Microsoft KB Archive/871110

From BetaArchive Wiki
Knowledge Base


How to install and use the Archive Sink utility in Exchange Server 2003

Article ID: 871110

Article Last Modified on 10/25/2007


APPLIES TO

  • Microsoft Exchange Server 2003 Enterprise Edition
  • Microsoft Exchange Server 2003 Standard Edition


For a Microsoft Exchange 2000 Server version of this article, see 307798.

Important This article contains information about how to modify the registry. Make sure that you back up the registry before you modify it. Make sure that you know how to restore the registry if a problem occurs. For more information about how to back up, restore, and modify the registry, click the following article number to view the article in the Microsoft Knowledge Base:

256986 Description of the Microsoft Windows registry


INTRODUCTION

The Archive Sink utility is a custom script that enables the archiving of all messages coming into and moving out of a specific folder on a Microsoft Exchange Server 2003 computer. By default, when Archive Sink is enabled, all messages and their recipients are archived to an .eml file, except for Bcc recipients.

Archive Sink is a transport event sink that archives all incoming and outgoing messages on an Exchange computer. Archive Sink uses the following two transport events:

  • The OnMessageSubmission event - All messages submitted to transport by Simple Mail Transfer Protocol (SMTP), by the information store, or by any other sinks trigger this event. Theoretically, this event can be raised one time for each message, and this event can be archived only one time. The OnMessageSubmission event is raised before the routing or categorizer events. Therefore, these messages are referred to as PreCat messages. By default, messages are archived for this event when the Active Sink utility is installed. Messages that are archived for this event contain the prefix file name: ARCH_random number.xml.
  • The OnPostCategorize event - This event is designed to capture the message after the categorization of a message occurs. Messages can trigger this event more than one time, but this can only occur when a message has been categorized, queued, and then enumerated again. By default, messages are not archived for this event unless specified in the registry. Messages that are archived for this event contain the prefix file name: ARCH_POSTCAT_random number.xml.

Only use Archive Sink for troubleshooting purposes because archiving may affect server performance and possibly fill up disk space. You must manually delete archived messages.

MORE INFORMATION

To download the Archive Sink utility and then install the included script files, follow these steps:

  1. The following file is available for download from the Microsoft Download Center:
    [GRAPHIC: Download]Download the Exchange 2003: Archive Sink package now.

    For additional information about how to download Microsoft Support files, click the following article number to view the article in the Microsoft Knowledge Base:

    119591 How to Obtain Microsoft Support Files from Online Services

    Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help to prevent any unauthorized changes to the file.
  2. There are four files that are included in the Archivesink.exe file that you must extract to the C:\Program Files\Exchsrvr\bin folder. These files are named ArchiveSink.doc, ArchiveSink_setup.vbs, ArchiveSink.dll and eula.txt.
  3. You must enable archiving by running the archivesink_setup.vbs script. To do this, follow these steps:
    1. Click Start, click Run, type cmd, and then click OK.

    2. In the C:\Program Files\Exchsrvr\bin folder, type cscript archivesink_setup.vbs, and then press ENTER.

      You receive the following output.

      C:\Program Files\Exchsrvr\BIN>cscript archivesink_setup.vbs
Microsoft (R) Windows Script Host Version 5.6
Copyright (C) Microsoft Corporation 1996-2001. All rights reserved.

Not enough command line arguments given.

Syntax: archivesink_setup [install/uninstall/display] [Virtual Server ID] <archivelocation>

Example: To install, cscript archivesink_setup.vbs install 1 d:\archivesink

Example: To uninstall, cscript archivesink_setup.vbs uninstall 1

Example:  To display bindings, cscript archivesink_setup.vbs display 1

      With this setup script, you can install Archive Sink on a specific SMTP virtual server and indicate the path of the file system where the archiving must occur. To do this, type cscript archivesink_setup.vbs install Virtual Server IDarchive location, and then press ENTER. In this command, Virtual Server ID is the virtual server number of the virtual server to be archived, and archive location is the folder where you want to put your files.

      Note To install Archive Sink on more than one virtual server, you must run the cscript archivesink_setup.vbs install command on each virtual server. To remove Archive Sink from Exchange Server 2003, you must run the cscript archivesink_setup.vbs uninstall command on each server. For example, you must type cscript archivesink_setup.vbs uninstall 1 at the command prompt in the Exchsrvr\bin folder.

  4. When you install Archive Sink, the required registry subkeys are created for advanced archiving controls. To enable logging for detailed message information, you must change the value of the Enable Message Logging subkey to 1. To do this, follow these steps.

    Warning Serious problems might occur if you modify the registry incorrectly by using Registry Editor or by using another method. These problems might require that you reinstall the operating system. Microsoft cannot guarantee that these problems can be solved. Modify the registry at your own risk.

    Note After you enable detailed logging, an .xml file that contains all message recipients, including recipients on the Bcc line, is created for each e-mail message.
    1. Click Start, click Run, type regedit, and then click OK.
    2. Locate and then click the following registry subkey:

      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Exchange\ArchiveSink\1

    3. Right-click Enable Message Logging in the right-pane, and then click Modify.
    4. In the Value data box, type 1, and then click OK.
    5. Close Registry Editor.
  5. Restart the IIS Admin Service. To do this, follow these steps:
    1. Click Start, point to All Programs, point to Administrative Tools, and then click Services.
    2. Right-click IIS Admin Service in the right-pane, and then click Restart.

After you install Archive Sink, the script automatically creates registry key settings for advanced archiving controls. The following example shows registry key default settings after Archive Sink is installed on virtual server number 1.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Exchange\ArchiveSink\1

Value Name: Archive System Messages
Data Type: REG_DWORD
Radix: Binary
Value: 0

Value Name: Dump P1
Data Type: REG_DWORD
Radix: Binary
Value: 0

Value Name: Enable Mapi-Gateway Messages
Data Type: REG_DWORD
Radix: Binary
Value: 1

Value Name: Enable PostCat
Data Type: REG_DWORD
Radix: Binary
Value: 0

Value Name: Enable PreCat
Data Type: REG_DWORD
Radix: Binary
Value: 1

Value Name: Enable Smtp Messages
Data Type: REG_DWORD
Radix: Binary Value: 1

Value Name: Mapi Gateway Messages
Data Type: REG_SZ
Value: d:\ArchiveSink\Mapi Outbound

Value Name: Smtp Messages
Data Type: REG_SZ
Radix: Binary
Value: d:\ArchiveSink\Smtp Messages

For the REG_DWORD values, 1 enables the setting, and 0 disables the setting. With these registry entries, you can turn archiving on or off for SMTP inbound messages, MAPI outbound messages, or both. By default, when Archive Sink is installed on a virtual server, archiving is on. Archive Sink archives all messages to the archive location that is specified in the registry. By default, if the archive location is not specified in the registry, archiving uses the system Temp folder. For most Microsoft Windows 2000-based computers, the default location is the Windows\Temp folder.

The following default settings also apply if the settings have not been changed:

  • Only OnMessageSubmission (PreCat) messages are archived.
  • System messages, such as public folder messages and replication messages, are not archived.
  • The "Dump P1" registry key is disabled.

Important

  • Universal Naming Convention (UNC) paths are not supported. You cannot create a file that includes a UNC path.
  • Dynamically changed registry settings are not picked up until you restart the IIS Admin Service.
  • For debugging purposes, you can enable the "Dump P1" registry key to dump the P1 recipients in the message.
  • By default, Archive Sink does not archive public folder and system messages.


Keywords: kbhowto KB871110



Send feedback to Microsoft

© Microsoft Corporation. All rights reserved.


Retrieved from ‘https://www.betaarchive.com/wiki/index.php?title=Microsoft_KB_Archive/871110&oldid=382680
the Creative Commons 3.0 ShareAlike (except the Microsoft KB Archive).
Powered by MediaWiki