Documente Academic
Documente Profesional
Documente Cultură
http://aslamkader.com/wp-content/uploads/Exchange-2010-Interview-Question-and-Answer.pdf
What are the storage group and database size limitations in Exchange 2007, compared
with Exchange 2003?
Exchange Server 2003 Standard edition supported 1Storage Group and 2 Stores - one Mailbox and one Public
Folder Store (when excluding the Recovery Storage Group of course). Exchange Server 2003 Enterprise Edition
supported a total of 4 Storage Groups each containing a maximum of 5 store databases per Storage Groups (thus
maximum 20 databases per server). The limit of a database size in Exchange Server 2003 Standard edition was
16GB (although raised to 75 GB when Exchange 2003 Service Pack 2 was applied). There was no limit on a
database size when talking about Exchange Server 2003 Enterprise edition {well actually there is a 16Terabyte limit
but this limit is caused by hardware).
Exchange Server 2007 comes in two flavours, a standard edition and an enterprise edition, just like previous
versions of Exchange. The Mailbox Server when talking about the Exchange Server 2007 Standard edition supports
a total of 5 Storage Groups and 5 databases. Unlike Exchange 2003 and previous versions of Exchange there's
no longer a database storage limit in the standard edition. The Mailbox server in the Exchange 2007 Enterprise
edition supports up to 50 Storage groups and a maximum of 50 databases per server. Exchange 2007 allows you
to create up to 5 databases in each Storage Group as is the case with Exchange 2003, but best practice is to
create 1database per Storage Group. So why should you have a one to one relationship between storage groups
and databases? Well primarily because you'll be up and running a lot faster considering disaster recovery scenarios,
etc.
No Storage Groups In Exchange 2010. Exchange 2010 has only mailbox databases and they are organizational
objects in EMC. Mailbox databases no longer connected to the server object they become *Peers. Database
management has also been moved from Server configuration node in exchange console EMC. The mailbox
databases are placed in the Organization Configuration ->Mailbox location in the console rather than the server
level in exchange 2007. The database names has to be unique through out the exchange organization as well. This
means that we can't have duplicate mailbox database names like in 2007 (in different storage groups, of course).
As there are no storage groups, this will also mean that the database will have its own logs as
well...
One of the goals of ESE in Exchange 2010 is to reduce the cost of maintaining and managing a database. Database
maintenance is comprised of several tasks that manage and keep the integrity of your mailbox database.
Database
following:
maintenance
Is
divided
Into
the
Server
2010 includes
many improvements
to the Exchange
database
Databases are no longer associated with storage groups. Storage groups have been removed.
Investments in store schema and Extensible Storage Engine {ESE) optimizations have reduced lOPS by 70
percent.
Describe the differences in the permission model between Exchange 2003 and
Exchange 2010.
Exchange
Model
2003
Security
and
Permissions
To help simplify management of permissions, Exchange Server 2003 provided predefined security roles that were
available in the Exchange 2003 Administrative Delegation Wizard. These roles were a collection of standardized
permissions that could be applied at either the organization or the administrative group level.
In Exchange 2003, the following security roles were available through the Delegation Wizard in Exchange System
Manager:
Exchange Full Administrator
Exchange Administrator
Exchange
View
Administrator
This
model
limitations:
had
the
Only
following
A lack of specificity. The Exchange Administrator group was too large, and some customers wanted to manage their
security and permissions model at the individual server-level.
A perception that the Exchange Server 2003 security roles only differed in subtle
ways.
There was no clear separation between administration of users and groups by the Windows (Active Directory)
administrators and Exchange recipient administrators.
had to grant Exchange administrators high level permissions (Account Operator permissions on Windows domains).
Exchange
Model
2007
Security
and
Permissions
To improve the management of your Exchange administrator roles, which were called "security groups" in Exchange
2003, the following new or improved features have been made to the Exchange security and permissions model:
New administrator
groups.
You can use the Exchange Management Console (formerly Exchange System
Management Shell to view, add, and remove members from any administrator role.
What are the major changes in the way Exchange 2010 stores work? Name some of the
changes in comparison with Exchange 2003 and Exchange 2007.
The following is a list of core store functionality that's included or has been changed in Exchange 2010:
In Exchange 2010, the store schema has been changed to remove the dependency of mailbox databases on
the server object. In addition, the new schema has been improved to help reduce database 1/0 per second
(lOPS) by refactoring the tables used to store information. Refactoring the tables allows higher logical contiguity
and locality of
reference. These changes reduce the store's reliance on the secondary indexes maintained by ESE. As a result, the
store is no longer sensitive to performance issues related to the secondary indexes.
Store resilience and health has also been improved by adding several features related to detecting and correcting
errors and providing alerts, such as the following:
Name the system prerequisites for installing Exchange 2007 in your existing Active
Directory forest.
Windows Server 2003/R2 x64 SP2
Windows Server 2008 x64
Microsoft .NET Framework Version 3.0/Microsoft .NET Framework Version 2.0 (with update/SP1)
Microsoft Windows PowerShell
Microsoft Management Console (MMC)3.0
Network News Transfer Protocol (NNTP) service must not be installed.
Simple Mail Transfer Protocol (SMTP) service must not be installed.
liS {forOWA)
Web-Digest-Auth
Web-Windows-Auth
Web-Dyn-Compression Net-HTIPActivation RPC-over-HTIP-Proxy
3- Software Prerequisites:
For Hub Transport or Mailbox server role, Microsoft Filter Pack is required to be installed. You can download the
Microsoft Filter Pack from the Microsoft website.
How would you easily install all the Windows Server 2008 R2 roles and features
required for Exchange 2010?
Exchange Server 2010 Service Pack 1allows us to install all Operating System prerequisites using just the
Exchange Setup wizard. When we use the Exchange Server 2010 SP1 Setup wizard, there is a new option called
Automatically install Windows Server roles and features required for Exchange Server. Just by clicking on that
option will be installed all prerequisites automatically.
Installing Exchange Server 2010 Pre-Requisites on Windows Server
2008 First, install the following software components.
1.
2.
3.
4.
answer files in XML format that can be used to install the operating system pre-requisites
to -ip). Here Iam installing the pre-requisites for a "Typical" Exchange 2010 server.
How would you check your Exchange configuration settings to see if they're
right?
Run Microsoft Exchange Best Practices Analyzer tool.
Looking to install Exchange 2007 on Windows Server 2008. What SP version do you
need? And for R2?
Exchange Server 2007 SPl required for installation on Windows Server 2008 and Exchange Server 2007 SP3 required
for Windows Server 2008 R2.
How can you easily integrate a RUin the Exchange 2007-2010 installation media?
The Exchange installation folder includes an Updates folder. When you perform a new Exchange installation, you
can copy an update rollup to the Updates folder. In this scenario, the update rollup package is applied during
the installation of Exchange. The Updates folder supports only new installation of Exchange server.
Name a few reasons for using 64-bit hardware and OS version for Exchange 2007-2010.
64-bit hardware provides the system architecture that is required to support the increased memory, storage, and
enhanced security requirements in a more cost-effective manner. Trends indicate that demands on messaging
systems will continue to grow and 64-bit servers provide the system architecture to meet these demands while
reducing costs within organizations through server and disk storage consolidations. With a larger addressable
space, the Exchange servers can utilize more memory thereby reducing the required input/output per user (lOPS),
enabling the use of larger disks as well as low cost storage such as SATA2 drives.
Exchange 2007 came in both 32-bit and 64-bit versions. Name a couple of reasons for
ever needing the 32-bit version.
You need exchange 2007 32bit to export mail box into PST
file.
Wanting to manage Exchange 2007 - 2010 from a remote computer, name a few of
your management options.
There are a few options for managing Exchange 2007 servers remotely. First off, you can install the Exchange 2007
management tools onto a separate machine from your Exchange server, as long as that machine is running either
Created by Aslam Kader
the 32-bit or 64-bit version of Windows Server 2003 Service Pack 1(SP1) or later, Windows Server 2003 R2, or
Windows XP SP2 or later. Note that installing any of the server roles (client access, mailbox, edge, and so on) on
32- bit hardware is not supported in production environments, but is supported for installing the management tools
on a
32-bit machine. Also note that as of the initial release of Exchange Server 2007, the management tools are not
supported on Windows Vista.
In some organizations, the IT department creates a single server to be the management server, installing all the
necessary management tools for various products on this server. Then the administrators who need to use those
tools access the management server via Terminal Server so they can perform remote administration. In other
settings, users install the management tools on their own desktops.
From the console or shell you can perform operations on the servers in your organization. In the console, the
servers are visible so you can perform operations on any of them remotely. In the shell, many of the tasks support
a filtering flag like -server if you want to scope an operation to a single server. There are a few exceptions,
however, for commands that must be run locally, such as the Get-NetworkConnectionlnfo command.
Bacqround Jobs : Also called a PSJob, it allows a command sequence (script) or pipeline to be invoked
asynchronously. Jobs can be run on the local machine or on multiple remote machines. A PSJob cannot
include interactive cmdlets.
Transactions: Enable cmdlet and provider developers to perform transactional operations. PowerShell 2.0 includes
transaction cmdlets for starting, committing, and rolling back a PSTransaction as well as features to manage and
direct the transaction to the participating cmdlet and provider operations. The PowerShell Registry provider
supports transactions.
ScriptCmdlets: These are cmdlets written using the PowerShell scripting language. NOTE: The preferred name for
script cmdlets is now Advanced
Functions.
SteppablePipelines: This allows the user to control when the BeginProcessing{), ProcessRecord() and
EndProcessing() functions of a cmdlet are called.
Modules : This allows script developers and administrators to organize and partition PowerShell scripts in self
contained, reusable units. Code from a module executes in its own self-contained context and does not affect the
state outside of the module. Modules can define a restricted runspace environment by using a script. They have a
persistent state as well as public and private members.
Data Language : A domain-specific subset of the PowerShell scripting language, that allows data definitions to
be decoupled from the scripts and allow localized string resources to be imported into the script at runtime
(Script Internationalization).
Script Debugging: It allows breakpoints to be set in a PowerShell script or function. Breakpoints can be set on
lines, line & columns, commands and read or write access of variables. It includes a set of cmdlets to
control the breakpoints via script.
Eventing: This feature allows listening, forwarding, and acting on management and system events. Eventing allows
PowerShell hosts to be notified about state changes to their managed entities. It also enables PowerShell scripts to
subscribe to ObjectEvents, PSEvents, and WmiEvents and process them synchronously and asynchronously.
Windows PowerShelllntegrated Scripting Environment (ISE) : PowerShell 2.0 includes a GUI-based PowerShell
host (formerly known as Graphical Windows PowerShell) that provides integrated debugger, syntax highlighting,
tab completion and up to 8 PowerShell Unicode-enabled consoles (Runspaces) in a tabbed Ul, as well as the ability
to run only the selected parts in a script.
Network File Transfer : Native support for prioritized, throttled, and asynchronous transfer of files between
machines using the Background Intelligent Transfer Service (BITS).
New Cmdlets: Including Out-GridView, which displays tabular data inthe WPF GridView object.
New Operators: -Split, -Join, and Splatting (@)operators.
Exception Handling with Try-Catch-Finally : Unlike other .NET languages, this allows multiple exception types for a
single catch block.
Nestable Here-Strings: PowerShell Here-Strings have been improved and can now nest.
Block Comments :PowerShell2.0 supports block comments using<# and#> as delimiters.
New APis: The new APis range from handing more control over the PowerShell parser and runtime to the host, to
creating and managing collection of Runspaces (RunspacePools) as well as the ability to create Restricted
Runspaces which only allow a configured subset of PowerShell to be invoked. The new APis also support
participation in a Windows PowerShell managed transaction.
In the installation folder root you see setup.com and setup.exe. Which would you use
and when?
Setup.com is used for all preparation work; basically it calls different backend procedures. Setup.com is also used
in disaster recovery to reinstall all ex2k7 roles.
Setup.exe
installation.
is
used
for
GIU
Windows server can host one or more roles. Server roles allow an administrator to split the functions of an
Exchange
server and place each role, or a combination of roles, on different servers in the organization. With current
Exchange servers you can make a server a Front-End server, or a Back-End server and that is about it.
Exchange 2007 introduces five roles to the Exchange organization.
Edge Transport- The last hop of outgoing mail and first hop of incoming mail, acting as a "smart host" and usually
deployed in a perimeter network, Edge Transport provides mail quarantine and SMTP service to enhance security.
One advantage of this role is that is does not require Active Directory access, so it can function with limited access
to the corporate network for increased security.
Hub Transport- The Hub Transport role handles mails by routing them to next hop: another Hub Transport server,
Edge server or mailbox server. Unlike Exchange 2003 Bridgehead that needs Exchange admin defined routing
groups, Exchange 2007 Hub Transport role uses AD site info to determine the mail flow. The Hub Transport
and Edge Transport servers are very similar and in fact, one can forgo the Edge Transport server and
configure the Hub Transport to accept mail from, and send mail to, the Internet.
Client Access -The Client Access server role provides the other mailbox server protocol access apart from MAPI.
Similar to Exchange 2003 FrontEnd server, it enables user to use an Internet browser (OWA), 3rd party mail client
(POP3/IMAP4) and mobile device (ActiveSync) to access their mailbox.
Mailbox- The Mailbox server role is responsible for hosting mailbox and public folder data. This role also provides
MAPI access for Outlook clients. Note that there is also a variation of this role called Clustered Mailbox role, for use
with high-availability MSCS clustering of mailbox data. When Clustered Mailbox role is selected, other server roles
cannot be combined on the same physical server.
Unified Messaging- This role enables end users to access their mailbox, address book, and calendar using
telephone and voice. IP-PBX or VoiP gateway needs to be installed and configured to facilitate much of the
functionality of this server role.
What are the benefits of using roles, vs. the way Exchange 2000/2003 worked?
Server role is a logical concept used to organize Exchange 2007 services and features across one or more servers.
While Exchange 2003 provided primitive server roles called BackEnd server and FrontEnd server, Exchange 2007 has
more granular divisions.
Dividing Exchange features among several server roles has advantages:
More flexible deployment topology: For a small or medium company that has only hundreds of mailboxes and all
users are centralized, customer can install all required roles on one physical server. For a large enterprise where
tens of thousands of mailboxes span multiple physical locations, customer can choose to deploy each role on a
separate server or even multiple servers per role to provide better performance and fault tolerance.
Better hardware utilization and scalability: Because each role only installs binaries and runs services for a specific
feature set. Unlike older versions of Exchange, configuring a server that has only one or two roles will reduce
Memory, CPU and disk space requirements for this server. In addition, roles are scalable so admin can load
balance work of one role to multiple servers.
Easy to maintain: Upgrading, applying hotfix, or other server changes that could cause server outage can be
isolated to one server role. This reduces maintenance down time and end user impact. Admin can also install or
uninstall roles on a server as needed.
What are the Exchange 2003 equivalents of the various Exchange 2007-2010
roles?
Exchange 2007
2003
Exchange
Edge Transport
Hub Transport
Client Access
Mailbox
Unified
Messaging
Bridgehead server
Front-End server
Back End server
Exchange 2007
torage Groups
Public Folders
Y es
Automatically created
E xO LE D B,C D O EX ,W ebD AV ,EW S
Outlook 2003, Outlook
1Web Services
Desktop Clients
et EDB database
xchange 2010
et EDB database
None, only data stores
Manual creation
Exchange Web Services (EWS)
Outlook 2007, Outlook 2010
2007,
DR Technologies
0utlook clients connect to
1
Outlook 2010
ISCC,CCR,SCR
Mailbox Server
Redundancy and Stability: If both of these are running on the same system, it may reduce the performance
and stability of server. If in any case Exchange Server services fails, the whole DC will fail, which may
create critical problems.
Port Conflict: Domain Controller & Exchange Server both uses port 389 for LDAP queries, which creates
conflict.
DSAccess: DSAccess, DSProxy and many other services will perform well.
run, depending on your current environment. If you are currently running any Exchange 2000 or 2003 server the first
command you must run is Setup.com
/PreparelesacyExchansePermissions
The next command will prepare the schema, and this means the account you run this command from, must be a
member of the Schema Admins group as well as the Exchange Admins group.
Setup.com /PrepareSchema
The third command that you need to run preps the current domain, adds the Exchange Universal Security Groups
and configures the Exchange objects with AD.
Setup.com /PrepareAD
The final step is optional and is only required to run if you have multiple domains within the forest. This
command configures the other domain, or domains, in the forest. It does not need to be run on the domain
that you run
/PrepareAD in, but any additional domains will need this command run. You have three command line options with
this command.
Setup.com /PrepareDomain- Prepares the current domain
Setup.com /PrepareDomain:FQDN of target domain to be
prepped Setup.com /PrepareAIIDomains- Prepares all domains in
the forest.
What type or permissions do you need in order to install the first Exchange server in a
forest? In a domain?
The following permissions are required:
To run the Setup /PreparelegacyExchangePermissions command, you must be a member of the Enterprise
Admins security group.
Why
Run
/PreparelegacyExchangePermissions
Setup
Essentially, you must run the setup /PreparelegacyExchangePermissionscommand so that the Exchange 2003 or
Exchange 2000 Recipient Update Service functions correctly after you update the Active Directory schema for Exchange
2007.
To run the Setup /PrepareSchema command, you must be a member of the Schema Admins and Enterprise
Admins security groups.
To run the Setup /PrepareAD command, you must be a member of the Enterprise Admins security group.
To run the Setup /PrepareDomaln, setup /PrepareDomaln:<FQDN> command or the Setup /PrepareAIIDomalns
command, you must be a member of the Enterprise Admins group or you must be a member of the Domain Admins
group in any domain that you will prepare.
You have an Exchange 5.5 organization and finally decided to move forward and upgrade
to Exchange 2007/2010. What's your next obvious step?
Install an intermediary Exchange 2003 server. Then move mailboxes from Exchange 5.5 to Exchange 2003 using
Exchange 2003's toolset, and then move from Exchange 2003 to Exchange 2010 using its toolset.
You're looking to install Exchange 2007-2010 and Outlook on the same machine.
Should you do that? Why?
We need Exchange 2007/2010 32bit and Outlook 2003 Service Pack 2 (SP2) or Outlook 2007 installed on same
Exchangefull admln- full control over tile exchange orpnlzatlon Including permission
2)ExchanseAdmin-Manageeverythingwltllln tile orsanlzatlonexcept011permission.
3)Exchanseview only admlnlstratnr-read only administrativeaccessto Exchanse
O"Banlz.aUon
can you pant access for an administrator to access all mailboxes on a specific:
server?
How
Gl'llnt
pem
11 1anal
mallbDia!s
Exam ple:
Get-MalbaxIAdci-MIIIbald>ennlsaian
-User Alhlratntor-Aazllllthb
al
Fullaccess-InheritanceType
Note: In the screenshot below I received a messqe sayinB that Adminisb'lltor already have access
to the mailbox Test (Yellow text message).
What Is the
permission?
Send
As
Use Send As pennlsslons 1D confllure a mailbox so that users other than 1he mailbox owner can usethat
mailbox 1D send mes After this permission Is aranted, any mesnaes that are sent from the mailbox will
appear as If they were sent by the mailbox owner.
1heSend As permission Isn't sranted until after replication has occurred. Replication Umes depend on your
E'llchan&e and netwolk oonfipratlon. To lfint the permission lmmeclately, stop and then restart the
Microsoft El!chan&ehlfonnaUonSlore service.
Also, before you perform this procedure.be aware that you cannot send e-mail mess111es onbehalf of a
mailboxIf the m ailboxIs hiddenfrom addre55lists. W hen sendinga m essase,El!chan&erequiresthat an e-mail
addressIs resolvedin the From field. Inthe case where a messaseis sent on behalf of a malbox'that is hidden
Createdby Aslam Kader
from addresslists, 1he SMlP address Is Interpretedas an addressthat Isn't from your Oflanlzatlon(known as a
forelln address)and is reje*<!.For informationabout how to change your mailbox setlinss, see COnfilureUser
and Re.sourceMailbox Prope"les.
In Outlook, users will receive the following errors when attempting to send a message on behalf of a mailbox
that is hidden from address lists:
Online mode When users press Send, they will receive the following error: "You do not have permission to
send on behalf of the specified user."
Cached Exchange Mode Outlook initially sends the message, but users will receive a non-delivery report
(NDR) containing the following message: "You are not allowed to send this message because you are trying
to send on behalf of another user without permission to do so. Please verify that you are sending on behalf
of the correct sender, or ask your system administrator to help you get the required permission."
messages.
Mall-enabled universal distribution group -
Mail-enabled universal security group -A mail-enabled Active Directory security group object that can be used
to grant access permissions to resources in Active Directory and can also be used to distribute messages.
Microsoft Exchange recipient -A special recipient object that provides a unified and well-known message
sender that differentiates system-generated messages from other messages. It replaces the System Administrator
sender used for system-generated messages in earlier versions of Exchange.
Room mailbox- A resource mailbox that's assigned to a meeting location, such as a conference room, auditorium,
or training room. Room mailboxes can be included as resources in meeting requests, providing a simple and
efficient way of organizing meetings for your users.
Shared mailbox- A mailbox that's not primarily associated with a single user and is generally configured to allow
logon access for multiple users.
User mailbox - A mailbox that's assigned to an individual user in your Exchange organization. It typically contains
messages, calendar items, contacts, tasks, documents, and other important business data.
Linked user- New in Exchange 2010, a linked user is a user that resides in one forest while their mailbox resides
in another forest.
Equipment Mailbox- These are intended for items such as pool cars, video projectors, or any other shared
portable item. Equipment mailboxes can be included as resources in meeting requests, providing a simple and
You created a mailbox for a user, yet the mailbox does not appear in ESM. Why?
Generally when you create a mailbox for a user, the user's e-mail address will be updated in the GAL during the
regular update interval. But in order to be able to view the mail box, the user has to access the Exchange
server {either through MS outlook or OWA). Then you will be able to view the user's mail box.
OR if you send a test mail to that id then the mailbox will be populated in the ESM
This situation happens because the securityDescriptor object {msExchMailboxSecurityDescriptor)
Active Directory until the user first logs on to the mailbox or the mailbox is sent an item of mail.
You wanted to change mailbox access permissions for a mailbox, yet you see the SELF
permission alone on the permissions list. Why?
In Microsoft Exchange 2000 Server or Microsoft Exchange Server 2003, when you create new mailbox-enabled
accounts in Active Directory, they do not have inherited mailbox rights. The only object that is granted permission is
Self, which is granted full mailbox access and read rights.
To view mailbox rights, follow these steps:
In Active Directory Users and Computers, click Advanced Features on the View menu.
Note: This is not necessary on Exchange Server 2003 because of the fact that the Exchange Advanced tab is
exposed by default.
Under Active Directory Users and Computers, click the account, click the Exchange Advanced tab, and then click
Mailbox Rights.
The rights are displayed in the Permissions for account name dialog box. = Bad I
This behavior occurs because the mailbox security descriptor is not read from the Active Directory account
object until the user logs on or gets mail. The Recipient Update Service {RUS) does not stamp the inherited
permissions when the mailbox is created. After the mailbox is created in the store, the store calculates
inherited mailbox rights.
To resolve this behavior perform one of the following actions:
Log on to the mailbox you've created. You can do so by opening an Outlook profile for the new user and running
Outlook, or by opening a OWA session the the destination mailbox by typing http://servername/exchange/username
the address bar of your browser.
in
Note: Opening Outlook requires you to be logged on as the destination user, while OWA does not require you to
be logged on as the user. However, both methods require that you know the destination user's password.
Send a message to the mailbox.
Note: The second method is quicker and easier to perform, that's why you'll need to know how to Send Mail from
Script and to Test SMTP Service in 115 and Exchange.
When the mailbox is created in the store, the store itself calculates the inherited permissions and stamps them on
the store's copy of the mailbox security descriptor. =Good I
In Exchange Server 2003, dynamic distribution groups were called query-based distribution groups. Dynamic
distribution groups provide the same functionality as mail-enabled distribution groups. However, instead of
containing a static group of recipients, the membership list for dynamic distribution groups is calculated based on
their configuration each time they are used. When a message is sent to a dynamic distribution group, it's delivered
to all recipients inthe organization that match the criteria defined for that dynamic distribution group.
An e-Mail is submitted to the submission queue of the Exchange store driver or through SMTP
The message categorizer determines that the recipient is a Query-based Distribution Group
The categorizer sends an LDAP request to an global catalog server
The contacted global catalog server executes the query and returns the addresses that matches the query
After receiving the complete set of addresses matching the query, the categorizer generates a recipient list
containing all the users.
After the categorizer sends the complete, list of recipients to routing, the normal message delivery process
continues, and the e-mail message is delivered to the users mailboxes.
How can you grant access for an administrator to access all mailboxes in your
organization?
Get-Mailbox -OrganizationiUnit "MyOU" I Add-MailboxPermssion-User "UserOrGroup" -AccessRights FuiiAccess AddMailboxPermission -identity "'Joe Adams" -AccessRights FuiiAccess -user "janea"
Besides FuiiAccess, the following mailbox permissions can be granted using AddMailboxPermission:
1.
SendAs
2. ExternaiAccount
3. Deleteltem
4. ReadPermission
S.ChangePermi ion
6. ChangeOwner
4. MicrosoftExchangeRecipientReplyRecipient.
Moving mailboxes
Reconnecting a disconnected mailbox in Active Directory
Hiding a mailbox from the Global Address List (GAL)
Specifying storage limits.
What are System Public Folders? Where would you find them?
System public folders (also known as the Non_IPM_Subtree) Users can't access these folders directly by using
conventional methods. Client applications such as Outlook use these folders to store information such as free and
busy data, OABs, and organizational forms. Other system folders contain configuration information used by custom
applications or by Exchange. The public folder tree contains additional system folders, such as the EFORMS
REGISTRY folder, that don't exist in general purpose public folder trees. System folders include the following:
EFORMS REGISTRY and Events Root By default, one content replica of each of these folders resides in the
default public folder database on the first Exchange server installed in the first administrative group. This is
the location where organizational forms are stored for legacy Outlook clients (clients using an Outlook
version earlier than Outlook 2007).
Offline Address Book and Schedule+ Free Busy The Offline Address Book folder and the Schedule+ Free Busy
folder automatically contain a subfolder for each administrative group (or site) in your topology. By default,
a content replica of a specific administrative group folder resides on the first server installed in the
administrative group. These folders are used to store legacy free and busy information and OAB data for
legacy Outlook clients. Legacy Outlook clients don't support the new features in Exchange 2010 or
Exchange 2007 that manage free and busy information and OAB data. (These features include the
Availability service, the Autodiscover service, and OAB distribution on Client Access servers.)
OWAScratchPad Each public folder database has an OWAScratchPad folder, which is used to temporarily
store attachments that are being accessed by using Microsoft Office Outlook Web App. Don't modify this
folder.
StoreEvents Each public folder database has a StoreEvents folder, which holds registration information for
custom Exchange database events. Don't modify this folder.
Other folders To support internal Exchange database operations, a tree may contain several other system
folders, such as schema-root. Don't modify these folders.
What are the differences between administrative permissions and client permissions in
PF?
How can you configure PF replication from the command prompt in Exchange 2003?
What are the message hygiene options you can use natively in Exchange 2003?
What are the configuration options in IMF?
What are virtual servers? When would you use more than one?
Name some of the SMTP Virtual Server configuration options.
Replace smtp virtual server on exchange 2003 backend with 2010 hub transport. The hub server will perform this
role. But if you like it can do it also immidiatly, just create a send connector and permit the server to
connect to servers on the internet on port 25.
What is a Mail Relay? Name a few known mail relay software or hardware options.
Often referred to as an e-mail server, a device and/or program that routes an e-mail to the correct destination. Mail
relays are typically used within local networks to transmit e-mails among local users. (For example, all of the student
and faculty e-mail of a college campus.) Mail relays are particularly useful in e-mail aliasing where multiple e-mail
addresses are used but the mail relay forwards all messages to the specified e-mail addresses to one single
address.
A mail relay is different than an open relay, where an e-mail server processes a mail message that that neither
originates or ends with a user that is within the servers local domain (i.e., locaiiP range).
For Exchange 2007/2010 there's only one way to configure a smarthost which is on the Send
Connector.
An Exchange service called DSAccess has the task of finding domain controllers and Global Catalog servers
suitable for use by Exchange.
DSAccess keeps an open connection to each server in the DSAccess profile. This avoids the expensive chore of
building up and tearing down RPC and TCP connections each time the Exchange server needs information.
Other Exchange services, such as the SMTP Routing Engine Categorizer and DSProxy, send their LDAP and NSPI
requests to DSAccess, which selects a target domain controller or Global Catalog server from its profile and forwards
the request to that server. It uses a round robin selection process for load balancing.
Because all LDAP queries funnel through DSAccess, Exchange dramatically improves performance by caching the
query results. By default, Exchange gives 4MB of physical memory to the DSAccess cache.
DSAccess uses DNS to locate domain controllers and Global Catalog servers.
The e-mail address recipient policy concept in Exchange 2003 is separated into two concepts in Exchange 2007: E
mail Address Policies (EAP) and Accepted Domains. This topic covers the relationship of EAP and accepted
domains in Exchange 2007 and how the functionality of e-mail address recipient policies in Exchange 2003 maps to
EAP and Accepted Domains in Exchange 2007.
How would
policies?
you
work
with
multiple
recipient
What is the "issue" with trying to remove email addresses added by recipient policies?
How would you fix that?
What
RUS?
is
the
A dial tone recovery involves creating an empty database on a server to replace a failed database. This empty,
or dial tone, database allows users to send and receive e-mail while the failed database is recovered. By using
a dial tone recovery approach, you can restore basic e-mail service to users (providing them with a "dial tone")
and then restore users' previous data as it becomes available.
Basic
steps:
1. Create a new empty dial tone database to replace the failed database This new database will allow users
who had mailboxes on the failed database to send and receive new messages. Exchange 2007 has a feature
called dial tone portability that allows you to point a user to a different database without moving the mailbox. If
you created the dial tone database on a different server than the server that housed the failed database, you
will need to move the mailbox configuration to that new server.
2. Restore the old database Use whatever backup and recovery software you typically use to restore the failed
database. If there is no backup of the failed database, recover the failed database. If you are using the same server
for dial tone recovery, you need to restore the database to a recovery storage group.
3. Swap the dial tone with the restored database After the failed database has been restored, swap it with the dial
tone database. This gives the users the ability to send and receive e-mail and access all the data in the restored
database. If users were moved to a dial tone database on another server, you then need to move the mailbox
configuration back to the original server.
Merge
databases
the
To get the data from the dial tone database into the restored database, merge the data. You can do this with the
Database Recovery Management tool included in the Exchange Management Console.
When would
backup?
you
use
offline
How do you re-install Exchange on a server that has crashed but with AD
intact?
Eseutil can be used against any ESE database in Exchange Server 2007. In the past, Eseutil could only be used
with mailbox and public folder ESE databases, but with Exchange 2007, Eseutil can be used with ESE databases
on the Exchange 2007 Hub Transport and Edge Transport server roles as well.
Eseutil can be run on one database at a time from the command prompt. You can use Eseutil to perform a range of
database tasks including repair, offline defragmentation, and integrity checks. Table llists the most common Eseutil
switches.
Eseutil examines the structure of the database tables and records at the low level of the database (Ese.dll). You can
use the defragmentation mode to compact a database offline. Other Eseutil modes such as repair, recovery, and
restore can be used to repair a corrupt or damaged database. Modes like integrity, file dump, and checksum can be
used to verify the state of a database.
Eseutil switches
Eseutil mode
Switch Description
Defragmentation
/D
Defragments the database offline but leaves the new, defragmented database in the
temporary location with or without overwriting the original database. This mode reduces the gross size on the disk
of the database (.edb) by discarding most empty pages and by rebuilding indexes.
/P
Repair
Repairs a corrupt offline database by discarding any pages that cannot be fixed. In
repair mode, the Eseutil tool fixes individual tables but does not maintain the relationships between tables. Use the
Information Store Integrity Checker {lsinteg.exe) tool to check and fix links between tables if the repaired database is
a mailbox
database.
or
public
folder
Restore
/C
Displays restore log file (Restore.env
restoration from legacy online backups.
Recovery
/R
file)
and controls
Replays transaction log files or rolls them forward to restore a database to internal
/M
Displays headers of database files, transaction log files, and checkpoint files. Also
displays database page header information, and database space allocation and metadata.
Checksum
/K
Copy File
/Y
Verifies checksums on all pages inthe database, log files, and checkpoint
files.
Performs a fast copy of very large files.
c:\program files\exchsrvr\bin>isinteg
/?
To run lsinteg.exe to fix and to check the integrity of the information store, run the following line from a command
prompt:
c:\program files\exchsrvr\bin>isinteg -s servername -fix -test alltests
For
example:
exchsrvr\bin\isinteg -s server1-fix -test alltests
NOTE: You need to first start the information store service and dismount the databases; you can only check
databases that are offline.
-?
Usage is displayed.
-pri
-pub
-fix
Name all
2007/2010.
the
client
conne dion
options
POP3
IMAP
in
Exchange
O verview
For Direct Push to work, the mobile phone or other mobile device must be Direct Push capable. These devices
include the following:
Mobile phones that have Windows Mobile 5.0 with the Messaging and Security Feature Pack (MSFP) or a
later version of Windows Mobile.
Mobile phones that are produced by Microsoft Exchange ActiveSync licensees and are designed specifically to
be Direct Push compatible.
By default, Direct Push is enabled in Exchange 2010. Mobile phones that support Direct Push issue a long-lived
HTTPS request to the server running Microsoft Exchange. The Exchange server monitors activity on the user's
mailbox and sends a response to the device if there are any changes, such as new or changed e-mail messages
or calendar or contact items. If changes occur within the lifespan of the HTTPS request, the Exchange server
issues a response to the device that states that changes have occurred and the device should initiate
synchronization
with the Exchange server. The device then issues this request to the server. When
synchronization is complete, a new long-lived HTTPS request is generated to start the process again. This
guarantees that e-mail, calendar, contact, and task items are delivered quickly to the mobile phone, and the
device is always synchronized with the Exchange server.
wipe a
Microsoft Exchange Server 2007 lets you send a command to a mobile device that will perform a wipe of the
device. This process, known as a remote device wipe, clears all Exchange information that is stored on the device.
You can use this procedure to clear data from a stolen device or to clear a device before assigning it to another
user.
BeforeYou Begin
To perform this procedure, the account that you use must be delegated the Exchange Server Administrator
role.
For more information about permissions, about how to delegate roles, and about the rights that are required to
administer Exchange Server 2007, see Permission Considerations .
Note:
To perform a remote device wipe on a device by using the Exchange Management Console, the user must be
assigned to an Exchange ActiveSync mailbox policy. For more information about how to add users to an Exchange
ActiveSync mailbox policy, see How to Add Users to an Exchange ActiveSync Mailbox Policy.
Procedure
To use the Exchange Management Console to perform a remote device
wipe
1. Open the Exchange Management Console.
2. Under Recipient Configuration, click Mailbox.
3. In the Mailbox window, select the user.
4. In the action pane, click Manage mobile device or right-click the user's mailbox, and then click Manage
mobile device.
5. Select the mobile device from which you want to clear all data.
6. In the Actions section, click Clear.
7. Click Clear again.
To use Outlook Web Access to perform a remote device
wipe
2.
3.
4.
5.
6.
7.
8.
I flldentity
Note: Inthese commands, <jeffhayes> represents the actual identity of the device owner.
What are the issues with connecting Outlook from a remote computer to your
mailbox? What is RPC over HTTP? What are the requirements to run it?
In Microsoft Exchange Server 2010, the Outlook Anywhere feature, formerly known as RPC over HTIP, lets clients
that use Microsoft Office Outlook 2010, Outlook 2007, or Outlook 2003 connect to their Exchange servers from
outside the corporate network or over the Internet using the RPC over HTIP Windows networking component.
Created by Aslam Kader
The Windows RPC over HTIP Proxy component, which Outlook Anywhere clients use to connect, wraps remote
procedure calls {RPCs) with an HTIP layer. This allows traffic to traverse network firewalls without requiring RPC
ports to be opened. In Exchange 2010, as in Exchange 2007, it's easy to deploy and manage this feature. To deploy
Outlook Anywhere in your Exchange 2010 messaging environment, you need to enable Outlook Anywhere on at
least one Client Access server using the Enable Outlook Anywhere wizard in the Exchange Management Console.
Benefits
Anywhere
of
Using
Outlook
Outlook Anywhere offers the following benefits to clients that use Outlook 2010, Outlook 2007, or Outlook 2003
to access your Exchange messaging infrastructure:
You can use the same URL and namespace that you use for Outlook Web App and Microsoft Exchange
ActiveSync.
You can use the same Secure Sockets Layer (SSL) server certificate that you use for both Outlook Web App and
Exchange ActiveSync.
You don't have to use a virtual private network (VPN) to access Exchange servers across the Internet.
You don't have to configure anything in Exchange 2010 when you're using SSL session ID load balancing on the
Client Access server with Outlook Anywhere.
If you already use Outlook Web App with SSL or Exchange ActiveSync with SSL, you don't have to open any
additional ports from the Internet.
You can test end-to-end client connectivity for Outlook Anywhere and TCP-based connections by using the
Test-OutlookConnectivity cmdlet.
Deploying
Anywhere
Outlook
Deploying Outlook Anywhere for your organization is straightforward. The following recommendations should be
followed to successfully deploy Outlook Anywhere:
Use at least one Client Access server per site In Exchange 2010, a site is a network location with high
bandwidth connectivity between all computers. We recommend that you install at least one Client Access
server in each site to provide client access to the Mailbox server. However, you can have multiple Client
Access servers in each site for increased performance and reliability.
Enable Outlook Anywhere on at least one Client Access server We recommend that you have one Client
Access server in each site that has Outlook Anywhere enabled. This lets clients that use Outlook 2010 or
Outlook 2007 connect to a user's mailbox through the Client Access server in the site. Users will connect by
using HTIPS to the Client Access server that's in the site where the user's mailbox is located. This reduces
the risk associated with using RPCs across the Internet. Using RPCs across the Internet can adversely
affect performance.
What
is
Cached
Mode
in
Created by Aslam Kader
OL2003/2007?
Cached Exchange Mode, available in Outlook 2010, 2007, and 2003, is similar to offline folders in previous versions
of Outlook, though easier to use. Cached Exchange Mode allows you to work with your Exchange account data
when your connection to the Exchange server is interrupted or unavailable. Cached Exchange Mode stores a copy
of your mailbox on your computer by automatically creating and using an offline folder file {an .ost file), into
which it downloads and maintains a synchronized copy of the items in all the folders of your mailbox. Outlook
automatically manages your server connection and data updates; when your connection is restored, Outlook
synchronizes your cached mailbox with your mailbox on the server.
What are the benefits and issues when using cached mode? How would you tackle
those issues?
By default Cached Exchange Mode is on for mailbox and off for public folder
favorites.
Benefits: Cached Exchange Mode isolate the customer from intermittent connectivity
GC servers. Since the user is primary working out of the offline address book and OST, it means fewer round trips
to the server when looking at the same message lots of times. Less round tripping to the server means that one
should be able to have a higher user per server count.
Cached mode is also required in order for the junk email feature to work in
Outlook.
Issues:
The biggest drawback is that it can take up to 24 hours before the end user sees a change to the
global address list. This is because the default behavior of Outlook 2003 is to update the OAB once a day.
If your organization have frequent address book changes than it is recommended to turn off Cached Exchange
Mode.
SSL on
What are the considerations for obtaining a digital certificate for SSL on Exchange? What
are SAN certificates?
Subject Alternative Names protect multiple host names with a single SSL certificate. It allows specifying a list of host
names to be protected by a single SSL certificate.
The Subject Alternative Name extension has been a part of the X509 certificate standard since before 1999, but only
recently achieved widespread use with the launch of Microsoft Exchange Server 2007-which makes good use of
Subject Alternative Name to simplify server configuration.
What can a Subject Alternative
do?
Names
Secure host names on different base domains in one certificate. Virtual Host Multiple SSL sites on a single IP address.
Hosting multiple SSL-enabled sites on a single server typically requires a unique IP address per site, but a certificate
with Subject Alternative Names can solve this problem. Microsoft liS 6 and Apache are both able to Virtual Host
Created by Aslam Kader
HTTPS sites using Unified Communications SSL certificate, also known as SAN certificates.
SAN
Certificates
secure:
can
Multiple fully qualified domain names (FQDN) with a single certificate. SAN Certificates are often needed to secure
Exchange 2007 Server or Office Communications Server 2007.
Instances where there is a need to secure multiple domains that resolve to a single IP address {such as in a shared
hosting environment).
Using a SAN certificate saves the hassle and time involved in configuring multiple IP addresses on Exchange 2007
server, binding each IP address to a different certificate, and running a lot of low level PowerShell commands just
to piece it all together.
W hat is SC C ?
Created by Aslam Kader
A single copy cluster (SCC) is a clustered mailbox server that uses shared storage in a failover cluster configuration
to allow multiple servers to manage a single copy of the storage groups. This feature is similar to the clustering
features in previous versions of Microsoft Exchange. However, there are some significant changes and
improvements that
have been made. The way in which you build, manage, and troubleshoot an sec is completely different from the
way
in which previous versions of Exchange clusters were built and managed. In addition, the out-of-box failover
behavior has changed significantly in Microsoft Exchange Server 2007.
SCCs require the use of a shared-nothing architecture, which includes shared disk storage. In a shared-nothing
architecture, although all nodes in the cluster can access shared data, they cannot access it at the same time. For
example, if a physical disk resource is assigned to node 1of a two-node cluster, node 2 cannot access the disk
resource until node 1is taken offline, fails, or the disk resource is moved to node 2 manually.
In an SCC, an Exchange 2007 Mailbox server uses its own network identity, not the identity of any node in the
cluster. This network identity is referred to as a clustered mailbox server. If the node running a clustered mailbox
server experiences problems, the clustered mailbox server goes offline for a brief period until
another node takes control of the clustered mailbox server and brings it online. This process is known as failover.
The storage hosting the clustered mailbox server's storage groups and databases is hosted on shared storage that
is available to each possible host node of the clustered mailbox server. As the failover occurs, the storage
associated with the clustered mailbox server is logically detected from the failed node and placed under the control
of the new host node of the clustered mailbox server.
In addition to failover, an administrator can manually move a clustered mailbox server between nodes in a cluster.
This process is known as a handoff.
A handoff should only be performed using the Move-CiusteredMailboxServer
Management Shell, or, if running Exchange 2007 SPl, by using the Manage Clustered Mailbox Server wizard in
the Exchange Management Console.
You have installedExchange2007 RTM and are lookingto enableSCR but cannotfind the
optionto do so in the EMC or in PS. W hy?
Standby continuous replication (SCR) is introduced with Service Pack 1,you have to install SPl of higher to use
SCR.
How do
LCR?
you enable
To use the Exchange Management Console to enable LCR for an existing storage
group
1.
2.
Expand Microsoft Exchange, expand Server Configuration, and then select Mailbox.
3.
In the result pane, select the Mailbox server that contains the storage group that you want to enable for LCR.
4.
In the work pane, right-click the storage group that you want to enable, and then select Enable Local
Continuous Replication. The Enable Storage Group Local Continuous Replication Wizard will start.
5.
6.
On the Set Paths page, you can specify the locations for the LCR log files and LCR system files by clicking Browse
for the appropriate field. Click Next to continue.
7.
The database page appears with the name of the database in the storage group. Use Browse to specify the path
for the LCR database file. Click Next to continue.
8.
Review the Configuration Summary information on the Enable page, and verify that the correct paths have been
configured. After you have verified the paths, click Enable to enable LCR for the storage group.
9.
After the storage group and database have been enabled for LCR, click Finish to close the wizard. To
use the Exchange Management Shell to enable LCR for an existing storage group
1.
Shell.
2.
-Identity
<Server><StorageG roup><Database>
CopyEDBFilePath:<FuiiPathlncludingDatabaseFileName>
3.
After the Enable-DataBaseCopy command has successfully completed, run the following command:
Enable-StorageGroupCopy
-Identity
<Server><StorageGroup>
-CopylogFolderPath:<FuiiPath>
CopySystemFolderPath :<FullPath>
Note: The account you use to perform this operation must be delegated the Exchange Server Administrator role
and local Administrators group for the target server. After LCR has been enabled for a storage group, it will initially
report a status of Initializing. The storage group will change from a status of Initializing to a status of Healthy
after one transaction log file has been generated.
LCR cannot be enabled on a Mailbox server that contains one or more standby continuous replication (SCR) targets.
Although LCR can be enabled on a Mailbox server that is configured as an SCR source, LCR and SCR targets
cannot be combined on the same Mailbox server.
What Exchange edition version do you need for LCR? What Windows edition version
do you need for LCR?
Exchange 2007 RTM or higher SP level, Windows 2003 or higher.
How do you recover from a store corruption when using LCR? Name the procedures you
would use.
To bring the LCR replica database online right-click on the (Sever Configuration => Mailbox => Database
Management) storage group and choose Restore Storage Group Copy.
Complete the wizard to enable the passive copy. This process checks that the replica log files have been brought
completely up to date and replayed into the replica database so that it is ready to be mounted. Before the passive
copy can be brought online it must be placed in the location of the original production database. For a large
database file copying it from one location to the other would be very time consuming. Instead you should modify the
drive letter and folder path of the passive copy so that it matches the original active copy. For example, if the
passive copy was in F:SG1Data-LCR, use Disk Manager to re-assign that volume to the drive letter E: and then
rename the path to SG1Data.
Note that this is not necessary if during the Restore Storage Group Copy wizard you ticked the box to update the
database paths to match the passive copy location.
This method means that you can immediately mount the database without having to remap any volumes, however it
may cause confusion for administrators later on when they encounter an active database in what they thought was a
passive replica location.
The activation of the passive copy is completed by simply mounting the database. Once the database is back online
you then need tore-enable LCR to protect it from future failure situations
D escribeD AG in Exchange2010.
A DAG is a set of up to 16 Mailbox servers that provide automatic database-level recovery from failures that affect
individual databases. Any server in a DAG can host a copy of a mailbox database from any other server in the DAG.
When a server is added to a DAG, it works with the other servers in the DAG to provide automatic recovery from
failures that affect mailbox databases, such as a disk failure or server failure.
Each Mailbox server can host as many as 100 databases, and each database can have as many as 16 copies.
Considering DAGs in Exchange 2010, why does Microsoft claim that you can run
raidless?
Exchange 2.010 has a new 1/0 pattern that results in 70 percent lower 1/0 requirements than Exchange 2.007
(and Exchange 2.007 had 70 percent lower 1/0 requirements than Exchange 2.0031). This reduced 1/0 pattern,
thanks to optimizations that make it so writes don't come in bursts anymore, combined with advancements in
SATA drives, means SATA is now a realistic storage platform for Exchange 2.010. SATA was previously just for
desktop systems.
In addition, with the new database availability group (DAG) for high availability of mailboxes, the new guidance from
Microsoft is that if you have databases replicated on at least three servers in the DAG, you don't even need RAID
on the storage anymore. Because you have backups of the data in essentially real time on the mailbox duplicates
and Hub Transport dumpster, you can use just a bunch of disks (JBOD) configurations. If you don't use DAG or
have only two servers replicating a database, you should still use RAID for the database. RAID was previously
used for 1/0
purposes in addition to high availability, but because of the drop in 1/0 requirements, single disks are now an
option.
Microsoft is suggesting one disk per database/transaction log going forward, providing you have the database
replicated between at least three servers.
Have at least one lagged database copy (this is a copy that "lags" behind at a set interval before committing
replication data to the database)
Have your archive and retention settings fully implemented and optimized to prevent permanent deletion of
Created by Aslam Kader
data
Have your Role-Based Access Control fully locked down to prevent inexperienced administrators from
destroying the DAG itselfthrough error or malicious intent.
Obviously that all becomes complex in its own right, not to mention potentially very expensive. Multiple
physical locations mean more data-centre costs, and the number of DAG members increases the number of
expensive Enterprise Edition licenses required for Windows Server 2008.
Even with all of the complexities understood and the expenses affordable for an organization, there still
remains some risk of complete loss of email data through a disaster. With that in mind it is more feasible
that a less complex DAG deployment can simply be used to reduce the frequency of backups, rather than
eliminate them entirely.
What
are
backups?
VSS
The Volume Shadow Copy Service provides the backup infrastructure for the Microsoft Windows XP and Microsoft
Windows Server 2003 operating systems, as well as a mechanism for creating consistent point-in-time copies of
data known as shadow copies.
The Volume Shadow Copy Service feature in Microsoft Windows Server 2003 can be used to create applications
that backup and restore Microsoft Exchange Server 2007.
Solutions based on VSS infrastructure can use the shadow copies to backup and restore one or more Exchange
Server 2007 databases.
VSS coordinates communication between VSS Requestors (for example, backup applications), VSS Writers (for
example, the Microsoft Exchange Server 2007), and VSS Providers (system, software, or hardware components that
create the shadow copies).
To use VSS to backup Exchange Server 2007, the backup application must include an Exchange Server 2007-aware
VSS requestor.
R2
Exchange 2007 Service Pack 2 (also available with Exchange 2010) includes a VSS plug-in for Windows Server Backup
to support Exchange backups. Once SP2 is installed, you can use Windows Server Backup to back up and restore your
Exchange 2007 SP2 databases. The new plug-in is delivered in the form of a single executable called
WSBExchange.exe. This plug-in is automatically installed by SP2 on all Exchange 2007 Mailbox servers. The plug-in
enables Windows Server Backup to be able to make Exchange-aware VSS backups.
one?
The Recover Storage Group (RSG) feature, which was originally introduced back in Exchange 2003, gives you as
the Exchange administrator, the option of mounting a second copy of a mailbox database (typically a mailbox
database restored from backup) so that you can extract data from one or more mailboxes in the respective
database without affecting the production databases if you need to do so during working hours.
RSG is created using the Exchange Troubleshooting Assistant (ExTRA) in Exchange 2007, which is launched via
the Database Recovery Management tool, which is found under the Exchange Toolbox work center, or by using
the Exchange ManagementShell (EMS).
When mounting a copy of a Mailbox database to an RSG you can extract the data from a mailbox and then merge
the data with another mailbox located in a mailbox database in a production Storage Group, but you can also extract
the data and then copy it to a specific folder in another mailbox.
What built-in tool do you have to allow you to manage Exchange store
recoveries?
The following built-in tools are available with Microsoft Exchange Server
2007:
1.Database Recovery Management
The Database Recovery Management tool uses the same engine as the Exchange Troubleshooting Assistant to
programmatically execute a set of troubleshooting steps to identify issues with the database that you specify. It then
provides multiple wizards to guide you through possible solutions for already identified issues.
Z.
Troubleshooter
Database
The Database Troubleshooter also uses the same engine as the Exchange Troubleshooting Assistant (ExTRA) to
programmatically execute a set of troubleshooting steps to identify the root causes of database mounting issues.
The tool automatically determines the set of data that is required to troubleshoot the identified symptoms and
collects configuration data, performance counters, event logs, and live tracing information from Exchange Server and
other appropriate sources. Then, it provide guidance for possible solutions with links to related database recovery
management wizards.
3. Exchange Server Database Utilities
Exchange Server Database Utilities (Eseutil.exe) is a command-line tool that works with the Extensible Storage
Engine (ESE), database files, and log files that are associated with an Exchange database. You can use Eseutil to
verify, modify, and repair an Exchange database file. When a database is corrupt or damaged, you can restore data
from backup or repair it using Eseutil.
4. Information Store Integrity Checker
The Information Store Integrity Checker (lsinteg.exe) finds and eliminates errors from the public folder and mailbox
databases at the application level. lsinteg is not intended for use as a part of routine information store maintenance;
it is provided to assist in disaster recovery situations. Because the lsinteg tool works at the logical schema level, it
can recover data that Eseutil cannot recover. This is because data that is valid for the Eseutil tool at the physical
schema level can be semantically invalid at the logical schema level.
The lsinteg tool performs two main
tasks:
These tools comprise the core disaster recovery applications for Exchange 2007. You can find the Database
Recovery Management tool and the Database Trouble-shooter in the Toolbox of the Exchange Management
Console. These tools provide a graphical user interface (GUI) for many of the command-line tools used to
troubleshoot Exchange databases.
physical
size
ofthe
Exchange
In Exchange 2010, is there any change in the way online and offline defrags are used (or
should be used)?
In Exchange 2010, the architecture for online defragmentation has changed. Online defragmentation was moved out
of the Mailbox database maintenance process. Online defragmentation now runs in the background 24x7. You don't
need to configure any settings for this feature. Exchange monitors the database as its being used, and small
changes are made over time to keep it defragged for space and contiguity. Online defragmentation is also
throttled so it doesn't have a negative impact on client performance
What protocol
transport?
to HT
Hub Transport server communicates with a Mailbox Server using MAPI/RPC. If a message is sent between different
Hub Transport servers in different Active Directory sites, the transport protocol used is SMTP. This holds true for
communication between an Exchange 2007 Hub Transport server and a legacy Exchange routing group connector.
It is important to note the Exchange Control Panel is RBAC-aware, meaning that administrative options are available
only to those who have the appropriate permissions to utilize them. ECP can show a user logged in with full
administrative access several administrative tasks (note the Select What to Manage option in the top-left corner and
the Manage your Organization option in the bottom-right corner) which show the same interface as viewed by a
standard user.
A user opens an OWA session from an external computer. Which role does that user
conned to?
Client
role.
Access
server
What ports do you need to open between the DMZ holding the Edge role and your
internal network?
The recommended practice is to put the Edge Transport server within a perimeter network. To make sure that the
server can send and receive e-mail and receive recipient and configuration data updates from the Microsoft
Exchange Edge-Sync service, you must allow communication through the ports that are listed in the following table.
Communication port settings for Edge Transport
servers
Network interface
Open port
25/TCP
25/TCP
Local only
local connection to AD
LOS.
50389/TCP
50636/TCP
Protocol
SMTP
SMTP
LDAP
Secure LDAP
Note
This port must be open for
What
is
resilience?
lost
log
In Exchange 2007, an internal component of Extensible Storage Engine {ESE) called LLR enables you to recover
Exchange databases even if one or more of the most recently generated transaction log files have been lost or
damaged. By default, LLR is enabled on all Exchange 2007 mailbox servers. LLR enables a mailbox database to
mount even when recently generated log files are unavailable. One cause of unavailable log files is a lousy
failover in a cluster continuous replication (CCR) environment, which is also known as an unscheduled outage.
The order of write operations of Exchange data is always memory, log file, and then database file. LLR works by
Created by Aslam Kader
delaying writes to the database until the specified number of log generations have been created. LLR delays recent
updates to the database file for a short time. The length of time that writes are delayed depends on how quickly logs
are being generated.
In the event of a failover, the passive copy of the databases can be automatically mounted by the Microsoft
Exchange Information Store service if the number of lost logs is fewer than the allowable amount as configured by
an administrator. An administrator determines the maximum number of logs that can be lost before the database
cannot be mounted on a failover by setting the AutoDatabaseMountDial parameter. This parameter, which is
represented
in the
Active
Directory
directory
service
by
an
Exchange
attribute
called
msExchDatalossForAutoDatabaseMount, has three values: lossless, Good Availability, and Best Availability.
Lossless is 0 logs lost, Good Availability is 3 logs lost, and Best Availability, which is the default, is 6 logs lost.
The configuration and recipient data is kept up to date by periodically synchronizing changes from Active Directory
to Active Directory lightweight Directory Services {AD LDS). By default, configuration data is synchronized to AD
LDS once every hour, and recipient data is synchronized to AD LDS once every four hours. You can change these
intervals using the Set-EdgeSyncServicecmdlet.
two
Exchange
2010
What
is
synchronization?
Edge
The Edge Subscription process is the procedure that an administrator follows to establish an Edge Subscription for
an Edge Transport server. You subscribe an Edge Transport server to an Active Directory site to associate the
Edge Transport server with the Exchange organization.
Answer"Yn
Transfer EdgeSubscription.xmlto the Hub Transport server
Open Exchange Management Console
Created by Aslam Kader