Tuesday, May 4, 2010

Database Availability Group Exchange 2010


Exchange 2007 used LCR, SCC, CCR and SCR for high availability and site resilience of the mailbox databases. LCR database is replicated to another disk on same server, when hardware failure the mailboxes will not be available as the replica of the mail database are stored in the same hardware with different drive. SCC is cluster configuration in which the mail database are stored in shared drives, if failure of the shared drive occurs, the availability of the mailbox will be affected. CCR contain only two members, one active and one passive node. In SP1 new feature called SCR by which the database from the primary site can be replicated to disaster site and achieve site resilience.
DAG is the most significant feature  that has made available in Exchange 2010 which includes many of the limitation of the high availability features that were available with previous version of the exchange.CCR used onsite replication and SCR used for offsite replication has been combined together to from DAG in exchange 2010. Microsoft defines DAG as a group of the up to 16 mailbox servers that host a set of databases and provide automatic database-level recovery from failures that affect individual database.
A DAG is a boundary for mailbox database replication, database and server switchovers, and failovers, and for an internal component called Active Manager. Active Manager is an Exchange 2010 component which manages switchovers and failovers that runs on every server in a DAG.
Any server in a DAG can host a copy of a mailbox database from any other server in the DAG. When a server is added to a DAG, it works with the other servers in the DAG to provide automatic recovery from failures that affect mailbox databases, such as a disk failure or server failure.
DAGs leverage a feature of Exchange 2010 known as incremental deployment, which is the ability to deploy service and data availability for all Mailbox servers and databases after Exchange is installed. After you've deployed Exchange 2010, you can create a DAG, add Mailbox servers to the DAG, and then replicate mailbox databases between the DAG members.

A DAG is initially created as an empty object in Active Directory. This directory object is used to store relevant information about the DAG, such as server membership information. When an administrator adds the first server to a DAG, a failover cluster is automatically created for the DAG. This failover cluster is used exclusively by the DAG, and the cluster must be dedicated to the DAG. Use of the cluster for any other purpose is not supported.
During creation, the DAG is given a unique name, and either assigned one or more static IP addresses or configured to use Dynamic Host Configuration Protocol (DHCP). You can specify a single IP address or a comma-separated list of IP addresses by using the DatabaseAvailabilityGroupIPAddresses parameter.
Example :
New-DatabaseAvailabilityGroup -Name DAG1 -DatabaseAvailabilityGroupIPAddresses 10.0.0.25,192.168.0.25

Every DAG is a Windows failover cluster. Failover clusters use the concept of quorum. Quorum is not a new concept for Exchange 2010. Highly available mailbox servers in previous versions of Exchange also use failover clustering and its concept of quorum.

Datacenter Activation Coordination Mode Exchange 2010

Datacenter Activation Coordination (DAC) mode is a property setting for a database availability group (DAG). DAC mode is specifically designed for DAGs with three or more members that are extended to two Active Directory sites.

DAC mode is used to control the activation behavior of a DAG when a catastrophic failure occurs that affects the DAG. When DAC mode isn't enabled, and a failure affecting multiple servers in the DAG occurs, when a majority of servers are restored after the failure, the DAG will restart and attempt to mount databases. In a multi-datacenter configuration, this behavior could cause split brain syndrome, a condition that occurs when all networks fail, and DAG members can't receive heartbeat signals from each other. Split brain syndrome also occurs when network connectivity is severed between the datacenters. Split brain syndrome is prevented by always requiring a majority of the DAG members (and in the case of DAGs with an even number of members, the DAG's witness server) to be available and interacting for the DAG to be operational. When a majority of the members are communicating, the DAG is said to have a quorum.

DAC mode is designed to prevent split brain syndrome from occurring by including a protocol called Datacenter Activation Coordination Protocol (DACP). After a catastrophic failure, when the DAG recovers, it won't automatically mount databases even though the DAG has a quorum. Instead DACP is used to determine the current state of the DAG and whether Active Manager should try to mount the databases.

For example, consider a scenario where the first datacenter contains two DAG members and the witness server, and the second datacenter contains two other DAG members. If the first datacenter loses power and you activate the DAG in the second datacenter (for example, by activating the alternate file share witness in the second datacenter), if the first datacenter is restored without network connectivity to the second datacenter, the DAG may enter a split brain syndrome.

In order to remedy this problem in Exchange 2010 a new feature has been developed called Datacenter Activation Coordination (DAC). DAC is used to control the activation behavior of DAG nodes that may be split between multiple datacenters. Basically what occurs here is that when there is an outage in a datacenter other members of the DAG will come on line in another datacenter. When the DAG nodes that are offline return to service the offline DAG nodes will leverage a protocol called Datacenter Activation Coordination Protocol (DACP) before trying to mount their databases. The DACP is used to determine the current state of the DAG and whether Active Manager should try to mount the databases or not.

Active Manager stores a bit in memory (either a 0 or a 1) that tells the DAG whether it’s allowed to mount local databases that are assigned as active on the server. When a DAG is running in DAC mode (which would be any DAG with three or more members), each time Active Manager starts up the bit is set to 0, meaning it isn’t allowed to mount databases. Because it’s in DAC mode, the server must try to communicate with all other members of the DAG that it knows to get another DAG member to give it an answer as to whether it can mount local databases that are assigned as active to it. The answer comes in the form of the bit setting for other Active Managers in the DAG. If another server responds that its bit is set to 0, it means servers are allowed to mount databases, so the server starting up sets its bit to 1 and mounts its databases.

Enabling DAC Mode
Set-DatabaseAvailabilityGroup -Identity DAG2 -DatacenterActivationMode DagOnly

Messaging: New features and functionality in Exchange 2010

New features and functionality in Exchange 2010

Microsoft Exchange Server 2010 brings a new and rich set of technologies, features, and services to the Exchange Server product line. New features and functionality in Exchange 2010 support several key concepts:
• Flexible and reliable
• Anywhere access
• Protection and compliance
The following sections provide you with an overview of some of the important new features and functionality, which you can use when you're planning, deploying, and administering your Exchange 2010 organization.

Flexible and Reliable

The pressure to optimize your IT infrastructure to respond to changing business conditions demands agility and that means investing in solutions that provide you and your organization choice. Exchange 2010 gives you the flexibility to tailor your deployment based on your organization's unique needs and a simplified way to help keep e-mail continuously available for your users.

High Availability Functionality

Exchange 2010 integrates high availability into the core architecture of Exchange to enable customers of all sizes and in all segments to economically deploy a messaging continuity service in their organization.
Exchange 2010 includes many changes to its core architecture. In Exchange 2010, new features such as incremental deployment, mailbox database copies, and database availability groups work with other features such as shadow redundancy and transport dumpster to provide a new, unified platform for high availability and site resilience.

Exchange Store and Mailbox Database Functionality

The following is a list of core store functionality that's included or has been changed in Exchange 2010:
• Deprecated storage groups
• Mailbox databases no longer connected to the server object
• Improvements in Extensible Storage Engine (ESE) for high availability, performance, and database mobility
• Flattened Outlook store schema
• Enhanced reporting with public folders

Permissions Functionality
In Exchange 2010, Role Based Access Control (RBAC) replaces the permissions model used in Exchange 2007. Using RBAC, you can define extremely broad or extremely precise permissions models based on the roles of your administrators and users.
For administrators and specialist users, management role groups define what these users can manage in the organization. Role groups associate role group members to a set of management roles that define what the members can do. By adding or removing users as members of role groups, and adding or removing role assignments to or from a role group, you can control what aspects of the organization the members can manage.
For end users, management role assignment policies define what users can configure on their own mailbox. Assignment policies are applied to every mailbox either by default or manually, and enable you to control whether users can change their personal information, contact information, distribution group membership, and so on.
Both role groups and role assignment policies are assigned management roles. Management roles control access to the cmdlets and parameters required to perform a task. For example, if a cmdlet exists on a management role, and that role is assigned to a role group, the members of that role group can then use that cmdlet.

Transport and Routing Functionality


The following is a list of new transport and routing functionality included in Exchange 2010:
• Shadow redundancy
• MailTips
• Moderated transport
• Federated delivery
• Latency service level agreement (SLA) management
• End-to-end message tracking
• Incremental EdgeSync
• Transport rules integration with AD RMS
• Transport dumpster improvements
• Transport database improvements

Exchange Server 2010 Deployment Assistant

Exchange Server 2010 introduces the Exchange Server Deployment Assistant, or ExDeploy, a new Web-based tool that can help you with your Exchange deployment. ExDeploy asks you a few questions about your current environment and then generates a custom checklist and procedures that help simplify your deployment.
.
Administration Functionality in the Exchange Management Console
The following is a list of the new core Exchange Management Console (EMC) features included in Exchange 2010. The core EMC refers to new functionality that affects how you use the EMC, and not how you use specific features:
• Ability to add Exchange forests to the console tree
• Customer Feedback start tab
• Community and Resources
• EMC command logging
• Property dialog box command exposure
• RBAC permissions aware for the EMC
• Online Exchange Help

Administration Functionality in the Exchange Management Shell
The following is a list of features available in the new Exchange Management Shell:
Remote administration With the new Shell, you can connect to remote servers running Exchange 2010 across the network with only Windows Management Framework installed, which includes Windows PowerShell.
RBAC integration The Shell works with RBAC to give you and your users access only to the cmdlets and parameters you and they are allowed to use. If your permissions don't allow you to configure a certain feature, you aren't given access to the cmdlets, parameters, or both, that manage that feature.
Administrator audit logging Actions that result in the modification of Exchange organization configuration and other object properties in the EMC, the Web management interface, and the Shell can now be logged for later review.
Improved multiple-valued property syntax Instead of running multiple commands to add and remove values from a single property, you can now add and remove values with a single command.
Exchange Control Panel

Administrators can use the Exchange Control Panel for Outlook Web App to manage some on-premises tasks. The following is a list of the administrative features available:
• Text messaging integration
• Voice messaging integration
• Multiple mailbox search
• Additional proxy addresses for mailboxes
• Moderation and approval for distribution list submission
In addition, users have self-service capabilities in that they can perform administrative tasks via the Exchange Control Panel. The ECP enables users to perform common tasks without having to call the help desk. This allows your users to be more productive and allows IT staff to deliver more, while reducing support costs.
.
Mailbox and Recipient Functionality

The following is a list of the new mailbox and recipient functionality that's included or has been changed in Exchange 2010:
• Ability for users to share information, such as calendar free/busy information and contacts with users who reside in a different organization
• Improved scheduling and configuring for resource mailbox calendar processing
• Ability to move a mailbox while the end user is still accessing it
• Additional parameters added to distribution group cmdlets to allow users to create and manage their own distribution groups in Outlook Web App and Exchange 2010
• Ability to appoint a moderator to regulate the flow of messages sent to a distribution group
• Ability to manage folder-level permissions for all folders within a user's mailbox
• Expanded bulk recipient management to allow you to bulk manage recipient properties
• Ability to send mail to recipients from the EMC

Exchange Web Services Managed API 1.0

The Microsoft Exchange Web Services (EWS) Managed API 1.0 provides a managed interface for developing client applications that use Exchange Web Services. Beginning with Exchange 2007 Service Pack 1 (SP1), the EWS Managed API simplifies the implementation of applications that communicate with Exchange. Built on the Exchange Web Services SOAP protocol and Autodiscover, the EWS Managed API provides a .NET interface to Exchange Web Services that's designed to be easy to learn, use, and maintain.

Client Throttling Functionality to Manage System Performance
Exchange 2010 uses client throttling policies to manage the performance of your Exchange organization. To do this, Exchange tracks the resources that each user consumes and enforces connection bandwidth limits as necessary.
Some of the benefits of client throttling include making sure that:
• Users aren't intentionally or unintentionally taxing the system.
• Users of various connectivity methods are proportionally sharing resources.
You manage client throttling policies with Shell cmdlets.


Anywhere Access

Enhancements in Exchange 2010 helps users get more done by helping them to access all of their communications—e-mail, voice mail, instant messaging—from virtually any platform, Web-browser, or device through industry standard protocols. Managing the flow of information into and out of an individual’s inbox daily can create overload and affect productivity and profitability. In response to this challenge, Exchange 2010 adds new productivity features that can help users more easily organize and effectively prioritize their communications.

Unified Messaging Features

The following is a list of new Unified Messaging features included in Exchange 2010:
• Call answering rules
• Additional language support included in Outlook Voice Access
• Enhancements to name lookup from caller ID
• Voice Mail Preview
• Message Waiting Indicator
• Missed call and voice mail notifications using text messaging
• Protected Voice Mail
• Incoming fax support
• Addressing to groups (personal distribution lists) support
• Built-in Unified Messaging administrative roles

Outlook Web App Features

The following is a list of new features in Outlook Web App included in Exchange 2010:
• Favorites in the navigation pane
• Search folders
• Message filtering
• Ability to set categories in the message list
• Options in the Web management interface for Outlook Web App
• Side-by-side view for calendars
• Multiple client language support
• Ability to attach messages to messages
• Expanded right-click capabilities
• Integration with Office Communicator, including presence, chat, and a contact list
• Conversation view
• Ability to send and receive text messages from Outlook Web App
• Outlook Web App mailbox policies

Text Messaging Features

The following is a list of new text messaging features included in Exchange 2010:
• Missed call and voice mail notifications
• Calendar and agenda updates
• Text messages sent and received through Outlook Web App and Outlook 2010
• Text message synchronization with a mobile phone

POP3 and IMAP4 Cross-Site Connectivity Support

Cross-site POP3 and IMAP4 client connectivity is supported by default in Exchange 2010..

Protection and Compliance

Exchange 2010 delivers new, integrated e-mail archiving and retention functionality, including granular multi-mailbox search and immediate legal hold. Exchange 2010 also helps you to better protect your company’s communications and e-mail through centrally managed information control capabilities. This includes the ability to more effectively intercept, moderate, encrypt, and block e-mail messages. Together, this functionality provides you with a flexible range of protection and control options, whether you want to automatically enforce controls or empower users to implement their own data protection.

Messaging Policy and Compliance Features

Exchange 2010 compliance features make retention independent of users' mailbox management and filing habits, and ensure retention policies are applied continuously. The following is a list of new messaging and compliance features included in Exchange 2010:
• Additional messaging records management (MRM) functionality to apply message retention policies
• Personal Archive feature to provide users with online archive mailboxes and help eliminate .pst files
• Mailbox search features for cross-mailbox search with Advanced Query Syntax (AQS) support
• Additional transport rules predicates and actions

IRM-Protected E-Mail Functionality with Active Directory Rights Management Services


The following is a list of new Information Rights Management (IRM)-protected e-mail functionality with Active Directory Rights Management Services (AD RMS) included in Exchange 2010:
• Microsoft Outlook protection rules, to apply IRM-protection to messages in Outlook 2010
• Transport protection rules, to apply IRM protection to messages based on rule conditions
• Persistent protection of attachments in IRM-protected messages
• Support for AD RMS templates
• Support for IRM in Microsoft Office Outlook Web App
• Transport decryption, to decrypt IRM-protected messages to apply messaging policies
• Journal report decryption, to attach a decrypted copy of IRM-protected messages to journal reports
• AD RMS protection for Unified Messaging voice mail messages

Active Manager in Exchange 2010

Microsoft Exchange Server 2010 includes a new component called Active Manager that provides functionality that replaces the resource model and failover management features provided by integration with the Cluster service in previous versions of Exchange. Exchange no longer uses the cluster resource model for high availability. There are no cluster groups for Exchange, and there are no storage resources in the cluster. Thus, if you examine the cluster using cluster management tools, you’ll see only the core cluster resources (IP Address and Network Name, and if needed, quorum resource). Cluster nodes and networks will also exist, but those are managed by Exchange and not cluster or cluster tools.
Active Manager runs on all Mailbox servers that are members of a database availability group (DAG).
There are two Active Manager Roles:
1. Primary Active Manager (PAM)
2. Standby Active Manager (SAM).
PAM is the Active Manager in a DAG that decides which copies will be active and passive. PAM is responsible for getting topology change notifications and reacting to server failures.The DAG member that holds the PAM role is always the member that currently owns the cluster quorum resource (default cluster group). If the server that owns the cluster quorum resource fails, the PAM role automatically moves to a surviving server that takes ownership of the cluster quorum resource, if you need to take the server that hosts the cluster quorum resource offline for maintenance or an upgrade, you must first move the PAM to another server in the DAG.

SAM provides information on which server hosts the active copy of a mailbox database to other components of Exchange that are running an Active Manager client component (for example, RPC Client Access service or Hub Transport server). The SAM detects failures of local databases and the local Information Store. A SAM doesn't determine the target of failover, nor does it update a database’s location state in the PAM. It will access the active database copy location state to answer queries for the active copy of the database that it receives.
In Exchange 2010, the Microsoft Exchange Replication service periodically monitors the health of all mounted databases. In addition, it also monitors Extensible Storage Engine (ESE) for any I/O errors or failures. When the service detects a failure, it notifies Active Manager. Active Manager then determines which database copy should be mounted and what it requires to mount that database.

Active Manager Best Copy Selection:
When a failure occurs that affects a replicated mailbox database, Active Manager takes several steps to recover from the failure by selecting the best possible copy of the failed database to activate. Below is the process:
• Active Manager detects the failure.
• The PAM runs an internal algorithm called best copy selection (BCS).
• A process called attempt copy last logs (ACLL) occurs, which tries to copy any missing log files from the server that hosted the active database copy prior to the failover.
• Once the ACLL process has completed, the PAM issues a mount request to the Microsoft Exchange Information Store via remote procedure call (RPC). At this point, either:
1. The database mounts and is made available to clients; or
2. The database does not mount, and PAM performs steps 2-4 on the next best copy (if one is available).

Lossless failover:

When searching for the best possible copy, the PAM uses up to ten separate sets of criteria to determine the best copy to activate. After locating the best possible copy, ACLL runs. After the ACLL process has completed, if all missing log files were copied from the previous active copy, the database mounts without any data loss. This is known as a lossless failover.

If the ACLL process is unsuccessful, the configured value for AutoDatabaseMountDial is consulted. For more information about AutoDatabaseMountDial, If the number of lost logs is within the configured value for AutoDatabaseMountDial, the database is mounted. If the number of lost logs is outside the configured value for AutoDatabaseMountDial, the database isn't mounted until either missing log files are recovered or until an administrator explicitly mounts the database and accepts the larger data loss. If the database doesn't mount automatically, the PAM will select the next best copy (if one is available). There are at least three reasons why the initially selected database copy does not mount automatically:
1. The number of lost log files is greater than the configured value for AutoDatabaseMountDial.
2. The server on which the mount attempt was made is configured with a soft maximum for the active number of databases, and the maximum number of active database copies has been reached on the server.
3. The database copy is suspended for activation.