|
|
|
date: Tue, 13 May 2008 04:04:00 -0700,
group: microsoft.public.exchange.admin
back
RE: Recipient Policy Issue
Adam,
Mailbox manager policies basically look for the different props on every
message i.e. PR_SUBMIT_TIME and so on and according to that it decides
whether to delete the message or not. In some cases if the prop
PR_MODIFIED_TIME is the time before the defined time in policy then MM wont
delete the message.
Now, assuming that you have checked the time when the MM runs I would
suggest you to check with AD replication also. Though MM runs on the Exchange
server it has to pull up the scheduling information from Active Directory and
off course the users who will be affected by the policy are also stored in AD.
Again, if you can simply paste the errors you got in event log by
MSExchangeSA that would probably give us better picture.
Rebuilding RUS wont help you much as RUS does not handle the Mailbox
Mangement though the Mailbox Mangement policy is created under the container
Recipient Polices.
--
Milind Naphade
http://mnaphade.blogspot.com
"Adam" wrote:
> We are running Exchange 2K3 SP2 in a single Win2K3 domain. Recently, I
> created a recipient mailbox management policy to delete any items older than
> 365 days from users Deleted Items folders. In the users accounts that I want
> affected by this policy, I've added a Custom Attribute (extensionAttribute2)
> with a value of "delete_items_cleanup" (no quotes). I then used the Advanced
> Search of the new policy to look for all users with this attribute. This
> resulted in the following filter:
> (&(&(&(|(&(objectCategory=person)(objectSid=*)(!samAccountType:1.2.840.113556.1.4.804:=3))(&(objectCategory=person)(!objectSid=*))(&(objectCategory=group)(groupType:1.2.840.113556.1.4.804:=14))))(objectCategory=user)(extensionAttribute2=deleted_items_cleanup)))
>
> Performing the search does find all the desired users. This policy is one of
> four (including the default policy) that we currently have. I scheduled the
> policy to run on Saturdays at 6PM. On the following Monday, I randomly
> checked a few accounts that should have been affected and found that they
> still had messages dating back 3 or 4 years (so it doesn't appear that the
> policy applied). These users do have the custom attribute mentioned above. I
> then used LDP.EXE to check the GUID of the different policies, then checked
> these same user accounts (still in LDP.EXE) and found that the
> msExchPoliciesIncluded field did NOT contain the GUID of this policy. I went
> back to the policy, modified the filter, ran the same search (for the custom
> attribute) and the same users DID turn up in the search results. I turned up
> logging for msExchangeSA and found entries in the Application Log on the
> Exchange server from Saturday when the policy should run that state that the
> recipient policy DID run for these same random users (but again, the contents
> of thier Deleted Items folder does not reflect this). Can anyone shed any
> light here? Would there be any mileage in rebuilding the RUS? Any help would
> be greatly appreciated. Thanks,
> Adam
date: Tue, 13 May 2008 04:48:01 -0700
author: Milind Naphade (NO_SPAM)
RE: Recipient Policy Issue
Milind,
Thank you for you response. There were no errors reported in the Event Logs,
just information events regarding the process. However, based on your remarks
about the PR_MODIFIED_TIME, I looked at some of the message properties for
those that were left in the Deleted Items folder (not removed by the mailbox
management process despite being over the age limit) and sure enough, they
all have a modified date well within the age limit. So according to your
statements, this would cause the mailbox management process to ignore the
messages and not delete them?
Is there any reason why the users attributes in LDAP do not show the GUID of
this particular recipient policy as being "msExchPoliciesIncluded"? Thanks
again,
Adam
"Milind Naphade" wrote:
> Adam,
> Mailbox manager policies basically look for the different props on every
> message i.e. PR_SUBMIT_TIME and so on and according to that it decides
> whether to delete the message or not. In some cases if the prop
> PR_MODIFIED_TIME is the time before the defined time in policy then MM wont
> delete the message.
> Now, assuming that you have checked the time when the MM runs I would
> suggest you to check with AD replication also. Though MM runs on the Exchange
> server it has to pull up the scheduling information from Active Directory and
> off course the users who will be affected by the policy are also stored in AD.
> Again, if you can simply paste the errors you got in event log by
> MSExchangeSA that would probably give us better picture.
> Rebuilding RUS wont help you much as RUS does not handle the Mailbox
> Mangement though the Mailbox Mangement policy is created under the container
> Recipient Polices.
>
>
> --
> Milind Naphade
> http://mnaphade.blogspot.com
>
>
> "Adam" wrote:
>
> > We are running Exchange 2K3 SP2 in a single Win2K3 domain. Recently, I
> > created a recipient mailbox management policy to delete any items older than
> > 365 days from users Deleted Items folders. In the users accounts that I want
> > affected by this policy, I've added a Custom Attribute (extensionAttribute2)
> > with a value of "delete_items_cleanup" (no quotes). I then used the Advanced
> > Search of the new policy to look for all users with this attribute. This
> > resulted in the following filter:
> > (&(&(&(|(&(objectCategory=person)(objectSid=*)(!samAccountType:1.2.840.113556.1.4.804:=3))(&(objectCategory=person)(!objectSid=*))(&(objectCategory=group)(groupType:1.2.840.113556.1.4.804:=14))))(objectCategory=user)(extensionAttribute2=deleted_items_cleanup)))
> >
> > Performing the search does find all the desired users. This policy is one of
> > four (including the default policy) that we currently have. I scheduled the
> > policy to run on Saturdays at 6PM. On the following Monday, I randomly
> > checked a few accounts that should have been affected and found that they
> > still had messages dating back 3 or 4 years (so it doesn't appear that the
> > policy applied). These users do have the custom attribute mentioned above. I
> > then used LDP.EXE to check the GUID of the different policies, then checked
> > these same user accounts (still in LDP.EXE) and found that the
> > msExchPoliciesIncluded field did NOT contain the GUID of this policy. I went
> > back to the policy, modified the filter, ran the same search (for the custom
> > attribute) and the same users DID turn up in the search results. I turned up
> > logging for msExchangeSA and found entries in the Application Log on the
> > Exchange server from Saturday when the policy should run that state that the
> > recipient policy DID run for these same random users (but again, the contents
> > of thier Deleted Items folder does not reflect this). Can anyone shed any
> > light here? Would there be any mileage in rebuilding the RUS? Any help would
> > be greatly appreciated. Thanks,
> > Adam
date: Tue, 13 May 2008 08:03:01 -0700
author: Adam
RE: Recipient Policy Issue
Adam,
Your comments itself answer your question. As you said the policy guid is
not being displayed in the users properties that means somehow AD and
Exchange WMI can not talk to each other.
I can suggest you to check if the AD is clean and relicating correctly.
For advanced trouble shooting purposes your can certainly use MPS Reports
for Exchange. Also to make sure if AD isnt a problem you can use DCDIAG and
netdiag /debug in verbose mode.
Well, being honest this problem is intersting but will require
troubleshooting on it.
Now once again about the props, MM will skip the message only when the
PR_MODIFIED_TIME is not matching to the criteria you ahve defined in your
policy. Else, it will simply mark that message for deletion and will delete
it when the MM will run. I hope that answered your quetion.
--
Milind Naphade
http://mnaphade.blogspot.com
"Adam" wrote:
> Milind,
> Thank you for you response. There were no errors reported in the Event Logs,
> just information events regarding the process. However, based on your remarks
> about the PR_MODIFIED_TIME, I looked at some of the message properties for
> those that were left in the Deleted Items folder (not removed by the mailbox
> management process despite being over the age limit) and sure enough, they
> all have a modified date well within the age limit. So according to your
> statements, this would cause the mailbox management process to ignore the
> messages and not delete them?
> Is there any reason why the users attributes in LDAP do not show the GUID of
> this particular recipient policy as being "msExchPoliciesIncluded"? Thanks
> again,
> Adam
>
> "Milind Naphade" wrote:
>
> > Adam,
> > Mailbox manager policies basically look for the different props on every
> > message i.e. PR_SUBMIT_TIME and so on and according to that it decides
> > whether to delete the message or not. In some cases if the prop
> > PR_MODIFIED_TIME is the time before the defined time in policy then MM wont
> > delete the message.
> > Now, assuming that you have checked the time when the MM runs I would
> > suggest you to check with AD replication also. Though MM runs on the Exchange
> > server it has to pull up the scheduling information from Active Directory and
> > off course the users who will be affected by the policy are also stored in AD.
> > Again, if you can simply paste the errors you got in event log by
> > MSExchangeSA that would probably give us better picture.
> > Rebuilding RUS wont help you much as RUS does not handle the Mailbox
> > Mangement though the Mailbox Mangement policy is created under the container
> > Recipient Polices.
> >
> >
> > --
> > Milind Naphade
> > http://mnaphade.blogspot.com
> >
> >
> > "Adam" wrote:
> >
> > > We are running Exchange 2K3 SP2 in a single Win2K3 domain. Recently, I
> > > created a recipient mailbox management policy to delete any items older than
> > > 365 days from users Deleted Items folders. In the users accounts that I want
> > > affected by this policy, I've added a Custom Attribute (extensionAttribute2)
> > > with a value of "delete_items_cleanup" (no quotes). I then used the Advanced
> > > Search of the new policy to look for all users with this attribute. This
> > > resulted in the following filter:
> > > (&(&(&(|(&(objectCategory=person)(objectSid=*)(!samAccountType:1.2.840.113556.1.4.804:=3))(&(objectCategory=person)(!objectSid=*))(&(objectCategory=group)(groupType:1.2.840.113556.1.4.804:=14))))(objectCategory=user)(extensionAttribute2=deleted_items_cleanup)))
> > >
> > > Performing the search does find all the desired users. This policy is one of
> > > four (including the default policy) that we currently have. I scheduled the
> > > policy to run on Saturdays at 6PM. On the following Monday, I randomly
> > > checked a few accounts that should have been affected and found that they
> > > still had messages dating back 3 or 4 years (so it doesn't appear that the
> > > policy applied). These users do have the custom attribute mentioned above. I
> > > then used LDP.EXE to check the GUID of the different policies, then checked
> > > these same user accounts (still in LDP.EXE) and found that the
> > > msExchPoliciesIncluded field did NOT contain the GUID of this policy. I went
> > > back to the policy, modified the filter, ran the same search (for the custom
> > > attribute) and the same users DID turn up in the search results. I turned up
> > > logging for msExchangeSA and found entries in the Application Log on the
> > > Exchange server from Saturday when the policy should run that state that the
> > > recipient policy DID run for these same random users (but again, the contents
> > > of thier Deleted Items folder does not reflect this). Can anyone shed any
> > > light here? Would there be any mileage in rebuilding the RUS? Any help would
> > > be greatly appreciated. Thanks,
> > > Adam
date: Tue, 13 May 2008 08:54:01 -0700
author: Milind Naphade (NO_SPAM)
|
|
