Category Archives: Enterprise Vault

Extend the Symantec Enterprise Vault to DR site for HA

In this article we will have a look at extending the Enterprise Vault to DR site. This configuration will be helpful when the main site is completely down.

Usually below will be the Enterprise vault configuration in most of the cases :
1) Active/Passive Configuration on Primary Site.
2) HA Failover option will be present in primary site.
3) EV will be available 100 percent in primary site.

In most cases 99 percent the enterprise vault will be configured in Microsoft Cluster because of Good  stability of Windows cluster.

Normal Active/Passive setup with HA option in Main site :


Implications without EV DR :

  1. Archived items will not be  available when the main site is not available.
  2. EV items stored in EV storage will be not available.

So in a normal scenario where the main site is operational and available the DR server will not be functioning and will remain as Standby.

A typical DR solution requires primary and secondary sites, and clusters within those sites for the EV to function.

There are 2 options available for EV DR setup :

1)  Go with update service location option with Symantec software. (Requires more manual operation like below)

a) SQL native tools to DR failover.
b) Mount  the volumes of EV stores appropriately.
c) Need to use the EV native  Update service Location (USL).

on top of the above we are not sure that the replicated storage of EV data and SQL  to DR is healthy or not.

2) Go with an EV aware DR application software.(Recommended)

There are few EV aware software’s available in market. They can fully automate the failover and failback between the sites. Its better to go with this option.

Below are the EV aware software’s which is available :

  1. Enterprise Vault with InfoScale Enterprise.
  2. EV Near Sync.

Below is one example  of high level design of EV DR setup:


Below is the summary:

1) Have EV Seperate Cluster on secondary site.
2) Perform the SQL and EV storage replication to the DR site regularly.
3) Have an EV aware software which performs the automatic failover and failback in case of disaster.Because these software after the intitial configuration does rest of the work such as updating entries in SQL database and activating the DR replicated Vault storage groups.
4) Need to change the DNS alias pointing from production to DR in case of DR activation.

Storage Requirements:

1) The EV storage groups needs to be replicated to the DR site ,can be done through SAN replication and most of the storage vendors are having the SAN replication.
2) Replication needs to be synchronous from the main site to the DR site.
3) Replication needs to be scheduled from the storage everyday for incremental updates.
4) Replication should be performed after the daily archiving schedule, during the vault stores in backup mode.
5) Indexes, databases, and files from the primary NAS to DR should be synced on a daily schedule.

SQL Replication Requirements:

1) Symantec recommends as a best practice to configure SQL Server for disaster recovery before configuring Enterprise Vault for disaster recovery.
2) A SQL server instance must be present on the DR site for SQL replication.
3) SQL server log shipping must be done to replication of DR.
4) SQL server DB replication must be done for replication to DR.
5) SQL data needs to be replicated in daily schedule to the DR site.

EV server requirements:

1) A new site DR to be defined in the EV topology in the vault admin console.
2) 2 new EV nodes with different names to be introduced in this Site.
3) Volume replication needs to be scheduled after storage is ready on the DR.
4) SQL replication needs to be scheduled after the DR instance is setup.
5) Better to have an well known EV aware replicating software like InfoScale or EVNEARSYNC which is having a good presence in the market because these applications provides RTO & RPO in minutes compared to the native EV failover scenario.

Network Requirements:

1) SQL replication needs to be done from the main site to the DR site. Required ports needs to be open.
2) Since SAN replication is already in place better to verify for these Datastores for the replication and required bandwidth for the daily incremental data replication in the current nw bandwidth in the DR site.
3) One standby IP for EV url in the DR site and needs to be pointed to this IP during the DR scenario.

High Level – How DR Works :

1) EV DR servers will be always Turned off in normal scenario.
2) During DR scenario EV DR servers needs to be turned on.
3) Present the replicated healthy storage (indexing & partition) to the DR server (Achieved through EV cmdlets)
4) Present the replicated healthy SQL db to the DR server (Achieved through EV cmdlets)
5) Perform failover by changing production alias to DR Server (Achieved through EV cmdlets)
6) Change DNS alias of Archive URL pointing from production to DR EV server and then run USL (Update service location).

All these above steps can be reduced and performed automatically by an EV aware application like EVNEARSYNC or InfoScale Enterprise.


1) The storage SAN replication needs to be planned accordingly with the current storage vendor and their recommendations.
2) Need to make sure the Exchange  DR setup is already in place, databases replicated in DR site and should be able to perform Exchange DR activation also to achieve best SLA for Email.

Thanks & Regards
Sathish Veerapandian

Quick Tip – Check Enterprise Vault Users

We can use the EV reports to see the active enterprise  vault users.

In addition to that we can use the  SQL  query to check the active users

Enterprise vault is tightly integrated with SQL databases. The Enterprise Vault Directory database will have the configuration information of the archive which will hold the number of exchange mailboxes it has enabled for archive and its details in Enterprise Vault.

But in the EV articles we see 2 values to check always which is :

1) MbxArchivingState –
The MbxArchivingState indicates whether or not the mailbox from Exchange server is enabled for archiving in Enterprise Vault. These are the values which the EV has about the details of the archives which is under its EV organization(directory).

2)MbxExchangeState –
The MbxExchangeState indicates the state of the mailboxes in our Exchange Environment.The EV determines the state of the mailboxes in Exchange servers by this value.

To see active users we can run the below query on SQL :

Use EnterpriseVaultDirectory
Select count(*)
from exchangemailboxentry
where MbxArchivingState = 1


To see Disabled Mailboxes we can run the below query on SQL:

Use EnterpriseVaultDirectory
Select count(*)
from exchangemailboxentry
where MbxArchivingState = 2


For new Mailboxes eligible for archive please run the below Query:

Use EnterpriseVaultDirectory
Select count(*)
from exchangemailboxentry
where MbxArchivingState = 0


We can run the below query to check the mailbox archiving state:

SELECT count(MbxArchivingState) as ‘# Mailboxes’,
MbxArchivingState as ‘Archiving State’
FROM ExchangeMailboxEntry
GROUP BY MbxArchivingState


The above Archiving State will display the results in below order:

0 = Not Enabled
2 = Disabled
1 = Enabled
3 = Re-Link

To view the Exchange State we can use the following:

SELECT count(MbxExchangeState) as ‘# Mailboxes’,
MbxExchangeState as ‘Exchange State’
FROM ExchangeMailboxEntry
GROUP BY MbxExchangeState


The Exchange State will display the results  in below order:
0 = Normal
1 = Hidden
2 = Deleted


This MbxExchangeState value will be 0 for hidden mailboxes and they will not be enabled for archive.Inorder to enable them for archive we need to set the value to 2 on the EV by running the below query

USE EnterpriseVaultDirectory
UPDATE ExchangeMailboxEntry
SET MbxExchangeState = ‘0’ WHERE MbxExchangeState = ‘2’

Thanks & Regards
Sathish Veerapandian
MVP – Office Servers & Services

Configure Enterprise Vault Office Mail App in Exchange 2016 Environment

The Enterprise Vault Office Mail App provides Enterprise Vault features in end users outlook and owa. This works in Integration with the Microsoft  Office Mail apps feature.
It is desired that users will try to  access  archived items via OWA as well when their older items are being archived by a  archive system.
The Enterprise Vault Office Mail App does not appear in Outlook or OWA by default.
It requires deployment to users  or organizational level and only then they will appear.

In this article i will explain quick steps to perform this action on a environment where we have the Archive enabled for Exchange 2016 users through Enterprise Vault

There are 3 possible methods to perform this action:

1)  We can deploy them to individual users.
2) We can deploy them to group of users.
3) We can deploy them to whole organization on the Mailbox Server Organization level.

The main methods are as below:

1)  We need to deploy the Office Mail App on the Newly introduced Exchange 2016 Server on the org level to EV server.
2) Setting up the Enterprise Vault Office Mail App
3) One important note that we need to make is that if we enable this feature on organizational level then this option will appear on all mailboxes including the one’s which has not EV enabled.
4) The same Enterprise Vault server is used for Office Mail App requests from
all users.

The high level steps are as follows :
1)We need to run the PowerShell command New-App in the Exchange Management
Shell on Exchange 2016 Server .
The command requires the following:
2)An Exchange 2016 Server  that is enabled for archiving and that you want to enable
for the Office Mail App.
3)The URL of the OfficeMailAppManifest.aspx page from the EV server.
The server that is specified in the URL can be any Enterprise Vault server
in your site can be http or https according to the IIS config on your EV server.
Office Mail Apps must only be served using Secure Sockets Layer (SSL). We need to  obtain a certificate from a certification authority.
4)The Exchange server sends a request to Enterprise Vault server EV1 to
configure a manifest file.


We need to run the below command to enable this feature on organizational level :

Add-Type -AssemblyName System.Web
$Mbx = get-mailbox “mailbox”
New-App -OrganizationApp -DefaultStateForUser:enabled -Url `
(“https://EV_server/EnterpriseVault/OfficeMailAppManifest.aspx?LegacyMbxDn=” +

■ mailbox is the name of a mailbox that is enabled for archiving.
■ EV_server is the name of Enterprise Vault server which has this manifest file in your organization.


When a user access the EV office mail app from the owa or Outlook following things happens:

a) Basically this officeMailAppManifest.aspx page from EV server generates a manifest file
for Exchange and sends it to the Exchange 2016 server.
b) The manifest file contains the Office Mail App settings for Exchange.
c) The settings include the URL from which the Office Mail App will be loaded.
d) Later end user will be able to perform his archive action  from the Office Mail App.

Below are the steps to enable EV web app for individual users :

$mbx = Get-mailbox | select LegacyExchangeDN
$url = “”+ $mbx.LegacyExchangeDN
New-App -Mailbox $mbx.LegacyExchangeDN -Url $url

Later we can verify the end user web app readiness by accessing the Manifest URL from his PC Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=mailbox

On accessing the end user should be able to see the XML file an example below.


On a failure to see the XML file will not result in accessing this feature from end user level.

After its enabled this will how it will be displaying for end users on their OWA and Outlook when they open any emails.



1)  This office mail app  is not an mandatory feature to be enabled for all users . All users can see their archived items from the archive URL and the EV thick client on their desktops. This mail app gives more comfort for the end users to access, make operations on their archive from the owa and viewing their email on outlook itself.
2) Support for the Enterprise Vault Office Mail App is pending from Exchange 2016 CU1 and not in Symantec compatibility lists.At this moment the Office mail app is working only on owa in Exchange 2016 CU2. Symantec has confirmed that they will be soon releasing a patch which will support this feature on Outlook as well.
3) With Exchange 2016 CU2 Archive is working fine on the Outlook EV Client and the EV Web URL.
4) Enterprise vault to be compatible with Exchange 2016 Cu2 server version requires  Enterprise Vault 11.0.1 Cumulative Hotfix 4 or later.

Below are the following commands are available for managing Office
Mail Apps in Exchange 2016:

Get-App                  – Returns information about the installed Office Mail Apps.
New-App                  – Deploys an Office Mail App.
Remove-App               – Removes the specified Office Mail App.
Disable-App              – Disables a specific Office Mail App for a specific user.
Enable-App               – Enables an Office Mail App for a specific user.
Set-App                  – Sets configuration properties on an Office Mail App.

Thanks & Regards
Sathish Veerapandian
MVP – Office Servers and Services

Configure Enterprise vault Archive for Exchange 2016 Server

In this article we will have a look at creating the EV Mailbox Archive task for Exchange 2016 server.

To know how to configure the storage can refer my previous post

Configure New Store, storage , provisioning groups in Enterprise Vault in Exchange Environment

To know the overview of the services can refer my previous post

All about enterprise vault services and its tasks

There are new additional configurations for the newly introduced Exchange 2016 in any environment for the Enterprise Vault archive to happen on them.We need to provision and target those servers for the archive to happen on their mailboxes.

As a first procedure we need to create system mailboxes for each new Exchange 2016 servers for the archive to happen on their mailboxes.System mailbox is nothing a dedicated mailbox which we need to create for the EV archive to happen on that server.
This mailbox should not be used for any other jobs and should not be hidden from the Address List.

Once we create this dedicated system mailboxes on new Exchange 2016 servers we need to grant permission to the Vault service account that is responsible to start the EV task on Exchange servers.Grant send as permission to the Vault service account on the newly created  Enterprise vault system mailboxes for Exchange 2016 archive to happen.

Its better we can move the Vault Service account to the Exchange 2016 server from the legacy server. This will not impact the previous exchange servers EV Archive process until the migration is complete.

Once this is done we need to run two powershell scripts  on the new Exchange servers to set the throttling policy and permission for the Enterprise Vault Service account.

These scripts are present by default on the Enterprise Vault Server in the below directory.


All we need to do is just need to copy these scripts on the Exchange server 2016 and run them as below

To set the EVthrottling policy run the below command 
.\SetEVThrottlingPOlicy.ps1  -User domain\username -server mbxserver -Version 2013 -DomainController DCname

Domain is the AD that the vault service account belongs to.
User name is the vault service account.
Server name is the Exchange 2016 server name.

Version is 2013 currently for 2016 server as well

To Assign Exchange Server permissions to the vault service account run the below command:
.\SetEVExchangePermissions.ps1 -user domain\user-name
domain is the AD that the vault service account belongs to
user name is the vault service account
server name is the Exchange 2016 server name

Once the above procedure is completed we need to create the target from the Enterprise Vault Server to the new Exchange 2016 servers

Inorder to do that

Login to Enterprise Vault Server with Enterprise Vault Service account

Open vault Admin Console

Navigate to Targets – Domain – Exchange server – New – Exchange Server


Proceed with the next option


Select the Exchange Mailbox Task


Select the system mailbox to use.Here we need to choose the designated EV system mailboxes that we created.


Once this is done the targets for the new server is successfully created.

Now we need to create a task for the each new Exchange 2016 servers for the archive to happen

In-order to do that open Vault admin console – Navigate to task – new exchange mailbox task.


Proceed with the next option


Choose the new provisioned Exchange 2016 Server


Once the new task for Exchange 2016 has been created we can schedule the archive period and the DB’s of those servers will be visible on the targets.


Do not make any change on the concurrent connections and the logon accounts on the task service its better to have them default.

After this is done we can move the mailboxes to Exchange 2016 from the previous version of exchange server.The provisioning group , targets and the retention policies will remain the same for the mailboxes moved to the exchange 2016 server.

Note: These steps are applicable only on a environment where there is an already existing Enterprise Vault configured on the legacy Exchange servers. These steps will be useful when we need to enable archive on newly introduced exchange servers. For a new configuration on the environment the Symantec configuration guide needs to be followed.

Thanks & Regards
Sathish Veerapandian
MVP – Office Servers & Services

Configure New Store, storage , provisioning groups in Enterprise Vault in Exchange Environment

In this article we will have a look at the steps to provision the Enterprise Vault in the Storage, Policy and Group level.

If we talk about Enterprise Vault its again a big topic considering all the functionalities ,configuration , features , HA etc..,

So here we will focus only on how to provision archive only for end users in a new deployment

We will need to look at the steps to consider in creating a storage, Backup , creating policy based on the retention that end users are expecting.

So below things needs to be planned properly before the configuration:

a) Archive policy based on mailbox quota and number of months. eg: If the quota exceeds 80 percent and emails  greater than 5 months should be archived.

b) Archive retention period for end users. How long the archived emails will stay eg: like 5 years, 7 years etc

c) Retention of the shortcuts archived items in the mailbox after the archive.

Once planning on the above is done we need to configure Provisioning group, Archive policy and create a store group and a store for the archive process to happen.

Below things needs to be created :

a) Create a provisioning group to target the users who require the archive feature to be enabled.

b) Create a dedicated policy for this group based on the requirement.

c) Create a dedicated store-group and store to place all the archive .

d) Configure the backup for these stores.


We will look into the steps to create provisioning group first

Log in to the Vault Administration console and navigate to provisioning groups and select new provisioning group



Give a name


Associate the targets for this group


Targets can be OU’s, Whole domain, Distribution Group. The best practice is to always target a Distribution group and add users who require EV since the OU’s will contain service accounts, vendor mailboxes which will unnecessarily consume licenses.


Then later you need to select the policy that you would need to apply for this group of users based on your requirement.


Set the retention category


Select the associated store and enable the option automatically provision the mailboxes for people who comes under this group



Now we will look in creating the Policy

It is better to have multiple policies since its always better to segregate users based on their quota, nature of job and the amount of emails they receive on daily basis.

To create a New Policy Open Vault Admin Console – Navigate to policies and create a new mailbox policy.




These are the default values once its created. Based on your requirement you can modify these values.



There is nothing much complexity involved in creating the policy but yes if the users retention is not understood properly then later you would be in trouble. So its better to set the clear expectations to the end users before setting the policy.


Now we should look in creating a store for the archived mailboxes.

Its better to create a store group first



Then create a Store under the Store group



You will get the below window


Give it a name and select the option whether open or closed. If you keep  this partition open then partition rollover can happen if any of the other partition are full. If you keep it closed then rollover to this partition will not happen.


Select the storage type by default it is NTFS


Then you need to specify the drives and drive path and finally you have to perform the run test which will indicate a success or failure of your config


This is the partition rollover which i was taking in earlier screenshots which is an amazing feature

You have an option to set the volume and time


Here you go for setting the backup for this partition. The beauty of the archive is when you create the store by specifying the SQL instance location the DB’s are automatically created.

So now these values needs to be chosen according to the type of backup you are using.

If you have a snap shot EV unaware backup then you need to select the option check for a trigger file.

If you have a EV aware backup most likely backup exec from Symantec then you can use the first option.

Note: Its very important that you need to keep in mind that these backups will never help you in restoring brick level for end users. These are meant only for system recovery scenarios.

So when a user permanently deletes an archive from EV its gone forever.


Then you need to use the file collection software if you are using the second option


And enter the time at which you need to place this file collection software.


After this once you click on finish the archive is configured to take place.So based on your Archiving Mailbox server Task schedule the archiving job would start happening.

There are few more backup configurations that needs to be done if you choose the 2nd option. We will look  that seperately in another write up since adding those information will definitely confuse and increase the length of reading this blog.


Sathish Veerapandian

MVP – Exchange Server

All about enterprise vault services and its tasks

I Just went through Enterprise Vault services, Tasks and its functionality. I have collected few points about its functionality and would like to share the same.

In this article we will have a look at the enterprise vault version 11 services and its tasks.

Basically EV version 11 has 4 services . The previous version 10 had 6 services and they have reduced it to 4 from 6 in EV11.

Below are the functionality of the 4 services.

Enterprise vault storage service

The Enterprise Vault Storage Service reads the objects from the Storage Archive queue and stores the associated mailbox items to the Storage Device.

What is storage archive queue?

This is the actual  queue which EV server queues the messages from the end users mailbox for archival.

It actually holds the emails that EV needs to archive in its storage.

It integrates and works with the windows message queuing service (MSMQ) and that’s the reason it needs to be installed on the OS during EV installation.

Once the items are copied to this storage queue the below process takes place


  • The copied file from the user will be marked for archive pending.
  • The copied item will be added as .EVSQ file in the Storage queue location. Usually the storage queue location should be redundant path (SAN Storage)
  • Once when all the items are archived this .evsq file is emptied and keeps only the empty .evsq file(not sure why it leaves this file trace).

Below are the different types of queues


Enterprise Vault Exchange Mailbox task for server queue A1

This queue holds the Enterprise Vault Exchange Mailbox Pending items to update in the corresponding users archive. It also has the  failed operations.


Enterprise Vault Exchange Mailbox task for server queue A2

This queue holds the Individual items that needs to process. Used for end user manual archive requests and whenever Enterprise Vault cannot directly communicate with the Storage Archive queue of the Storage service.


Enterprise Vault Exchange Mailbox task for server queue A3

This queue is  Used if you start archiving using the Run Now option in the Administration Console. If the administrator forces the task to run then it comes in this queue.


Enterprise Vault Exchange Mailbox task for server queue A4

This queue is used during the retry of the failed archive.


Enterprise Vault Exchange Mailbox task for server queue A5

This queue is used during scheduled archive runs. This queue is not processed outside the scheduled archiving times, so you cannot use Run Now to clear a backlog on this queue.


Basically this enterprise vault storage service  has 3 tabs as shown below


General Tab

Just tells us about the site and the computer name and doesn’t hold much information


Storage Queue Tab

Tells the queue status open or closed, queue location free space and available space, queue total length and pending length.


Advanced Tab

This queue contains archive processes and restore processes.



Archive processes

It’s about the number of archiving task that this service can handle at time (can be exchange archive, SharePoint archive, etc..,)


Restore processes

It’s the same as archive and it is the number of the restoring task that this service can handle at a time


Restore thread per process

It’s the number of threads that the restore process must handle while restoring the items. We need to ensure that this value is increased when you increase the value of the number of processes else the restore will take long time.


We need to make sure that we are aligning the values for archive process and threads correctly else there will be some issues and will take time in the restore


EV Shopping service

This service manages the selected items to be restored when the end user manually chooses to archive few items through browser search and archive explorer. As the name indicates that this service is used only when the user tries to manually archive any items to EV from his end.



This service will log events in the event log whenever it starts and then stops. So it’s better to monitor this service events once in a while on every day.

Apart from this I do not find any much more information on this service


Enterprise Vault Task Controller Service

The Enterprise Vault Task Controller Service controls all provisioning, archiving, and retrieval tasks for Enterprise Vault. At the completion of every task it records an event about the status (whether it’s completed or its failure) of the task that was completed.

The Enterprise Vault Indexing Service:

This service is responsible to handle the indexing part for the archived data.

The Indexing Service will index items once they are being archived. Each archive will have its own index

It keeps the index all up to date.

Also it fetches the search results for the end users that they are searching for any emails from their EV archive

It’s better to have this functionality enabled as the end users will search for their archived emails for sure.



Now we will start looking into the tasks functionality.

So these tasks will be working depending upon all the above services.

Below are the list of tasks that can be created from EV server for the applications as shown below.



And after we create a task these tasks have options to schedule and run on a timely basis which I find it to be very useful.

There are few more options to explore apart from the schedule


Note: We would be able to  set only one task for one server.

Example for one mailbox server we can set only one archive task schedule  and that task can be configured.

There are more topics to know on Enterprise Vault since it’s a pretty much complicated big product with more features and functionalities. We will discuss about the rest of the features in the upcoming blogs.


Sathish Veerapandian

Steps to export/import enterprise vault archive mailbox as PST

In this article we will have a look at the steps to export/import the enterprise vault archive as a PST.

Log in to the Enterprise Vault server and open Enterprise vault admin console

Select the node and select the archives



Now right click on the archives icon and you have an option to export and import as a PST/NSF files.

Now we will see the steps to export as PST.



Now we have 3 options as shown below for the export of PST file



Now choose the archive mailbox for the export



Select the source archive file



We have an option to export items in a specific date range which i find to be very useful



Choose the folder path and we have an option to split the PST files



Confirm the PST export settings




Once we click on next we have the status of the export and


there is a report file of the export as well




These steps  can be useful to export/import the PST to enterprise vault archive for the end users.

Hope this helps.


Sathish Veerapandian

%d bloggers like this: