Installing the CA agent on Exchange servers is the same as installing on the DCs or any other server:
- Open the CA Client
- Click View | Deployment
- In the top left click the dropdown and select Severs
- From the list select all of the Exchange servers, right click and select Install or Upgrade
Please Note:
- When the CA agent is deployed on Exchange Server, it automatically enables the scripting extension in Active Directory. This is a forest-wide setting and applies to all Exchange servers in the Exchange organization. This extension requires that the ScriptingAgentConfig.xml file be present in the Exchange Server folder; otherwise, Exchange management tools display error messages each time the Scripting Agent cmdlet runs. The Change Auditor agent automatically creates the required ScriptingAgentConfig.xml file in the Exchange Server folder if one is not already present. Therefore, it is highly recommended that an agent be installed on all Exchange servers to ensure that all servers are using the same scripting agent.
- If the scripting agent was not enabled on your Exchange servers before deploying agents, you should perform backups of your Exchange servers in accordance with your company’s disaster recovery plan once you have successfully deployed agents to all your Exchange servers. If you need to restore your Exchange servers and they were NOT backed up after you deployed agents that enabled the scripting agent, you will need to disable the CmdletExtensionAgent BEFORE recovering your Exchange 2010/2013/2016 servers
- Agent processing of large Exchange auditing and protection configurations may slow down initial user login access or cause timeouts if many user logins are occurring at the same time. To avoid this issue, Quest recommends that the following actions be performed during maintenance intervals or other periods of low user mailbox activity:
- Change Auditor Exchange agent deployment
- Change Auditor Exchange agent upgrade
- Change Auditor Exchange Mailbox auditing or protection configuration changes
Before the system returns to a normal load, one user should log in to Outlook Web Access (OWA), Outlook, and Exchange Web Services (EWS, Outlook for Mac) clients. This triggers the Change Auditor agent to process Exchange Mailbox auditing and protection configuration changes when the fewest logins are occurring - Selecting ‘By Owner’ auditing for many mailboxes can produce a large number of events. This adversely affects Change Auditor auditing and in severe cases the performance of the Exchange Server itself. In extreme cases, Outlook connections may be slowed or dropped. Select owner auditing for at most only a few critical mailboxes
- Auditing normal mailboxes where access permission is granted to many delegates (more than 10), can produce large numbers of non-owner events. This will adversely affect Change Auditor auditing and in severe cases, the performance of the Exchange Server itself. If these mailboxes must be audited, add them to the Shared Mailbox list (User Defined tab) to reduce unwanted non-owner events and to improve performance
Please see the following for more information:
The Change Auditor for Exchange section of the Install Guide and the CA for Exchange User Guide found here: https://support.quest.com/change-auditor/technical-documents