Before we talk about Exchange Server's Managed Availability features, let's first remember the architecture of Exchange Server.
Exchange Server is designed for highly available and fail-safe delivery of mailbox services and message transport. The basis are Database Availability Groups (DAG), Shadow Redundancy, SafetyNet, and other components. Similarly, proper Active Directory site design and implementation according to the Exchange Server Preferred Architecture play an important role.
You can run Exchange Server in a single-server setup, but this is not the optimal operating scenario for Exchange. It's like driving a sports car with a tightened handbrake.
Exchange Server is developed to operate in a multi-server DAG configuration and Managed Availability ensures resilience and high availability.
The Managed Availability feature is part of Exchange Server High Availability (HA) capabilities. It is an internal Exchange monitoring system for Exchange functionalities that automatically trigger actions to ensure a positive user experience.
Managed Availability tests the accessibility of Exchange Server connection endpoints continuously. To perform these tests, Exchange Server uses unique mailboxes called health mailboxes. These mailboxes and their user accounts are under full control of the Exchange Server. Each mailbox database of a modern Exchange Server version has individual health mailboxes for the use by Managed Availability. Other non-Exchange endpoints required by each Exchange server, such as domain controllers and DNS servers, are tested by Managed Availability, too.
Similarly, Managed Availability measures the response time of each tested endpoint. These latency response times indicate whether a connection endpoint has the required performance to provide users with a good experience.
In addition to endpoint accessibility and latency, endpoint functionality is also tested. A functionality test includes, e.g., the correct content indexing of an email message after delivery to a Health Mailbox. This test allows Managed Availability to determine whether the search indexing is working correctly.
If an endpoint is unreachable, the response times of an endpoint are too long, or if a function test fails, Managed Availability automatically triggers actions to return to the optimal operating state on its own.
The core components of Managed Availability are the Exchange Health Manager Service and the Exchange Health Manager Worker process. The Health Manager Service is responsible for controlling the Health Manager Worker process. This ensures that a worker process's execution failure does not result in a fundamental disruption of Managed Availability.
Managed Availability uses probes to collect information about individual components and perform measurements. A single Exchange server has hundreds of health probes that run at individual intervals. You can check the probe status and the server health as part of the Exchange Server health cmdlets. The Exchange monitoring component evaluates the collected information and measurements. This component contains all required business logic to process probe results information and measures. If the exchange Monitoring component detects a problem, the corresponding probe responder defines whether an administrator escalation or a direct responder action is triggered.
The following diagram illustrates the Managed Availability component's structure with Probe Engine, Monitor, and Responder.
An administrator escalation is not a direct notification of Exchange administrators. It is only a corresponding event log entry, which you must monitor using a system monitoring tool of your choice.
The automatic actions that a responder performs are much more interesting. When a probe checking Outlook on the Web encounters am erroneous behavior, the responder's actions go through several stages to restore a proper OWA function. The first response is the automatic restart of the OWA application pool in IIS. If the restart of the application pool does not help restore the functionality, Managed Availability triggers a restart of the W3SVC service. If Outlook on the Web does still show the error, Managed Availability restarts the server. However, this server reboot is not a regular computer restart but a bug-check resulting in a system restart.
When you log on to an Exchange Server and receive a dialog that the last shutdown was unexpected, you should check the Managed Availability log entries in the Crimson Channel event logs.
Exchange Server supports the ability to customize the configuration for some of the probes. You can configure local or global Managed Availability overrides. Local overrides apply to a single server, while global overrides affect multiple servers.
The advantage of Managed Availability is that Exchange Server monitors itself. However, Managed Availability can only do this properly if you operate a properly configured Exchange DAG environment and follow the Exchange product group's recommendations. Modern Exchange Server versions ensure high availability at the application level. Exchange Server does not know or rely on other HA components in your IT infrastructure. Modern Exchange Server versions, from 2013 onwards, prefer standard hardware and storage media. In conjunction with the HA capabilities of a database availability group, Managed Availability ensures a highly available Exchange Server deployment.
Failures never occur during regular working hours. It is the nature of IT problems and failures to occur at night, during weekends and bank holidays. If you prefer a quiet administrator's sleep, Managed Availability is here to help you. But you have to follow re product group’s architecture recommendation.
Watch all aspects of your Exchange environment from a single pane of glass: client access, mailbox, and Edge servers; DAGs and databases; network, DNS, and Active Directory connectivity; Outlook, ActiveSync, and EWS client access.