So I'm trying to come up with a way to create a script (powershell or vbscript, running it as a service) that sends a semi-annual report to our journaling compliance officer on whether or not each e-mail address is journaling. For reference, this is spread over a few sites, some with Exchange 2003, 2007, and some hosted exchange sites such as office 365. I'm more focused on the 2003/2007 as hosted exchange is unlikely to allow access to what I would need to do. I'm unclear on a few things in order to do this however: 1. Is there a way to pull the information without necessarily shuffling through the actual journal inbox? Similar to the GPO test GPM has which allows you to see permissions set on a user before activating the policy. 2. In order to have automated reports sent, what do others generally consider to be the best format to do this in? SQL? Access? Simple html tables? 3. If it is possible, having a single script to have the remote sites install on their exchange server would be beneficial, but I'm not too familiar with the changes in what you can and can't do with hosted exchanges. Possibly will need to write a script that logs in, pulls the mailbox data, and then sends the compiled csv to the database (or whatever) for sorting.

On Sat, 25 Aug 2012 19:49:05 +0000, Jaewalker wrote: >So I'm trying to come up with a way to create a script (powershell or vbscript, running it as a service) that sends a semi-annual report to our journaling compliance officer on whether or not each e-mail address is journaling. For reference, this is spread over a few sites, some with Exchange 2003, 2007, and some hosted exchange sites such as office 365. I'm more focused on the 2003/2007 as hosted exchange is unlikely to allow access to what I would need to do. Why not let the compliance officer manage the journaling? I don't know how you'd be able to say with any certainty that a mailbox was ever journalized if it was between the times you ran the auditing script. I know that may be far-fetched, but I'm just offering it as a way of pointing out that you can't be 100% certain. >I'm unclear on a few things in order to do this however: > >1. Is there a way to pull the information without necessarily shuffling through the actual journal inbox? Similar to the GPO test GPM has which allows you to see permissions set on a user before activating the policy. Why not just look at the journal rules? If you journalize every mailbox in a database you could examine the properties of each database and, if journaling is present, enumerate mailboxes in the database. >2. In order to have automated reports sent, what do others generally consider to be the best format to do this in? SQL? Access? Simple html tables? Shouldn't you be asking the people that will receive the information? Why give them HTML when a simple list of names would do? You can record your data to a SQL database but that's not a reporting tool, it's a database. >3. If it is possible, having a single script to have the remote sites install on their exchange server would be beneficial, It's all in the AD. You don't need to disperse the reporting -- unless you have multiple AD forests, or AD replication problems, or you need real-time reporting (which is whole other ball game). >but I'm not too familiar with the changes in what you can and can't do with hosted exchanges. It's unlikely that you'll be able to manage the way databases are journalized, so reporting on individual mailboxes (or journal rules) is the only thing you can manage with a hosted solution. >Possibly will need to write a script that logs in, pulls the mailbox data, and then sends the compiled csv to the database (or whatever) for sorting. Journalization isn't a property of the AD user/mailbox. --- Rich Matheisen MCSE+I, Exchange MVP --- Rich Matheisen MCSE+I, Exchange MVP

To add on, it looks like I should be able to do it with the message tracking log and parse through sender and look for those entries that pass through *journal*. Can anyone confirm for me that journaling shows up in message tracking logs for both 2007 and 2010 exchange?

>Why not let the compliance officer manage the journaling? I don't know >how you'd be able to say with any certainty that a mailbox was ever >journalized if it was between the times you ran the auditing script. I >know that may be far-fetched, but I'm just offering it as a way of >pointing out that you can't be 100% certain. The compliance officer is the one who approached IT asking for a solution to see what mailboxes were journaling. It certainly can be as simple as a list of names, and just checking if journaling rule applies to each mailbox, and then set it up to run once a month or so. What would be the primary command I'd use to check however? I'm guessing I'm overcomplicating something that can be done very simply...

On Sat, 25 Aug 2012 23:37:54 +0000, Jaewalker wrote: >>Why not let the compliance officer manage the journaling? I don't know >how you'd be able to say with any certainty that a mailbox was ever >journalized if it was between the times you ran the auditing script. I >know that may be far-fetched, but I'm just offering it as a way of >pointing out that you can't be 100% certain. > > The compliance officer is the one who approached IT asking for a solution to see what mailboxes were journaling. It certainly can be as simple as a list of names, and just checking if journaling rule applies to each mailbox, and then set it up to run once a month or so. What would be the primary command I'd use to check however? I'm guessing I'm overcomplicating something that can be done very simply... If you're journaling EVERY mailbox then you'd do that by enabling per-mailbox database journaling -- and then you'd just have to give them a list of every mailbox name. OTOH, if you're selectively using per-mailbox journaling then you're probably going to manage that by using groups. In that case a list of the group members would be sufficient. You also have the possibility to use a journal rule PER mailbox, but that's unwieldy and you're probably wind up quitting over the adminstrative overhead. --- Rich Matheisen MCSE+I, Exchange MVP --- Rich Matheisen MCSE+I, Exchange MVP

On Sat, 25 Aug 2012 23:37:54 +0000, Jaewalker wrote: >>Why not let the compliance officer manage the journaling? I don't know >how you'd be able to say with any certainty that a mailbox was ever >journalized if it was between the times you ran the auditing script. I >know that may be far-fetched, but I'm just offering it as a way of >pointing out that you can't be 100% certain. > > The compliance officer is the one who approached IT asking for a solution to see what mailboxes were journaling. It certainly can be as simple as a list of names, and just checking if journaling rule applies to each mailbox, and then set it up to run once a month or so. What would be the primary command I'd use to check however? I'm guessing I'm overcomplicating something that can be done very simply... If you're journaling EVERY mailbox then you'd do that by enabling per-mailbox database journaling -- and then you'd just have to give them a list of every mailbox name. OTOH, if you're selectively using per-mailbox journaling then you're probably going to manage that by using groups. In that case a list of the group members would be sufficient. You also have the possibility to use a journal rule PER mailbox, but that's unwieldy and you're probably wind up quitting over the adminstrative overhead. --- Rich Matheisen MCSE+I, Exchange MVP --- Rich Matheisen MCSE+I, Exchange MVP