Typically, email messages
related to business strategy, transactions, product development, or customer
interactions need to be retained, whereas messages such as newsletter subscriptions
or personal email likely do not. In this lesson, you will look at two methods of
managing messaging records and implementing message retention—retention tags
and policies and managed folders—that together make up Message Records
Management (MRM).
1. Using MRM
MRM helps you ensure that your Exchange Server 2010 organization retains the
messages needed to comply with company policy, government regulations, or legal
needs and that content that has no legal or business value is discarded. MRM
accomplishes this by using retention policies or managed folders.
Retention policies use retention tags to apply retention settings. Later in
this lesson, you will see how to create retention tags and link them to a
retention policy. Mailboxes that have a retention policy applied to them are
processed by the Managed Folder Assistant, which runs when scheduled and
provisions retention tags in mailboxes. This utility is also described in detail
later in this lesson.
Managed folders were introduced in Exchange Server 2007 and are also available
in Exchange 2010. You can apply managed content settings to managed folders.
This lesson describes how you create managed folders and link them to a managed
folder mailbox policy. Mailboxes that have managed folder mailbox policies
applied are also processed by the Managed Folder Assistant.
When a message reaches its retention age, the retention action is taken as
specified by the retention tag or the managed content settings in a managed
folder. For example, a message could be moved to the Deleted Items folder, moved
to the Recoverable Items folder, or permanently
deleted. If you use retention tags, you can specify the additional option of
moving the message to the user’s archive mailbox (if it exists). Managed
content settings for managed folders provide the additional option of moving a
message to a managed custom folder.
1.1. Comparing Retention Tags and Managed Folders
You can use managed folders to enforce basic MRM policies on default
folders and on the entire mailbox. If you take this approach, users need to
participate in the process of classifying messages based on their nature and
retention value.
Alternatively, you can use retention tags to apply default retention
settings to default folders, such as the Inbox folder, and apply a default
policy tag (DPT) to the entire mailbox. DPT retention settings are then
applied to untagged items that may reside in folders without a retention
tag, such as custom folders created by the user. Users are not required to
store messages in folders based on the folder’s retention settings.
They can apply any personal tag to custom folders and also explicitly apply
a different tag to individual messages.
2. Configuring Retention Tags and Retention Policies
You can formulate your organization’s MRM policies to specify the
retention period for different classes of email messages by creating and
configuring retention tags and retention policies. Typically you would assign a
retention policy tag (RPT). An RPT is a retention tag applied to default
folders, such as Inbox and Deleted Items. You would apply a DPT to specific
mailboxes to manage the retention of all untagged items. A DPT is a retention
tag that applies to all items in a mailbox that do not already have a retention
tag applied. You can apply only one DPT in a retention policy. Optionally, you
would assign personal tags (or allow users to assign them in Outlook or Outlook
Web App [OWA]). A personal tag is a retention tag available to OWA and Outlook
2010 users for applying retention settings to custom folders and to individual
items such as email messages.
You use retention tags to apply retention settings to folders and individual
items, such as messages, notes, and contacts. These settings specify how long a
message remains in a mailbox and the action to be taken when the message reaches
the specified retention age. Retention tags allow users to tag mailbox folders
and individual items for retention. You can create three types of retention
tags:
DPTs apply retention settings to untagged mailbox items that do not already
have a retention tag applied, either by inheritance from the folder in which
they are located or specified by the user. A retention policy cannot contain
more than one DPT.
RPTs apply retention settings to default folders, such as Inbox, Deleted
Items, and Sent Items. Mailbox items in a default folder that have an RPT
applied inherit the folder’s tag. Users cannot apply a different tag to a
default folder, but they can apply a different tag to the individual items
within a default folder. You cannot include more than one RPT for the same
default folder type in a single retention
policy. For example, if a retention policy has an Inbox tag, you cannot add
another RPT of type Inbox to that retention policy.
You can create RPTs for the following default
folders:
Deleted Items
Drafts
Inbox
Junk E-mail
Outbox
Sent Items
RSS Feeds
Sync Issues
Conversation History
Note:
Exchange Server 2010 does not support RPTs for the Calendar, Contacts,
Journal, Notes, and Tasks default folders.
Personal tags are available to Outlook 2010 and OWA users as part of their
retention policies. Users can apply personal tags to folders they create or to
individual items, even if those items already have a different tag applied. You
see how to create a personal tag later in this lesson.
|
You can select from one of the following actions to specify what retention
action should apply to a mailbox item when it reaches its retention
age:
MoveToArchive
Messages are moved to a folder in the archive mailbox that has
the same name as the source folder in the user’s primary
mailbox. This allows users to more easily find messages in their
archive mailbox.
MoveToDeletedItems
This emulates the behavior experienced by users when they
delete a message. Items in the Deleted Items folder can be moved
back to the Inbox or any other mailbox folder.
DeleteAndAllowRecovery
This emulates the behavior when the Deleted Items folder is
emptied or the user hard-deletes a message. If deleted item
retention is configured for the mailbox database or the user,
messages move to the Recoverable Items folder (or
dumpster).
PermanentlyDelete
This
action permanently purges a message from the mailbox.
MarkAsPastRetentionLimit
This action marks a message as past its retention limit.
Outlook 2010 and Office Outlook 2007 clients use strikethrough
text when displaying messages that are past their retention
limit.
|
2.1. Creating and Configuring Retention Tags
You can use the Exchange Management Shell (EMS) but not the Exchange
Management Console (EMC) to create and modify RPTs, DPTs, and personal tags.
For example, the following command creates an RPT for the default folder
Deleted Items. When the tag is applied to a mailbox, items in the Deleted
Items folder are permanently deleted in 45 days:
New-RetentionPolicyTag "Tag-EXAMPLE-DeletedItems" -Type "DeletedItems" -Comment
"Deleted Items purged in 45 days" -RetentionEnabled $true -AgeLimitForRetention
45 -RetentionAction PermanentlyDelete
Figure 1 shows some of the output from this
command.
Note:
THE MESSAGECLASS PARAMETER AND THE ISPRIMARY
PARAMETER
The New-RetentionPolicyTag cmdlet supports the
MessageClass parameter. However, in Windows Exchange Server 2010, only
the default value of this parameter (*) is supported. The IsPrimary
parameter specifies that the tag should be displayed as the primary
Default Tag in Microsoft Outlook 2010. A tag designated as primary
should be of type All. A retention policy cannot have more than one tag
set as primary.
The following
command creates a DPT. When the tag is applied to a mailbox, items without
an inherited or explicitly applied retention tag are moved to the Deleted
Items folder after 180 days:
New-RetentionPolicyTag "Tag-EXAMPLE-Default" -Type All -Comment "Items
without a retention tag are deleted after 180 days." -RetentionEnabled $true
-AgeLimitForRetention 180 -RetentionAction MoveToDeletedItems
Figure 2 shows some of the output from this
command.
The following command creates a personal tag named
Tag-PersonalArchive. Items to which the tag is
applied are moved to the personal archive after 365 days:
New-RetentionPolicyTag "Tag-PersonalArchive" -Type Personal -Comment "Tagged messages
are moved to the archive after 365 days." -RetentionEnabled $true -AgeLimitForRetention
365 -RetentionAction MoveToArchive
The following command amends the RPT
Tag-EXAMPLE-DeletedItems so that items in the
Deleted Items folder are permanently deleted after 30 days:
Set-RetentionPolicyTag "Tag-EXAMPLE-DeletedItems" -AgeLimitForRetention 30
2.2. Creating a Retention Policy and Applying It to Mailboxes
You can
use retention policies to group one or more retention tags and apply them to
mailboxes. Retention tags can be linked to or unlinked from a retention
policy at any time, and a mailbox cannot have more than one retention
policy.
A retention policy can support one or more RPTs, one DPT of type All, and
any number of personal tags. Note that if you configure a retention policy
with no retention tags linked to it, this may result in mailbox items that
never expire.
You create a retention policy in the EMS by entering a command with the
following syntax:
New-RetentionPolicy -Name <String> [-Confirm [<SwitchParameter>]] [-DomainController
<Fqdn>] [-Organization <OrganizationIdParameter>] [-RetentionPolicyTagLinks
<RetentionPolicyTagIdParameter[]>] [-WhatIf [<SwitchParameter>]]
For example, the following command creates a retention policy called
Accounting that uses the RPT
Tag-EXAMPLE-DeletedItems:
New-RetentionPolicy -Name "Accounting" -RetentionPolicyTagLinks "Tag-EXAMPLE-
DeletedItems"
Figure 3 shows the output from this
command.
You can use a retention policy to group one or more retention tags and
assign them to mailboxes and thus enforce message retention settings. A
mailbox cannot have more than one retention policy assigned to it at any one
time. If you assign a retention policy to an individual mailbox (or to a
mailbox that is in a distribution group) that already has a policy assigned,
the new policy assignment will overwrite the existing policy assignment. You
can use the EMS but not the EMC to assign a retention policy to a mailbox or
a distribution group. For example, the following command assigns the
retention policy Accounting to the Don Hall mailbox:
Set-Mailbox "Don Hall" -RetentionPolicy "Accounting"
Figure 4 shows the
output from this command. Note that you receive a warning that this
operation is not supported on client computers running Microsoft Office
Outlook 2007 or earlier and that you need to confirm that you want the
command to complete.
If you assign a
retention policy to a distribution group, the policy is assigned to all
mailboxes in the group. Any mailbox that previously had a different policy
assigned to it would have its policy assignment overwritten. The following
command assigns the Retention policy Accounting to members of the
distribution group Accountants:
Get-DistributionGroupMember -Identity "Accountants" | Set-Mailbox -RetentionPolicy
"Accounting"
Note:
ADDING USERS TO OR REMOVING THEM FROM A
DISTRIBUTION GROUP
When users are added to or removed from a distribution group, their
mailbox retention policy is not automatically updated. To ensure that a
policy is applied to new distribution group members, you need to rerun
the command that applies the policy. Microsoft recommends that you
schedule commands that allocate retention policies to distribution
groups so that they run automatically at regular intervals.
The command to replace a current retention policy with a new retention
policy is relatively complex when compared to the commands that apply a
retention policy to a mailbox or distribution group. You need to use the
Get-RetentionPolicy cmdlet to obtain details of the
current policy and store these in a variable. You then filter using this
variable to obtain the mailboxes that have the current retention policy
applied to them and apply the new policy to each of these mailboxes. The
following command applies the new retention policy New-Retention-Policy to
all mailboxes that currently have the policy Old-Retention-Policy applied to
them:
$OldPolicy={Get-RetentionPolicy "Old-Retention-Policy"}.distinguishedName | Get-
Mailbox -Filter {RetentionPolicy -eq $OldPolicy} -Resultsize Unlimited | Set-Mailbox
-RetentionPolicy "New-Retention-Policy"
Note:
RETENTION POLICY TAGS AND DEFAULT FOLDERS
RPTs are applied to default folders, such as Inbox, Deleted Items, and
Sent Items, as specified in the retention policy, and users cannot
change the RPTs associated with default folders. However, a user can
apply a personal tag to an item in a default folder. The item could then
have a different retention setting than the folder in which it is
stored. A user can also assign a personal tag to a user-created folder
and a different personal tag to an item in that folder.
2.3. Starting, Stopping, and Scheduling the Managed Folder Assistant
The Managed Folder Assistant is a Mailbox Assistant utility that applies
the message retention settings you configure using retention policies or
managed folder mailbox policies. If a mailbox uses a managed folder mailbox
policy, the Managed Folder Assistant also creates any managed folders
required and applies managed content settings to them. When the Managed
Folder Assistant applies retention policies and managed folder mailbox
policies to user mailboxes it processes mailboxes that have an applied
retention policy or a managed folder mailbox policy. It applies the
retention tags included in the policy to default folders and the entire
mailbox. Any personal tags included in the policy are provisioned and become
available to users in Microsoft Outlook 2010 and Microsoft Office
OWA.
Messages that have some retention value are retained, although users can
still delete or remove messages from their mailboxes. If your organization
requires that messages be retained outside a user’s mailbox for
long-term storage.
The Managed Folder Assistant applies a retention policy by inspecting
items in the mailbox and determining whether they are subject to retention.
It then stamps items with the appropriate retention tags and takes the
specified retention action on items that are past their retention age. It
does not take any action on messages that are not subject to retention. When
an item is not subject to retention, its retention tag’s
RetentionEnabled property is set to $false. You can manually set this
property to $false to temporarily suspend items with a particular tag from
being processed.
By default, the Managed Folder Assistant runs daily from 1:00 AM until 5:00 AM. However, it stops as soon as all mailboxes are processed
rather than running continuously until the end of the scheduled period. You
can schedule the assistant to run at a time when the Mailbox server
is relatively idle or not under a
heavy load. If you decide to reschedule the Managed Folder Assistant, you
need to take into account other processes that compete for Mailbox server
resources, such as offline defragmentation of the mailbox database and
antivirus scans.
You can use either the EMC or the EMS to schedule the Managed Folder
Assistant. If you use the EMC, the procedure is as follows:
Open the EMC and expand the tree in the Console pane.
Under Server Configuration, click Mailbox.
In the Result pane, right-click the Mailbox server for which you
want to schedule the Managed Folder Assistant and click
Properties.
Click the Messaging Records Management tab in the Properties
dialog box.
In the Schedule The Managed Folder Assistant box, select Use
Custom Schedule. Click Customize.
In the Select Schedule dialog box, shown in Figure 5, select the times and
days during which you want the Managed Folder Assistant to
run.
Click OK to close the Select Schedule dialog box. Click OK again
to close the Properties dialog box.
You can use the EMS to schedule the Managed Folder Assistant or to start
it immediately. For example, the following command sets the Managed Folder
Assistant schedule on Mailbox server VAN-EX1 to start running at 15:00 (3:00
PM) on a Sunday and continue running
until all mailboxes are processed or until 13:00 (1:00 PM) on the following Sunday, whichever comes
first:
Set-MailboxServer -Identity VAN-EX1 -ManagedFolderAssistantSchedule "Sun.15:00
-Sun.13:00"
When you
manually start the Managed Folder Assistant, it continues running until all
mailboxes on the Mailbox server are processed or until the Managed Folder
assistant is stopped manually. The following commands start and stop the
Managed Folder Assistant, respectively:
Start-ManagedFolderAssistant
Stop-ManagedFolderAssistant
When you stop the Managed Folder Assistant manually, you are prompted for
confirmation.
Note:
MOVING ITEMS BETWEEN FOLDERS
A mailbox item moved from one folder to another inherits any tags
applied to the folder to which it is moved. If you move an item to a
folder that has no tag assigned, the DPT is applied to it. If the item
has a tag explicitly assigned to it, the assigned tag always takes
precedence over any folder-level tags or the default tag.
2.4. Removing or Deleting a Retention Tag from a Retention Policy
When you remove a retention tag from the retention policy applied to a
mailbox, the tag is no longer available to the user and cannot be applied to
items in the mailbox. Existing items that have been stamped with the tag
continue to be processed by the Managed Folder Assistant, and any retention
action specified in the tag is applied to those messages. Any existing
mailbox items with the tag applied will continue to expire based on the
tag’s settings.
However, if you use the Remove-RetentionPolicyTag
cmdlet to delete the tag, the tag definition stored in Active Directory is
removed. The next time the Managed Folder Assistant runs, it processes all
items that have the removed tag applied and restamps them.
If you disable retention for a retention tag, the Managed Folder Assistant
ignores items that have that tag applied. Items that have a retention tag
for which retention is disabled never expire. Because these items are still
considered tagged items, the DPT does not apply to them. For example, if you
want to troubleshoot retention tag settings, you can temporarily disable a
retention tag to stop the Managed Folder Assistant from processing messages
with that tag.
2.5. Placing a Mailbox on Retention Hold
When users are temporarily out of the office and do not have access to
email, you can apply retention to new messages. Depending on the retention
policy, messages may be deleted or moved to a user’s personal archive,
but you can temporarily suspend such retention policies for a specified
period by placing the mailbox on retention hold. When you place a mailbox on
retention hold, you can specify a retention comment that informs the mailbox
user (or another user authorized to access the mailbox) about the retention
hold, including when the hold is scheduled to begin and end. Retention
comments are displayed in supported Outlook clients. You can also localize
the retention hold comment in the user’s preferred language.
During long absences from work, users may accrue a large amount of email.
Depending on the volume of email and the length of absence, it may take
these users several weeks to sort through their messages. In such cases,
consider the additional time it may take the users to catch up on their mail
before removing mailboxes from retention hold. Also, placing a mailbox on
retention hold does not affect how mailbox storage quotas are processed.
Depending on the mailbox usage and applicable mailbox quotas, you should
consider temporarily increasing the mailbox storage quota for users when
they are on vacation or do not have access to email for an extended
period.
You can use the EMC or the EMS to place a mailbox on retention hold
regardless of whether the mailbox has a retention policy or a managed folder
mailbox policy applied to it.
To use the EMC, you access the Properties dialog box of the relevant
mailbox and then access the Message Records Management dialog box from the
Mailbox Settings tab. You can then enable retention hold and configure start
and stop dates and times.
To configure retention hold through the EMS, you use the
Set-Mailbox cmdlet to set the RetentionHoldEnabled
parameter to $true. The StartDateForRetentionHold and
EndDateForRetentionHold parameters of the same cmdlet let you specify when
the retention hold starts and stops. You can release a retention hold by
setting the RetentionHoldEnabled parameter to $false. For example, the
following command enables retention hold for the Kim Akers mailbox and
specifies retention start and stop dates:
Set-Mailbox -Identity "Kim Akers" -RetentionHoldEnabled $true -StartDateForRetentionHold
10-1-2011 -EndDateForRetentionHold 11-3-2011
