*N.B. this is an old article and may no longer be relevant*
(Note: This article refers to Exchange 2007 and Exchange 2010)
The full set of IFilters installed with Exchange out of the box include Microsoft Office documents (e.g. doc/docx, xls/xlsx, ppt/pptx), Email message formats (e.g. msg, eml), HTML and text formats. These are used on Hub Transport servers (when filtering attachments using Transport Rules) and Mailbox servers (for indexing attachments).
Third Party iFilters can be added and as per
http://blogs.technet.com/b/exchange/archive/2009/05/11/3407435.aspx, Adobe PDF is one of the most common.
Adobe provide the iFilters as a downloadable, installable package:
http://www.adobe.com/support/downloads/detail.jsp?ftpID=4025
which also needs registering. The following article summarizes how to do that:
http:// marksmith.netrends.com/Lists/Posts/Post.aspx?List=d0ef1a62%2D8e97%2D484a%2D9053%2D7acda05534cb&ID=93&Web=2dee96c1%2D5fed%2D439e%2Db530%2D37626608d03e. However, it doesn’t quite go far enough. There are some steps to do afterwards and two of them involve modifying registry permissions.
I decided that these were two steps that could be automated by Powershell, so set about doing that. The method used is straight off of Technet; that is, using get-acl to ingest the current permissions and then set-acl to add to them. The code for setting Read access for the Network Service on the two relevant keys for the Adobe iFilters is as follows:
$rule = New-Object System.Security.AccessControl.RegistryAccessRule ("NT AUTHORITY\NETWORK SERVICE","ReadKey","Allow")
$acl1 = Get-Acl "HKLM:\SOFTWARE\Microsoft\ExchangeServer\V14\MSSearch\CLSID\{E8978DA6-047F-4E3D-9C78-CDBE46041603}"
$acl1.SetAccessRule($rule)
$acl1 |Set-Acl -Path "HKLM:\SOFTWARE\Microsoft\ExchangeServer\V14\MSSearch\CLSID\{E8978DA6-047F-4E3D-9C78-CDBE46041603}"
$acl2 = Get-Acl "HKLM:\SOFTWARE\Microsoft\ExchangeServer\v14\MSSearch\Filters\.pdf"
$acl2.SetAccessRule($rule)
$acl2 |Set-Acl -Path "HKLM:\SOFTWARE\Microsoft\ExchangeServer\v14\MSSearch\Filters\.pdf"
You can save the above to a script and run it after registering the Adobe iFilters or you can incorporate it into one script (enhancing the one by Mark E. Smith) so that the full script looks like this:
# save as Register-Adobe-PDF-filter.ps1
#
# Download installation from: http://www.adobe.com/support/downloads/detail.jsp?ftpID=4025
# Refer to: http://blogs.technet.com/b/exchange/archive/2009/05/11/3407435.aspx
# Adobe iFilter Directory Path
$iFilterDirName = "C:\Program Files\Adobe\Adobe PDF IFilter 9 for 64-bit platforms\bin"
# Get the original path environment variable
$original = (Get-ItemProperty "HKLM:SYSTEM\CurrentControlSet\Control\Session Manager\Environment" Path).Path
# Add the ifilter path
Set-ItemProperty "HKLM:SYSTEM\CurrentControlSet\Control\Session Manager\Environment" Path -value ( $original + ";" + $iFilterDirName )
$CLSIDKey = "HKLM:\SOFTWARE\Microsoft\ExchangeServer\V14\MSSearch\CLSID"
$FiltersKey = "HKLM:\SOFTWARE\Microsoft\ExchangeServer\v14\MSSearch\Filters"
# Filter DLL Locations
$pdfFilterLocation = “PDFFilter.dll"
# Filter GUIDs
$PDFGuid ="{E8978DA6-047F-4E3D-9C78-CDBE46041603}"
# Create CLSIDs
Write-Host "Creating CLSIDs..."
New-Item -Path $CLSIDKey -Name $PDFGuid -Value $pdfFilterLocation -Type String
# Set Threading model
Write-Host "Setting threading model..."
New-ItemProperty -Path "$CLSIDKey\$PDFGuid" -Name "ThreadingModel" -Value "Both" -Type String
# Set Flags
Write-Host "Setting Flags..."
New-ItemProperty -Path "$CLSIDKey\$PDFGuid" -Name "Flags" -Value "1" -Type Dword
# Create Filter Entries
Write-Host "Creating Filter Entries..."
# These are the entries for commonly exchange formats
New-Item -Path $FiltersKey -Name ".pdf" -Value $PDFGuid -Type String
$rule = New-Object System.Security.AccessControl.RegistryAccessRule ("NT AUTHORITY\NETWORK SERVICE","ReadKey","Allow")
$acl1 = Get-Acl "HKLM:\SOFTWARE\Microsoft\ExchangeServer\V14\MSSearch\CLSID\{E8978DA6-047F-4E3D-9C78-CDBE46041603}"
$acl1.SetAccessRule($rule)
$acl1 |Set-Acl -Path "HKLM:\SOFTWARE\Microsoft\ExchangeServer\V14\MSSearch\CLSID\{E8978DA6-047F-4E3D-9C78-CDBE46041603}"
$acl2 = Get-Acl "HKLM:\SOFTWARE\Microsoft\ExchangeServer\v14\MSSearch\Filters\.pdf"
$acl2.SetAccessRule($rule)
$acl2 |Set-Acl -Path "HKLM:\SOFTWARE\Microsoft\ExchangeServer\v14\MSSearch\Filters\.pdf"
Write-Host -foregroundcolor Green "The NETWORK SERVICE has been granted read access to the following registry keys:`n$CLSIDKey\$PDFGuid`n$FiltersKey\.pdf"
Write-Host " "
Write-Host -foregroundcolor Yellow "Next, reboot the Exchange Server
- after which you need to rebuild the search indexes using the precanned script:"
Write-Host " "
Write-Host -foregroundcolor White "cd $exscripts; .\ResetSearchIndex.ps1 –Force –All"
Write-Host " "
Write-Host -foregroundcolor Green "Then wait for the indexes to be rebuilt before initiating a search.
Repeat this process on each Mailbox Server and Hub Transport in the organization"
Write-Host " "
Write-Host -foregroundcolor Yellow "Note: The permissions on the keys above for NETWORK SERVICE are required on the Hub Transport role (or multi-roled server that hosts the Hub role) so that transport rules can do PDF attachment filtering"