after the fact • Set larger event log sizes • Windows auditing • Exchange diagnostics logging • Message tracking • Protocol logging Recommended Event Log Sizes • • • • System – 50MB Security – 50MB Application – 200MB See http://tinyurl.com/syua3 Windows Auditing • These are for security purposes and not necessarily to tell you anything about Exchange • Auditing changes to Exchange configuration must be done on domain controllers Exchange Diagnostics Logging Message Tracking • Can be anywhere from a few KB to hundreds of MB per day • Some third party reporting utilities use these logs • Purged automatically Protocol Logging • Logging for SMTP or HTTP ● Enable on FE/BH servers • Gives you an “audit trail” of Internet activity • Logs do not automatically purge • For sample script, see: ● http://tinyurl.com/nztyy The Big Five - Critical Daily Tasks • Verify successful backups • Check available disk space • Examine the inbound and outbound queues • Review the event logs • Confirm message hygiene system’s health Automate or Manual • Most of the tasks in this presentation can be automated • Logic can be placed in scripts that determines if an alert should be raised • “Missing, but expected” events are just as important • Knowledge of these tasks is still important Those Wild And Crazy Event Logs • • • • Exchange is very good at recording information to the application event logs Confirming online maintenance completion is important Confirming backup completion Be on the lookup for system or application problems Online maintenance • Nightly each store has a series of maintenance tasks that ensure efficient database operation ● ● ● Purge deleted items and mailboxes Reorganize unused space Cleanup of stale indexes • If online maintenance does not run ● ● ● Store will continually to grow Database will become fragmented Performance will suffer • If online backup starts on any store in a storage group, online maintenance on the other stores will halt. Do not overlap online maintenance and backups. Purging Deleted Items and Mailboxes Database White Space – Event 1221 • Indicates the amount of empty space in the database file • Space will be reused before database file grows • No action required unless space is 25% or more of total database file size • Online backups will back up the entire file (white space and all) Much Ado About Backups • Probably the most important daily task you will perform • Exchange-aware backup programs: ● ● Use a backup API to backup the database “page-bypage” and verify the integrity of each page Purge the transaction logs after a “Normal” or an “Incremental” backup • Backups should not overlap online maintenance schedule (default 1:00AM – 5:00AM) Emerging trend in backups • Backup software backs up data to disk • Two or three days worth of backups retained on disk • Backup files then backed up to tape • Faster Exchange backup and restore • Usually need the most recent backup What indicates a successful backup? • Examine the backup application’s logs • Review the Application event log for specific events ● Good automated system will check for the absence of these events! • Look at Database properties of store for date and time of last backup • Transaction logs will be purged ESE: Logging/Recovery Event 221 • Indicates completion of backup of an STM or EDB file • You should see this event once for each backup job for each ESB and STM file ESE: Logging/Recovery - Event 223 • Starting the backup of a storage group’s transaction logs • This should be seen for each storage group selected in a backup set ESE: Logging/Recovery – Event 224 • Indicates storage group’s transaction logs are being purged • You should see this event once for each storage group selected for backup Backups will HALT if store corruption is detected • It’s a feature • This is an event you DO NOT want to see • If EDB file has pagelevel corruption, you get the infamous 1018 error • STM file does not generate this error Message Hygiene Checkups • Message hygiene is the applications, tools, or utilities you use to protect your server from: ● ● Malware (worms, viruses, Trojan horses) Spam and phishing • Are there signs of an outbreak? • Signature and scanning engine ● ● Update signatures every 1 to 2 hours Update scanning engine technology (if applicable) weekly • Does the quarantine need to be reviewed? Virus Scanning Statistics Intelligent Message System Statistics History Repeats Itself • Availability of historical information can help you ● ● ● Project needs in the future Identify trends Identify unusual activity Keep a log of… • Record disk space usage • Record store sizes • Save mailbox space usage report to text file • Virus statistics • Archive the Application, System, and Security event logs • Archive the HTTP and SMTP protocol logs Sample script • Exchange MVP Glen Scales mailbox and disk usage report • http://tinyurl.com/j3cgm Closed Mailboxes • MSExchange IS: General – Event ID 8528 • Indicates that a mailbox is full Periodic Best Practices • • • • Things you don’t need to do every day Perform test restores Check performance monitor Run the ExBPA I know I backed it up…. • But can you restore it • Create a recovery storage group • Restore databases periodically to recovery storage group • Confirm that you know how to perform this procedure ● ● See KB 824126 See http://technet.microsoft.com/en-us/aa998782.aspx Checking Performance • • • • • • Verify memory usage Check IOPS capacity Confirm RPC latency Check database cache hits Verify CPU is not overloaded See http://preview.tinyurl.com/2oqznb Quick Assessments - ExBPA • Exchange Best Practices Analyzer ● http://www.exbpa.com Quick Assessments - MSBA • Microsoft Baseline Security Analyzer ● http://tinyurl.com/2e5fe More Best Practices • • • • Impose limits Tune up Active Directory Improve OWA security Apply at least two levels of message hygiene What is an optimal mailbox store size? • Base this on your ability to restore data ● The time it takes to restore • Recommendations vary between 35GB and 100GB • 100GB is about the largest recommended store size What are common mailbox limits? • • • Based on organization requirements Varies from organization to organization Probably grow in the future ● ● ● • • META Group estimates legitimate mail volume grows 15 – 25% annually. Could increase with Unified Messaging Could decrease due to archival systems Calculate based on your tolerance for maximum store sizes and backup/restore times Meet your users needs or get more disk space and faster backups! What are common message size limits? • Default message size limits are good for most organizations • I think maximum recipients should be dropped to about 100 for organization and overridden for VIPs. Active Directory • Ensure that the System State is backed up on your domain controllers regularly • Get your Active Directory Site architecture tuned up Can I securely allow Internet access to OWA? • Allowing direct access to OWA is okay if all patches are applied and SSL is used. • Best solution is to use “reverse proxy” (such as ISA Server) • Best protection for OWA, ActiveSync, and RPC over HTTPS clients • See: ● ● KB 837354 http://tinyurl.com/ba2tj How do I create an OWA logon page? • This is called Forms Based Authentication (FBA) ● ● ● ● Enabled on HTTP virtual server properties Requires SSL Provides connection timeouts LOGON.ASP can be customized • See KB 830827 Worst practices: Resume producing events (Or how to lose your job with Exchange) • There are a few things that will definitely get you sent to the human resources department. • Mailbox surfing (reading other user’s mail) • Office automation tasks from the server console (word processing, doing e-mail, surfing the web) • Running a file-based virus scanner that scans EDB, STM, LOG, or CHK files or that scans the Queue folders • Deleting transaction logs manually Worst practices (cont) • Applying service packs immediately ● ● ● Wait 3 – 4 weeks Read the release notes thoroughly Make a full backup first • Applying critical updates immediately ● Wait 1 – 2 weeks (unless you need the fix right away) • Installing Outlook on the server • Not paying attention to available disk space and letting the server run out of free disk space Worst practices (cont) • Avoid “over administration” ● ● Mailbox stores rarely need offline compaction or offline maintenance of any sort Excessive reboots (more than once a week) • If you need to do this, you have a bigger problem • Don’t make big changes the day before your vacation Worst practices (cont) • Not using SSL for Internet clients • Setting up an open SMTP relay • Not calling for help when you get in over your head • Making significant, unscheduled changes without notifying the user community • Ignoring critical fixes and updates • Making the same mistakes over and over again Book Giveaway • Has everyone given me something to draw from? Questions? • You can always catch me this week if you don’t get your questions answered. • Thanks for attending! • My blog is Mostly Exchange – http://mostlyexchange.blogspot.com • Copies of these slides will be posted at the end of April 2006 on my blog Free eBook • Tips and Tricks Guide To Secure Messaging eBook ● http://tinyurl.com/kvxhx • Good follow-up to this presentation More information • “7 Daily Checks to Keep Exchange 2000 Running Smoothly” by Joe Neubauer ● http://www.exchangeadmin.com InstantDoc #26185 Your Feedback is Important Please fill out a session evaluation form and either put them in the basket near the exit or drop them off at the conference registration desk. You could win one of 10 subscriptions to TechNet Plus Direct: The essential resource for IT Professionals . Winners will be drawn and names will be posted Tuesday morning from Monday evals, Wednesday morning from Tuesday evals, and during closing session from Wendesday evals. Include your badge number on your session eval so we can figure out the winners! Thank you!