Search icon Close icon
Search icon
Subscription
0
Cart icon
Close icon
You have no products in your basket yet
Arrow left icon
All Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Newsletters
Free Learning
Arrow right icon
Microsoft Exchange Server 2016 PowerShell Cookbook - Fourth Edition

You're reading from  Microsoft Exchange Server 2016 PowerShell Cookbook - Fourth Edition

Product type Book
Published in Jul 2017
Publisher
ISBN-13 9781787126930
Pages 648 pages
Edition 4th Edition
Languages
Concepts
Authors (3):
Jonas Andersson Jonas Andersson
Profile icon Jonas Andersson
LinkedIn
Jonas Andersson is devoted to constantly developing himself and his skills. He started out in the IT business in 2004 and initially worked in a support center, where he acquired a basic knowledge of the industry. In 2007, he started his career as a Microsoft Infrastructure consultant, and from 2008 onwards his focus has been on Unified Communication. At the start of 2010, he was employed at a large outsourcing company as a messaging specialist, specializing in Microsoft Exchange. His work included designing, implementing, and developing messaging solutions for enterprise customers. In 2014, he joined Microsoft Consulting Services, and from then onward his main focus has been Office 365. His role was of a deployment consultant with Microsoft's Office 365 Global Practice EMEA team. In 2016, he started to work for Swedens largest retail companies with a known brand as a Product Specialist for Office 365, mostly focusing on Skype for Business Online but also on the other workloads. As a reward for his work in the community, he was awarded the Microsoft Most Valuable Professional for the Microsoft Exchange Server product in 2014.
See other products by Jonas Andersson
Nuno Mota Nuno Mota
Profile icon Nuno Mota
LinkedIn
Nuno Mota is a Senior Microsoft Messaging Consultant currently working for a large sovereign wealth fund. He has been responsible for designing and deploying Exchange and Office 365 solutions for organizations across the UK. He also shares a passion for Skype for Business, Active Directory, and PowerShell. Besides writing his personal Exchange blog, called LetsExchange, he is also an author on the MSExchange website with dozens of published articles and product reviews as well as multiple scripts on TechNet. He has also been awarded the Microsoft Most Valuable Professional (MVP) on Exchange five times since 2012.
See other products by Nuno Mota
Mike Pfeiffer Mike Pfeiffer
Profile icon Mike Pfeiffer
LinkedIn
Mike Pfeiffer is a 20-year IT industry veteran, published author, and international conference speaker. He's a former architect for Amazon Web Services and engineer for Microsoft. Today, Pfeiffer serves as chief technologist for CloudSkills, a cloud computing training and consulting firm.
See other products by Mike Pfeiffer
View More author details

Table of Contents (17) Chapters

Preface 1. PowerShell Key Concepts 2. Exchange Management Shell Common Tasks 3. Managing Recipients 4. Managing Mailboxes 5. Distribution Groups and Address Lists 6. Mailbox Database Management 7. Managing Client Access 8. Managing Transport Servers 9. Exchange Security 10. Compliance and Audit Logging 11. High Availability 12. Monitoring Exchange Health 13. Integration 14. Scripting with the Exchange Web Services Managed API 15. Common Shell Information 16. Query Syntaxes

Compliance and Audit Logging

In this chapter, we will cover the following topics:

  • Configuring journaling
  • Managing archive mailboxes
  • Configuring archive mailbox quotas
  • Creating retention tags and policies
  • Applying retention policies to mailboxes
  • Placing mailboxes on retention hold
  • Placing mailboxes on in-place hold or litigation hold
  • Searching and placing a hold on public folders
  • Performing eDiscovery searches
  • Performing Compliance searches
  • Configuring data loss prevention
  • Configuring administrator audit logging
  • Searching the administrator audit logs
  • Configuring mailbox audit logging
  • Searching mailbox audit logs

Introduction

One of the significant changes introduced in Exchange 2010 was the development of the feature called Litigation Hold; this was further developed and ended up in a feature called In-Place Hold in Exchange 2013 and 2016. One more welcomed feature is that it's possible to archive the contents from Lync or Skype for business into mailboxes.

This came together with the new search engine called FAST, which made searches across platforms available (Exchange, SharePoint, and Skype).

The compliance and audit logging features that were introduced in Exchange 2010 still apply to Exchange 2016, with some improvements. Over the years, many organizations have relied on third-party products for archiving and retaining email messages for legal protection and regulatory compliance. Fortunately, this function is now built into the product, along with some very powerful auditing...

Configuring journaling

Journaling in Exchange 2016 is pretty much unchanged from Exchange 2010, but it is still a crucial feature for many organizations worldwide as it helps respond to legal, regulatory, and organizational compliance requirements by recording all or specific email messages. Exchange provides two types of journaling:

  • Standard journaling is configured on a mailbox database and journals all messages sent to and from mailboxes located on that database.
  • Premium journaling provides more granular journaling by using journal rules. Instead of journaling every single email sent or received by all mailboxes in a database, you can restrict journaling based on recipients or members of distribution groups, and scope (internal, external, or all messages). Premium journaling requires an Exchange Enterprise Client Access License (CAL).

In both journaling methods, a journal...

Managing archive mailboxes

In Exchange 2010, a new personal storage concept was introduced, which still remains in Exchange 2016, called an archive mailbox, or in-place archive. The idea is that you can give one or more users a secondary mailbox that can be accessed from anywhere, just like their regular mailbox, and it can be used to store older mailbox data, thus eliminating the need for a PST file. The benefit of this is that archive mailboxes can be located on a database separate from the primary mailbox, allowing administrators to put low-priority, archived mailbox data on an inexpensive lower tier of storage. In this chapter, we'll take a look at how you can manage archive mailboxes for your users through the Exchange Management Shell.

How to do it...

...

Configuring archive mailbox quotas

As you enable archive mailboxes for end users and set up retention policies (shown later in the chapter), you may find that the default limitations configured for archive mailboxes do not meet your needs. In this recipe, you'll learn how to modify archive mailbox quotas using the Exchange Management Shell.

How to do it...

Let's see how to configure archive mailbox quotas by performing the following steps:

  1. To modify the archive quota settings for a single mailbox, use the Set-Mailbox cmdlet:
    Set-Mailbox dsmith -ArchiveQuota 10gb -ArchiveWarningQuota 8gb
  1. To do this in bulk, use the Get-Mailbox cmdlet to retrieve the mailboxes that need to be updated and pipe the results...

Creating retention tags and policies

Retention policies are the recommended method for implementing messaging records management in Exchange 2016. Retention policies use retention tags to apply settings to mailbox folders and individual items. Retention tags are configured with a retention action that can be taken when an item reaches its retention age limit. In this recipe, you'll learn how to create retention tags and policies using the Exchange Management Shell.

How to do it...

There are three types of retention tags that can be used to apply retention settings to a mailbox through a retention policy. The following steps outline the process of creating custom retention tags based on these types and assigning them to...

Applying retention policies to mailboxes

Retention policies are not automatically applied to end user mailboxes and must be set manually using either the Exchange Admin Center or the Exchange Management Shell. In this recipe, you'll learn how to apply retention policies to mailboxes from the command line, which will be useful when performing a retention policy assignment on a large number of mailboxes, or on a regular basis as new mailboxes are created.

How to do it...

Let's see how to apply retention policies to mailboxes by performing the following steps:

  1. To apply a retention policy to a mailbox, you use the Set-Mailbox cmdlet, specifying the retention policy name using the -RetentionPolicy parameter. For example...

Placing mailboxes on retention hold

When users go on vacation or are out of the office for an extended period of time, you may need to suspend the processing of the retention policy applied to their mailboxes. This recipe will show you how to use the Exchange Management Shell to place mailboxes on retention hold, as well as how to remove the retention hold and discover which mailboxes are currently configured for retention hold.

How to do it...

Let's see how to place a mailbox on retention hold by performing the following steps:

  1. To place a mailbox on retention hold, use the Set-Mailbox cmdlet:
    Set-Mailbox dsmith -RetentionHoldEnabled $True
  1. To remove the retention hold setting from the mailbox, use the same command...

Placing mailboxes on in-place hold or litigation hold

When an organization is dealing with the possibility of a legal action, data such as documents and email messages related to the case will usually need to be reviewed, and an effort to preserve this information must be made. Exchange 2016 allows you to protect and maintain this data by placing mailboxes on In-Place Hold or on Litigation Hold. This prevents users or retention policies from modifying or removing any messages that may be required during the legal discovery process. In this recipe, you'll learn how to manage hold settings for mailboxes from the Exchange Management Shell.

Litigation hold was introduced in Exchange 2010, and it still remains in Exchange 2016. Although it is recommended that you use the in-place hold feature instead, which is better suited for most scenarios, we will show you how to use both...

Searching and placing a hold on public folders

It is now also possible to search for content in public folders and place that same content on hold by using eDiscovery. This is important as many organizations still make extensive use of public folders to keep data, and not being able to easily search that data can only bring issues when trying to respond to legal requests.

In this recipe, we will see how to place a hold on public folder content using the Shell.

How to do it...

To place all content in all public folders on in-place hold for an unlimited hold duration, you use the following cmdlet:

    New-MailboxSearch -Name "All PFs Hold" -AllPublicFolderSources $True -AllSourceMailboxes $False -EstimateOnly -InPlaceHoldEnabled...

Performing eDiscovery searches

Exchange 2016 provides the ability to search through mailboxes for content that might be required during an investigation, such as a violation of organizational policy or regulatory compliance, or due to a lawsuit. Although this can be done through the Exchange Admin Center, you may need to do this from the command line. In this recipe, you'll learn how to perform discovery searches from the Exchange Management Shell.

How to do it...

To perform an eDiscovery search, we also use the New-MailboxSearch cmdlet. This cmdlet can be used to create a mailbox search and either get an estimate of search results, place search results on in-place hold, or copy them to a Discovery mailbox.

After you...

Performing Compliance searches

Another new feature introduced in Exchange 2016 is Compliance Search, which allows administrators to search all mailboxes in the organization. While In-Place eDiscovery is limited to search only up to 10,000 mailboxes, compliance search does not have such limitation, which is extremely helpful for large organizations that need to perform organization-wide searches.

Compliance search uses the New-ComplianceSearch cmdlet we already looked at in the Deleting messages from mailboxes using Compliance Search recipe from Chapter 4, Managing Mailboxes. Using this cmdlet, we can search all mailboxes in the organization and then use in-place eDiscovery to perform other eDiscovery-related tasks, such as placing mailboxes on hold or exporting search results.

In this recipe, we will look at how we can leverage the New-ComplianceSearch cmdlet to determine which...

Configuring data loss prevention

Data Loss Prevention (DLP), is a system designed to detect a potential data breach/leakage incident in a timely manner and prevent it. When this happens, sensitive data such as personal or company information (credit card details, social security numbers, and so on) is disclosed to unauthorized users either with malicious intent or by mistake. This has always been crucial for most companies as loss of sensitive data can be very damaging for a business. Since Exchange 2013, and further improved in 2016, Microsoft has made it possible to enforce compliance requirements for such data and control how it is used in email. DLP is the feature that allows administrators to manage sensitive data in Exchange.

In this recipe, we will look at how we can configure DLP using the Shell to help prevent accidental data leakage.

...

Configuring administrator audit logging

Administrator audit logging allows you to track the cmdlets that are being run within your Exchange organization. The log entries provide details about the cmdlets and parameters used, such as when a command was executed, which objects were affected by the command, and the user who ran the cmdlet. In this recipe, you'll learn how to configure the options used to define the administrator audit logging settings in your environment.

How to do it...

For new installations of Exchange 2016, administrator audit logging is enabled by default. Let's perform the following steps to configure administrator audit logging:

  1. To determine the current configuration, use the Get-AdminAuditLogConfig...

Searching the administrator audit logs

You can use the Exchange Management Shell to search the administrator audit logs and generate reports based on the cmdlets and parameters used to modify objects within your Exchange environment. There are two ways in which we can view the audit logs from the Exchange Management Shell, and in this recipe, we'll take a look at both methods.

How to do it...

Let's see how to perform an administrator audit log search by performing the following steps:

  1. To perform a synchronous administrator audit log search in the Shell, we can use the Search-AdminAuditLog cmdlet:
    Search-AdminAuditLog -Cmdlets Set-Mailbox '
    -StartDate 6/1/2017 '
    -EndDate 6/30/2017 '
 ...

Configuring mailbox audit logging

In every organization, there are always mailboxes with sensitive information. These might be the mailboxes of the CEO, directors, users from the HR or Payroll departments, or simply mailboxes for which you have to perform discovery actions to demonstrate compliance with regulatory or legal requirements. Although normally administrators are not concerned with the content of users' mailboxes, there might be someone less honest that attempts to access someone's mailbox in order to obtain information of value for their own benefit.

Administrators can implement Mailbox Audit Logging and run audit reports to obtain details regarding actions taken on a mailbox. After enabling an audit for one or more mailboxes and configuring the level of detail that we want to capture, audit entries are captured in the Audit subfolder of the Recoverable Items...

Searching mailbox audit logs

Similar to searching the admin audit logs, there are two ways to search mailbox audit log entries using the Shell:

  1. By using the Search-MailboxAuditLog cmdlet to synchronously search mailbox audit log entries for a single mailbox, and displaying the search results in the Shell.
  2. Alternatively, you can create a mailbox audit log search to asynchronously search mailbox audit logs for one or more mailboxes, and then have the search results sent to a specified email address as an XML attachment. To create the search, you use the New-MailboxAuditLogSearch cmdlet.

In this recipe, we will see how to perform both types of searches.

How to do it...

  1. To search all actions performed by delegates on the CEO...
lock icon The rest of the chapter is locked
arrow left Previous Chapter
Chapter 1 of 17
Next Chapter arrow right
You have been reading a chapter from
Microsoft Exchange Server 2016 PowerShell Cookbook - Fourth Edition
Published in: Jul 2017 Publisher: ISBN-13: 9781787126930
© 2017 Packt Publishing Limited All Rights Reserved
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Sign up now
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Start free trial
Renews at $15.99/month. Cancel anytime}

Authors (3)

Left arrow icon
Profile icon Jonas Andersson
LinkedIn
Jonas Andersson is devoted to constantly developing himself and his skills. He started out in the IT business in 2004 and initially worked in a support center, where he acquired a basic knowledge of the industry. In 2007, he started his career as a Microsoft Infrastructure consultant, and from 2008 onwards his focus has been on Unified Communication. At the start of 2010, he was employed at a large outsourcing company as a messaging specialist, specializing in Microsoft Exchange. His work included designing, implementing, and developing messaging solutions for enterprise customers. In 2014, he joined Microsoft Consulting Services, and from then onward his main focus has been Office 365. His role was of a deployment consultant with Microsoft's Office 365 Global Practice EMEA team. In 2016, he started to work for Swedens largest retail companies with a known brand as a Product Specialist for Office 365, mostly focusing on Skype for Business Online but also on the other workloads. As a reward for his work in the community, he was awarded the Microsoft Most Valuable Professional for the Microsoft Exchange Server product in 2014.
Read more
See other products by Jonas Andersson
Profile icon Nuno Mota
LinkedIn
Nuno Mota is a Senior Microsoft Messaging Consultant currently working for a large sovereign wealth fund. He has been responsible for designing and deploying Exchange and Office 365 solutions for organizations across the UK. He also shares a passion for Skype for Business, Active Directory, and PowerShell. Besides writing his personal Exchange blog, called LetsExchange, he is also an author on the MSExchange website with dozens of published articles and product reviews as well as multiple scripts on TechNet. He has also been awarded the Microsoft Most Valuable Professional (MVP) on Exchange five times since 2012.
Read more
See other products by Nuno Mota
Profile icon Mike Pfeiffer
LinkedIn
Mike Pfeiffer is a 20-year IT industry veteran, published author, and international conference speaker. He's a former architect for Amazon Web Services and engineer for Microsoft. Today, Pfeiffer serves as chief technologist for CloudSkills, a cloud computing training and consulting firm.
See other products by Mike Pfeiffer
Right arrow icon

Other recommended products

Related to this chapter
Left arrow icon
Practical PowerShell Exchange Server 2019
Practical PowerShell Exchange Server 2019
Practical PowerShell Exchange Server 2019 teaches you the entire spectrum of PowerShell concepts and techniques, from the basics to full immersion in Exchange 2019 PowerShell. This book provides relevant examples and all the practical guidance you need to start using PowerShell right away.
Jun 2020 22 hours 56 minutes
Practical PowerShell Exchange Server 2016
Practical PowerShell Exchange Server 2016
This book is ideal for those who want to build upon general skills and write more powerful PowerShell scripts to manage Exchange Server 2016. Basic knowledge of PowerShell is recommended.
Feb 2020 18 hours 34 minutes
Practical PowerShell Office 365: Exchange Online
Practical PowerShell Office 365: Exchange Online
Practical PowerShell Exchange Online is designed to teach both fundamental and advanced aspects of PowerShell, providing relevant examples and practical guidance to give all the information you need to start using PowerShell right away.
Feb 2020 14 hours 36 minutes
PowerShell for Office 365
PowerShell for Office 365
Office 365 is a powerful tool to perform common administrative tasks. But there is more that it can do. PowerShell for Office365 helps in automation of repetitive and complex administrative tasks, which can greatly increase the speed and efficiency of your business. This book will walk you through all the aspects of PowerShell and will enable you to get a greater control and extract more from Office 365.
Jul 2017 7 hours 24 minutes
Microsoft 365 Security Administration: MS-500 Exam Guide
Microsoft 365 Security Administration: MS-500 Exam Guide
MS-500: Microsoft 365 Security Administration offers complete, up-to-date coverage of the MS-500 exam so you can take it with confidence, fully equipped to pass the first time.
Jun 2020 22 hours 24 minutes
Mastering Office 365 Administration
Mastering Office 365 Administration
Office 365 is Microsoft's cloud solution to create IT services for enterprises and academics which is way cheaper than an in house IT infrastructure. This book will teach you to implement enterprise-level services, no matter the size of your business.
May 2018 17 hours 44 minutes
Practical PowerShell Security and Compliance Center
Practical PowerShell Security and Compliance Center
This book is designed for those who already have some knowledge of PowerShell and are looking for ways to improve their scripts to manage the Security and Compliance Center.
Sep 2020 13 hours 56 minutes
Practical PowerShell Security and Compliance Center
Practical PowerShell Security and Compliance Center
This book is designed for those who know some PowerShell or are looking for ways to make their scripts better. With this book, you'll become more confident in managing the Security and Compliance Center (SCC) with PowerShell.
Feb 2020 12 hours 4 minutes
Powershell Core 6.2 Cookbook
Powershell Core 6.2 Cookbook
PowerShell Core is the open-source edition of PowerShell that works on Linux, macOS, and Windows. This book will be your one stop guide to learning everything new about PowerShell Core and how you can make the most of the changes and upgrades.
Apr 2019 12 hours 24 minutes
Learn PowerShell Core 6.0
Learn PowerShell Core 6.0
Derived from the .NET Framework, Windows PowerShell is a command-line shell and scripting language designed specifically to automate almost every task. PowerShell helps IT professionals and power users to make system administration simple and handy on Windows. This book will be your end-to-end guide to get up and running with Windows PowerShell Core 6.0.
Jul 2018 18 hours 24 minutes
Right arrow icon

Personalised recommendations for you

Based on your interests and search pattern
Left arrow icon
Designing and Implementing Microsoft Azure Networking Solutions
Designing and Implementing Microsoft Azure Networking Solutions
Designing and Implementing Microsoft Azure Networking Solutions Exam Ref AZ-700 is an all-encompassing guide to the AZ-700 exam and contains all the information you need to succeed in the world of virtual networking with Azure. With this book, you will be fully prepared for the exam and the world of cloud networking.
Aug 2023 17 hours 28 minutes
Microsoft 365 Security, Compliance, and Identity Administration
Microsoft 365 Security, Compliance, and Identity Administration
The Microsoft 365 Security, Compliance, and Identity Administration is a comprehensive guide that helps you employ Microsoft 365's robust suite of features and empowers you to optimize your administrative tasks.
Aug 2023 21 hours 0 minutes
Zero Trust Overview and Playbook Introduction
Zero Trust Overview and Playbook Introduction
Get started on Zero Trust with this step-by-step playbook and learn everything you need to know for a successful Zero Trust journey with tailored guidance for every role, covering strategy, operations, architecture, implementation, and measuring success. This book will become an indispensable reference for everyone in your organization.
Oct 2023 8 hours 0 minutes
The Self-Taught Cloud Computing Engineer
The Self-Taught Cloud Computing Engineer
This self-study book helps you master multiple clouds, including AWS, Azure, and GCP, and serves as a roadmap to becoming a certified cloud computing expert. The book will guide you to develop a professional cloud career by helping you build a broad cloud knowledge base, developing hands-on cloud computing skills, and getting cloud certified.
Sep 2023 15 hours 44 minutes
Technology Operating Models for Cloud and Edge
Technology Operating Models for Cloud and Edge
This book will help you build and create ownership of a technology operating model, as well as connect your leadership with engineering and operations, keeping your internal and external customers in mind. It provides practical tips on why, where, and how to make the cloud and edge platform paradigm sing for you, your team, and your organization.
Aug 2023 7 hours 36 minutes
Azure Architecture Explained
Azure Architecture Explained
Azure is the preferred platform to build mission-critical and secure apps. This book provides comprehensive coverage of essential Azure products, services, and solutions vital for every solution architect's success. Elevate your knowledge and master the critical components of Azure to excel in your role with Azure Architecture Explained.
Sep 2023 14 hours 52 minutes
Pentesting Active Directory and Windows-based Infrastructure
Pentesting Active Directory and Windows-based Infrastructure
This practical guide helps you explore the pentesting of Microsoft infrastructure in detail, and enhances your offensive skillset by showing you the different ways to perform security assessment. This book will help blue teamers and IT engineers get up to speed with possible security issues they may encounter in their Windows environments.
Nov 2023 12 hours 0 minutes
Practical Ansible
Practical Ansible
In Practical Ansible, you'll work with the latest release of Ansible and learn to solve complex issues quickly with the help of task-oriented scenarios. You'll start by installing and configuring Ansible to automate monotonous and repetitive IT tasks and get to grips with concepts such as playbooks, inventories, plugins, collections, and network modules.
Sep 2023 14 hours 0 minutes
Windows 11 for Enterprise Administrators
Windows 11 for Enterprise Administrators
Microsoft’s launch of Windows 11 is a step toward satisfying the enterprise administrator’s needs for better management and enhanced user experience customization. This book provides the enterprise administrator with the knowledge needed to fully utilize the advanced feature set of Windows 11 Enterprise.
Oct 2023 9 hours 32 minutes
The Linux DevOps Handbook
The Linux DevOps Handbook
This book is for software and IT professionals seeking knowledge on Linux systems and DevOps practices. This book will provide you with guidance and tools to learn and gain proficiency in managing Linux-based infrastructures and knowledge of DevOps.
Nov 2023 14 hours 16 minutes
Right arrow icon