Understanding Automatic Mailbox Distribution
Applies to: Exchange Server 2010 SP3, Exchange Server 2010 SP2
Topic Last Modified: 2010-07-07
When you create or move a mailbox, or mail-enable an existing user, that mailbox needs to be stored in a mailbox database. In previous versions of Microsoft Exchange, you needed to specify the mailbox database when you performed one of those operations. With Microsoft Exchange Server 2010, you have the option of letting Exchange choose the database for you using automatic mailbox distribution.
With automatic mailbox distribution, Exchange looks at the mailbox databases in your organization, excludes databases that aren't suitable using criteria discussed later in this topic, and then randomly chooses a database where the mailbox should be located. This process randomly distributes mailboxes across all of the suitable mailbox databases in your organization.
Automatic distribution is used when you don't specify the Database parameter on the New-Mailbox and Enable-Mailbox cmdlets or the TargetDatabase parameter on the New-MoveRequest cmdlet.
|Automatic mailbox distribution is performed only when a mailbox is created on an Exchange 2010 server, moved to an Exchange 2010 server, or when a user is mail-enabled. The New-Mailbox, New-MoveRequest, and Enable-Mailbox cmdlets must be run from a server running Exchange 2010. Exchange doesn't redistribute mailboxes to distribute load across databases automatically based on server load.|
The following process is used to find a suitable mailbox database where a new or moved mailbox should be located:
Exchange retrieves a list of all mailbox databases in the Exchange 2010 organization.
Any mailbox database that's marked for exclusion from the distribution process is removed from the available list of databases. You can control which databases are excluded. For more information, see Exclude Databases from Automatic Distribution later in this topic.
Any mailbox database that's outside of the database management scopes applied to the administrator performing the operation is removed from the list of available databases. For more information, see Database Scopes later in this topic.
Any mailbox database that's outside of the local Active Directory site where the operation is being performed is removed from the list of available databases.
From the remaining list of mailbox databases, Exchange chooses a database randomly. If the database is online and healthy, the database is used by Exchange. If it's offline or not healthy, another database is chosen at random. If no online or healthy databases are found, the operation fails with an error.
The process of selecting a mailbox database is performed by the Mailbox Resources Management Agent cmdlet extension agent. The
Mailbox Resources Management Agent is one of several cmdlet extension agents that extend the functionality of running cmdlets. For more information about cmdlet extension agents, see Understanding Cmdlet Extension Agents.
If you never want mailboxes to be distributed automatically, you can disable the
Mailbox Resources Management Agent. When you disable the agent, the change is applied to the entire Exchange 2010 organization. For more information about how to disable cmdlet extension agents, see Disable a Cmdlet Extension Agent.
By default, all online and healthy mailbox databases on Exchange 2010 servers in the local Active Directory site can be chosen by automatic mailbox distribution to store a new or moved mailbox. However, you might want to exclude some databases from the distribution process for various reasons. For example, you may designate a mailbox database as a journaling database in which only mailboxes you manually specify should be located. Or you might want to temporarily remove a database from rotation to perform scheduled maintenance. Exchange 2010 gives you the option to either permanently or temporarily exclude databases from the exclusion process.
Every Exchange 2010 mailbox database has the two following properties that can be set using the Set-MailboxDatabase cmdlet:
- IsExcludedFromProvisioning Use this property if you want to indicate that the database should be permanently excluded from automatic mailbox distribution.
- IsSuspendedFromProvisioning Use this property if you want to indicate that the database should be temporarily excluded from automatic mailbox distribution.
Both properties have two valid values,
$False. The default value for each is
$False. The property you choose is purely for your information. Setting either property to
$True has the same result of excluding the database from the automatic distribution process. Both properties must be set to
$False for a mailbox database to be included in the automatic distribution process.
Exchange 2010 provides these two properties for excluding a mailbox database from automatic distribution so that you can easily identify the databases that have been permanently excluded from automatic distribution and which have been temporarily excluded.
To set a mailbox database as permanently excluded from automatic distribution, use the following command:
Set-MailboxDatabase <database name> -IsExcludedFromProvisioning $True
To set a mailbox database as temporarily excluded from automatic distribution, use the following command:
Set-MailboxDatabase <database name> -IsSuspendedFromProvisioning $True
When a mailbox database is excluded from automatic distribution, the only way to create a mailbox in, or move a mailbox to, the database is to use the Database parameter on the New-Mailbox and Enable-Mailbox cmdlets or the TargetDatabase parameter on the New-MoveRequest cmdlet.
If you want to make an excluded mailbox database available for selection in the automatic distribution process, set both properties to
Database management scopes are an additional level of control over the automatic mailbox distribution process that's been added to Microsoft Exchange Server 2010 Service Pack 1 (SP1). If a mailbox database is online and healthy, it's in the local Active Directory site, and it isn't excluded from the automatic distribution process, Exchange 2010 SP1 checks to see if the mailbox database is included in the database scope applied to the administrator running the cmdlet. If it's included in the database scope, it's included in the list of databases available to that administrator.
Database scopes are part of the Role Based Access Control (RBAC) permissions model. For more information about RBAC and database scopes, see the following topics:
Database scopes can be useful if you have many mailbox databases in your local Active Directory site that are available to automatic distribution, but you want to limit which databases can be used by certain sets of administrators. For example, your Exchange 2010 SP1 servers may serve several agencies but you only want to allow each agency to create or move mailboxes to mailbox databases that are allocated to them.
By default, all administrators in an Exchange 2010 SP1 organization can see all of the mailbox databases in the organization. To limit the databases that they can see, and therefore limit the databases they can potentially create mailboxes in or move mailboxes to, you must do the following:
Create a custom database management scope using the New-ManagementScope cmdlet that includes only the mailbox databases you want the administrator to use.
Associate the new database scope with a management role assignment in one of the following ways:
Add the new database scope to an existing management role assignment using the CustomConfigWriteScope parameter on the Set-ManagementRoleAssignment cmdlet. The database scope is now applied to the management role group, universal security group (USG), or user assigned the role assignment.
Create a management role assignment using the New-ManagementRoleAssignment cmdlet and use the CustomConfigWriteScope parameter to specify the new database scope. You can create a role assignment between a management role and a role group, USG, or user.
- Add the new database scope to an existing management role assignment using the CustomConfigWriteScope parameter on the Set-ManagementRoleAssignment cmdlet. The database scope is now applied to the management role group, universal security group (USG), or user assigned the role assignment.
If you created a role assignment to a role group or USG, add users to the role group or USG so that the role assignment and database scope are applied to the users.
If applicable, remove the user (or users who are members of role groups or USGs you created in the preceding steps) you assigned the new role assignment to from any other role groups or USGs that might be assigned a database scope that contains databases you don't want them to access.
Verify that the administrators have access only to the databases they should have access to.
After you complete these steps, the administrators that are assigned role assignments with the database scopes you created will only be able to create mailboxes in or move mailboxes to the databases you specified.
For more information about how to use database scopes to limit which mailbox databases are available to administrators, see Control Automatic Mailbox Distribution Using Database Scopes.