- Go to Administration > Access Control.
- Click the Search & Destroy role to configure.
- Modify the Search & Destroy description. (Optional)
-
Search for users or groups to add in the Search & Destroy role.
- In the Available Account list, select the accounts to add in the role.
-
Choose Add and Save your changes for the Access Control screen to appear
For this sample setup, we will use "NETD/JeffreyF" as the service account.
-
To the right of the Search & Destroy role, click the Status icon to enable the role. The icon changes from a red “x” to a green check, then click Save.
- Log off from the SMEX console.
-
Log on to the SMEX console using an account with a Search & Destroy role and the Search & Destroy Activation wizard will appear:
Visit Exchange management shell commands online documentation to set-up Search and Destroy Prerequisites via Exchange Management Shell. -
Configure the Exchange service account to perform the backend searches in the Exchange environment. Use the following Exchange Management Shell commands to configure the service account you added in Search & Destroy (We'll use SERVICE_ACCOUNT_NAME = NETD/JeffreyF in this example):
-
Add the "SERVICE_ACCOUNT_NAME" account to the Exchange Discovery Management group:
Add-RoleGroupMember -Identity "Discovery Management" -Member "SERVICE_ACCOUNT_NAME"
-
Add the "SERVICE_ACCOUNT_NAME" account to the Exchange Mailbox Import Export role:
New-ManagementRoleAssignment -Role "mailbox import export" -User "SERVICE_ACCOUNT_NAME"
-
-
Use the following commands to create a new discovery mailbox and assign the discovery management group full access permission.
An Exchange Discovery mailbox is necessary to store the mailbox search result messages.-
To list down the available discovery mailboxes that exist on the Exchange server, run the following command:
Get-Mailbox -Filter {RecipientTypeDetails -eq "DiscoveryMailbox"}
-
To know the available “MAILBOX_DATABASE_NAME”, type Get-MailboxDatabase
In this example we will use AMEAND mailbox database as the “MAILBOX_DATABASE_NAME”
-
Create a new discovery mailbox in the MAILBOX_DATABASE_NAME database:
NEW_DISCOVERY_MAILBOX_NAME = SMEX_SEARCHANDDESTROY (Any name for the discovery mailbox) MAILBOX_DATABASE_NAME = AMEAND
New-Mailbox -Name “NEW_DISCOVERY_MAILBOX_NAME” -Discovery –database "MAILBOX_DATABASE_NAME"
-
Assign the Exchange Discovery Management group full access permission to the DISCOVERY_MAILBOX_NAME database:
Add-MailboxPermission -Identity "DISCOVERY_MAILBOX_NAME" -user "Discovery Management" - AccessRights FullAccess
-
- Click Search & Destroy > Mailbox Search or select Search & Destroy > Settings. The Search & Destroy Activation wizard will appear.
-
Choose Next and the Exchange Server Prerequisite Configuration screen will show.
Read the prerequisites items discussed in section B. Setting Search and Destroy Prerequisites in the previous steps before proceeding. - After configuring all the necessary settings, select All Exchange Server to know if prerequisite settings have been properly configured.
- Choose Next and type the domain\user name and password for the previously configured service account.
-
Click Next and select the Discovery Mailbox available in the list.
We will use SMEX_SEARCHANDDESTROY, we created for this example in the previous step.
-
Choose Next and the generated PST search results screen appears.
Ensure that the account is a member of the Exchange Mailbox Import Export role. -
Click Next and the Search & Destroy activation details screen will be displayed. Review the Search & Destroy settings and choose Finish.
If the service account or discovery mailbox provided is invalid, the activation process cannot proceed. -
Log-off and log-in using the Search and Destroy account and perform a mailbox search: