Beruflich Dokumente
Kultur Dokumente
August 2013
Contents
Introduction................................................................................................................ 3
Scalability Guidance Conclusions...............................................................................3
Tenant Scalability.................................................................................................... 3
Modern Public Folders............................................................................................. 4
Limits on Exchange Transport Rules and Offline Address Books..............................4
General Recommendations for High-Scale Deployments........................................5
AD Optimizations..................................................................................................... 5
Exchange Server 2013 Multi-Tenant Scalability Testing Methodology.........................6
Goals....................................................................................................................... 6
Testing Script........................................................................................................... 6
Scale Testing Lab Setup........................................................................................... 7
Distribution of Virtual Server Images on Hyper-V Root Servers............................7
Configuration of Virtual Server Images (RAM, CPU, Disk).....................................8
Test Results at Measurement Points........................................................................9
Results at Scale Target............................................................................................ 9
Validation with Simulated Client Load.....................................................................9
Exchange Logging Sizing Observations.................................................................10
AD Sizing Observations......................................................................................... 10
Summary.................................................................................................................. 10
Legal Notice.............................................................................................................. 11
Introduction
This document describes Microsoft recommendations for scaling a multi-tenant deployment of Exchange
Server 2013 using the methods described in the Multi-Tenancy and Hosting Guidance for Exchange
Server 2013 white paper. Microsoft Exchange Server 2010 Service Pack 2 (SP2) introduced Address
Book Policies (ABP), a feature which allows segmentation of directory information. The ABP feature,
along with other supported configuration, continues to provide the platform for deploying a custom multitenant environment using Exchange Server 2013. For the purposes of this document, a tenant is a hosted
organization which has been configured with a set of administrative policy objects, such as an ABP, along
with a set of users.
In the Multi-Tenancy and Hosting Guidance for Exchange Server 2013 white paper Microsoft describes
the caveats and requirements to implement a multi-tenant solution using Exchange Server 2013. This
document provides additional guidance on the scalability of specific areas of concern with Exchange
2013. This document does not attempt to cover all potential scalability limits in the product, and any highscale deployment should proceed with necessary caution during the planning, testing, deployment, and
scaling phases. The testing that was performed in Microsofts lab is described here to assist you in adding
context to the white papers recommendations.
Many multi-tenant messaging deployments contain a large number of tenants and a small number of
users per tenant. This testing was designed to evaluate the scalability of an Exchange 2013 solution in
this type of configuration, specifically validating the overall number of tenants that could be successfully
provisioned in a single Exchange organization without focusing on the overall number of users configured
per-tenant or globally within the system. Administrators interested in deployments which contain a large
number of users per tenant can also benefit from this guidance, however they should pay careful attention
to the overall impact of the total number of users on the scalability of the system as that may become a
more limiting factor than the total number of tenants.
involve one or more OABs per tenant, then the number of OABs will limit the number of tenants
that could be hosted in a given Exchange organization (or AD forest).
AD Optimizations
Large-scale hosted Exchange deployments may see a significant volume of authentication requests on
the Client Access (CAS) servers, especially during peak periods when many users are trying to logon
concurrently. The authentication configuration should be evaluated to help ensure that the authentication
process works properly in a hosting deployment:
1. When client protocols use NTLM or basic authentication, the Netlogon service on the server that
the credentials were presented to will be responsible for validating the credentials via an AD
domain controller. A limited number of threads are available for concurrently processing these
authentication request. The number of threads is adjustable via the MaxConcurrentApi registry
key, as described in the Microsoft Knowledge Base article, 975363 -- You are intermittently
prompted for credentials or experience time-outs when you connect to Authenticated Services.
The default number of threads available is dependent on the server operating system used for
your CAS and domain controller servers. For example, Windows Server 2008 R2 and prior
versions default to two threads, and can be increased to a maximum ten threads. Windows
Server 2012 uses a default of ten threads, and this default was used in all scale testing covered
in this document. Windows Server 2008 R2 with SP1 and Windows Server 2012 can be
increased to a maximum of 150 threads. The impact of tuning the MaxConcurrentApi key may be
monitored via the Netlogon performance counters described in the Knowledge Base article,
975363.
2. This applies to Windows Server 2008 only: Kerberos authentication may also be improved via
application of the hotfix described in Knowledge Base article 2545833 -- Slow performance
occurs when many user authentication requests are handled in Windows Server 2008 R2.
Testing Script
The test team deployed a virtualized hosted lab environment of four Exchange Server 2013 Enterprise
servers. Tenant organizations were provisioned via a custom Exchange Management Shell script. Each
tenant organization included the following:
A tenant OU in AD.
An All Rooms address list, filtered both by tenant (as above) and a RecipientDisplayType of
ConferenceRoomMailbox.
An All Users address list, filtered both by tenant (as above) and ObjectClass=user.
An All Contacts address list, filtered both by tenant (as above) and ObjectClass=contact.
An All Groups address list, filtered both by tenant (as above) and ObjectClass=group.
An OAB for the first 25,000 tenants, based on the tenant organizations GAL.
A single shared OAB that contained a single contact (hosters Support Desk, for example) which
was assigned to all tenants that did not have their own unique OAB.
An ABP, with the tenants GAL, address lists, and OAB (if it existed) linked to it.
Three mailbox-enabled users, with their CustomAttribute1 set to the tenant name.
Two mail-enabled contacts, with their CustomAttribute1 set to the tenant name.
Ten percent of tenants (5,000 total) were given a Public Folder hierarchy, with access rights such
that these folders were viewable by the tenants users only.
Mailboxes were evenly distributed across all databases; of which there were two databases per server for
a total of eight databases on four multi-role servers. All databases were members of a two-node database
availability group (DAG).
After all the above had been provisioned, the tenants OAB was updated using the UpdateOfflineAddressBook PowerShell cmdlet, and a new transport rule was created based on a
SubjectContainsWords filter. For reasons described earlier in this document and shown below in Table
2, OAB creation was stopped at 30,000 and OABs were then reduced to 25,000 total for the remainder of
testing. Also transport rule creation was stopped at 10,000 rules and were then reduced to 5,000 total for
the remainder of testing.
Milestone breakpoints were defined at the following tenant organization counts: 1,000; 5,000; 10,000;
20,000; 25,000; 30,000; 40,000; and 50,000. At each point, the following information was gathered:
Outlook Web App Test: Login to a new tenant users mailbox (for example, user01@tenant1.com)
using Outlook Web App
o Open the Address Book feature in Outlook Web App.
Verify that only those address books assigned by the tenants ABP are visible.
Verify each of those address lists are populated as expected.
o Send an e-mail to another user in the same tenant (for example, user02@tenant1.com).
Outlook Test: Create an Outlook 2010 user profile for another user in the same tenant (for
example, user02@tenant1.com)
o Verify that profile creation succeeds.
o Open the mailbox in Outlook 2010.
o Open the Address Book feature in Outlook.
Verify that only those address books assigned by the tenants ABP are visible.
Verify each of those address lists are populated as expected.
o Verify that the Outlook client can download the tenant OAB.
o Switch to offline mode and verify that the OAB is populated correctly.
o Verify that the e-mail sent from Outlook Web App has arrived.
o Reply to the e-mail from the previous test and verify that the replies appear in both the
Outlook Web App and Outlook clients.
Guest cores
8
Guest RAM
16 GB
AD2
16 GB
AD3
Win 8 Client with Outlook 2013
6
2
16 GB
4 GB
MBX-CAS1
16 GB
MBX-CAS2
16 GB
MBX-CAS3
16 GB
MBX-CAS4
16 GB
Total tenants
provisioned
1,000
5,000
10,000
20,000
25,000
30,000
40,000
50,000
Total transport
rules created
1,000
5,000
10,000*
5,000
5,000
5,000
5,000
5,000
Total OABs
created
1,000
5,000
10,000
20,000
25,000
30,000*
25,000
25,000
Average time to
provision tenant
9 seconds
30 seconds
74 seconds*
64 seconds
74 seconds
88 seconds
109 seconds
135 seconds
Outlook Web
App Test
Success
Success
Success
Success
Success
Success
Success
Success
Outlook
Test
Success
Success
Success
Success
Success
Failed**
Success
Success
* After the test environment had scaled to 10,000 tenants, including 10,000 transport rules, the transport
service continued to service requests, however the transport services ability to process at scale was
diminished. It was determined that a limit of 5,000 transport rules should not be exceeded in a single
Exchange Organization (or AD Forest). The script was updated to not create additional transport rules
and rules already created above 5,000 were removed.
**After the environment had scaled past 25,000 tenants and OABs, OAB creation began to fail and
Outlook could no longer reliably download the OAB. It was determined that a limit of 25,000 OABs should
be the limit in a single Exchange organization (or AD Forest). All other Outlook tests were successful. The
script was updated to not create additional OABs, and OABs already created above 25,000 were
removed.
included with the LoadGen tool. The second test pass of Outlook Web App load consisted of 2,000
concurrent Outlook Web App sessions for 8 hours, again running the Outlook Web App 2013 Enterprise
script.
Performance was evaluated after the load testing was complete, and no abnormal issues were found in
the system.
The load simulation wasnt designed to simulate realistic client load at scale. It was simply designed to
ensure that the system remained functional with a lite amount of client load after the system had been
provisioned to the target level of tenant scale.
AD Sizing Observations
As the number of tenant organizations grows, the number of objects stored in AD grows. In turn, this
increase results in an increase in disk space consumed by the AD database file (NTDS.DIT), as shown in
Table 3. To assist with capacity planning, the NTDS.DIT size was captured during this scalability testing
process. The actual NTDS.DIT size of a given Exchange deployment may vary greatly depending on total
number of objects and utilization of various attributes. For example, storage of certificates, deployment of
third party tools and/or additional Microsoft products which use the AD database as a configuration store.
Table 3 Exchange Logging and AD NTDS.DIT sizing observations
Number of Tenant
Organizations
1,000 tenants
5,000 tenants
10,000 tenants
20,000 tenants
25,000 tenants
30,000 tenants
40,000 tenants
50,000 tenants
Size of NTDS.DIT
184 MB
694 MB
1.33 GB
2.60 GB
3.20 GB
3.83 GB
5.64 GB
6.32 GB
Size of Exchange
Logging Folder
2.1 GB
3.38 GB
6.19 GB
12.57 GB
13.23 GB
13.87 GB
15.14 GB
16.40 GB
The total number of objects stored in the AD database may be a limiting factor on the scalability of a given
multi-tenant Exchange forest because the size of the database may impact the time required to on-board
new domain controllers, backup domain controller databases, and may also impact the ability of AD to
successfully replicate changes throughout the AD topology. For more information about AD scalability
limits, see Active Directory Maximum Limits - Scalability. Exchange forests which will be designed to grow
to extremely large user counts will require additional pre-deployment testing to ensure that the design is
achievable given anticipated rate of AD object churn, requirements for time to on-board new domain
controllers, requirements for time to recover from a domain controller hardware failure, and other specific
deployment requirements.
Summary
Building a large-scale multi-tenant Exchange 2013 deployment is a very complex undertaking. Great care
should be taken during the design, pre-production testing, and deployment phases to ensure that all
scalability aspects of the system have been considered and are being closely monitored. No large scale
deployments of this type are the sameevery deployment has customizations that impact how the
10
system will function as the number of tenants and users increases. Therefore, testing, monitoring,
capacity planning, and risk mitigation are all critical aspects of a successful multi-tenant Exchange
deployment.
This document provides some high-level scalability guidance and deployment recommendations. We
welcome your feedback and comments on this document and will incorporate them into future versions if
required. If you have feedback, please send it to ExHostingFeedback@microsoft.com.
Legal Notice
This document is provided as-is. Information and views expressed in this document, including URL and
other Internet Web site references, may change without notice. You bear the risk of using it.
Some examples depicted herein are provided for illustration only and are fictitious. No real association or
connection is intended or should be inferred.
This document does not provide you with any legal rights to any intellectual property in any Microsoft
product. You may copy and use this document for your internal, reference purposes.
2013 Microsoft Corporation. All rights reserved.
Microsoft, MS-DOS, Windows, Windows Mobile, Windows Server, Active Directory, ActiveSync, Forefront,
Exchange, Outlook, and SharePoint are trademarks of the Microsoft group of companies.
All other trademarks are property of their respective owners.
11