HP Email Archiving sftware fr Micrsft Exchange PST Imprt Tls Cmpnents and Deplyment Best Practices Table f Cntents Overview... 2 Prerequisites... 2 Cmpnents... 2 Archive Credentials... 2 PST Lader... 2 Changes Frm Previus Versins... 4 Overall Cnfiguratin File Creatin Prcess... 4 PST Imprt Mnitr... 7 Deplyment Best Practices... 8 Client Machine... 8 Accunt... 8 Lcatin f PST Files... 8 PST File Ownership, Passwrd Prtectin, and Permissins... 9 PST Audit Repsitry... 9 Autmated Creatin f Cnfiguratin Files... 9 Fr Mre Infrmatin... 11
Overview The PST Imprt Tls have been develped t allw Administratrs t lad legacy PST data frm lcal and netwrk file systems int the Integrated Archive Platfrm (IAP). This reduces the strage capacity requirement placed upn the lcal and netwrk file systems. This has the additinal benefit f string the email data in a cmpliant frmat allwing users, administratrs, and cmpliance fficers t search email frm the entire enterprise. This whitepaper discusses the individual cmpnents f the PST Imprt Tls and a number f best practices fr the deplyment f the PST Imprt Tls, but shuld nt be used as a substitute fr the prerequisites stated in the fllwing sectin. Prerequisites Prir knwledge f the PST Imprt Tls is essential t better understand the cntents f this paper. The reader shuld, at a minimum, have cmpleted the PST Imprt Tls training, and have read and understd the PST Imprt Tls chapter f the Email Archiving sftware fr Exchange (EAsE) 2.1 Administratr Guide, 3 rd Editin at: http://spck.crp.hp.cm/pages.internal/spck2html.aspx?htmlfile=sw_ilm_rim_msg.internal.html#rimease This whitepaper als assumes that the reader has a reasnable level f understanding f the IAP and EAsE. Cmpnents The PST imprt prcess is divided int three distinct cmpnents: Archive Credentials, PST Lader, and PST Imprt Mnitr. The fllwing sectins prvide a brief synpsis f each f these cmpnents and their assciated prcesses. Archive Credentials Setting the archive credentials is the first stage in the PST imprt prcess. This is where the credentials used fr the remaining prcesses are cnfigured and verified. The credentials used here are specifically fr access t the IAP and the dmain within the IAP which will be used as the target fr the PST imprt data. While the accunt used here des nt specifically need t be the same as the HPAEServiceAccunt accunt (which will already have been cnfigured fr access t Exchange), it is highly recmmended that this accunt be used. This simplifies the entire end-t-end prcess and reduces cnfusin during the cnfiguratin f the PST Imprt Tls. During the remainder f this dcument, it is assumed that the HPAEServiceAccunt has been cnfigured as described in the HP EAsE 2.1 Administratr Guide Creating the archive service accunt n page 16. Additinally, the HPAEServiceAccunt shuld be granted the IAP Admin right frm the IAP Platfrm Cntrl Center (PCC) Accunt Management page. The archive credentials, nce verified, are stred in the registry f the lcal machine using 128 bit AES Encryptin. This prvides a secure methd fr string the accunt infrmatin, thus preventing it frm being mdified r viewed by users. PST Lader Creating the cnfiguratin files is the secnd stage in the PST imprt prcess. This is accmplished using the PST Lader. This utility is used t create a cmbined versin f the default HP EAsE PST Imprter.ini file this file is created the first time PST Lader is used and sme default values are defined which can then be (and are) verwritten fr individual cnfiguratins, resulting in the 2
cmbined file. (A mre cmplete descriptin f this cmbinatin is cntained in the Overall Cnfiguratin File Creatin Prcess sectin belw.) The PST Lader als utputs the xml files which cntrl the manner in which the PST Imprt Lader actually ingests data int the IAP. The cnfiguratin files cntrl the PST files t lad, which repsitries are the target fr the ingestin, and whether all users identified in the headers f messages receive a cpy f the message in their repsitry, etc. The fllwing is a list f all ptins available during the cnfiguratin. Select files t prcess the lcatin f the PST files, either n the lcal file system r at a netwrk lcatin. The Deplyment Best Practices sectin discusses sme recmmendatins fr the lcatin f PST files. MAPI Lgin Infrmatin (fr GAL Lkup) used t reslve email against the Glbal Address List (GAL) and t cnvert x.400 style addresses t SMTP style addresses. IAP Parameters Exchange Server the IP address r DNS hstname f an Exchange server t be used fr access t the GAL. Exchange Mailbx a mailbx (HPAEServiceAccunt) used fr accessing the GAL. This des NOT have t be an SMTP address. This parameter is entered as an SMTP address, e.g., HPAEServiceAccunt@hp.cm. IAP Dmain VIP Address (SMTP) the virtual IP address fr the IAP and SMTP prt number 25. IAP HTTP Prtal Address the virtual IP address fr the IAP and HTTP prt number, in this case, 81. This shuld be entered in the fllwing frmat: 16.89.88.170:81 IAP Dmain Name the target dmain in the IAP fr data ingestin. This can be fund frm either the PCC Administratin Cnsle r frm the dmain.jcml file n the kickstart server. User Repsitry (SMTP Address) the target IAP repsitry fr data ingestin. This, in mst cases, relates directly t the identified wner f the PST file(s). Audit Repsitry fr Imprt Lgs the IAP repsitry that imprt lg files will be delivered t. This can be any repsitry that is established in the IAP. This is discussed in further detail in the Deplyment Best Practices sectin. Archiving Optins Use TNEF t Capture Email recmmended; this ptin delivers the message using Micrsft s Transfer Neutral Encapsulatin frmat. This allws the message t be stred in the IAP with the highest level f fidelity, preserving many f the MAPI prperties which are nt cntained in a standard RFC-822 MIME message. Stre Flder Infrmatin required fr cnsistency when the IAP is cnfigured t capture flder infrmatin during nrmal peratin. Frced Prcessing f PST Files allws a PST file t be prcessed again even if its hash has been previusly prcessed. This is useful fr debugging. Tmbstne Optins Create Tmbstne in PST allws the user t select the tmbstne inside a PST file and retrieve the message frm the IAP. Trim Bdy frm Tmbstne remves the cntent frm the message. 3
Select Output File the lcatin and name f the xml imprt descriptin file created by the PST Lader. Changes Frm Previus Versins If yu have used PST Imprter previusly, yu may ntice that sme changes have been made t the parameters entered in the PST Imprt Tls. The majrity f these changes are t the varius descriptins t imprve clarity. Hwever, tw ptins have been remved since they have been rendered bslete: Distribute t all recipients Ensure Owner Receipt Overall Cnfiguratin File Creatin Prcess This sectin is included t re-iterate the verall creatin prcess. When the PST Lader is first executed, yu are presented with the fllwing dialg bx: Figure 1. PST Lader Dialg Bx Tw ptins are available here: yu can either create a new imprt descriptin file (XML), r pen an existing file and schedule the jb. When selecting New, yu are presented with the fllwing dialg bx, Create Imprt Descriptin File PST Lader. This is used slely fr creating the imprt descriptin file (XML), and nt fr scheduling the jb t run. Figure 2. Create Imprt Descriptin File PST Lader Dialg Bx 4
As can be seen here, the PST Lader has nt been run previusly since n parameters frm the HP EAsE PST Imprter.ini file have been inserted int the dialg bx. It s imprtant t nte here that if the PST Lader has been run previusly, sme parameters may already be present. Fr example: Figure 3. Create Imprt Descriptin File N Parameters Present In this secnd example, yu ll see that the fields have been pre-ppulated. This may be caused by a cmbinatin f user-specific infrmatin, as well as defaults frm the HP EAsE PST Imprter.ini file. Once this dialg is cmplete and yu click OK, the Output File (therwise knwn as the imprt descriptin file ) is created. At this pint n ini file fr the actual jb has been created, because nthing has been scheduled. Hwever, nce the Create Imprt Descriptin File PST Lader dialg bx is cmpleted, the imprt descriptin file field in the PST Lader is ppulated. Once a lg file is identified, this dialg will create the ini file fr the jb and create an entry in the AEDB.MDB database. Figure 4. PST Lader Imprt Descriptin File Field Ppulated 5
Fr example, when the fllwing parameters are entered: Figure 5. PST Lader Bth Fields Ppulated This results in the creatin f the fllwing ini file: Figure 6. Resultant ini File in Ntepad The PST Lader als creates an entry in the AEDB.MDB database fr scheduling purpses. The PST Imprt Mnitr uses this table t identify the jbs that need t be run. Figure 7. Entry in AEDB.MDB Database 6
PST Imprt Mnitr The third and final stage f the PST imprt prcess is starting the jbs that have been scheduled. This is dne frm the PST Imprt Mnitr tl. The PST Imprt Mnitr identifies the files t be prcessed by interrgating the AEDB.MDB database t lcate the ini files fr jbs currently in the queue. Figure 8. PST Imprt Mnitr Windw Shwing 1 Queued PST File Fllwing frm the previus example, yu can see that ne (1) file is ready fr prcessing. Once the ingestin f the scheduled PST files is cmplete, the PST Imprt Mnitr summarizes the level f success f the ingestin. Figure 9. PST Imprt Mnitr Windw Shwing 5 Cmpleted Files Items that are rejected r ignred may be s fr varius reasns: unsupprted cntent, malfrmed messages, etc. Any duplicate items are als presented. 7
Further investigatin can be carried ut by lking at the lg files fr the specific jb. These are lcated n the client machine, typically in the directry, C:\Prgram Files\Hewlett- Packard\EAsE PST Imprter\LgFiles. Fr example: Figure 10. Example Lg File Deplyment Best Practices There are a number f best practices fr deplyment situatins which aid the verall use f PST Imprt Tls. The basis f these best practices is t, where pssible, keep the implementatin standard and cnsistent. Client Machine It is recmmended that a dedicated client machine be used fr the PST Imprt Tls. This shuld meet the minimum requirements detailed in the EAsE Administratr Guide and the PST Imprt Tls training material. One cnsideratin is the amunt f available disk space n the machine, especially if the intentin is t mve all PST files t a lcal file system fr prcessing. Accunt During the cnfiguratin f EAsE, an HPAEServiceAccunt accunt is created. This accunt has the required access t the Exchange envirnment, and therefre sufficient permissins t the Glbal Address List (GAL). It is recmmended that this accunt be used nt nly fr the Archive Credentials, but als as the lgn accunt fr the client machine. Fr the sake f cmpleteness, the default Outlk prfile shuld be cnfigured with the HPAEServiceAccunt accunt. Nte: The HPAEServiceAccunt accunt in the IAP is created by DAS. Remember that the HPAEServiceAccunt accunt requires that IAP Admin rights are applied using the IAP PCC Accunt Management. Lcatin f PST Files While the PST Imprt Tls can imprt PST files lcated n netwrk files shares, it is recmmended that PST files be transferred nt the lcal client machine r at least nt a dedicated netwrk file share. Where pssible, PST files shuld be stred in a structure rganized by file wner, thus prviding a mechanism fr tracking the target repsitries fr the imprt. 8
Fr example: C:\PSTimprt UserA@pstimprt.cm UserB@pstimprt.cm UserC@pstimprt.cm Unknwn By rganizing the file structure in this way, it is pssible t autmate the creatin f the cnfiguratin files, thus simplifying the verall prcess. PST File Ownership, Passwrd Prtectin, and Permissins Depending n the requirement fr PST Imprts by specific custmers, it may be required that the emails cntained in PST files are nly targeted at specific repsitries. In this case, the File Ownership prperty is required, but may nt be crrect depending n the surce f the file. Determining the primary wner f the file requires a manual interventin, since the PST Imprt Tls are nt designed t determine wh the primary user f a PST file is. Secndly, the PST Imprt Tls ffer n ability t imprt passwrd-prtected PST files. If passwrds are knwn, it is pssible t remve the passwrd prtectin by cnnecting t the PST file frm the Outlk client and remving the passwrd. Passwrd-prtected PST files cannt be imprted until the passwrd is first remved. PST passwrds may be reset using cmmercially available sftware; hwever, passwrd remval actins are the respnsibility f the custmer. Lastly, read and write permissins t the PST Files are required by the HPAEServiceAccunt accunt including remval f any Read-Only attributes assigned at the file system level. PST Audit Repsitry PST Imprt Tls can send lgging infrmatin t any IAP repsitry. In sme cases, this may be a previusly created Audit repsitry, r in fact, the target repsitry fr the PST imprt. Hwever, it is recmmended that, where pssible, yu create a dedicated PST Imprt Lgging user and repsitry frm the IAP PCC Accunt Management webpage. This allws all PST lgs t be searched in a single lcatin and makes the task f identifying ptential issues easier verall. It is imprtant t understand the lgging prcess fr PST Imprt Tls. The prcess creates lg entries that are stred n a per-pst file basis, nt fr the verall PST Imprt Prcess. Therefre, a lg is created fr each PST file imprted. Furthermre, the lg file fr a PST file may appear t be split in the lgging repsitry since, if the PST Imprt prcess is interrupted, all f the lgging t-date is sent t the lgging repsitry. Nte that all lg entries sent t the IAP are wrapped in a MIME message, s when searching the lg repsitry, make sure the dcument type is set t email. Autmated Creatin f Cnfiguratin Files Earlier in this dcument, we discussed the Overall Cnfiguratin File Creatin Prcess. As a fllw n frm this, we will nw lk at the ptins fr autmating the creatin f the cnfiguratin files. The simplest methd t autmate the creatin is t use a dedicated file structure t rganize the PST files (as already discussed). Using a script (either VB Script r Perl), the structure and flder name infrmatin can be taken and used t create a set f XML imprt descriptin files. The frmat shuld be as fllws: 9
Figure 11. Example Imprt Descriptin File A number f fields in the XML file are cnsistent fr all, such as <Server> and <Mailbx>. Sme parameters are mre specific, such as <Repsitry> which can be taken frm the flder name, and <FilePath>. After the creatin f the XML files, the cmmand line versin f HPAEPSTLadUtil.exe can be used fr scheduling PST files int PST Imprt Mnitr. Fr example: <Install Path>\EAsE PST Imprter\HPAEPSTLadUtil.exe /i c:\pstfiles\usera@pstimprt.cm\usera.xml / c:\pstfiles\usera@pstimprt.cm\usera.lg This methd is strictly a suggestin, and a mre rbust prcess may be required in the future. Hwever as stated earlier, the simple apprach eases the verall prcess and minimizes the ptential human errr. 10
Fr Mre Infrmatin HP Email Archiving sftware fr Micrsft Exchange http://h18006.www1.hp.cm/prducts/sftware/im/gvernance_ediscvery/exchangearchiving/index.html HP Integrated Archive Platfrm http://h18006.www1.hp.cm/prducts/sftware/im/gvernance_ediscvery/iap/index.html Technlgy fr better business utcmes Cpyright 2009 Hewlett-Packard Develpment Cmpany, L.P. The infrmatin cntained herein is subject t change withut ntice. The nly warranties fr HP prducts and services are set frth in the express warranty statements accmpanying such prducts and services. Nthing herein shuld be cnstrued as cnstituting an additinal warranty. HP shall nt be liable fr technical r editrial errrs r missins cntained herein. Linux is a U.S. registered trademark f Linus Trvalds. Micrsft and Windws are U.S. registered trademarks f Micrsft Crpratin. UNIX is a registered trademark f The Open Grup. 4AA2-7643ENA, July 2009