Multi-Mailbox
Search is the functionality introduced in the Exchange Server 2010.
Until the release of Exchange Server 2010, there was no user friendly
tool to access mailboxes data. Since companies have to meet the legal
and privacy issues, administrators always have to face some kind of
problem to access mailbox contents.
By
using Multi-Mailbox search feature with RABC, we can allow any users in
our organization to do legal search on user’s mailboxes. As we know, Exchange Search generates content indexes, and this index is used by the Multi-Mailbox Search.
Only
members of the Discovery Management RABC role group can perform
searches. This role groups consists of two management roles:-
· Mailbox Search role; used to do discovery search, and
· Legal Hold role; used for placing legal hold on mailboxes
By default, Discovery Management RABC role group does not have any members.
In this exercise, we assume that we have one Mail Enabled Security group called, Confidential Group and want one of our user, Mike to perform legal search. To do so, we have to add Mike user into our Confidential Group by running the below Cmdlet:-
C:\New-ManagementRoleAssignment –Name “Mike” –Role DiscoveryManagement –User ‘Confidential Group’
We can’t use EMC to add users to the DiscoveryManagement role group
Once user is added to the group, now Mike user can perform legal search through his Exchange Control Panel (ECP). To do so, Mike will open the https://<cas-server>/ECP address and will click on My Organization from the dropdown list.
When
performing discovery search, you have to specify a discovery mailbox
where search result will be saved. By default, Exchange Server 2010
creates one discovery mailbox with display name as Discovery Search Mailbox with mailbox storage quota of 50 GB. We can also change this limit depending upon our requirements. We can also create additional discovery mailboxes but by default, they do not have any mailbox access permissions assigned.
Below
cmdlet will add the user Mike to the Discovery Management role group.
Once the user is added to this group, user Mike can perform
Multi-Mailbox search operation:-
Add-RoleGroupMember -Identity "Discovery Management" -Member Mike
To remove any member from the Discovery Management role group:-
Remove-RoleGroupMember -Identity "Discovery Management" -Member Mike
We can’t use EMC to add users to the Discovery Management role group.
Once above cmdlet is run, log in to the Mike user account by entering below URL:-
You can perform multi-mailbox search operation by clicking New under Options > Manage My Organization > discovery.
You can specify which mailboxes you want to search using the ECP or you can select Search all mailboxes option. If you are using the New-MailboxSearch cmdlet to create a discovery search without specifying any parameter, all Exchange 2010 mailboxes are searched by default.
Discovery
search works only if there are less than 25000 mailboxes in your
organization. You will receive below error message when search exceeds
25000 mailboxes:-
The search exceeded the maximum number of mailboxes that can be searched at a time. Please try searching less than 25,000 mailboxes.
We can also limit the number
of discovery searches to meet our organization requirements by creating
the below registry entry on Exchange 2010 Mailbox servers:-
- Path: HKLM\SOFTWARE\Microsoft\ExchangeServer\v14\Discovery
- Name: MaxNumberOfMailboxes
- Type: DWORD
- Value: Maximum number of mailboxes to search in a single discovery search.
Note: - Discovery search is resource intensive (memory and network bandwidth), therefore carefully limit the search numbers.
No comments:
Post a Comment