Friday, July 11, 2008

WHY Exchange Admin must secure the Logs with his life




I am reading this great Technet article in regards to architecture Exchange databases and decided to post some of it as it is in my blog and give the reference link to it.

The Key points are as follows

Information store work hand in hand with following components

  • MAPI
  • Information Store
  • Database engine
  • Operating System disk I/O

The Database engine

  • The Exchange database engine caches the disk in memory by swapping 4 KB chunks of data
  • These called pages, and they work in and out of memory
  • It updates the pages in memory and takes care of writing new or updated pages back to the disk.
  • This makes the system more efficient because writing to memory is FASTER

When users make requests
(
Let's say using outlook)

  • The database engine starts loading the requests into memory and marks the pages as "dirty" (a dirty page is a page in memory that has been written with data).
  • Now we know who is actually corrupting exchange databases, all it is users fault isn't it (- :
  • These dirty pages are then later written to the information store databases on disk.

The information on disk is never completely up-to-date

  • Although caching data in memory is the fastest and most efficient way to process data, it means that while Exchange is running, the information on disk is never completely up-to-date.
  • since many changes in memory haven't made it onto disk yet, the database and memory are out of sync

Because these operations are done in a transaction, Exchange will perform none or all of these operations. As a result, it doesn't matter which order Exchange performs the operations. The message can be deleted safely from "Inbox" first because the system knows that the delete will only be committed if the message is also inserted into "Important." Thanks to transactions, even if the system crashes, it is guaranteed that Exchange will never lose an e-mail message while moving it. What's more, Exchange will never end up with two copies of an e-mail message that was moved

  • The user sends a message.
  • MAPI calls the information store to tell it that the user is sending the message.
  • The information store starts a transaction in the database engine and makes the corresponding changes to the data.
  • The database engine records the transaction in memory by dirtying a new page in memory.
  • At about the same time, the database engine secures the transaction in the transaction log file and creates a log record. When the database engine reaches the end of a transaction log file, it rolls over and creates a new log file in sequence.
  • The database engine writes the dirty page to the database file on disk.
  • The checkpoint file gets updated

Read more

--oz

Oz Ozugurlu

MVP (Exchange)

MCITP (EMA), MCITP (SA)

MCSE 2003, M+, S+, MCDST

Security+, Project +, Server +

Blog: http://www.smtp25.blogspot.com

No comments: