Working with EAC or Exchange administration center in Exchange 2013 – Part1
Exchange Administration Center (EAC) replaces the Exchange Management Console (EMC) and the Exchange Control Panel (ECP), which were the two interfaces that were used to manage Exchange Server 2010. It is the web-based management console in Microsoft Exchange Server 2013 that allows for ease of use and is optimized for on-premises, online, or hybrid Exchange deployments.
One of the advantages of having the web-based EAC is that you can partition access from the Internet/Intranet from within the ECP IIS virtual directory to allow or disallow management features. This allows you to permit or deny access to users trying to access the EAC from the Internet outside of your organizational environment, while still allowing access to an end-user’s Outlook Web App Options
Because the EAC is now a web-based management console, you will need to access it by using your web browser using the ECP virtual directory URL. To find the ECP virtual director URL that you need to access the EAC in most cases the EAC’s URL will look similar to the following:
Internal URL: https://<CASServerName>/ecp the internal URL is the URL that user’s access the EAC from within your organization’s firewall.
External URL: https://mail.contoso.com/ecp the external URL is the URL that user’s access the EAC from outside of your organization’s firewall.
To find the Internal or External URL for the EAC, use the Get-ECPVirtualDirectory cmdlet
Get-ECPVirtualDirectory | Format-List Name,InternalURL,ExternalURL
If you are trying to access EAC for the first time and your mailbox is on Exchange 2010, you need to use the URL in the format:
This is because in a co-existence scenario, your mailbox is still housed on the Exchange 2010 mailbox server, the browser will default to the Exchange Server 2010 ECP. Now if you want to access the Exchange 2010 ECP and your mailbox resides on an Exchange 2013 mailbox server, use the following URL:
Now let’s take a look at the tool and learn the new EAC. As soon as you launch EAC, you get the screen displaying options available in EAC. I have collated them all to give you an idea what different tabs display.
Here, you have the option of managing recipients and their mailbox information. Other options include working with Groups, resource mailboxes and room mailboxes, creating and configuring contacts, Setup and manage shared mailboxes and configure Migration jobs called Migration batches.
To know which mailbox database a user is residing in Exchange 2013 you need to double click the user and click “More Options”
Now you can view:
Remember that Database is no longer a Server object but an entity of DAG, so you won’t see a specific server name here.
When you look at a mailbox object you may see several options to configure accordingly.
In the Permissions tab, you have an option to view all the default Admin roles as shown. You may also add your own admin roles. Here you can also configure User Roles and Outlook Web App policies
This role group will allow a specified user, responsible for compliance, to properly configure and manage compliance settings within Exchange in accordance with their policy.
Members of this management role group have permissions to install and uninstall Exchange on provisioned servers. This role group shouldn’t be deleted.
Members of this management role group can perform searches of mailboxes in the Exchange organization for data that meets specific criteria.
Members of this management role group can view and manage the configuration for individual recipients and view recipients in an Exchange organization. Members of this role group can only manage the configuration each user can manage on his or her own mailbox. Additional permissions can be added by assigning additional management roles to this role group.
Members of this management role group can manage Exchange anti-spam features and grant permissions for antivirus products to integrate with Exchange.
Members of this management role group can Move Mailboxes
Members of this management role group have permissions to manage Exchange objects and their properties in the Exchange organization. Members can also delegate role groups and management roles in the organization. This role group shouldn’t be deleted.
Public Folder Management
Members of this management role group can manage public folders. Members can create and delete public folders and manage public folder settings such as replicas, quotas, age limits, and permissions as well as mail-enable and mail-disable public folders.
Members of this management role group have rights to create, manage, and remove Exchange recipient objects in the Exchange organization.
Members of this management role group can configure compliance features such as retention policy tags, message classifications, transport rules, and more.
Members of this management role group have permissions to manage all Exchange servers within the Exchange organization, but members don’t have permissions to perform operations that have global impact in the Exchange organization.
Members of this management role group can manage Unified Messaging organization, server, and recipient configuration.
View-Only Organization Management
Members of this management role group can view recipient and configuration objects and their properties in the Exchange organization.
Compliance Management Tab
This feature is one of the primary reasons organizations would employ Exchange 2013. With this version of Exchange, Microsoft has taken Security practices to the next level. Prior to Exchange 2013, organizations had to invest substantial amount of money in Data Loss Prevention. With Exchange 2013, it is available out of the box. You simply need to create templates with the standards you want to implement for email security requirements. You may also purchase pre-configured templates from third party vendors and upload to your Exchange organization.
Here, you have an option to view and make changes to In-Place eDiscovery & Hold, auditing, data loss prevention, retention policies, retention tags, and journal rules.
For example, click on the Auditing tab and you have the option to:
Also, click on the tab Data Loss prevention and here you have an option to create a new policy from a template. There are several templates to choose from with pre-configured information security laws of country specific legal requirements.
To configure an MRM policy or Archive policy with Exchange 2013, click the tab retention policies:
You may also create retention tags and Journal rule here.
In this part of article we took a look at 3 major features of Exchange 2013 EAC.
To be continued…
Keywords: Unable to access Exchange Administration center in Exchange 2013, Unable to access EAC in Exchange 2013, Unable to access EAC, Working with EAC, How to learn Exchange administration center, Exchange 2013