SysAdmin Talk

Know all you need to know about managing Exchange retention policies? If not, they could well start managing you. Here I cover all the concepts and information that you will need.

Retention policies are the recommended method for implementing messaging records management in Exchange 2010. Retention policies use retention tags to apply settings to mailbox folders and individual items. Retention tags are configured with a retention action that can be taken when an item reaches its retention age limit.

Retention Cmdlets

There is currently no way to manage retention tags or policies through the Exchange Management Console (EMC). Retention tags and policies must be managed using the Exchange Management Shell (EMS).

When managing retention settings in EMS, you’ll use the following cmdlets:

• Retention Policy Cmdlets – Get-RetentionPolicy, Set-RetentionPolicy, New-RetentionPolicy and Remove-RetentionPolicy
• Retention Policy Tag Cmdlets – Get-RetentionPolicyTag, Set-RetentionPolicyTag, New-RetentionPolicyTag, and Remove-RetentionPolicyTag

Retention Tag Types

There are three types of retention tags that can be used to apply retention settings to mailbox folders and messages:

• Retention Policy Tags – these tags are used to apply settings to default folders such as Inbox and Sent Items.
• Default Policy Tags – these tags apply to any item that does not have a retention tag set. A retention policy can contain only one default policy tag.
• Personal Tags – these tags can be applied by users who access their mailboxes from Outlook 2010 or Outlook Web App. Personal tags can be applied to custom folders and individual items.

Retention Actions

When you create a retention tag, you can select a retention action that will be used when the age limit for retention is met. The following table lists the available retention actions:

• DeleteAndAllowRecovery – This action will perform a hard delete, sending the message to the dumpster. The user will be able to recover the item using the Recover Deleted Items dialog box in Outlook 2010 or Outlook Web App.
• MarkAsPastRetentionLimit – This action will mark an item as past the retention limit, displaying the message using strikethrough text in Outlook 2007, 2010 or Outlook Web App.
• MoveToArchive – This action moves the message to the users archive mailbox.
• MoveToDeletedItems – This action will move the message to the Deleted Items folder.
• PermanentlyDelete – This action will permanently delete the message and cannot be restored using the Recover Deleted Items dialog box.

Creating Retention Tags

When you create a retention policy tag using the New-RetentionPolicyTag cmdlet, you can specify the default folder type using the Type parameter.

The following default folders can be used when creating retention policy tags:

• Deleted Items
• Drafts
• Inbox
• Junk E-mail
• Outbox
• Sent Items
• RSS Feeds
• Sync Issues
• Conversation History

Using the information we’ve learned so far, let’s take a look at a few sample commands. The following command will create a retention policy tag for the default Inbox folder, specifying that items older than 90 days will be deleted permanently:

New-RetentionPolicyTag AllUsers-Inbox -Type Inbox -Comment `
"Items older than 90 days are deleted" -RetentionEnabled $true `
-AgeLimitForRetention 90 -RetentionAction PermanentlyDelete

To create a default policy tag for the entire mailbox, set the type to All. In this example, a default retention policy tag is created that will permanently delete items after 120 days. A default retention policy tag of type All will apply to any item that does not have a retention tag applied:

New-RetentionPolicyTag AllUsers-Default -Type All -Comment `
"Items older than 120 days are permanently deleted" -RetentionEnabled $true `
-AgeLimitForRetention 120 -RetentionAction PermanentlyDelete -IsPrimary $true

When creating a personal retention tag, use Personal for the Type parameter value. The following command will create a tag that can be used for critical personal items, retaining items for two years before being deleted:

New-RetentionPolicyTag Critical -Type Personal -Comment `
"Use this tag for all critical items" -RetentionEnabled $true `
-AgeLimitForRetention 730 -RetentionAction DeleteAndAllowRecovery

Creating Retention Policies

You use retention polices to apply retention tags to mailboxes. When creating retention polices, keep the following in mind:

• Mailboxes can only be assigned one retention policy at a time.
• You cannot have multiple retention policy tags for a single default folder in the same retention policy. For example, you can’t have two retention policy tags for the Inbox default folder in the same retention policy.
• Policies can contain one default policy tag of type All.
• You can assign multiple personal tags to a policy, but be careful not to go overboard as this could be confusing for users.
• Retention tags are not applied to mailboxes until they have been linked to an enabled retention policy and the managed folder assistant has run.

To create a retention policy, use the New-RetentionPolicy cmdlet. The following example creates a retention policy named All-Users that links the AllUsers-Inbox tag to the policy:

New-RetentionPolicy AllUsers -RetentionPolicyTagLinks AllUsers-Inbox

You can create a retention policy without initially linking any retention tags to it. You can always go back and add retention tags to a policy later. If you need to add tags to an existing policy, you can use the Set-RetentionPolicy cmdlet. For example, to add the Sales-Inbox and Sales-DeletedItems retention policy tag to the Sales-Users retention policy, your command would look like this:

Set-RetentionPolicy -Identity Sales-Users -RetentionPolicyTagLinks Sales-Inbox

When updating a retention policy that already has tags linked, you need to re-apply those tags and append any new tags you will be linking. In this case, you could use the following syntax to update the Sales-Users retention policy:

#store the current tag list
$Tags = (Get-RetentionPolicy Sales-Users).RetentionPolicyTagLinks
#create a list of new tags
$NewTags = Get-RetentionPolicyTag Sales-Critical
#store all tags in a new varable
$Tags += $NewTags
#add all tags to the retention policy
Set-RetentionPolicy Sales-Users -RetentionPolicyTagLinks $Tags

Applying Retention Policies to Mailboxes

To apply a retention policy to a mailbox, you use the Set-Mailbox cmdlet, specifying the retention policy name using the RetentionPolicy parameter. Below are a few examples.

Setting the RP-IT retention policy for a single user:

Set-Mailbox dsmith -RetentionPolicy RP-IT

Setting the RP-Sales retention policy to all mailboxes in the sales distribution group:

Get-DistributionGroupMember DG-Sales | Set-Mailbox -RetentionPolicy RP-Sales

Setting the RP-AllUsers retention policy to all mailboxes in the DAGDB1 database:

Get-Mailbox -Database DAGDB1 | Set-Mailbox -RetentionPolicy RP-AllUsers

These commands will only apply to the mailboxes currently in the distribution group or mailbox database. You’ll need to schedule these commands to run on a regular basis if you are making changes to the group or database frequently.

Auto Tagging

You can enable auto tagging to automatically tag items in a user’s mailbox based on their past tagging activities. To enable auto tagging for a mailbox, use the Set-MailboxComplianceConfiguration cmdlet and set the RetentionAutoTaggingEnabled parameter to $true as shown below:

Set-MailboxComplianceConfiguration dsmith -RetentionAutoTaggingEnabled $true

Keep in mind that the user needs to first tag a minimum of 500 items so that Exchange can learn the tagging habits of that user.

You can see how many messages a user has tagged by running the Get-MailboxComplianceConfiguration cmdlet:

Get-MailboxComplianceConfiguration dsmith

To clear auto tags from a mailbox use the same cmdlet using the Clear switch parameter:

Start-RetentionAutoTagLearning –Identity djones -Clear

You can start the training algorithm for auto tagging using the Start-RetentionAutoTagLearning cmdlet:

Start-RetentionAutoTagLearning –Identity djones -Train

Default Retention Policies

Exchange automatically creates retention policies for use with personal archives and arbitration mailboxes. There are two retention policies created automatically by default:

• Default Archive Policy – this policy can be applied to mailboxes that contain a personal archive and provides a built in set of retention tags.
• ArbitrationMailbox – this policy is applied by default to the system mailbox. The policy contains two system tags by default.

The retention tags used within these policies are considered system tags, and by default are not visible when running the Get-RetentionPolicyTag cmdlet. You can view the tags included with these policies by using the IncludeSystemTags parameter with the Get-RetentionPolicyTag cmdlet. For example, to view a list of retention policy tag names, including the system tag names, run the following command:

Get-RetentionPolicyTag –IncludeSystemTags | select name

Retention Hold

You may need to disable the processing of a retention policy for a user that will be out on vacation or on a leave of absence. In this instance, you can use the RetentionHold parameter of the Set-Mailbox cmdlet to suspend the processing of a retention policy.

Set-Mailbox dsmith -RetentionHoldEnabled $true

Managed Folder Assistant

The Managed Folder Assistant runs on each mailbox server, applying message retention settings configured in retention polices or managed folders. By default, the Managed Folder Assistant is scheduled to run from 1am to 9am every day.

You might find that you need to run the Managed Folder Assistant manually in order to test the functionality of your tags and policies. In this case, you can use the Start-ManagedFolderAssistant cmdlet to force the Managed Folder Assistant to run immediately.

To start the Managed Folder Assistant for a particular mailbox:

Start-ManagedFolderAssistant –Mailbox dsmith

To start the Manged Folder Assistant on a particular server:

Start-ManagedFolderAssistant –Identity EXCHSRV01

This can be a resource intensive task when running against all of the mailboxes on a server. Make sure that your systems can handle the additional work, or do your testing after business hours.

That covers all of the concepts you need to know to manage retention policies. I know this may seem like a lot of information, but do some testing in a lab environment. Create some retention tags and policies and practice assigning them to users and I think you will see that they are actually pretty easy to work with.