cancel
Showing results for 
Search instead for 
Did you mean: 

How to Journal

anon1m0us1
Level 6

I am configuring Jounraling, but have a few questions:

 

1) If I want to Journal a Provision Group's mailbox, how is this done? Do I need to create a new Archive Journal for EACH user? I am currently using the EV Mailbox since it has the appropropriate permissions to everyone's mailbox.

 

2) Should I create a new Vault Group and Store for Journaling. It seems the answer is no based on SIS. But if yes, can the new Group, and partition be on the same LUN??

 

Thanks

1 ACCEPTED SOLUTION

Accepted Solutions

JesusWept3
Level 6
Partner Accredited Certified

Journaling is meant for journal mailboxes only, and shouldn't be used against a users mailbox, for the fact that a user can only be targeted by one archiving task on one EV Server, users also have mailbox structures such as \Inbox \Sent Items etc.

A Journal archive is simply a flat structure, it has no inbox, sent items, etc and expects the items to have a journal report to determine who received copies of the email, who are undisclosed recipients (BCC) etc

So the way it would normally work is

1. In Exchange, create a System Mailbox for Enterprise Vault and a Journal Mailbox that will receive the email
2. Configure Exchange to journal all email to that mailbox at the database level or on the hub transports within exchange
3. In the Vault Admin Console create a Journal Archive
4. In the Exchange Servers, create your exchange server target if it doesn't already exist
5. Under the Journal Mailboxes container, add your Journal you create in step 1
6. It will then ask if you want to use an existing journal task (if one exists) or a new journal task
7. Once you complete it, all email will be coming in to that journal mailbox and the journal task will connect every minute to check for email and archive it appropriately.

As for the Vault store questions, my advice would be to create a new Vault Store for journaling in the existing vault store group and have items shared between the mailbox and the journaling.

The reason is that journaling will create a lot of overhead and add far more entries in the database than mailbox archiving will, so its really based on performance, but you want to keep it in the group so that you keep the OSIS benefits

https://www.linkedin.com/in/alex-allen-turl-07370146

View solution in original post

15 REPLIES 15

JesusWept3
Level 6
Partner Accredited Certified

Journaling is meant for journal mailboxes only, and shouldn't be used against a users mailbox, for the fact that a user can only be targeted by one archiving task on one EV Server, users also have mailbox structures such as \Inbox \Sent Items etc.

A Journal archive is simply a flat structure, it has no inbox, sent items, etc and expects the items to have a journal report to determine who received copies of the email, who are undisclosed recipients (BCC) etc

So the way it would normally work is

1. In Exchange, create a System Mailbox for Enterprise Vault and a Journal Mailbox that will receive the email
2. Configure Exchange to journal all email to that mailbox at the database level or on the hub transports within exchange
3. In the Vault Admin Console create a Journal Archive
4. In the Exchange Servers, create your exchange server target if it doesn't already exist
5. Under the Journal Mailboxes container, add your Journal you create in step 1
6. It will then ask if you want to use an existing journal task (if one exists) or a new journal task
7. Once you complete it, all email will be coming in to that journal mailbox and the journal task will connect every minute to check for email and archive it appropriately.

As for the Vault store questions, my advice would be to create a new Vault Store for journaling in the existing vault store group and have items shared between the mailbox and the journaling.

The reason is that journaling will create a lot of overhead and add far more entries in the database than mailbox archiving will, so its really based on performance, but you want to keep it in the group so that you keep the OSIS benefits

https://www.linkedin.com/in/alex-allen-turl-07370146

anon1m0us1
Level 6

Thanks. Management wants to use Journaling to track all emails in a provision group. For example, if a user in a provision group deletes an email, IT can go into the journal mailbox and find the emails and send it back to the user based on the retention policy on the journal mailbox.

Can journaling be done this way?

Can I assume the Journal Mailbox needs the same permissions on the Exchange as the EVMailbox?

JesusWept3
Level 6
Partner Accredited Certified

ok if this is the case i would suggest provisioning by DL's or security groups etc
Then you could use Selective Journaling to say anything that is sent/received by this DL, archive it, anything else, delete it

OR the easier option is to have a DL thats used for provisioning and have your exchange team set up journaling rules on the exchange side so only those users email go to the journal mailbox

https://www.linkedin.com/in/alex-allen-turl-07370146

anon1m0us1
Level 6

I prefer the easier option. Any docs on that? Like setting up DL, since now we are using Windows Groups for the Provisioning Group.

JesusWept3
Level 6
Partner Accredited Certified

Well really if you are going to do transport rules in Exchange 2007/2010 and create distribution lists, then your Exchange team should be able to handle that easily as that is Exchange 101.

For the provisioning thats up to you, but you simply just change the target of your provisioning group to be a distribution group instead of whatever it is you are targeting now.

But anyway, some links regarding this can be found below.

How to create a distribution list in Exchange 2010:
http://technet.microsoft.com/en-us/library/bb124513.aspx

How to create a distribution list in Exchange 2007:
http://technet.microsoft.com/en-us/library/bb125256(v=EXCHG.80).aspx

How to create a distribution list in Exchange 2003
http://support.microsoft.com/kb/821904


How to journal based off of a distribution list in Exchange 2010:
http://technet.microsoft.com/en-us/library/bb124246.aspx

How to journal based off of a distribution list in Exchange 2007:
http://technet.microsoft.com/en-us/library/bb125256(v=EXCHG.80).aspx

Here is a white paper on how the exchange journal transport for 2007 works, similar to 2010:
http://technet.microsoft.com/en-us/library/bb738122(v=EXCHG.80).aspx

Enterprise Vault Provisioning Best Practices white paper:
https://www-secure.symantec.com/connect/articles/enterprise-vault-granular-provisioning-best-practic...


If you can't configure Exchange 2010 or 2007 to do the rules you want, you will need to use Selective Journaling, a couple of Articles can be found here, as well as in the Admin Guides for EV:
https://www-secure.symantec.com/connect/articles/selective-journaling-enterprise-vault



 

https://www.linkedin.com/in/alex-allen-turl-07370146

anon1m0us1
Level 6

Thanks. My manager just wants to use EV Journaling since we have over 500 DL's

TonySterling
Moderator
Moderator
Partner    VIP    Accredited Certified

I think you miss the point that EV Journaling is just archiving the Exchange Journal mail.  You need to configuring Journaling in Exchange to capture the mail you want and then target that Exchange Journal mailbox with an EV journal task.

anon1m0us1
Level 6

Nope. That's exactly what I ma planning to do.

1) Setup a journal mail box

2) Create Exchange Rules to Archive everyone's email

3) Configure EV to archive the Journal mailbox.

 

JesusWept3
Level 6
Partner Accredited Certified

By Everyone, you just mean those who are provisioned right by using the Exchange Journaling rules, right?
Either way i think you have enough information to get it sorted, really the bulk of the work is going to be on the exchange team to get journaling configured correctly.

However also remember that for premium journaling (i.e so it journals just the people you want) on Exchange, you have to have extra CAL's, meaning if you have 10,000 employees and you want to journal 5,000 of them then you need 5,000 extra CAL's etc

https://www.linkedin.com/in/alex-allen-turl-07370146

Bruce_Cranksh1
Level 6
Partner Accredited

@ JesusWept

I have a question for you about your recommendations around the OSIS model, if you dont mind.
You recommended that he should enable sharing on the VSG level between the Mailbox Vault Store (MVS) and the Journal Vault Store ( JVS)

What would happnen if you had different Retention Categories, which is often the case, between the MVS(3 years) and the JVS(7 years)

If an item has archived first by the MVS then the actual item would be stored there but a reference in the Fingerprint database would only exist for the same item for the JVS. The actual item wouldn't also exist in the JVS

So now years later you implement Storage Expiry and don't get the storage recovery you expect because the item doesn't get removed from the MVS storage due to  there being a reference to it for the JVS.

I may be missing something about how OSIS works but wouldn't this be problematic ? 

JesusWept3
Level 6
Partner Accredited Certified
You are absolutely correct, however let's say you journal a 50mb item and the vault stores are separate, you are then storing 100mb unnecessarily and the storage expiry comes along and deletes the mail item and you're now back down to 50mb which you would have had with sharing enabled I. The first places It's grossly over simplified but it's correct, the storage is going to exist whether it's unified or merged Plus you do have the advantage of mailbox archiving being quicker because items being archived, those attachments will already be sis'd by journaling so it will be able to do more items than a regular cold run
https://www.linkedin.com/in/alex-allen-turl-07370146

Bruce_Cranksh1
Level 6
Partner Accredited

Lol, that's an obvious  and relevant point.

I missed that one :)

The only time I can think of where my concern may be relevant is where the customer has  a specific storage device  for the MVS and expects to see a reduction in that storage` device . But to be honest all my customers use more or less the same storage for Mail ,Journal ,SP or File .And when they run Storage expiry they just want too see any space reclaimed

 

Thanks for the response.

Trafford
Level 4
Partner Accredited

Interesting discussion,

I now understand the issues more clearly, and it is good to know that my decision to go with a Journal and separate Mailbox VS in a common VSG seems to have been the correct one.

And Hi to Bruce, thanks for your input yesterday - from Johnny

anon1m0us1
Level 6

Last question...I promise:)

 

When creating a new vault store, does this mean a new partition? If yes, can this coexist in the exisiting partition or should this be on a new LUN (we use Netapp).

 

JesusWept3
Level 6
Partner Accredited Certified
So a new vault store partition does mean a new set of folders and partition drive It can go to the same Storage device (like a SAN/NAS etc) but it has to be a separate unique folder So you can have like \\yourNASServer\EnterpriseVault\Mailbox Store\Ptn1 \\yourNASServer\EnterpriseVault\Journal Store\Ptn1 Or something like E:\EnterpriseVault\Mailbox Store\Ptn1 E:\EnterpriseVault\Journal Store\Ptn1
https://www.linkedin.com/in/alex-allen-turl-07370146