2

Arbitration Mailboxes – Lay of The Land

At this point in time, most Exchange administrators will have seen and worked with arbitration mailboxes.  Chances are that the first encounter was somewhat unexpected and revolved around an issue with Exchange 2013 health mailboxes or being unable to delete the default mailbox database in Exchange 2010.

To illustrate where the different arbitration mailboxes were first introduced, multiple versions of Exchange were installed into the same organisation.  Exchange 2010, 2013 then 2016 was installed.  All mailboxes were left in the mailbox database on the version of Exchange when they were created.  This is NOT what should be done in production.  The below is a test lab, and is for reference purposes only.  Always immediately move all arbitration mailboxes to the latest version of Exchange after verifying the health of the latest install.

If you have a multi domain environment, the arbitration mailboxes will be created in the root of the forest.  You will need to use the Set-ADServerSettings cmdlet or the IgnoreDefaultScope parameter on Get-Mailbox for example to be able to view them.

If you need to re-create any of the arbitration mailboxes, please refer to this article.

Exchange 2010

Arbitration mailboxes were first introduced in Exchange 2010.  They are not exposed in the UI, and are administered using the Exchange Management Shell (EMS).  In order to view the arbitration mailboxes the –Arbitration parameter must be used.  A native Exchange 2010 organisation is shown below:

Get-Mailbox –Arbitration

Exchange 2010 Arbitration Mailboxes

Note that in Exchange 2010 there are three arbitration mailboxes.  They are helpfully called:

FederatedEmail.4c1f4d8b-8179-4148-93bf-00a95fa1e042
SystemMailbox{1f05a927-f7a0-4bff-ba0e-7400efadb1d7}
SystemMailbox{e0dc1c29-89c3-4034-b678-e6c29d823ed9}

The “helpful” comment was intended to be sarcastic.  In Exchange 2010 there is nothing which makes their intended purpose jump out, apart from the FederatedEmail name.  You need to know which SystemMailbox GUID is which.

 

SystemMailbox{e0dc1c29-89c3-4034-b678-e6c29d823ed9}

In Exchange 2010, the Microsoft Exchange system mailbox is an arbitration mailbox used to store organization-wide data such as administrator audit logs, metadata for eDiscovery searches, and Unified Messaging data, such as menus, dial plans, and custom greetings. The Microsoft Exchange system mailbox is named SystemMailbox{e0dc1c29-89c3-4034-b678-e6c29d823ed9}; the display name is Microsoft Exchange.  See Move the Exchange 2010 system mailbox to Exchange 2013.

 

SystemMailbox{1f05a927-XXXX-XXXX-XXXX-XXXXXXXXXXXX}

SystemMailbox 1f05a927-GUID is used for moderated transport.  Moderated transport allows for an approval process to be created so that before an email is sent to the intended recipients one or more approval flows must be completed.

Since the message has left the sender’s outbox it has to be kept somewhere whilst the approval process is completed.  The SystemMailbox 1f05a927 is used for this purpose.   See Understanding Moderated Transport.

The Exchange 2013 help has the following information: This mailbox is provisioned for use by the Exchange approval framework for recipient moderation and auto group approval requests.

 

FederatedEmail.4c1f4d8b-8179-4148-93bf-00a95fa1e042

As the name implies this is to do with federation.  Specifically this is used for cross-premises free/busy and federation.  Post on that when I get some more time! See KB 2561514 for an issue with Exchange 2003 and Federation.

The Exchange 2013 help has the following information: This mailbox stores data used to maintain federation between different Exchange organizations. This includes Rights Management Services, cross-premises mail-flow monitoring probes and responses, notifications, online archives, messaging records management, and cross-premises free/busy information.

Exchange 2013

Exchange 2013 added aditional arbitration mailboxes.  If we look in Exchange 2013 EMS we can see the additional mailboxes. Note that the Exchange 2010 ones are also shown below.

Get-Mailbox -Arbitration | FT Name, ServerName, ProhibitSendQuota –AutoSize

Exchange 2013 Arbitration Mailboxes

Thankfully, Exchange 2013 makes it easier to determine the purpose of the arbitration mailbox.  There is a new property called PersistedCapabilities which details out what the new arbitration mailboxes do.

Get-Mailbox -Arbitration | Select Name, PersistedCapabilities | FL

Exchange 2013 Arbitration Mailboxes - Detail

The same information in text should you want to copy it.

Get-Mailbox -Arbitration | Select Name, PersistedCapabilities | FL

Name                  : SystemMailbox{bb558c35-97f1-4cb9-8ff7-d53741dc928c}
PersistedCapabilities : {OrganizationCapabilityUMGrammarReady, OrganizationCapabilityPstProvider,
OrganizationCapabilityMessageTracking, OrganizationCapabilityMailRouting,
OrganizationCapabilityClientExtensions, OrganizationCapabilityGMGen,
OrganizationCapabilityOABGen, OrganizationCapabilityUMGrammar}

Name                  : Migration.8f3e7716-2011-43e4-96b1-aba62d229136
PersistedCapabilities : {OrganizationCapabilityManagement}

Name                  : FederatedEmail.4c1f4d8b-8179-4148-93bf-00a95fa1e042
PersistedCapabilities : {}

Name                  : SystemMailbox{1f05a927-594f-4c55-a9ca-99486880acb5}
PersistedCapabilities : {}

Name                  : SystemMailbox{e0dc1c29-89c3-4034-b678-e6c29d823ed9}
PersistedCapabilities : {OrganizationCapabilityUMDataStorage}

 

The two new arbitration mailboxes are called:

SystemMailbox{bb558c35-97f1-4cb9-8ff7-d53741dc928c}
Migration.8f3e7716-2011-43e4-96b1-aba62d229136

 

SystemMailbox{bb558c35-97f1-4cb9-8ff7-d53741dc928c}

This arbitration mailbox has persisted capabilities of:

{OrganizationCapabilityUMGrammarReady, OrganizationCapabilityPstProvider, OrganizationCapabilityMessageTracking, OrganizationCapabilityMailRouting, OrganizationCapabilityClientExtensions, OrganizationCapabilityGMGen, OrganizationCapabilityOABGen, OrganizationCapabilityUMGrammar

These capabilities are stored in the msExchCapabilityidentifiers attribute on the AD DS object.

Arbitration Mailbox msExchCapabilityidentifiers Attribute

 

 

Migration.8f3e7716-2011-43e4-96b1-aba62d229136

Stores data for the Exchange migration service to use when moving mailboxes in batches.

For details see: Recreating arbitration mailboxes

 

Exchange 2013 – Monitoring Mailboxes

Exchange 2013 also introduced Monitoring mailboxes.  They are also called health mailboxes.  You may have seen some issues with them in the initial builds of Exchange and had to run Script To Automate Exchange Health Manager Service For Monitoring Mailbox Reset.

You can see Monitoring mailboxes by using the –Monitoring parameter in Exchange Management Shell.

Viewing Exchange 2013 Monitoring Mailboxes

In the RTM build of Exchange 2013 the underlying AD DS user object for the monitoring mailbox was created in the CN=Users container.  That was not ideal and in CU1 a special location was used CN=Microsoft Exchange System Objects, CN=Monitoring Mailboxes.

Exchange 2013 Monitoring Mailboxes Location

Also of note is that the algorithm used to generate the monitoring mailboxes was updated in Exchange 2013 CU6.  This is discussed on the Exchange Team Blog by Bala.

Exchange 2016 – Post RTM

Exchange 2016 CU8 was then installed into the same organisation.  After the installation has completed, we can then check for additional arbitration mailboxes using the same command as above.

Get-Mailbox -Arbitration | FT Name, ServerName, ProhibitSendQuota –AutoSize

Exchange 2016 Arbitration Mailboxes

Note that there are an additional two arbitration mailboxes on the new Exchange 2016 CU8 server.  These arbitration mailbox were likely introduced in the Exchange 2016 CU4 timeframe.

SystemMailbox{D0E409A0-AF9B-4720-92FE-AAC869B0D201}
SystemMailbox{2CE34405-31BE-455D-89D7-A7C7DA7A0DAA}

The PersistedCapabilities property of these new arbitration mailboxes is shown below:

Exchange 2016 Arbitration Mailboxes - Persisted Capabilities

Name                  : SystemMailbox{D0E409A0-AF9B-4720-92FE-AAC869B0D201}
ServerName            : exch-2016
PersistedCapabilities : {}

Name                  : SystemMailbox{2CE34405-31BE-455D-89D7-A7C7DA7A0DAA}
ServerName            : exch-2016
PersistedCapabilities : {OrganizationCapabilityShardRelevancyFeatureStore}

 

SystemMailbox{2CE34405-31BE-455D-89D7-A7C7DA7A0DAA}

Currently it does not have a documented on-premises use.

The PersistedCapabilities of OrganizationCapabilityShardRelevancyFeatureStore is referenced in the Exchange Online Set-MailboxPlan cmdlet.

 

SystemMailbox{D0E409A0-AF9B-4720-92FE-AAC869B0D201}

Currently it does not have a documented persisted capability or on-premises use.

 

 

Exchange 2016 – Additional Mailboxes

In the same way that Exchange 2013 introduced monitoring mailboxes, Exchange 2016 introduced additional mailboxes.  While they are currently documented as reserved for Microsoft use you can see the additional parameters in Get-Mailbox for Exchange 2016:

  • AuditLog
  • AuxAuditLog

They are also listed under the Exchange 2013 Get-Mailbox cmdlet at the time of writing.  However in my Exchange 2013 CU18 lab server they are not present.  Do leave a comment if you see otherwise please!

 

In addition there is the GroupMailbox parameter.

The GroupMailbox switch specifies whether to include only Office 365 groups in the results. You don't need to specify a value with this switch.  This switch is required to return Office 365 groups.

 

And for completeness the below are the other mailbox types you may encounter on your travels.  Note that some are also available in Exchange 2010 and 2013:

  • Archive
  • Arbitration
  • Monitoring
  • PublicFolder

 

Exchange 2019 Clean Install

The below is from an Exchange 2019 greenfield deployment.  All the arbitration mailboxes are on the first database as this is the first Exchange server to ever be deployed in this AD forest.

For reference, the version deployed was Exchange 2019 CU11.

 

Exchange 2019 Greenfield Install - Arbitration Mailboxes Shown

 

Easily Move All Arbitration Mailboxes To A Specific Database

The below is one simple example to move all Arbitration mailboxes to a specific database.  It is expected that any Exchange database which contains arbitration or system mailboxes is made highly available using a Database Availability Group.  This provides the ability to have multiple copies of a given mailbox database.

Get-mailbox –Arbitration -Database <LegacyDatabaseNameGoesHere> | New-MoveRequest –TargetDatabase <ShinyNewDatabaseNameGoesHere>

 

When To Move Arbitration Mailboxes

When should these mailboxes be moved?  Good question, see this post on When To Move Arbitration Mailboxes.

Cheers,

Rhoderick

Rhoderick Milne [MSFT]

2 Comments

Leave a Reply to RuuL Cancel reply

Your email address will not be published. Required fields are marked *