This change is consistent with Microsoft's cloud push. Administrators are able to work with the same interface whether they are running Exchange on-premises, online, or a hybrid setup. At the browser open the EAC from:
https://<Client Access Server>/ECP
Today we won't get into lengthy EAC discussions. Instead I have tons of screen grabs. As we shall see, although the EAC looks different anyone who worked with Exchange 2007/2010 will find the new interface very intuitive. So this visual tour is a good starting point for those having some experience with Exchange.
Recipients Category
The interface is organized into 11 categories accessible from the left navigation pane. This includes Recipients, Permissions, Compliance Management, Organization, Protection, Mail Flow, Mobile, Public Folders, Unified Messaging, Servers and Hybrid. Here is the top most Recipients category:
For each category we get a set of tabs at the top, breaking down further the category settings. In this case we have Mailboxes, Groups, Resources, Contacts, Shared and Migration.
Creating a new mailbox will of course be one of the first things to do. So we just click the add button for Recipients | Mailboxes.
Creating a mailbox for the first time is likely to return: 'Error: Load balancing failed to find a valid mailbox database'. To avoid that, click 'more options' and set the Mailbox Database field with the database created at installation time. With that set, we complete creating our first mailbox.
Getting back to the main view and selecting a mailbox, the 'Details pane' exposes the item information. This pane also allows us to directly edit the selected item by clicking the various links it exposes.
Here is a dump of what the Details pane is showing in this case:
Administrator
User mailbox
Administrator@wtest-dom1.local
Title:
Office:
Work phone:
Master account:
Phone and Voice Features
Unified Messaging: Disabled
Enable| Edit details
Enable
Mobile Devices
Disable Exchange ActiveSync
Disable Exchange ActiveSync
Disable Outlook App for Exchange
Disable Outlook App for Exchange
View Details
Compliance
Archiving: Disabled
EnableEnable
Disable| Edit details
In-Place Hold
User is not under hold
Show Details
Email Connectivity
Outlook Web App: Enabled
Disable| Edit details
Disable
Move Mailbox
To Exchange Online
To another database
A very welcome addition is the Recipients | Shared (mailbox) category. Here we finally have a simple interface to create mailboxes that are to be accessed by multiple users. Moving to the Shared tab and clicking add we see how easy it is to assign users permissions over the mailbox.
We can allow Full Access or Send As permissions simply by adding users to the correct list:
Full Access - Allows the delegate to log into this shared mailbox as a mailbox owner and the delegate has access to everything the mailbox owner has access to.
Send As - Allows the delegate to send email from this shared mailbox. From recipient's perspective, the email is sent by this shared mailbox.
The EAC also provides an interface for migrating mailboxes. So I select Recipients | Migration and hit add to see what the 'new local mailbox move' wizard looks like:
Permissions
At the Permissions category we have the interface to manage RBAC and OWA access policies. These are organized under Admins Roles, User Roles and OWA Policies.
Here are the Admins Roles and User Roles tabs:
This is what the default OWA Policy looks like:
Compliance Management
The Compliance Management category groups In-Place Discovery & Hold, Auditing, Data Loss Prevention, Retention Policies, Retention Tags and Journaling.
Here is what the In-Place Discovery & Hold interface looks like when clicking Add:
Auditing gives us a choice of reports. Quoting directly from the interface we have:
- Run a non-owner mailbox access report
- Run a litigation hold report
- Run an administrator role group report
- Export mailbox audit logs
- Export the administrator audit log
Data Loss Prevention is an interesting addition that will merit a dedicated article. This is how the sub-category is described: 'Use DLP policies to protect email messages with sensitive content and to enforce protection requirements'.
Selecting the Data Loss Prevention and clicking Add we get:
Here we get a list of templates. Each of these is designed to identify a specific class of sensitive information. For example the template 'Financial Data - US' is described as follows:
Detects the presence of data commonly considered to be financial information in the United States. This includes information like credit card, account numbers, and debit card data in email...
Here is a quick peek at Retention Policies and Retention Tags:
And this is what a Journaling rule looks like:
Final Tips
Today we started our Exchange Administrative Center tour. My goal is to cut the talk and let you see as much as possible of the new administrative interface.
The Exchange 2007/2010 configuration was structured to reflect the various server roles. Now that version 2013 did away with distinct server roles, the configuration is categorized by functionality. This is a lot more intuitive.
Today we looked at the first three configuration categories Recipients, Permissions and Compliance Management. Many of the configuration elements available in earlier Exchange versions are still there, but we also peeked at the interface of some of the new features being introduced in version 2013.
In the next part we will continue with our tour, readying ourselves for the new Exchange release.
References
Exchange 2013 Administration Center in Pictures (Part 3)
Exchange 2013 Administration Center in Pictures (Part 2)
Exchange 2013 Preview Installation