03-01-2013 06:07 AM
Hello. As a part of our outtake process, we disable leavers' AD accounts, hide their address from the GAL and move their mailbox to a special OU.
For years, I have been using the ProcessHiddenMailboxes = 1 and ExcludeDisabledADAccounts = 0 values in the EV server's registry.
AND I have a SQL Update query that runs every hour and changes the MbxExchangeState field to 0.
(And I even have recently added one more Update query to change ADMbxFlags to 0)
The problem is that these hidden/disabled users are NEVER archived automatically when the archiving task runs on schedule.
I always have to manually right-click on the archiving task and do Run Now and select the leavers to be archived.
After doing this for about 7 years it is kind of getting old. Is there ANY way to make this work automatically?
Solved! Go to Solution.
03-01-2013 09:48 AM
As I said .. my opinion... don't monkey around with SQL there is no need.
Hide the mailbox from the GAL..
Provisioning task runs..
Scheduled run should pick up the mailbox.
I am (reasonably) sure that the SQL stuff is interferring with the scheduled run .. and the 'run now' is overriding things.
03-01-2013 06:10 AM
What version of EV server are running? And the ProcessHiddenMailboxes should be all you need if that's all that has happened (ie their mailbox has been hidden)
03-01-2013 07:27 AM
Version 9 SP2
The hidden/disabled mailboxes get synchronized automatically no problem.
But I never see them getting archived automatically.
03-01-2013 07:29 AM
How are you checking to see if they have been archived?
03-01-2013 07:34 AM
Easy. Their mailbox archiving policy is "zero-day". So I should be able to see whether their messages start turning into archive pending shortcuts. But they are not.
When I go and check what policy is assigned to their mailbox - it shows the correct zero day policy.
03-01-2013 08:18 AM
So your run now archives items from the mailbox but scheduled doesn't?
Very strange indeed. Are there any events in the EV app log during the archive run, in particularly warnings about those mailboxes?
03-01-2013 08:51 AM
A manual Run Now archives then like a charm, but scheduled doesn't.
Been looking for event log warnings or errors related to these mailboxes, but found nothing.
03-01-2013 08:57 AM
After you run the SQL to make the changes, does the Provisioning Task run before or after the scheduled archiving run?
When the Provisioning Task runs it resets the SQL changes back to Hidden and Disabled again as stated in the technote below:
http://www.symantec.com/business/support/index?page=content&id=TECH47252
I guess what I would like toknow is all the stages of your changes from first to last e.g.
SQL changes.
Provisioning task run.
Scheduled archive run.
03-01-2013 09:08 AM
I think the bit that you might be breaking then is the SQL updates. You're asking EV to process hidden mailboxes, but you're setting the flag to say that it's a 'normal' mailbox, but they're not.
Have a look at:
https://www-secure.symantec.com/connect/forums/exchangemailboxentry-admbxflags
Further to that on my Exchange 2003, EV 10.0.3 system I just simply set the registry key for processing hidden mailboxes, and restarted my EV servics, then hid a mailbox [whilst I was logged into it from Outlook]... ran provisioning...
Mailbox now shows as:
MbxArchivingState = 1
MbxExchangeState = 2
ADMbxflags = 1
.. in the ExchangeMailboxEntry table in the Directory Database.
.. and then ran the mailbox archiving task at it's scheduled time (ie no 'run now').
It processed the mailbox fine.
So to summarise.. set the registry keys.. and that's all. (No SQL stuff)
I'd suggest that running the SQL queries is affecting the scheduled task (but that run now is happy to override the values).
Also if you want to process company leavers take a look at the QUADROtech Archive Leavers tool.
By the way, do you have the flag on the policy set to archive unread items? Maybe that's the bit that is confusing things?
If doing those things doesn't work, then maybe a DTRACE would shed some light on things. You could add a filter (so as not to have an enormous DTRACE file) using some of the bits of this perhaps...
1006525 16:50:29.378 [3164] (ArchiveTask) <916> EV:H {CMailboxUsage::SetMailboxInUse:#196} Added [/O=EV TRAINING/OU=FIRST ADMINISTRATIVE GROUP/CN=RECIPIENTS/CN=JEFF1] to list of mailboxes to be processed. List now contains [5] mailboxes. 1006526 16:50:29.378 [3164] (ArchiveTask) <916> EV:L {CExchangePolicyCache::GetDefaultPolicy:#272} Default policy is [17E238F3AE05910489026E797A80524A61012700ev1a.EV.Local (Default Exchange Mailbox Policy)] 1006527 16:50:29.378 [3164] (ArchiveTask) <916> EV:L {CPolicyTargetGroupCache::GetUsersPolicyTargetGroup:#225} Found entry for user [/o=EV Training/ou=First Administrative Group/cn=Recipients/cn=jeff1] in cache. 1006528 16:50:29.378 [3164] (ArchiveTask) <916> EV:L {CPolicyTargetGroupCache::GetUsersPolicyTargetGroup:#250} User [/o=EV Training/ou=First Administrative Group/cn=Recipients/cn=jeff1] maps to policy [1B123E86FDAD5CE41B5D46E4BEAABCD731012p00ev1a.EV.Local] [prov1] 1006529 16:50:29.378 [3164] (ArchiveTask) <916> EV:L {CExchangePolicyCache::GetPolicy:#245} Returning policy: [17E238F3AE05910489026E797A80524A61012700ev1a.EV.Local (Default Exchange Mailbox Policy)] 1006530 16:50:29.378 [3164] (ArchiveTask) <916> EV:H {CArchivingAgent::SetPolicy:#23365} [/o=EV Training/ou=First Administrative Group/cn=Recipients/cn=jeff1] is using policy [Default Exchange Mailbox Policy]. 1006531 16:50:29.378 [3164] (ArchiveTask) <916> EV:M {CArchivingAgent::ProcessMovedItemsInFolder:#25944} processing moved items in folder [\Inbox\1000 items] for user [/o=EV Training/ou=First Administrative Group/cn=Recipients/cn=jeff1] 1006532 16:50:29.378 [3164] (ArchiveTask) <916> EV:M {CArchivingAgent::ProcessMovedItemsInFolder:#25946} archive id for user [14CE58529509B8546ACC5E8948B254CDF1110000ev1a.EV.Local] 1006533 16:50:29.378 [3164] (ArchiveTask) <916> EV:M {CArchivingAgent::ProcessMovedItemsInFolder:#25947} archive folder id for folder [17A0BDE0AC188DC44A69790D34C71C2F51110000ev1a.EV.Local] 1006534 16:50:29.378 [3164] (ArchiveTask) <916> EV:M {CArchivingAgent::ProcessMovedItemsInFolder:#25948} retention category for folder [10223FE2A4886AF448B794B63BEAB80A21b10000ev1a.EV.Local] 1006535 16:50:29.378 [3164] (ArchiveTask) <916> EV:M {CArchivingAgent::ProcessMovedItemsInFolder:#25950} getting hold of a mapi session and opening the user message store
03-01-2013 09:19 AM
The SQL query runs every hour to zeroes out the necessary fields.
03-01-2013 09:46 AM
Yep, we archive Unread items.
About the SQL field value... the only way EV knows that a mailbox is hidden is because the provisioning task "sees" that in AD and sets the SQL field. If I subsequently change SQL field to 0, then EV "thinks" that it's a normal mailbox.
I have always been under impression that the SQL fields had to be zeroed out on a regular basis. Based on this:
http://www.symantec.com/business/support/index?page=content&id=TECH47252
IMPORTANT: Each time the Provisioning Task is run (EV7 and later versions) or theSynchronization process is executed (EV6 and earlier versions), the MbxExchangeState value of all hidden mailbox records is changed back to "2". Therefore, each time you wish to enable newly hidden mailboxes, it will be necessary to repeat step 2. The Provisioning Task and Synchronization process usually run twice a day at noon and midnight according to schedule.
03-01-2013 09:48 AM
As I said .. my opinion... don't monkey around with SQL there is no need.
Hide the mailbox from the GAL..
Provisioning task runs..
Scheduled run should pick up the mailbox.
I am (reasonably) sure that the SQL stuff is interferring with the scheduled run .. and the 'run now' is overriding things.
03-01-2013 09:51 AM
But then if I have to do an occasional Run Now, without monkeying with SQL I don't see the mailboxes that I want to manually archive. :)
03-01-2013 10:13 AM
I think what Rob is trying to point out is that you just need to run the sql to enable the mailboxes. Once the mailboxes are enabled it doesn't matter what their state is in SQL because you have the registry key set.
03-01-2013 10:16 AM
Indeedly-doodley.
03-01-2013 10:19 AM
I see... makes sense, kind of :)
But then on the other hand if I Don't zero out the SQL field, I am risking that some users would never get EV-enabled.
Most of our users are EV enabled while they are with the company. But there are some that aren't because the local IT forgot to add them to an AD group that feeds into a provisioning group. Or some are not EV enabled intentionally because of their VIP status (don't ask).
But when someone leaves the company, they must be Zero-day archived. So for some users this is the only chance to be EV-enabled - on the way out.
03-01-2013 10:38 AM
I understand, so does the leavers provisioning group auto-enable?
03-01-2013 10:45 AM
Yep. The outtake provisioning group feeds from the special OU where we move all the leavers, and it is set to auto-enable.
03-01-2013 03:39 PM
does the Archiving Task get restarted after each SQL changes?
03-01-2013 10:13 PM
not after each. The SQL update query runs every hour
The Archive Task gets restarted a couple of times per day during the backup operations.