Enable Remote Archive With Exchange Hybrid


Deploying an Exchange Hybrid solution offers many opportunities to extend messaging services into the cloud.  This is one of the biggest strengths of the Microsoft offering.  We can provide on-premises, cloud only and hybrid solutions.

One capability is cloud based archives.  This allows either:

  • On-premises mailbox with an archive in Office 365
  • Office 365 mailbox with archive also in Office 365

This post assumes that you have already deployed Exchange hybrid with the correct Office 365 subscription, and that a version of Outlook which supports archives has been rolled out to the relevant users.  Additionally you must correctly design and deploy the necessary retention policy tags and policies to meet your specific business requirements.  Ensure that your legal team is heavily involved in this process.

One item that needs to be addressed is how to enable a remote archive in a Hybrid Exchange solution.  Simply going to the the Office 365 portal  (https://portal.office.com) and clicking the enable option for the archive does not work.  The same happens with remote PowerShell to Exchange Online.  The PowerShell error is shown below:

Enable-Mailbox user-15 -Archive:$true

Remote PowerShell To Exchange Online Trying To Enable Archive

The following error occurred during validation in agent ‘Windows LiveId Agent’: ‘Unable to perform the save operation. ‘Username’ is not within a valid server write scope.’

Is there really a write scope restriction in RBAC that is blocking the command?  Not so much.  We need to enable the archive from the on-premises management toolset rather than the cloud.  This lab is based on Exchange 2010 SP3 RU9, so will use the Exchange Management Console and the Exchange Management Shell on the on-premises Exchange server.

Enabling Remote Archive Using Exchange Management Console

The Office 365 tenant was successfully added to the Exchange 2010 Management Console.  It was given the label of O365. To view both cloud mailboxes and on-premises mailboxes ensure that the focus is placed upon the Recipient Configuration node.  This is highlighted in the image below.

Exchange 2010 View On-Premises Mailboxes And Cloud Mailboxes

To enable the remote archive, right click  mailbox and select Enable Hosted Archive.
Enable Remote Archive In Exchange 2010 Management Console

After confirming the prompt, the attributes on the mailbox will be updated.  Through directory synchronisation they will flow to Office 365 and the archive will be provisioned.

Enable Remote Archive In Exchange 2010 Management Console - Confirmation Prompt

 

Enabling Remote Archive Using Exchange Management Shell

To enable a remote archive through Exchange PowerShell we can run the below on the on-premises Exchange server:

Enable-RemoteMailbox  MailboxName –Archive

Enable Remote Archive In Exchange 2010 Management Shell

As with the Exchange Management Console, the on-premises object’s attributes are then updated.

 

We are not yet done as the changes need to replicate to Office 365 through the directory synchronisation tool.  Either wait for the next sync cycle or manually initiate one as noted here.

 

Examining The Attributes Modified

If we look at the MIISClient.exe tool on the directory synchronisation server, we can see the changes for the mailbox being replicated to Office 365.  The below window shows the changes to the object User-15.  Note that the changes column has been toggled to filter on attributes changed or added.  The changes are highlighted in the red box as shown in the below image:

Remote Archive Attributes Modified - Viewing Through MIISClient

We can see that the msExchArchiveGuid and msExchArchiveName were added.  The msExchRemoteRecipientType was changed from a value of 1 to 3.

Client Experience – Outlook

On the user’s Outlook 2013 client, Outlook automatically adds in the archive when autodiscover detects the updated settings.  The instruction to mount up an archive is contain in the AlternativeMailbox section of the XML.  This is highlighted below:

Outlook 2013 Autodiscover Showing Remote Mailbox Settings

Which then looks like the below.  Note that the archive is highlighted in the red box:

Archive Displayed In Outlook 2013

 

Client Experience – OWA

The user interface is very similar to Outlook 2013.  Again the archive is highlighted.

Archive Displayed In OWA

 

Creating Office 365 Archive At  Time Of Mailbox Creation

Updated 29-7-2015: Section below added for completeness.

It is also possible to directly create the archive mailbox in Office 365 when the mailbox is initially created.  The below screenshots are from Exchange 2010.  A mailbox is being created for Charlie Cloud. On the Archive Settings page, the default of no archive is then change to provision the archive mailbox directly in Exchange Online.

Creating New On-Premises Mailbox To Directly Create Archive In Office 365

 

Creating New On-Premises Mailbox To Directly Create Archive In Office 365 - Default Mailbox Settings

The  previous screens have the default options, in the Archive Settings we now directly enable the archive in Office 365.

Creating New On-Premises Mailbox To Directly Create Archive In Office 365 - Specifying Cloud Archive

Note the remote routing address that is shown above.  This lab was created using Exchange 2010 SP3 so it does not have the old school service domain present.  This will be the case for most deployments, though if you did originally configure Exchange Hybrid back with Exchange 2010 SP1 using the manual steps then adjust the domain to be whatever you originally configured.  Clicking the browse button allows you to easily see the target delivery domain that was configured.

Creating New On-Premises Mailbox To Directly Create Archive In Office 365 - Note Target Delivery Domain

Finally we complete the wizard which then starts execution.

Creating New On-Premises Mailbox To Directly Create Archive In Office 365 - Completing Process

And should then complete successfully.

Creating New On-Premises Mailbox To Directly Create Archive In Office 365 - Process Complete

 

Cheers,

Rhoderick

Comments (12)

  1. turbomcp says:

    Thanks
    as always interesting

  2. Amir says:

    In my hybrid environment after enabling online archives, I can see the online archive appear in Outlook 2010 Pro Plus. But I can’t see the folder structure, only Deleted items and Search Folders is visible with no content. A test retention policy is applied
    to move all items older than 30 days. Any ideas?

  3. Has any of the content reached the 30 days yet Amir? You created a brand new policy with a new custom tag? Then that new policy was assigned to the user?

    Cheers,
    Rhoderick

  4. cedric says:

    Hi,

    Would you happen to know how we can bring back the archive on-premise once it has been migrated online?

    I can see the remote archive with the Get-Mailbox -RemoteArchive command on my on-premise server but my online organization does not appear to have any record of the archive mailbox. Other than that, it works fine but I don’t want to get stuck with mailbox
    archives "lost in the wilderness" 🙂

    Thanks

  5. Ravi says:

    Hi,

    In this hosted archive configuration is it possible to search and discover all archive mailboxes content for legal discovery?

    If I have full mailbox access on other mailbox, does outlook show other persons cloud archive too in the outlook along with the on prem mailbox?

    Thanks,
    Ravi

  6. Mario P says:

    My customer doesn’t have an on-premises environment anymore except for DirSync but exchange 2010 is gone from his building. he is getting the error unable to activate the archive and cloud expect for user to enable on prem. How to do when there’s no more on prem?

    1. This is one of the drivers for maintaining an Exchange server on-prem once mailboxes are moved to the cloud.

      It is the supported way (currently) to manage Exchange attributes.

      Cheers,
      Rhoderick

      1. Raj says:

        Rhoderick, Do you mean if all my mailboxes are on cloud and my AD objects are maintained on-Prem, enabling Archive has to be done from EMC. Is this because of extending attributes ?

        1. Yes that is correct Raj.

          Cheers,
          Rhoderick

      2. Darren Brinksneader says:

        What about for an org that never had Exchange to begin with, like coming from a Louts Notes or GroupWise environment, but still using DirSync?

        1. Deploy an on-premises Exchange machine.

          You can get a key for this from here, assuming all the T & C are met:

          aka.ms/hybridkey

          Cheers,
          Rhoderick

  7. Jason says:

    Thanks for this post – Very helpful.

    FYI – The mailbox I was trying to enable wasn’t listed in my on-prem recipient list. I had to right-click the on-prem mailbox and select find. Then I could see the mailbox and right-click to Enable hosted archive

Skip to main content