Problem solve Get help with specific problems with your technologies, process and projects.

Ease task organization for admins with Arbitration mailbox updates

Arbitration mailboxes received major changes in Exchange 2013 to help IT pros accomplish more than they could in previous Exchange versions.

Most admins are familiar with the common types of mailboxes in Exchange, be it a User or a Resource Mailbox. The Exchange team has introduced more system mailboxes in the latest version of Exchange to accomplish a number of administrative tasks.

System mailboxes are created in the root domain of an Active Directory forest during an Exchange 2013 installation. Associated AD accounts are found in the Users organizational unit and are disabled by default. These accounts are used for Exchange features like message moderation and mailbox moves. In this tip, we'll take a look at Arbitration Mailboxes in Exchange 2013 and how to recover them.  

Arbitration Mailboxes

arbitration mailbox list
Figure 1

Arbitration Mailboxes, which are found in earlier versions of Exchange, are also found in Exchange 2013. Run the Get-Mailbox –Arbitration command to see a list of all Arbitration Mailboxes (Figure 1).

There are five Arbitration Mailboxes in Exchange 2013, three of which are from Exchange 2010; two are new. The first Exchange 2013 mailbox database to be installed hosts the Arbitration Mailboxes by default and isn't visible in the Exchange Administrative Center (EAC). Exchange Shell is the only tool to work with this type of mailbox.

SystemMailbox{e0dc1c29-89c3-4034-b678-e6c29d823ed9}: This mailbox holds administrator audit log reports and stores in-place e-discovery search metadata. The display name for this account is Microsoft Exchange. The mailbox alias is the same for all Exchange 2013 deployments.

SystemMailbox{1f05a927-xxxx-xxxx-xxxx-xxxxxxxxxxxx}: The x in the name is a randomly assigned letter or number. This mailbox moderates messages and is also found in Exchange 2013. The display name for this account is Microsoft Exchange Approval Assistant.

FederatedEmail.4c1f4d8b-8179-4148-93bf-00a95fa1e042: This mailbox is used for federation between different Exchange organizations and is found in Exchange 2010. The display name for this account is Microsoft Exchange Federation Mailbox.

Migration.8f3e7716-2011-43e4-96b1-aba62d229136: This mailbox, which is new in Exchange 2013, holds details of mailboxes being moved in migration batches. It generates a lot of transaction logs during batch Exchange 2013 mailbox moves, so the admin should make sure the database holding this mailbox doesn't dismount as the disk gets full.

There are few options to get around this issue:

  1. Enable circular logging and have a dedicated database to hold Arbitration Mailboxes.
  2. Keep an eye on the disk usage of the database hosting this mailbox and, depending on available disk space, run full backups between migrations.
  3. Use the New-MoveRequest cmdlet (also available in Exchange 2010) to move the mailbox instead of the new batch migration.

SystemMailbox{bb558c35-97f1-4cb9-8ff7-d53741dc928c}: This mailbox, new in Exchange 2013, is used in the Offline Address Book (OAB) generation process. This Arbitration Mailbox with persisted capability "OrganizationCapabilityOABGen" is called an Organization Mailbox.

organization mailboxes
Figure 2

Run the Get-Mailbox -Arbitration | where {$_.PersistedCapabilities -like "*oab*"} command to find all of the Organization Mailboxes in the environment (Figure 2).

In Exchange 2013, the Organization Mailbox generates and stores OAB files first and copies them to the %ExchangeInstallPath%\ClientAccess\OAB\ folder.

Only mailbox servers hosting the Organization Mailbox can generate OAB files. There will only be one Organization Mailbox for the entire Exchange organization by default, but you can configure more for fault tolerance. Configuring more Organization Mailboxes is recommended for a global company with users in different physical locations. This is a welcome change in Exchange 2013 mailboxes since there was only one OAB generation server in previous versions, which created a single point of failure.

OAB Mailbox 1

Figure 3

To create a new Organization Mailbox, configure a new Arbitration Mailbox with an appropriate name on the correct database (based on location and region), and set the OABGen parameter to true. Run the following commands to configure an Organization Mailbox named OAB Mailbox 1 (Figure 3).

New-Mailbox –Arbitration –Name "OAB Mailbox 1" –DisplayName "OAB Mailbox 1" –UserPrincipalName [email protected]

Set-Mailbox –Arbitration "OAB Mailbox 1" –OABGen $true

All five Arbitration Mailboxes are required in an Exchange environment. If any of them is disabled or deleted, certain tasks will fail. For example, mailbox moves will fail if the Microsoft Exchange Migration Mailbox is not available.

Recovering Arbitration Mailboxes

You may run into situations where Arbitration Mailboxes are missing, but the AD account exists. To fix it, run Enable-Mailbox –identity "arbitration account" –Arbitration to configure a mailbox for the existing account. To enable the migration account, for example, run Enable-Mailbox –identity Migration.8f3e7716-2011-43e4-96b1-aba62d229136 –Arbitration.

Most companies have an AD cleanup a few times per year to remove disabled AD accounts. If you find yourself in a situation with deleted AD accounts for the Arbitration Mailboxes, you need to prepare the AD again by running setup from the Exchange 2013 installation files. Running Setup.Exe /PrepareAD /IAcceptExchangeServerLicenseTerms in a command prompt will recreate all arbitration AD accounts. Once the AD accounts are available, configure a mailbox by running the following commands in an elevated command prompt:

Enable-Mailbox –identity Migration.8f3e7716-2011-43e4-96b1-aba62d229136 –Arbitration

Enable-Mailbox –identity SystemMailbox{bb558c35-97f1-4cb9-8ff7-d53741dc928c} –Arbitration

Enable-Mailbox –identity SystemMailbox{e0dc1c29-89c3-4034-b678-e6c29d823ed9} –Arbitration

Enable-Mailbox –identity FederatedEmail.4c1f4d8b-8179-4148-93bf-00a95fa1e042 –Arbitration

Enable-Mailbox –identity SystemMailbox{1f05a927-xxxx-xxxx-xxxx-xxxxxxxxxxxx} –Arbitration, where x needs to be replaced by the number/alphabet in the account alias created by the AD prep.

This is part one in a series about Exchange 2013 mailboxes. Read part two here.

Dig Deeper on Exchange Server setup and troubleshooting