Email Continuity Administrator Guide For Microsoft Exchange® Environments Licensed Customer Confidential
Licensed Customer Confidential Legal Notices Copyright© 1998-2009 Dell MessageOne, Inc. All Rights Reserved. Information in this document is subject to change without notice. All names of companies, organizations, persons, or other entities, and all sample data used in content and examples is fictitious and not meant to represent any real company, organization, person, or actual data.
Licensed Customer Confidential ii Email Continuity Administrator Guide version 6.5 (1st ed.
Licensed Customer Confidential Table of Contents Task Reference ......................................................................................................................... vii About This Book ........................................................................................................................ xi Intended Audience.......................................................................................................................... xi Viewing the Document..................
Licensed Customer Confidential Outlook® Extension Requirements................................................................................................ 33 Outlook Extension Limitations.................................................................................................34 Planning RedirectorSink/RedirectorController Placement ............................................................. 35 RedirectorSink Placement............................................................................
Licensed Customer Confidential Assigning Super Administrator Privileges .............................................................................115 Assigning Email Continuity Administrator Privileges .............................................................118 Assigning Help Desk Privileges ............................................................................................119 Reviewing Login Status............................................................................................
Licensed Customer Confidential vi Email Continuity Administrator Guide version 6.5 (1st ed.
Licensed Customer Confidential Task Reference To grant service account permissions for Exchange 5.5:.......................................................................... 23 To grant Exchange administrator permissions for Exchange 2000/2003: ................................................. 24 To grant Send As and Receive As permissions: .......................................................................................
Licensed Customer Confidential To create a password import CSV file: .................................................................................................... To import passwords by CSV file: ........................................................................................................... To change status flags for users: ............................................................................................................ To edit a user’s contact information:....................
Licensed Customer Confidential To activate Email Continuity: ................................................................................................................... To initiate recovery: ................................................................................................................................. To recover email from an activation or from a recovery archive:............................................................. To complete recovery from an activation:.................
Licensed Customer Confidential x Email Continuity Administrator Guide version 6.5 (1st ed.
Licensed Customer Confidential Intended Audience About This Book Intended Audience This book describes actions reserved for those with administrative privileges. Its content assumes that you are an administrator for the product and have a strong general knowledge of system and network administration. Depending on how the product is configured for your organization, some features described in the documentation may not be available to you.
Conventions Licensed Customer Confidential Conventions The documentation uses certain typographical conventions to make references to product elements easier to recognize and understand. These are described in the following table. Table A-1 Typographical Conventions Display Format Definition Examples blue, underscore A hyperlink to either another location within the document or to a web site. For more information, see "Viewing the Document" on page xi.
Licensed Customer Confidential Product Documentation Product Documentation The following documentation is available for Email Continuity: • Email Continuity Administrator Guide This book is a comprehensive document for installing, configuring, and administering Email Continuity. • Email Continuity Online Help This material explains to users how to configure and update their user profiles, and use the webmail interface to read and send email.
Product Documentation xiv Licensed Customer Confidential Email Continuity Administrator Guide version 6.5 (1st ed.
Licensed Customer Confidential 1 About Email Continuity About the Service About Email Continuity Email Continuity is an alternative email service that takes the place of your primary email system during an outage. When the service is activated, users can access their email through an easy-to-use web-mail interface. If the Outlook® Extension has been installed on end-user’s desktops, they can continue to access their email using Outlook® in cached mode.
About Email Continuity Table 1-1 Components Component 2 Licensed Customer Confidential Description Location RedirectorController™ (also called the ESS Controller) Software that communicates to the data center and provides updates to the RedirectorSinks and RedirectorAgents. Installed in customer’s environment. RedirectorManager™ A centralized console to install, upgrade and maintain RedirectorSinks on standalone Exchange servers. Installed in customer’s environment.
Licensed Customer Confidential About Email Continuity Data transfer between your organization’s email system and the Data Center is shown in Figure 1-1. ESS Server Figure 1-1 Email Continuity Data Transfer Once the necessary components have been installed, use of the service is simple. Prior to an activation of the service, the SyncManager sends directory information to the data center. During an activation, users can send and receive their email online through the webmail interface.
About Windows Authentication Licensed Customer Confidential during the activation period into the primary mail system. Email Continuity is always in one of three states: READY, ACTIVE, or RECOVERY. These are shown in Figure 1-2. Figure 1-2 Email Continuity States To change the text that appears to users on the web-mail Home Page in each of the three states, see "Customizing the Home Page" on page 150.
Licensed Customer Confidential About Wireless Continuity for BlackBerry If the Windows subsystem cannot determine if the login credentials are valid or invalid, the validation request is passed to a different Authentication Manager. The request is discarded if none of the Windows Subsystems can determine if the credentials are valid or invalid, or if two minutes elapse, whichever comes first.
About Wireless Continuity for BlackBerry Licensed Customer Confidential network connectivity to communicate with the BlackBerry handheld device. The Redirector Controller and BES must be online when an agent is first authenticated. MessageLabs Agent MessageLabs Email Continuity MessageLabs API Figure 1-3 NOTE Wireless Continuity for BlackBerry Process BES-Independent Wireless Continuity for BlackBerry The ESS version 6.
Licensed Customer Confidential About the Outlook Extension • Viewing messages no larger than 64 KB in size (due to restrictions in the device software). If you receive larger messages, or messages that have attachments, Wireless Continuity for BlackBerry adds information to the end of the message stating that the entire message and/or attachment can be accessed by logging in to your Email Continuity web-mail account.
About the Outlook Extension NOTE Licensed Customer Confidential Proxy Servers If your organization uses proxy servers, the Outlook Extension provides basic proxy authentication. The Outlook Extension provides a dialog box for a user to enter proxy server credentials (user name and password) to gain access to their email during an activation of Email Continuity.
Licensed Customer Confidential Table 1-2 About Historical Mail and Email Archive Outlook Extension/Email Continuity Webmail Feature Comparison Web-mail Outlook Extension Reminders window — 3 Send appointments — 3 Receive appointments 3 3 Access to free/busy information — — Client-side rules (filters) — 3 Server-side rules and Out-of-Office — — Delegate access (view others’ mailboxes) — — Delivery options — — Support of HTML mail 3 3 Outlook Functionality For more information
About AlertFind Integration Table 1-3 Licensed Customer Confidential VaultBox Components Component Description Store Driver A plug-in for Microsoft's SMTP Service that takes messages received by SMTP, compresses them, and writes them to the Compression Directory on the VaultBox. Compression Directory Storage location for all message that are pending transfer to the data center. Transfer Service Transfers the mail in the compression directory to the data center through SFTP (SSH) on port 22.
Licensed Customer Confidential Interaction of Components you’ve selected to the AlertFind application. AlertFind Integration allows you to update your directory data as often as once per day, instead of the once per week or once per month roster update schedule provided with non-integrated AlertFind.
Interaction of Components NOTE Licensed Customer Confidential For Exchange 2007 Only To support the partial activation feature of Email Continuity, the system uses a custom transport agent (RedirectorAgent) installed on each Hub Transport server, instead of the RedirectorSinks used with Exchange 2000/2003. For more information, see "Installing the RedirectorAgent" on page 60. Figure 1-6 12 Communications Protocols and Port Numbers, Exchange 2007 Email Continuity Administrator Guide version 6.
Licensed Customer Confidential 2 Communications Requirements Preinstallation Before you install service software, make sure that your servers meet the installation requirements and that you have all the tools and information described in this chapter. Communications Requirements This section outlines the networking, firewall, proxy, and email gateway requirements.
Communications Requirements 3 Licensed Customer Confidential For end users accessing the web-mail interface, supported browsers are Internet Explorer (v6 or 7) or Firefox. Firewall Requirements Most organizations’ networks include a firewall that restricts both outbound and inbound traffic based on specific rules. Make any necessary adjustments to your firewall’s configuration to ensure that it allows outbound traffic for the ESS server to the location-specific IP addresses on port 443.
Licensed Customer Confidential Communications Requirements Be sure that you provide the hostname or IP address of your mailhost(s) to Support so that the data center can be configured to send email directly to your organization. 1. Configure MessageLabs to send mail to Email Continuity when the primary mailhost is down by listing the Email Continuity MTA as a backup mail record within the MessageLabs configuration. 2.
Communications Requirements Licensed Customer Confidential Mail Routing—Outbound During Activation When Email Continuity is active, by default it uses the MX records of mail recipients to deliver outgoing mail.
Licensed Customer Confidential Hardware Requirements • Exchange routing groups • Connections between locations, including bandwidth and latency • Number of users at each location • Number of and which users at each location will enable the Historical Mail feature • Location of internet access points Smaller organizations may have only one preferred routing topology; large organizations may have one or more per data center.
Software Requirements Licensed Customer Confidential The recommended minimum hardware requirements for any machine designated as a VaultBox system are: Table 2-2 Minimum Hardware Requirements, VaultBox Component Minimum Requirement Processor 2.4 GHz Pentium 4-type Memory 1 GB RAM Disk Space RAID 1, with adequate storage for seven times the estimated mail volume for Historical Mail users.
Licensed Customer Confidential 2 Software Requirements Service root account username and password—You must use the service root account or a valid super administrator account (created by your organization’s service root account) for authentication of the SyncManager with the data center servers. If you do not have the service root account username and password, contact Support. Supported Operating Systems The ESS server must use one of the operating systems described in Table 2-3.
Software Requirements Licensed Customer Confidential Exchange 2000/2003: If your organization uses active/active hardware clustering, be aware of the following: • Email Continuity is supported for global activations. • Partial activations of Email Continuity are not supported. Server Software Requirements Exchange 5.5 Environments Table 2-5 Software Requirements for Exchange 5.5 Software Notes ESS Server .NET Framework v. 2.
Licensed Customer Confidential Table 2-6 Software Requirements Software Requirements for Exchange 2000/2003 Environments (Continued) Software Exchange System Management Notes For Exchange 2000, Exchange 2000 System Manager, Service Pack 3 or later For Exchange 2003, Exchange 2003 System Manager Microsoft Internet Information Server (IIS) and simple mail transfer protocol (SMTP) For the RedirectorManager to function properly, you must install, but can then disable, IIS services, including SMTP.
Software Requirements Table 2-7 Licensed Customer Confidential Software Requirements for Exchange 2007 Environments (Continued) Software Notes Microsoft Internet Information Server (IIS) and simple mail transfer protocol (SMTP) For the RedirectorManager to function properly, you must install, but can then disable, IIS services, including SMTP. Microsoft SQL Server 2005 Express To use Historical Mail, you must have SQL Server 2005 Express.
Licensed Customer Confidential Table 2-8 Software Requirements Software Requirements for Coexistence Environments (2000/2003/2007) (Continued) Software Notes Microsoft Data Access Components (MDAC) 2.7 or later If not already installed, the service software installation package includes this application. After its installation, you must reboot the computer before you can proceed with the service software installation.
Software Requirements Licensed Customer Confidential 3 Select the Permissions tab. Then, to select the account for use by the Email Continuity service, click Add. 4 From the Roles drop-down list, select Service Account Admin. Click OK. 5 Repeat for each of the Site and Configuration containers.
Licensed Customer Confidential Software Requirements To grant Send As and Receive As permissions: 1 NOTE In the Exchange System Manager, expand the left tree until all expanded storage groups display. For each mailbox store, go to Properties and select the Security tab. Public Folder Stores You do not need to modify permissions on public folder stores. 2 Click Add. Select the account that ESS will use. Click OK.
Virtualization Licensed Customer Confidential Coexistence Environments Account Requirements Table 2-12 Account Requirements, Coexistence Environments Account Notes ESS Server ESS Service Account A service account, under which all service processes run, must be created for use on the ESS server. This user must be a member of the domain and the local administrator group on the ESS server.
Licensed Customer Confidential • 3 4 Windows Authentication Requirements "Software Requirements" on page 18 When you build each virtual machine (VM), you must use the following configurations: • Under Network Type, choose Bridged Networking. • Under Specify Disk Capacity, check Allocate All Disk Space Now. After your VM is built, adjust its memory allocation to reflect the requirements specified under "Hardware Requirements" on page 17.
Wireless Continuity for BlackBerry Requirements Licensed Customer Confidential Windows Authentication Limitations The following are known limitations for Windows Authentication: • Disabled Active Directory accounts cannot log in. • Windows NT login IDs cannot be used; there is no way to ensure that an NT ID is globally unique. The SMTP address is a unique identifier.
Licensed Customer Confidential Wireless Continuity for BlackBerry Requirements Wireless Continuity for BlackBerry Installation Prerequisites These instructions are based on the following software versions: • Email Continuity version 6.0.3 and higher • BES version 4.1.3 • SQL version MSDE There are several prerequisites you must have in place before accessing the BES database. The list below gives you a quick overview, and the rest of this section explains how to perform these tasks.
Wireless Continuity for BlackBerry Requirements Licensed Customer Confidential Adding the Email Continuity Service Root Account to the Local Administrator Group You must add the service root account (or the valid super administrator account that is running Email Continuity services for your organization) as a local administrator of the BES group. To add the Email Continuity account to the local administrator group of the BES group: 1 Log in using the BES administrator user name and password.
Licensed Customer Confidential Wireless Continuity for BlackBerry Requirements 5 Click OK. The SQL Server Network Utility displays a message informing you that changes are made when saved, but do not take effect until the SQL Server service is stopped and restarted. 6 Click OK to save your changes. 7 To stop the MSSQLServer, right-click its icon in the notification area. This pops up the MSSQL menu. Select MSSQL Server Stop.
Wireless Continuity for BlackBerry Requirements Licensed Customer Confidential To set IT policies: 1 From the BlackBerry Manager main page, click the Global tab. 2 Click the ellipsis (...) in the right side of the IT Policies field. The Global Properties panel appears. 3 In the Global Properties panel, locate IT Policies and select it. The IT Policy Administration panel appears. 4 Double-click IT Policies. The IT Policies panel appears with one default policy. Select this policy.
Licensed Customer Confidential Outlook® Extension Requirements center and the version 6.2 (or later) BlackBerry agent. Organizations using previous versions of the data center or agent software will notice no change to their Wireless Continuity for BlackBerry implementations. • Messages received during an activation cannot be forwarded or replied to after the activation is complete (that is, when EMS has been returned to the READY state).
Outlook® Extension Requirements Licensed Customer Confidential Outlook Extension Limitations Table 2-14 describes known limitations with the Outlook Extension. To compare Outlook Extension features with those of Email Continuity web-mail, see "About the Outlook Extension" on page 7. Table 2-14 Outlook Extension Limitations Limitation Status During an activation, read/delivery receipts do not function typically.
Licensed Customer Confidential Planning RedirectorSink/RedirectorController Placement Planning RedirectorSink/RedirectorController Placement RedirectorSinks are required to use the partial activation feature in Exchange 2000/2003 environments. Installed on Exchange servers, RedirectorSinks are SMTP event sinks that redirect messages in your Exchange environment for active Email Continuity users to the data center. RedirectorSinks receive this routing information from the RedirectorControllers.
Planning RedirectorSink/RedirectorController Placement Licensed Customer Confidential RedirectorController Placement Proper placement of RedirectorController instances (controllers) in your messaging environment is essential for high-availability failover. Much like the domain name service (DNS), the controllers provide routing information to the Exchange servers for active users. Without access to RedirectorControllers, the RedirectorSinks cannot redirect messages for active users.
Licensed Customer Confidential Planning RedirectorSink/RedirectorController Placement As part of your installation, Support helps you install a single RedirectorController in your environment. You can install additional controllers by running setup and choosing the secondary controller option.
Planning RedirectorSink/RedirectorController Placement Figure 2-6 Licensed Customer Confidential RedirectorControllers in WAN Geographic redundancy—If your environment includes multiple servers located in a single data center, this magnifies the risks associated with a single controller failure. Consider placing multiple controllers in a single data center. Figure 2-7 38 Redundant RedirectorControllers Email Continuity Administrator Guide version 6.5 (1st ed.
Licensed Customer Confidential Historical Mail Requirements In the event of an outage where normally functioning Exchange servers are unable to communicate with a controller (or the controller is unable to communicate with the data center), you may need to activate the service for users on these functioning servers in order to communicate with users affected by the outage.
AlertFind Integration Requirements CAUTION Licensed Customer Confidential Required Drive Space Be sure you identify a drive with enough space for seven times the expected volume of daily mail. If you fail to install the Historical Mail software on a drive with enough space, the feature will not work properly. AlertFind Integration Requirements The following are required to support AlertFind Integration: • One-to-one mailbox-to-user correspondence between products.
Licensed Customer Confidential AlertFind Integration Limitations • When users are disabled or deleted from Email Continuity they are also deleted from AlertFind. Any data provided by these end users is also removed. • There is currently no mechanism to automatically use AlertFind to notify users of an activation of Email Continuity. Email Continuity Administrator Guide version 6.5 (1st ed.
AlertFind Integration Limitations 42 Licensed Customer Confidential Email Continuity Administrator Guide version 6.5 (1st ed.
Licensed Customer Confidential 3 Installing Service Software Installation and Configuration Installing Service Software To install the software, you must log in as the service root account (assigned by Support), or as a super administrator account (created by your organization’s service root account). If you do not have the root account login and password information, contact Support. The software uses an InstallShield Wizard. The wizard installs: • .NET v. 2.
Installing Service Software Licensed Customer Confidential d. Reboot the computer if the installation requires it. After the reboot, the installation process automatically restarts. 4 The InstallShield Wizard Welcome window appears. Click Next. 5 In the Application Root Username and Password window, log in with the user name and password of the service root account or a valid super administrator account, then click Next. 6 In the Select Features window, choose the component you want to install. a.
Licensed Customer Confidential Installing Service Software d. To customize your selection of components, click Custom (advanced users only). For custom installations, an additional window displays in which you identify which of the available components you want to install. Click Next. 7 In the Service Credentials dialog box, identify the service account that accesses your primary email environment, and assign the account proper domain permissions.
Installing Service Software 9 Licensed Customer Confidential In the Start Copying Files dialog box, click Next. The Setup Status window displays installation progress. 10 Provide RedirectorController registration information. 46 Email Continuity Administrator Guide version 6.5 (1st ed.
Licensed Customer Confidential Installing Service Software To configure the RedirectorController, the software must register the component so that it can communicate with the Exchange server or servers by name for transmission of RedirectorSink objects. To register the RedirectorController: a. Provide the Fully Qualified Domain Name for the RedirectorController. NOTE Fully Qualified Domain Name The Fully Qualified Domain name does not need to resolve externally. b.
Installing Service Software NOTE Licensed Customer Confidential Terminal Services and Controller Registration If you are installing using terminal services, after you click Next in the Controller Registration Information window, the process may appear to stall. If a processing icon (such as an hour-glass icon) continues to display for more than a minute or two, click once on the desktop and then click the window again. The process should continue without further delay.
Licensed Customer Confidential Configuring the SyncManager 13 At this point, the installer might ask you to reboot the system. If the Configure SyncManager Wizard does not appear immediately after rebooting, you can launch it manually, as described on page 50. Configuring the SyncManager A SyncManager Setup Wizard guides you through the configuration process, in which you describe your email environment and determine how often the service should synchronize data with your email system.
Configuring the SyncManager Licensed Customer Confidential To launch the SyncManager Setup Wizard manually: 1 From the Start menu, select Programs > MessageLabs > SyncManager. 2 The splash screen for the SyncManager displays. A SyncManager dialog box also displays. Click OK. To configure the SyncManager: 1 50 Log in to the SyncManager Setup Wizard. You must use the user name and password for the service root account or a valid super administrator account.
Licensed Customer Confidential 2 Configuring the SyncManager Identify your version of Microsoft Exchange software. a. Select the appropriate email Platform and complete the information in the Settings portion of the window. • If you use Exchange 2000/2003/2007, the wizard automatically detects the Active Directory global catalog or catalogs available for use. From the Server list, select the global catalog server that is physically closest to the machine on which you installed the SyncManager.
Configuring the SyncManager Licensed Customer Confidential • If you use Exchange 5.5, type the name of the appropriate Exchange server in the Directory Server box. If this Exchange server is also a Windows 2000 domain controller server, click Advanced and, for the LDAP Connection information, provide information about the port on which Exchange listens for LDAP transmissions (389 is the default), and click OK. b.
Licensed Customer Confidential 4 Configuring the SyncManager Schedule directory synchronization. The Directory Schedule Information window allows you to determine how often the SyncManager synchronizes (or ‘syncs') directory data with the data center. NOTE Actual Synchronization Start Time When you schedule synchronization processes the actual process runs sometime within the Start Hour you specify.
Configuring the SyncManager 5 Licensed Customer Confidential Set a MAPI profile for contact and calendar syncs. For SyncManager to successfully synchronize data, you must select an appropriate messaging application programming interface (MAPI) profile. The product automatically detects available MAPI profiles. Either: • Select a MAPI Profile from the drop-down list, or • If an appropriate MAPI profile doesn’t exist, the wizard helps you create one. Click Edit. (1) A MAPI Profile dialog box displays.
Licensed Customer Confidential NOTE Configuring the SyncManager Specific Mailbox Required The Microsoft Exchange Server dialog box must reflect a specified mailbox that the configuration process can successfully resolve. To ensure this, click Check Name in the dialog. If the check fails, you may need to provide a fully qualified domain name for the mail server. 6 In the Contacts Schedule Information dialog box, schedule the synchronization of users’ contact data.
Configuring the SyncManager 7 Licensed Customer Confidential In the Calendar Schedule Information dialog box, schedule the synchronization of users’ calendar data. Because this process is more intensive than the directory synchronization process, schedule it for nonpeak-load times and, preferably, weekly frequency. a. Select a Frequency, including Day and Start Hour. Ensure that you indicate whether the start hour is AM or PM. b. Click the Next arrow.
Licensed Customer Confidential Configuring RedirectorManager 10 The SyncManager is ready for use. Click the Next arrow to launch the SyncManager summary screen. If other synchronizations are available to you, you can run them at this time. After you have configured the SyncManager, you should set a deletion threshold percentage so that a fault alert message is sent when the set percentage of users or distribution lists is exceeded. See "Sync Notify Settings" on page 149 for more information.
Configuring RedirectorManager Licensed Customer Confidential RedirectorSinks receive configuration and routing updates from RedirectorControllers and perform the required routing changes within minutes. After configuring the RedirectorManager, the partial activation feature is available in the event of a disruption to your primary mail system that affects a single server or a single location.
Licensed Customer Confidential 4 Installing RedirectorSink on Clustered Exchange Servers Confirm actions. a. Confirm that the action or actions are correct. If so, click Next. This begins the process of copying files, registering the RedirectorSinks with the Exchange environment, setting up registry entries, providing the RedirectorSinks with information about the RedirectorControllers, and stopping and restarting the IIS SMTP service. NOTE Save the Log To save the log, click Save.
Installing the RedirectorAgent Licensed Customer Confidential 4 Fail over the active node to the passive node. 5 Allow a piece of mail to pass through the server and wait about 90 seconds for the event sync to initialize. 6 Verify the RedirectorSink is connected by logging into the web-based Administration console and in the Readiness check section, under Redirector Sinks, click the Details link. 7 Repeat these steps for each additional node in the cluster.
Licensed Customer Confidential Installing the RedirectorAgent To install the RedirectorAgent: 1 Extract the RedirectorAgent.zip files to C:\RedirectorAgent on the Hub Transport Server. 2 Launch Exchange Management Shell. 3 Change directory to the one where the script is installed. 4 Type: .\ManageRedirector.ps1 install “NetBIOS_name,FQDN” where NetBIOS_name and FQDN are the Netbios and FQDN of the server running the Email Security Services software. Do not enter the values for your Exchange server.
Provisioning Wireless Continuity for BlackBerry Licensed Customer Confidential Provisioning Wireless Continuity for BlackBerry When Wireless Continuity for BlackBerry is provisioned in the data center, Support sets the following configuration parameters: • Device checkin interval—The amount of time (in minutes) between each attempt a device makes to contact Email Continuity for messages. Contact attempts occur only when the user’s Email Continuity account is active.
Licensed Customer Confidential NOTE Provisioning Wireless Continuity for BlackBerry SQL Security May Prevent Autodetection If the SyncManager does not detect a database instance automatically, it’s likely that the security settings for SQL are preventing the autodetection feature. In this case, type the name of the instance and database instead of selecting them. 5 Click Add. 6 Repeat the preceding steps for each BES database. 7 After you add all necessary information, click Verify Configuration.
Provisioning Wireless Continuity for BlackBerry Licensed Customer Confidential Distribution Over-the-Air for BES 4.x The procedures provided in this section are for BlackBerry Enterprise Server version 4.1.3. BlackBerry devices must be version 4.1 or later. To perform an over-the-air deployment, you must complete the following tasks: • Download the agent and prepare the shared application directory. • Index the agent. • Prepare the software configuration (including creating application policies).
Licensed Customer Confidential Provisioning Wireless Continuity for BlackBerry 11 Open a DOS prompt and navigate to this location: C:\Program Files\Common Files\Research in Motion\AppLoader Run the following command: loader /reindex This creates two new files in the MessageOne folder you created earlier. To configure the agent: 1 From the BlackBerry agent main page, select the Software Configurations tab. 2 In the Tasks section of the page, click Add New Configuration.
Provisioning Wireless Continuity for BlackBerry • Licensed Customer Confidential Click Apply. 12 Click OK. This returns you to the Application Control Policies panel. You should see Global Push and Global Remove in this list. Click OK. You return to the Device Software Configuration panel. 13 Verify that Email Continuity Agent is present, that the version number is correct, that delivery is set to Wireless, and that policy is set to Global Push. If everything is in order, click OK.
Licensed Customer Confidential Provisioning Wireless Continuity for BlackBerry To remove the Blackberry agent for one user: 1 From the Blackberry Manager main page, select the All Users tab. 2 Right-click the name of the user for whom you want to disable the Blackberry agent. Select Assign Software Configuration. Change this to None. 3 The application poll interval runs at the next BES check-in window. This can be up to four hours, depending on your configuration.
Provisioning Wireless Continuity for BlackBerry 2 Licensed Customer Confidential Set sharing and permissions for the folder you created. a. Right-click the folder you just created and select Properties. b. In the Properties dialog box, click the Sharing tab and check (enable) Share this folder. c. Click the Permissions button. d. Click the Add button and enter the information for the BES Admin service account. e. Grant the BES Admin service account Full control over this directory.
Licensed Customer Confidential 8 Provisioning Wireless Continuity for BlackBerry Scroll to the bottom of the page and click the Save All link. To update your IT policies: Perform the following updates to all of your existing BES IT policies so that users are not prompted to either configure or confirm their local device firewall settings. If you do not set the following, users will be prompted to configure their own devices.
Provisioning Wireless Continuity for BlackBerry Licensed Customer Confidential To create and populate application policies: 1 From the BAS navigation menu, under the BlackBerry solution management section, click Software > Applications > Manage default application control policies. The Manage default application control policies page appears. 2 Click the Standard Required application control policy, or the policy in use your BlackBerry client application.
Licensed Customer Confidential Provisioning Wireless Continuity for BlackBerry To create a BlackBerry client user group: 1 From the BAS navigation menu, under the BlackBerry solution management section, click Group > Create a group. The Create a group page appears. 2 Enter a Name for the group, then click Save. The new group is listed on the Create a group page. 3 Click the name of the group. The Manage groups page appears. 4 Scroll to the bottom of the page and click Add users to group membership.
Installing the Outlook® Extension Licensed Customer Confidential 3 Click Send Installation Instructions. The Edit Message page appears. 4 Edit the default message as necessary. Note that any message you use must include the variable %__rimAgentUrl%. When the message is distributed to users, the variable inserts the URL from which the client software can be downloaded. When you have finished editing the message, click Next. The Select Recipients page appears.
Licensed Customer Confidential Installing the Outlook® Extension • You must use the setup.exe for manual installation, and installations when users are logged in to Outlook. Use the MSI for automated installation (such as with GPO or SMS), when users are not logged in to Outlook. • Select one method of installation (GPO, SMS, or manual), then use it consistently. Do not combine methods of install/uninstall. For example, if a user installs the Outlook Extension through setup.
Installing the Outlook® Extension Table 3-1 Licensed Customer Confidential Outlook Extension Registry Keys Location Key HKEY_LOCAL_MACHINE\Software\MessageOne\EMS\Install Working Directory “[INSTALLDIR]” HKEY_LOCAL_MACHINE\Software\MessageOne\EMS\ LogSettings • FlushUpdate • SeverityLevel • LogFilePath • FlushAll • TruncateAfter HKEY_LOCAL_MACHINE\Software\MessageOne\EMS\ WebRequests • HostName • MsgFileSizeKB • EMailDir • authToken • Username HKEY_LOCAL_MACHINE\Software\MessageOne\EMS\ Timers •
Licensed Customer Confidential Installing the Outlook® Extension Enabling User Authentication Through the Command Line You can use the command line tool PrepareOutlookAuth to authenticate (register) users automatically. This allows authenticated (registered) users to use Extension features without providing a password. The tool is installed with the SyncManager on the primary controller. You must complete a directory sync before running this tool.
Installing the Outlook® Extension Licensed Customer Confidential To authenticate users through the command line (prior to Outlook Extension deployment): 1 Open a command-line prompt on the server on which SyncManager is installed. 2 Go to the following directory: C:\Program Files\MessageLabs\ESS. 3 Enter either: • -prepareoutlookauth.exe -user “mailboxdn” • -prepareoutlookauth.exe -all 4 Wait for the new mailbox properties to take effect, approximately an hour.
Licensed Customer Confidential 7 Installing the Outlook® Extension Launch Outlook®. The Outlook Extension toolbar displays and the Tools > Options screen includes a tab for MessageLabs Email Continuity. To remove the Outlook Extension manually: 1 Exit Outlook, if the application is open. 2 Select Start > Control Panel > Add or Remove Programs. 3 In the Currently installed programs: field, scroll to Email Continuity Outlook Extension, and click it. 4 Click Remove.
Installing the Outlook® Extension Licensed Customer Confidential 7 In the Deploy Software dialog, select Assigned, then click OK. 8 Link the GPO to the Organizational Unit (OU) that contains the target computers. a. Right-click the OU and select Link an Existing GPO. b. In the Group Policy objects: field, click the GPO. c. Click OK. To upgrade the Outlook Extension using Group Policy: Add the new Outlook Extension MSI to the existing policy. 1 Open the package in the GPO editor.
Licensed Customer Confidential Installing the Outlook® Extension Installation Using Systems Management Software (SMS) The Outlook Extension MSI can be distributed by SMS; this method was tested, and is supported, using SMS2003 SP2 and the following process. NOTE SMS Administration Experience Required These instructions presume familiarity with creating and distributing software using SMS.
Installing the Outlook® Extension Licensed Customer Confidential g. Click Edit Query Statement. The Query Statement Properties screen appears. h. Click the Criteria tab. i. Click the New Criteria icon. j. In the Criterion type field, select Simple value. k. Click Select. (1) In the Select Attribute window, set the Attribute class to Add/ Remove Programs. (2) Set the Alias field to . (3) Set the Attribute field to Version. (4) Click OK. l.
Licensed Customer Confidential Installing the Outlook® Extension c. In the Program drop-down list, select Per-system uninstall. d. Click Apply, then OK. 8 Use the Distribute Software Wizard to advertise the package. a. In the Programs: field, select Per-system unattended. b. In the Advertisement Target screen, click the Advertise this program to an existing collection: button. c. Click Browse, and select the Collection you defined above. Click OK. d.
Installing the Outlook® Extension Licensed Customer Confidential Troubleshooting Installation of the Outlook Extension If the Extension toolbar does not appear in the Outlook application: 1 Exit Outlook and restart it. 2 Verify the Extension-related files are present; C:Program Files\MessageLabs\Outlook Extension and the registry keys listed in Table 3-1 on page 74. If the files are not present, the install did not finish correctly. Uninstall, using the same method you used to install, and try again.
Licensed Customer Confidential 4 Installing Historical Mail/Email Archive Right-click the Outlook toolbar area. Verify the Extension appears, checked, in the list of applications. a. In the toolbar menu, select Help > About Microsoft Office Outlook > Disabled Items. b. If the Extension is there, select it, and click Enable. Installing Historical Mail/Email Archive Before you can install the Historical Mail/Email Archive software you need to prepare all the computers that will become VaultBox systems.
Installing Historical Mail/Email Archive 84 Licensed Customer Confidential 3 The InstallShield Wizard launches and guides you through the installation process. 4 In the Root Username and Password window, enter the user name and password for the service root account or a valid super administrator account. If you don’t have this information, contact Support. 5 Click Next. 6 The Available Components window tells you which components are available to install. Click Next.
Licensed Customer Confidential Installing Historical Mail/Email Archive 10 In the ESS ActiveMailbox Vault Box window, enter the address for the specific VaultBox system. 11 In the ESS ActiveMailbox Service Credentials window, enter the requested domain, username, and password for the account. Click OK. Email Continuity Administrator Guide version 6.5 (1st ed.
Configuring VaultBoxes Licensed Customer Confidential 12 In the Choose Destination Location windows, separate screens prompt for destinations for the ActiveMailbox files and the directory for mail storage prior to transfer (compression directory). Whenever possible, accept the default location and respond Yes when prompted to create the directory. 13 Click Next. The Start Copying Files window lists the components to install. 14 Click Next. The Setup Status window displays installation progress.
Licensed Customer Confidential Configuring VaultBoxes From the VaultBox Console you can: • View Transfer Service Status fields. The Transfer Service Status fields display the following parameters: • Queue—The number of messages to be transferred to the data center • Rate—The transfer speed, in messages/second and KB/second • Free Space—The amount of space remaining on the VaultBox To change data transfer settings: 1 In the VaultBox pane, click Configuration.
Configuring VaultBoxes Licensed Customer Confidential 5 The Free Space Margin pane configures the VaultBox to send a warning message to the server when free space on the VaultBox machine falls below the set margin. In the Minimum available space field, set the threshold below which the storage management task should send a warning. 6 Click OK. Monitoring VaultBoxes Typically, you monitor VaultBox status through the VaultBox Console and Administration Console.
Licensed Customer Confidential Table 3-3 Configuring VaultBoxes VaultBox Monitoring Data Type Free space on each designated VaultBox system Description Alert When Ensure that adequate free space remains on both the C drive of the VaultBox system (where IIS puts intermediate files), the drive location of the VaultBox cache directory, and the Compression Directory. Data drive is 10% full Troubleshooting Suggestions 1 Clean up disk space outside of [Data Drive}:\activemailbox\compressiondir *.
Configuring VaultBoxes Table 3-3 Licensed Customer Confidential VaultBox Monitoring Data Type Timestamp of files in a directory Description [Data Drive}:\activemailbox\ compressiondir*.* Alert When Troubleshooting Suggestions Oldest file is older than 60 minutes 1 Verify the Vaultbox can connect to the data center, as follows: • telnet [hostname]22 • If you do not get an OpenSSH response, the port is likely blocked; check the firewall.
Licensed Customer Confidential Table 3-3 Configuring VaultBoxes VaultBox Monitoring Data Type Services Description If you are using a separate monitoring tool, include the following services for your VaultBox system: Alert When Selective Replication Transfer Service stops • SMTPSVC, which displays as Simple Mail Transfer Protocol (SMTP) Troubleshooting Suggestions 1 Restart transfer service 2 Examine general system logs for other service failures or system errors 3 If service fails to restart, or fa
Configuring VaultBoxes 92 Licensed Customer Confidential Email Continuity Administrator Guide version 6.5 (1st ed.
Licensed Customer Confidential 4 Logging Into the Administration Console Administration This chapter covers the following topics: • "Logging Into the Administration Console" on page 93 • "Administration Console Home" on page 94 • "Historical Mail Administration" on page 99 • "User Administration" on page 106 • "Enabling BlackBerry Forwarding" on page 127 • "Wireless Continuity for BlackBerry Administration" on page 129 • "Outlook® Extension Administration" on page 132 • "Mailboxes and Alia
Administration Console Home CAUTION Licensed Customer Confidential Protect the Service Root Account The Administration Console keeps detailed log entries that record the usernames of individuals who initiate critical activities. For this reason, Support strongly recommends that you use the Administration Console to grant Super Administrator privileges and Email Continuity Administrator privileges to appropriate accounts rather than sharing the service root account.
Licensed Customer Confidential Administration Console Home The left column of the Administration Console contains a navigation menu, from which you access all the administrative features of the service. The buttons in the navigation menu vary according to which products and features your organization has selected and according to the level of access your user account is granted. Some features described in this manual may not appear.
Administration Console Home Licensed Customer Confidential Readiness Checks TIP Readiness Check Information Display If all entries in the readiness checklist are positive, the list automatically collapses. However, if any element requires attention, it automatically expands. Click Show to expand the list or Hide to collapse the list. Email Security Services readiness tests monitor the system at all times.
Licensed Customer Confidential Table 4-2 Administration Console Home Readiness Checks Readiness Check Descriptions Authentication Manager (per server) (for Windows Authentication only) Reports the last time a particular Authentication Manager connected to the data center. If an Authentication Manager is unable to connect to the data center, verify that the Authentication Manager service is running on the specified computer and that it can access the data center over port 443.
Administration Console Home Licensed Customer Confidential Authentication Manager Status The Authentication Manager allows end users to log in to the Email Continuity portal using their Windows username and password. To access the Authentication Manager status screen click the Details link in the Email Security Services Authentication Manager readiness check entry.
Licensed Customer Confidential Table 4-4 Historical Mail Administration Redirector Status Icons (Continued) Icon Definition Component not installed Status reporting disabled The server has users who are active on Email Continuity The server has no users active on Email Continuity Historical Mail Administration The Historical Mail feature of Email Continuity allows users to access stored email during an activation of Email Continuity using a searchable web-based interface.
Historical Mail Administration Licensed Customer Confidential membership-based policy applies. The new retention period is 20 days. On the first day that the user is a member of the Assistant Group, mail collected during days 21-50 is eligible for purging. Example 2: A user is a member of the Marketing Group retention policy, whihc has a 30 day retention period. The last 30 days of mail is routinely retained. One day, the user leaves the company and his mailbox is disabled, hidden, or deleted.
Licensed Customer Confidential • Historical Mail Administration Set the default retention duration to at least 30 days. Make sure your retention policy is sufficient to achieve all organization objectives. Older messages can always be purged when necessary, but they cannot be reconstructed after purging if they are suddenly needed later. • Avoid using membership-based policies, where possible.
Historical Mail Administration Licensed Customer Confidential Then the system marks the message as eligible to be purged, or allows it to remain in the archive. WARNING Highest Priority Policy Takes Precedence over Duration Period A policy’s priority determines whether a message should be retained or purged.
Licensed Customer Confidential NOTE Historical Mail Administration Lists are Dynamically Updated You don’t have to manually add users to a list, or delete users when membership changes. The list is updated whenever the SyncManager runs, and whenever you change the policy.
Historical Mail Administration Licensed Customer Confidential be the same user), mail stored with the first instance becomes associated with the second instance. For more information about resolving user ID conflicts, see "Resolving User ID Conflicts Automatically" on page 148 and "Resolving User ID Conflicts Manually" on page 125. Storage Reports The service reports on the amount of data stored in the archive under retention policies.
Licensed Customer Confidential Historical Mail Administration Replication Zones Replication Zones allow you to associate specific Exchange servers with a preferred series of VaultBoxes within your environment. For smaller environments, there may only be a single Replication Zone and all Exchange servers are members of this zone. Administrators of larger environments can create multiple zones to segment and load balance replication traffic to specific VaultBoxes.
User Administration Licensed Customer Confidential User Administration Email Continuity users are created by importing existing company information into the system (most commonly with SyncManager) or by manually creating Email Continuity mailboxes. This section describes the functions available to Administrators using the Administrator Console for users that have already been added to the system through one of these methods.
Licensed Customer Confidential 5 User Administration Click Search. Results appear in the section below the search field. • The State column indicates the user’s readiness for activation. • The Action column provides access to the user’s account details and allows you to change the user’s password or update contact information. • To view a user’s account information, click Details.
User Administration Licensed Customer Confidential 3 In the New Password box, type a new password. 4 In the Confirm Password box, retype the new password. 5 Click Submit. Resetting Multiple Passwords By Template If enabled by Support, Email Continuity allows you to change passwords for many users at once using a password template based on the users’ first and last names or any custom text you provide.
Licensed Customer Confidential User Administration • If you applied this pattern in July 2009 for user John_Doe@genericorp.com, the resulting new password would be !John_doe_Jul-2009%. • If you applied this pattern in August 2010 for user lilajones@genericorp.com, the resulting new password would be !Lilajones_Aug-2010%. • If you applied this pattern in November 2009 for user samuels.JK@genericorp.com, the resulting new password would be !Samuels.jk_Nov-2009%. b.
User Administration Licensed Customer Confidential 9 Click Next. The Confirm page appears. a. You can click Show Affected Users to view a list of users whose passwords will be reset. b. You can click the Download New Passwords link to download a CSV file containing the email address and new password for each user whose password will be reset. 10 Click OK to reset the passwords for the selected users.
Licensed Customer Confidential 2 User Administration Each additional row must contain the following information for exactly one user: • Primary Email—This address must match the user’s existing email address in the system. You cannot create new users or addresses using this file. If your file contains an unrecognized email address, the validation step will inform you that the user is invalid. • Password—The password to import for the user.
User Administration Licensed Customer Confidential alone. A permanent password is one that the user is not required to change upon logging in. A temporary password must be changed the next time the user logs in. 5 6 • Validate passwords—Check this box to validate the passwords you are uploading against the criteria listed. If this box is checked, all passwords in the file must meet the listed criteria, or the import will fail.
Licensed Customer Confidential User Administration • Users who have been excluded from the system. See "Excluded Users" on page 124. Excluded users do not appear in any welcome or login reports, and cannot be sent messages. Setting the flag excludes the users. Clearing the flag includes (reinstates) the users. • Users who have opted out of providing notification data. Users who have opted out chose not to provide notification data in the Welcome Wizard. They cannot be notified during an activation.
User Administration Licensed Customer Confidential 10 To see a list of all users affected by the change, click Show Affected Users. If the list is incomplete, or you want to make other changes, click Back. If you are satisfied with the list of users, click Submit. Updating a User’s Contact Information NOTE Integration with AlertFind If your Email Continuity application is integrated with AlertFind, changes to user’s notification options must be managed from within AlertFind.
Licensed Customer Confidential • 6 User Administration Repeat until all desired servers, mailing lists, or users display in the Users in the Set listing. To upload a CSV file containing user sets, click the Upload tab, browse to the file location, select the upload file, and click Open. The CSV import file must contain the following: Table 4-7 Example User Set Upload CSV File A B 1 Email Address 2 user1@example.com 3 user2@example.com 4 user3@example.com 5 user4@example.com a.
User Administration Table 4-8 Licensed Customer Confidential Features Limited to Super Administrators or Service Root Account Feature See Also Changing the user attributes imported from Active Directory "Changing User Attributes Imported from Active Directory" on page 143 Changing the Global Address List attributes displayed in the webmail interface "Displaying Global Address List (GAL) Attributes" on page 144 Configuring email routing "Configuring Email Routing" on page 145 Modifying the organiz
Licensed Customer Confidential 4 User Administration In the lower part of the page, search for the user account to which you want to assign the Super Admin role. You can assign this role to any existing Email Continuity account. If you need to create a new account, see "Adding Mailboxes (Users) Manually" on page 133 or contact Support. a. In the Search field, enter the user name or email address. You can use % as a wildcard. b. Click the radio button to indicate a search By Name or By Email Address. c.
User Administration Licensed Customer Confidential Assigning Email Continuity Administrator Privileges Email Continuity Administrators can use all the features of the Administration Console except those explicitly limited to Super Administrators and the service root account. (These exceptions are listed under "Assigning Super Administrator Privileges" on page 115.) Creating Email Continuity administrators helps you track actions taken in the system more accurately.
Licensed Customer Confidential User Administration Assigning Help Desk Privileges Help Desk users are user accounts with a limited set of administrator privileges. Help Desk users can view user information and reset users’ passwords, but they cannot activate Email Continuity or perform any other administrator tasks. NOTE Passwords with Windows Authentication If Windows Authentication is installed, Help Desk Users cannot reset users’ passwords.
User Administration Licensed Customer Confidential Reviewing Login Status The Login Status screen provides quick access to login history. It also provides current activation status, and logon history from past activations. To review login status: 1 From the Administration Console, click User Administration. 2 Click Login Status. The Login Status screen appears. The Login History section shows how many users are in the system.
Licensed Customer Confidential User Administration 3 To see the login status for a user, click Show last login. The Login Report screen appears. 4 To find the most recent login for a particular user: a. In the Search for Users field, type the name or email address (or part of it with the % wildcard). b. Click Search. Results appear in the window below. 5 To export a CSV file of the login report data, click Export to file. 6 To exclude a user from the system, click the Exclude button.
User Administration Licensed Customer Confidential Exporting Users’ Contact Information Data maintained by the service can be exported to a CSV file. If present in the system, export files contain data described in Table 4-9‚ "Exported User Data". Note that the last data column (Custom Data) consists of custom user attributes synchronized from Active Directory, so the entries will be different for each organization.
Licensed Customer Confidential Table 4-9 User Administration Exported User Data (Continued) Category Emergency Contacts Data Full Name 1 Relationship 1 Email Address 1 Phone Number 1 Full Name 2 Relationship 2 Email Address 2 Phone Number 2 Full Name 3 Relationship 3 Email Address 3 Phone Number 3 Custom Data Street Address Comment Company Fax Number Home Phone Number Cell Phone Number Phone Number Title Street Address Zip Code State City Last Name First Name Pager Country/Region Office Department E
User Administration Licensed Customer Confidential To generate a CSV spreadsheet of emergency contact data for all users: 1 From the Administration Console, click User Administration. 2 Click Export. The Export User Information screen appears. 3 Click Export to download a CSV file containing the current data for all users. Excluded Users You can exclude from Email Continuity mailboxes that are not associated with users, such as resource mailboxes.
Licensed Customer Confidential User Administration To remove multiple users from the Excluded list (reinstate them in the system): 1 From the Administration Console, click User Administration. 2 Click Excluded Users. The Excluded Users screen appears. 3 Click Remove Users from the excluded list. Identify users (mailboxes) to exclude. Click the appropriate tab to identify users by Server, Mailing List, or individually by User. a.
User Administration Licensed Customer Confidential here, as that would associate Joe’s retained mail with Jill’s new mail. Instead, you must assign a new primary email address to either Joe or to Jill. To resolve multiple user ID conflicts using CSV upload: If you are doing a planned migration of users, and anticipate many user ID conflicts, you can prepare a spreadsheet identifying the users and upload it to the system.
Licensed Customer Confidential Enabling BlackBerry Forwarding • These addresses belong to different users. The first instance will be deleted, and only mail for the second instance will be retained as of the next directory sync. • These addresses belong to different users. I must create a new primary email address for one of the users. Remove this conflict from the list, but do not create new directory information until the next sync. 3 Click Submit.
Enabling BlackBerry Forwarding Licensed Customer Confidential Configuring a BlackBerry for Use with BlackBerry Forwarding Before you can enable forwarding for a BlackBerry device, you need three pieces of information. • The name of the wireless carrier (for example, Cingular, Verizon, T-Mobile, Nextel, Sprint.) • The PIN number for the BlackBerry device. (For most devices, this is located beneath the battery. If not, consult the manual that came with the device.
Licensed Customer Confidential NOTE Wireless Continuity for BlackBerry Administration No Email Forwarding Section If the Notification Options page of your account does not include an Email Forwarding section, contact Support to make sure Forwarding is enabled. 4 During an activation, you must change Message Services to be able to send email from your BlackBerry. To change message services: a. From the device, select Options > Message Service > Change Option. b.
Wireless Continuity for BlackBerry Administration 4 Licensed Customer Confidential For any version 6.2 or higher agent listed on the BlackBerry Device Information page, you can send diagnostic information directly to Support by clicking the Upload Diags button displayed next to each version agent. This button does not display for version 6.1 and older agents. Table 4-11 Mailbox Information Page Field Description Name The user name. Email Address The mail address associated with the device.
Licensed Customer Confidential Wireless Continuity for BlackBerry Administration • The state of the agent (Running or Stopped). • The state of the device—Initial, if the agent is installed but has not been registered with the data center, then either Ready or Active, when Email Continuity is activated. • Number of sent messages since the last activation. • Number of received messages since the last activation.
Outlook® Extension Administration Licensed Customer Confidential Table 4-13 Advanced Display Menu Options Option Description Close menu Closes the pop-up menu of options and returns you to the agent display screen. Close Closes the agent interface and returns you to the BlackBerry main menu. Viewing Device Advanced Display Information The Advanced Display shows read-only information about the agent and the BlackBerry on which it is running.
Licensed Customer Confidential Mailboxes and Aliases • The user’s login history, including which versions of the extension and Outlook® are installed. • A list of policies that apply to the user. To enable or disable the Extension: 1 To disable an individual user so that the Extension cannot be used, click the Disable button adjacent to the user’s name. 2 To enable or disable Outlook Extension features for all users: a. On the Outlook Client Information screen, click Manage Features. b.
Mailing Lists Licensed Customer Confidential Predefined distribution lists synced from the primary mail system can be used for quick communication with specific groups of users. Creating Aliases To create an alias: 1 From the Administration Console, click Mailboxes and Aliases. The Additional Mailboxes and Aliases screen appears. 2 Click Create Alias. The Create Alias screen appears.
Licensed Customer Confidential Notification Notification The Notification screens in Email Continuity allow you to introduce the service to users through the welcome process, send reminders about the service, send custom messages, and manage fault and transition alerts.
Notification Licensed Customer Confidential The service tracks different categories of users so that you can send the welcome message to users who: • Have not yet been sent a welcome message. • Have been welcomed, but did not respond to the message. A user has responded when he has logged in to the service and either provided notification data or stated he has no alternate means of communication (opted out). • Do not yet have a permanent password for the service.
Licensed Customer Confidential TIP Notification Best Practices for Welcoming Users • Plan to welcome users in stages, rather than welcoming the entire organization at one time. Particularly if your organization has several thousand mailboxes, welcome users in groups of 500 or fewer to minimize impact on your incoming gateway.
Notification Licensed Customer Confidential 8 Click the appropriate tab to identify recipients by User Set, Server, Mailing List, or individually by User. a. If you select the Mailing List or User tab, in the Search box type an email address or name (or part using the % as a wildcard) and search for the results. Then click the listed mailing list or user to select. b. If you select the Server tab, click a server to select it. 9 Click Add.
Licensed Customer Confidential Notification By default, reminders contain a link to the service website, the recipient’s username, and a link to the forgot password feature. (The Reminders message does not contain the temporary password or login URLs. If you need to assign a temporary password, or provide the login URL, send a Welcome Message instead.) You can customize any portion of the reminder message. To send a reminder: 1 In the Administration Console, click Notification. 2 Click Reminders.
Notification Licensed Customer Confidential 9 Click Add. Repeat until all recipients are listed in the right list. 10 Click Next. The Confirm screen appears. 11 To see a list of recipients, click Show Affected Users. Review the message text. 12 Click Send. Managing Fault Alerts The fault alerts list includes users who should receive notifications of problems identified by the system.
Licensed Customer Confidential Notification function to inform appropriate users when there is an activation of Email Continuity for an actual outage or a test. To see reports on state transitions, see "Viewing Audit Reports" on page 142. To add users to the transition alerts list: 1 In the Administration Console, click Notification. 2 Click Transition Alerts. The Transition Notification page displays. 3 In the Search box, type the email address or name of the user. Click Search.
Viewing Audit Reports Licensed Customer Confidential 8 Click the appropriate tab to identify recipients by Server, Mailing List, or individually by User. a. If you select the Mailing List or User tab, in the Search box type an email address or name and search for the results. Then click the listed mailing list or user to select. b. If you select the Server tab, click a server to select it. 9 Click Add. Repeat until all recipients are listed in the right list. 10 Click Next.
Licensed Customer Confidential Modifying System Settings To view an Activation report: 1 From the Administration Console, click Audit Reports. 2 Click Activations. The Activation History report appears. 3 From this screen, you can: • Click the State Transitions arrow for an activation to display the date, time, and responsible party. • Click View logon records during this activation to see active users, and identify who has logged in to the service. (See also "Reviewing Login Status" on page 120.
Modifying System Settings Licensed Customer Confidential Table 4-15 Required Attributes Attribute Name Attribute Display Value displayName Display Name legacyexchangedn Mailbox ID mail Email Address proxyaddresses Other Email Addresses sAMAccountName User Name othermailbox Other Mailbox uid User Id distinguishedname Not displayed in user interface userAccountControl Not displayed in user interface msExchHideFromAddressLists Not displayed in user interface msExchMasterAccountSid Not
Licensed Customer Confidential Modifying System Settings change the attributes that are displayed. There is a limited set of attributes available. You can only remove attributes from this list; you cannot add new attributes (such as custom attributes) to it. To change the attributes displayed in Global Address List: 1 From the Administration Console, click System Settings. 2 Click Address List Display. The Global Address List Display screen appears.
Modifying System Settings Licensed Customer Confidential Routing for Forwarded Mail To configure the path for forwarded mail: 1 From the Administration Console, click System Settings. 2 Click Email Routing. The Email Routing Rules page appears. The Forwarding of Inbound Email to Your Mail System section displays the current forwarding setting. 3 To change the routing: a. Click Edit. b. In the Routing Rules section, enter the host name in the field and click Add.
Licensed Customer Confidential Modifying System Settings 3 In the Disclaimer Text field, type the organization’s disclaimer. 4 Click OK. AlertFind Mapping Using the AlertFind mapping feature, you can: • Choose to identify users by First name, Last name rather than the Active Directory display name, which often contains more information than the person’s name, or is formatted Last name, First name.
Modifying System Settings 4 Licensed Customer Confidential In the Device Synchronization section, identify which data for additional devices you want to import from Active Directory to AlertFind. a. From the Device Type drop-down list, select Phone, Email, SMS, or Fax. b. From the Select Attribute drop-down list, choose the attribute to synchronize. NOTE Use Only Appropriate Attributes for the Device Type The interface allows you to pair any attribute with any device type.
Licensed Customer Confidential Modifying System Settings conflicts manually, or you can configure the system to handle them automatically using various criteria. There are four separate options for resolving user ID conflicts: • Manual resolution. This is the default setting, and requires that all user ID conflicts must be resolved manually by an Administrator. See "Resolving User ID Conflicts Manually" on page 125 for more information. • Primary email address.
Modifying System Settings Licensed Customer Confidential Customizing the Home Page The system allows you to control the information that appears to end users on the Email Security Services home page. You can select which links appear in the Preferences section at the bottom of the home page, or hide the Preferences section entirely. Information about the link settings is provided in Table 4-16.
Licensed Customer Confidential Modifying System Settings 3 In the Preferences Section Settings section, click the check box next to each item you want to display to end users. Depending on which services your organization uses, all items in the list may not apply. 4 Click the Submit button at the bottom of the page. If Email Continuity is enabled for your organization, you can modify the message displayed to users when they log in during each of the Email Continuity states.
Changing Your Account Settings Licensed Customer Confidential Changing Your Account Settings Accessing Your Mailbox When Email Continuity is active, you can access your webmail account directly from the Administration Console. Note that if you’re logged in using the root account, the email account for emsroot is accessed. If you’re logged in as an administrator with a personal Email Continuity account, your personal account is displayed.
Licensed Customer Confidential 5 Testing Email Continuity Click OK. Testing Email Continuity To prepare for Email Continuity testing, determine an appropriate procedure for your organization. A Test Wizard walks you through the standard process. To start a test of Email Continuity: 1 In the Administration Console Current Tests section, click Start Test to launch the test wizard. 2 Identify the mailboxes to include in the test. a.
Testing Email Continuity Licensed Customer Confidential Upon activation, the service sends any requested notification message to the addresses you selected. (See "Managing Transition Alerts" on page 140.) During the test, Email Continuity activates all mailboxes for users you identified, allowing them to log in using the webmail interface. When the test is underway, a Current Tests section displays in the Administration Console.
Licensed Customer Confidential 5 Activating Email Continuity Activation When your primary mail system experiences a disruption of service, you can activate Email Continuity and allow end users to access their email through the webmail interface. If the Outlook® Extension has been deployed, end users can choose to continue to send and receive their email using Outlook. See the online help provided with the extension for more information.
Activating Email Continuity 4 Licensed Customer Confidential To activate your whole environment, select Activate for the Whole Email Environment. To activate for a subset of users, select Activate Email Continuity for a subset of users, and choose the users to activate: a. To select one or more predefined User Sets. (1) Click the User Sets tab. (2) Select a set and click Add. (3) Repeat until all the sets you want appear in the Activate list. b.
Licensed Customer Confidential TIP Activating Email Continuity Inform Users About Webmail Limitations In your notification message, you should inform users that from within the webmail interface, they can: • Send and receive email, attaching up to 12MB of data files to each message. • View calendar information but not edit it. • Use contact information, but not edit or add new contacts.
Activating Email Continuity 158 Licensed Customer Confidential Email Continuity Administrator Guide version 6.5 (1st ed.
Licensed Customer Confidential 6 Starting Recovery from an Activation Recovery The recovery process reintegrates archived messages into your primary email system. Recovery Archives can contain: • Messages sent or received by active users during an activation of Email Continuity. You can use Recovery Manager to bring these messages into your primary email system after the activation has ended. • Messages sent or received during the time leading up to an activation of Email Continuity.
Starting Recovery from an Activation Licensed Customer Confidential c. Repeat until all the users you want to recover appear in the list. d. Click Next. Notify users entering the recovery process that the service is no longer active—they can resume using the primary mail system, and that the email data they sent and received during the activation period will be restored to their primary email. Notification messages are sent upon deactivation of a user’s Email Continuity mailbox.
Licensed Customer Confidential Restoring Mail to Users’ Mailboxes Restoring Mail to Users’ Mailboxes Use the RecoveryManager to restore email that was sent and received during the activation to end users’ mailboxes, or to restore the contents of a recovery archive. If you are recovering from an activation, make sure you have created a recovery archive (during the initial recovery process) before launching the RecoveryManager.
Restoring Mail to Users’ Mailboxes 3 Click Start Recovery. 4 Select a working directory for RecoveryManager to use as a temporary data store during the import process. You can either: 5 162 Licensed Customer Confidential • Use the default directory • Click Browse and locate and select any directory with plenty of space, or • Type the path into the Working Directory field.
Licensed Customer Confidential 6 Restoring Mail to Users’ Mailboxes Select the appropriate archive from the list and click Continue. This downloads metadata about the archive into the working directory. Actual mail data is downloaded for each user later in the process. 7 Configure mail settings. Information displayed here reflects settings from the SyncManager. Any changes made here affect the SyncManager, if it runs on the same server. Typically, these settings are not changed during recovery.
Restoring Mail to Users’ Mailboxes Licensed Customer Confidential c. For Mailbox Access Settings, select a MAPI profile from the dropdown list. d. Typically, during a recovery, directory information is compiled as part of the process. In large environments, this step can be time-consuming. If SyncManager is installed, and if the most recent Directory sync was successful, RecoveryManager can use the cached results from the Directory sync for the recovery process.
Licensed Customer Confidential 9 Restoring Mail to Users’ Mailboxes • User Status—Displays the status of each individual user. The display includes user names per server, user accounts with email data for recovery, and user accounts that cannot be matched to an account on the primary mail system. • Analysis results—Displays how many user accounts can and cannot be matched to an account on the primary mail system. This also provides an option for reanalysis of the archive.
Restoring Mail to Users’ Mailboxes Licensed Customer Confidential appended as well. To do this, select the Use BCC Journaling check box. Figure 6-1 shows the results of recovery with and without the BCC Journaling feature selected.
Licensed Customer Confidential Restoring Mail to Users’ Mailboxes d. Click Change. e. Using the radio buttons, select whether to: f. • Use the same setting as parent items • Do not save a copy of recovered messages, or • Store a copy of all recovered messages to the selected mailbox, and, using the drop-down lists, select the server and mailbox for the recovered mail. Click OK. The RecoveryManager User Selection screen reappears. 10 Select the set of users for recovery from the right column.
Restoring Mail to Users’ Mailboxes TIP Licensed Customer Confidential Viewing User Properties and Overriding User Recovery Destinations To view information about a specific user, click a user’s name and then click Properties. Information that displays includes which server hosts the user’s mailbox and the number and size of messages in the user’s Email Continuity mailbox. The Properties page also allows you to override the destination of the user’s restored email data.
Licensed Customer Confidential Restoring Mail to Users’ Mailboxes 12 Choose how to restore the mail. a. To recover all mail from the activation to a designated folder within users’ mailboxes, click the Recover to alternate folder check box and type a name for the folder in the field.
Restoring Mail to Users’ Mailboxes Licensed Customer Confidential After Recovery is completed, messages will appear in the designated mailbox like this: c. To recover all messages to a single mailbox but place them in a designated folder, complete both the Recover to alternate folder and Recover all messages to single mailbox options.
Licensed Customer Confidential Completing Recovery from an Activation a. Click Prompt to Manually Match a Mailbox to select the correct server and mailbox for each user’s account not automatically matched. If this option is chosen, whenever a mailbox cannot be matched, the following screen appears for you to select a mailbox. b. Click Skip Users to reroute unmatched mailboxes later. 14 Click Start Recovery to begin importing data for selected users.
Completing Recovery from an Activation Licensed Customer Confidential To complete recovery from an activation: 172 1 In the Administration Console Current ESS State panel, click End Recovery, which launches the Recovery Wizard. 2 Using the radio button, select the scope of the recovery. Click Next. 3 On the Confirmation page, click End Recovery. This purges the email archive from the data center and returns all activated mailboxes to the READY state. Email Continuity Administrator Guide version 6.
Licensed Customer Confidential Index Symbols .NET Framework 20 A account requirements coexistence environments 26 Exchange 2000/2003 24 Exchange 2007 25 Exchange 5.
Licensed Customer Confidential H MX Record during activation 155 for replication zones 105 used for forwarding mail 146 used for sending outbound mail during activation 146 hardware clustering (active/active) 20 requirements 17 requirements for Historical Mail 17 help desk users 119 Historical Mail defined 9 configuring VaultBoxes for 86 hardware requirements 17 installing (software) 83 replication zones 105 retention policies 99 routing requirements 16 storage reports 104 home page 150 HTTPS 13 N netwo
Licensed Customer Confidential R readiness checks overview 96 sending fault alerts when failed 140 Recovery defined 1 completing 171 restoring mail to user mailboxes 161 starting (from an activation) 159 Recovery Archives restoring mail from 161 RecoveryManager defined 1 installation 43 See also Recovery RedirectorAgent defined 1 installing 60 RedirectorController defined 2 installation 43 planning placement 36 status screen 98 RedirectorManager defined 2 configuring 57 installation 43 upgrading 59 Redirec
Licensed Customer Confidential deletion during sync, configuring warnings 149 excluding from the service 112, 124 granting administrative privileges to 118 help desk 119 keeping stored mail for when new mailbox is created 49, 125, 148 login status of 120 passwords for 107 restoring mail to after an activation 161 retaining mail for 99 searching information 106 sending reminders to 138 updating contact information 114 uploading sets of 114 welcoming to the service 135 V VaultBox defined 2 communications wi