Exchange 2010 Interview Question and Answer

What is Storage Group?

Storage Group is a grouping of Mailbox and/or Public Folder Databases, which shares a single backup schedule and a single set of Transaction log files. Storage Groups are managed using their separate server process and the idea behind splitting databases up in Storage Groups is primarily to reduce the overhead that results from multiple sets of transaction log files.

What are the storage group and database size limitations in Exchange 2007, compared with Exchange 2003?
Exchange Server 2003 Standard edition supported 1 Storage Group and 2 Stores one Mailbox and one Public Folder Store (when excluding the Recovery Storage Group of course). Exchange Server 2003 Enterprise Edition supported a total of 4 Storage Groups each containing a maximum of 5 store databases per Storage Groups (thus maximum 20 databases per server). The limit of a database size in Exchange Server 2003 Standard edition was 16 GB (although raised to 75 GB when Exchange 2003 Service Pack 2 was applied). There was no limit on a database size when talking about Exchange Server 2003 Enterprise edition (well actually there is a 16 Terabyte limit but this limit is caused by hardware). Exchange Server 2007 comes in two flavours, a standard edition and an enterprise edition, just like previous versions of Exchange. The Mailbox Server when talking about the Exchange Server 2007 Standard edition supports a total of 5 Storage Groups and 5 databases. Unlike Exchange 2003 and previous versions of Exchange theres no longer a database storage limit in the standard edition. The Mailbox server in the Exchange 2007 Enterprise edition supports up to 50 Storage groups and a maximum of 50 databases per server. Exchange 2007 allows you to create up to 5 databases in each Storage Group as is the case with Exchange 2003, but best practice is to create 1 database per Storage Group. So why should you have a one to one relationship between storage groups and databases? Well primarily because youll be up and running a lot faster considering disaster recovery scenarios, etc. No Storage Groups In Exchange 2010 Exchange 2010 has only mailbox databases and they are organizational objects in EMC. Mailbox databases no longer connected to the server object they become *Peers*. Database management has also been moved from Server configuration node in exchange console EMC. The mailbox databases are placed in the Organization Configuration ->Mailbox location in the console rather than the server level in exchange 2007. The database names has to be unique through out the exchange organization as well. This means that we cant have duplicate mailbox database names like in 2007 (in different storage groups, of course). As there are no storage groups, this will also mean that the database will have its own logs as well One of the goals of ESE in Exchange 2010 is to reduce the cost of maintaining and managing a database. Database maintenance is comprised of several tasks that manage and keep the integrity of your mailbox database. Database maintenance is divided into the following: Store mailbox maintenance ESE database maintenance In Exchange 2007, ESE database maintenance was disk-intensive. In Exchange 2010, improvements have been made to increase performance. In Exchange 2010, on large or very heavy profile servers, the store mailbox maintenance task only lasts approximately 45 minutes, while ESE database maintenance usually took from six to eight hours per Created by Aslam Kader

night to complete on large Exchange 2007 databases (2 GB quotas). In Exchange 2010, improvements have been made to support both large mailboxes as well as to support JBOD storage and storage without the use of RAID. Microsoft Exchange Server 2010 includes many improvements to the Exchange database architecture: Public folder reporting has been enhanced. Databases are no longer associated with storage groups. Storage groups have been removed. Investments in store schema and Extensible Storage Engine (ESE) optimizations have reduced IOPS by 70 percent.

Describe the differences in the permission model between Exchange 2003 and Exchange 2010.
Exchange 2003 Security and Permissions Model To help simplify management of permissions, Exchange Server 2003 provided predefined security roles that were available in the Exchange 2003 Administrative Delegation Wizard. These roles were a collection of standardized permissions that could be applied at either the organization or the administrative group level. In Exchange 2003, the following security roles were available through the Delegation Wizard in Exchange System Manager: Exchange Full Administrator Exchange Administrator Exchange View Only Administrator This model had the following limitations: A lack of specificity. The Exchange Administrator group was too large, and some customers wanted to manage their security and permissions model at the individual server-level. A perception that the Exchange Server 2003 security roles only differed in subtle ways. There was no clear separation between administration of users and groups by the Windows (Active Directory) administrators and Exchange recipient administrators. For example, to perform Exchange recipient related tasks, you had to grant Exchange administrators high level permissions (Account Operator permissions on Windows domains). Exchange 2007 Security and Permissions Model To improve the management of your Exchange administrator roles, which were called "security groups" in Exchange 2003, the following new or improved features have been made to the Exchange security and permissions model: New administrator roles that is similar to the built-in Windows Server security groups. You can use the Exchange Management Console (formerly Exchange System Manager) and the Exchange Management Shell to view, add, and remove members from any administrator role.

What's New in Exchange Server 2007 SP1?

You can install Exchange 2007 SP1 on a computer that is running the Windows Server 2008 operating system Improvement in Microsoft Outlook Web Access (OWA) Created by Aslam Kader

Recover Deleted Items Local Distribution List S/MIME feature Public Folder Rules Monthly view New themes

What's New in Exchange Server 2007 SP2?

You can deploy Exchange Server 2010 in your organization once all of the Client Access servers in your organization have been upgraded to Exchange Server 2007 Service Pack 2 (SP2). Exchange 2007 Service Pack 2 includes a VSS plug-in for Windows Server Backup to support Exchange backups. Once SP2 is installed, you can use Windows Server Backup to back up and restore your Exchange 2007 SP2 databases. New Exchange auditing events and audit log repository enable Exchange administrators to more easily audit the activities occurring on their Exchange servers.

What's New in Exchange Server 2007 SP3?

Windows Server 2008 R2 Support Exchange Server 2007 SP3 supports all Exchange 2007 roles on the Windows Server 2008 R2 operating system. Windows 7 Support Exchange 2007 SP3 supports the installation of the Exchange 2007 management tools on a computer that is running Windows 7. Additionally, Exchange 2007 SP3 provides support for the installation of the Exchange 2007 Management Tools together with the Exchange Server 2010 Management Tools on the same Windows 7-based computer. Improved Password Reset Functionality Exchange 2007 SP3 introduces password reset functionality for Internet Information Services (IIS) 7. Updated Search Functionality Exchange 2007 SP3 includes updates to the Exchange Search (MS-Search) component. Support for Right-to-Left Disclaimer Text Exchange 2007 SP3 includes support for Right-to-Left text in e-mail message disclaimers in a right-to-left language, such as Arabic.

What are the major changes in the way Exchange 2010 stores work? Name some of the changes in comparison with Exchange 2003 and Exchange 2007.
The following is a list of core store functionality that's included or has been changed in Exchange 2010: Deprecated storage groups Mailbox databases no longer connected to the server object Improvements in Extensible Storage Engine (ESE) for high availability, performance, and database mobility Flattened Outlook store schema Enhanced reporting with public folders

In Exchange 2010, the store schema has been changed to remove the dependency of mailbox databases on the server object. In addition, the new schema has been improved to help reduce database I/O per second (IOPS) by refactoring the tables used to store information. Refactoring the tables allows higher logical contiguity and locality of reference. These changes reduce the store's reliance on the secondary indexes maintained by ESE. As a result, the store is no longer sensitive to performance issues related to the secondary indexes. Created by Aslam Kader

Store resilience and health has also been improved by adding several features related to detecting and correcting errors and providing alerts, such as the following: Mailbox quarantine on rogue mailboxes Transport cut-off to databases with less than 1 GB of space Thread time-out detection and reporting

Name the system prerequisites for installing Exchange 2007 in your existing Active Directory forest.
Windows Server 2003/R2 x64 SP2 Windows Server 2008 x64 Microsoft .NET Framework Version 3.0/Microsoft .NET Framework Version 2.0 (with update/SP1) Microsoft Windows PowerShell Microsoft Management Console (MMC) 3.0 Network News Transfer Protocol (NNTP) service must not be installed. Simple Mail Transfer Protocol (SMTP) service must not be installed. IIS (for OWA)

Name the system prerequisites for installing Exchange 2010?

1- General Prerequisites: Make sure that the functional level of your forest is at least Windows Server 2003, and that the Schema Master is running Windows Server 2003 with Service Pack 2 or later. The full installation option of Windows Server 2008 SP2-64bit or Windows Server 2008 R2-64bit must be used for all servers running Exchange 2010 server roles. Both Windows Server 2008 SP2-64bit or Windows Server 2008 R2-64bit Standard & Enterprise are supported and we can use them to install Exchange 2010. DNS must configure correctly in your Active Directory forest. All servers that run Exchange Server 2010 must be able to locate Active Directory domain controllers, global catalog servers, and other Exchange servers. For all server roles other than the Edge Transport server role, you must first join the computer to the appropriate internal Active Directory forest and domain. 2- Operating System Components Prerequisites: Microsoft .NET Framework 3.5 Service Pack 1 (SP1) Windows Remote Management (WinRM) 2.0 Windows PowerShell V2 IIS 7 ASP.NET In addition to the above, we need to install the following windows components (features): RSAT-ADDS (requires a reboot) Web-Server Web-ISAPI-Ext Web-Metabase Web-Lgcy-Mgmt-Console Web-Basic-Auth Created by Aslam Kader

Web-Digest-Auth Web-Windows-Auth Web-Dyn-Compression Net-HTTP-Activation RPC-over-HTTP-Proxy 3- Software Prerequisites: For Hub Transport or Mailbox server role, Microsoft Filter Pack is required to be installed. You can download the Microsoft Filter Pack from the Microsoft website.

How would you easily install all the Windows Server 2008 R2 roles and features required for Exchange 2010?
Exchange Server 2010 Service Pack 1 allows us to install all Operating System prerequisites using just the Exchange Setup wizard. When we use the Exchange Server 2010 SP1 Setup wizard, there is a new option called Automatically install Windows Server roles and features required for Exchange Server. Just by clicking on that option will be installed all prerequisites automatically. Installing Exchange Server 2010 Pre-Requisites on Windows Server 2008 First, install the following software components. 1. 2. 3. 4. .NET Framework 3.5 Service Pack 1 .NET Framework 3.5 Family Update Windows Remote Management and Windows PowerShell 2.0 2007 Office System Converter: Microsoft Filter Pack (for Hub Transport and Mailbox Server roles only)

Run the following from an elevated command prompt. C:\>sc config NetTcpPortSharing start= auto Next we need to install the operating system components. The Exchange source files contain a series of ServerManagerCmd.exe answer files in XML format that can be used to install the operating system pre-requisites for each of the server roles. Each file relates to a specific Exchange 2010 deployment scenario. exchange-all.xml all server roles exchange-base.xml only the requirements for Forest and Domain prep operations exchange-cadb.xml Central Admin Database role exchange-cas.xml Client Access Server role exchange-eca.xml Central Admin role exchange-edge.xml Edge Transport Server role exchange-hub.xml Hub Transport Server role exchange-mbx.xml Mailbox Server role exchange-typical.xml Typical Exchange server (Client Access, Hub Transport, and Mailbox Server roles) exchange-um.xml Unified Messaging role Execute any of the answer files using ServerManagerCmd.exe and the -inputPath parameter (that can be shortened to -ip). Here I am installing the pre-requisites for a Typical Exchange 2010 server. Created by Aslam Kader

servermanagercmd -ip exchange-typical.xml restart -restart option used to restart server automatically

How would you check your Exchange configuration settings to see if theyre right?
Run Microsoft Exchange Best Practices Analyzer tool.

Looking to install Exchange 2007 on Windows Server 2008. What SP version do you need? And for R2?
Exchange Server 2007 SP1 required for installation on Windows Server 2008 and Exchange Server 2007 SP3 required for Windows Server 2008 R2.

Whats a Rollup Update? Whats the latest RU for Exchange 2007 2010?
An update rollup is a tested, cumulative set of hotfixes, security updates, critical updates, and updates that are packaged together for easy deployment. A rollup generally targets a specific area, such as security, or a component of a product. At the time of this writing, Update Rollup 4 for Exchange Server 2007 Service Pack 2 and Update Rollup 10 for Exchange Server 2007 Service Pack 1 are available.

How can you easily integrate a RU in the Exchange 2007 2010 installation media?
The Exchange installation folder includes an Updates folder. When you perform a new Exchange installation, you can copy an update rollup to the Updates folder. In this scenario, the update rollup package is applied during the installation of Exchange. The Updates folder supports only new installation of Exchange server.

Name a few reasons for using 64-bit hardware and OS version for Exchange 2007 2010.
64-bit hardware provides the system architecture that is required to support the increased memory, storage, and enhanced security requirements in a more cost-effective manner. Trends indicate that demands on messaging systems will continue to grow and 64-bit servers provide the system architecture to meet these demands while reducing costs within organizations through server and disk storage consolidations. With a larger addressable space, the Exchange servers can utilize more memory thereby reducing the required input/output per user (IOPS), enabling the use of larger disks as well as low cost storage such as SATA2 drives.

Exchange 2007 came in both 32-bit and 64-bit versions. Name a couple of reasons for ever needing the 32-bit version.
You need exchange 2007 32bit to export mail box into PST file.

Wanting to manage Exchange 2007 2010 from a remote computer, name a few of your management options.
There are a few options for managing Exchange 2007 servers remotely. First off, you can install the Exchange 2007 management tools onto a separate machine from your Exchange server, as long as that machine is running either the 32-bit or 64-bit version of Windows Server 2003 Service Pack 1 (SP1) or later, Windows Server 2003 R2, or Windows XP SP2 or later. Note that installing any of the server roles (client access, mailbox, edge, and so on) on 32bit hardware is not supported in production environments, but is supported for installing the management tools on a Created by Aslam Kader

32-bit machine. Also note that as of the initial release of Exchange Server 2007, the management tools are not supported on Windows Vista. In some organizations, the IT department creates a single server to be the management server, installing all the necessary management tools for various products on this server. Then the administrators who need to use those tools access the management server via Terminal Server so they can perform remote administration. In other settings, users install the management tools on their own desktops. From the console or shell you can perform operations on the servers in your organization. In the console, the servers are visible so you can perform operations on any of them remotely. In the shell, many of the tasks support a filtering flag like -server if you want to scope an operation to a single server. There are a few exceptions, however, for commands that must be run locally, such as the Get-NetworkConnectionInfo command.

What is the GAL?

The Global Address List (GAL) also known as Microsoft Exchange Global Address Book is a directory service within the Microsoft Exchange email system. The GAL contains information for all email users, distribution groups, and Exchange resources.

What is the OAB? When is it used?

An Offline Address Book is a container that stores a collection of Offline Address Lists. Outlook users can choose which offline address lists they want to download. Users who work offline connect to Exchange Server computers and download Offline Address Lists to obtain information about other users in their organization. When an Administrator creates an Offline Address Book, the address list will be converted to a separate set of files and stored in an Exchange Public Folder. Offline Address Books typically contain at least one address list that represents the global address list (GAL). Users who are working offline with their Outlook clients can use this global address while they are on the road.

What is PowerShell and why do we care?

Windows PowerShell is a task-based command-line shell and scripting language designed especially for system administration. Built on the .NET Framework, Windows PowerShell helps IT professionals and power users control and automate the administration of the Windows operating system and applications that run on Windows. Built-in Windows PowerShell commands, called cmdlets, let you manage the computers in your enterprise from the command line. The Exchange Management Shell, built on Windows PowerShell technology, provides a powerful command-line interface for Microsoft Exchange Server 2010 that enables automation of administrative tasks. With the Shell, you can manage every aspect of Exchange. You can enable new e-mail accounts, configure SMTP connectors, store database properties, store transport agents, and more. The Shell can perform every task that can be performed by the Exchange Management Console and the Exchange Web interface in addition to tasks that can't be performed in those interfaces. In fact, when a task is performed in the console and the Web interface, those interfaces use the Shell to perform the task.

Name major benefits of PowerShell v2 over V1

PowerShell Remoting : Using WS-Management, PowerShell 2.0 allows scripts and cmdlets to be invoked on a remote machine or a large set of remote machines.

Created by Aslam Kader

Background Jobs : Also called a PSJob, it allows a command sequence (script) or pipeline to be invoked asynchronously. Jobs can be run on the local machine or on multiple remote machines. A PSJob cannot include interactive cmdlets. Transactions : Enable cmdlet and provider developers to perform transactional operations. PowerShell 2.0 includes transaction cmdlets for starting, committing, and rolling back a PSTransaction as well as features to manage and direct the transaction to the participating cmdlet and provider operations. The PowerShell Registry provider supports transactions. ScriptCmdlets: These are cmdlets written using the PowerShell scripting language. NOTE: The preferred name for script cmdlets is now Advanced Functions. SteppablePipelines: This allows the user to control when the BeginProcessing(), ProcessRecord() and EndProcessing() functions of a cmdlet are called. Modules : This allows script developers and administrators to organize and partition PowerShell scripts in selfcontained, reusable units. Code from a module executes in its own self-contained context and does not affect the state outside of the module. Modules can define a restricted runspace environment by using a script. They have a persistent state as well as public and private members. Data Language : A domain-specific subset of the PowerShell scripting language, that allows data definitions to be decoupled from the scripts and allow localized string resources to be imported into the script at runtime (Script Internationalization). Script Debugging : It allows breakpoints to be set in a PowerShell script or function. Breakpoints can be set on lines, line & columns, commands and read or write access of variables. It includes a set of cmdlets to control the breakpoints via script. Eventing: This feature allows listening, forwarding, and acting on management and system events. Eventing allows PowerShell hosts to be notified about state changes to their managed entities. It also enables PowerShell scripts to subscribe to ObjectEvents, PSEvents, and WmiEvents and process them synchronously and asynchronously. Windows PowerShell Integrated Scripting Environment (ISE) : PowerShell 2.0 includes a GUI-based PowerShell host (formerly known as Graphical Windows PowerShell) that provides integrated debugger, syntax highlighting, tab completion and up to 8 PowerShell Unicode-enabled consoles (Runspaces) in a tabbed UI, as well as the ability to run only the selected parts in a script. Network File Transfer : Native support for prioritized, throttled, and asynchronous transfer of files between machines using the Background Intelligent Transfer Service (BITS). New Cmdlets : Including Out-GridView, which displays tabular data in the WPF GridView object. New Operators : -Split, -Join, and Splatting (@) operators. Exception Handling with Try-Catch-Finally : Unlike other .NET languages, this allows multiple exception types for a single catch block. Nestable Here-Strings : PowerShell Here-Strings have been improved and can now nest. Block Comments : PowerShell 2.0 supports block comments using <# and #> as delimiters. New APIs : The new APIs range from handing more control over the PowerShell parser and runtime to the host, to creating and managing collection of Runspaces (RunspacePools) as well as the ability to create Restricted Runspaces which only allow a configured subset of PowerShell to be invoked. The new APIs also support participation in a Windows PowerShell managed transaction.

In the installation folder root you see setup.com and setup.exe. Which would you use and when?
Setup.com is used for all preparation work; basically it calls different backend procedures. Setup.com is also used in disaster recovery to reinstall all ex2k7 roles. Setup.exe is used for GIU installation.

What are the Exchange 2007/2010 server roles?

Exchange 2007 introduces a new concept to Exchange organizations, the concept of server roles. Similar to how a Windows server can host one or more roles. Server roles allow an administrator to split the functions of an Exchange Created by Aslam Kader

server and place each role, or a combination of roles, on different servers in the organization. With current Exchange servers you can make a server a Front-End server, or a Back-End server and that is about it. Exchange 2007 introduces five roles to the Exchange organization. Edge Transport - The last hop of outgoing mail and first hop of incoming mail, acting as a "smart host" and usually deployed in a perimeter network, Edge Transport provides mail quarantine and SMTP service to enhance security. One advantage of this role is that is does not require Active Directory access, so it can function with limited access to the corporate network for increased security. Hub Transport - The Hub Transport role handles mails by routing them to next hop: another Hub Transport server, Edge server or mailbox server. Unlike Exchange 2003 Bridgehead that needs Exchange admin defined routing groups, Exchange 2007 Hub Transport role uses AD site info to determine the mail flow. The Hub Transport and Edge Transport servers are very similar and in fact, one can forgo the Edge Transport server and configure the Hub Transport to accept mail from, and send mail to, the Internet. Client Access - The Client Access server role provides the other mailbox server protocol access apart from MAPI. Similar to Exchange 2003 FrontEnd server, it enables user to use an Internet browser (OWA), 3rd party mail client (POP3/IMAP4) and mobile device (ActiveSync) to access their mailbox. Mailbox - The Mailbox server role is responsible for hosting mailbox and public folder data. This role also provides MAPI access for Outlook clients. Note that there is also a variation of this role called Clustered Mailbox role, for use with high-availability MSCS clustering of mailbox data. When Clustered Mailbox role is selected, other server roles cannot be combined on the same physical server. Unified Messaging - This role enables end users to access their mailbox, address book, and calendar using telephone and voice. IP-PBX or VoIP gateway needs to be installed and configured to facilitate much of the functionality of this server role.

What are the benefits of using roles, vs. the way Exchange 2000/2003 worked?
Server role is a logical concept used to organize Exchange 2007 services and features across one or more servers. While Exchange 2003 provided primitive server roles called BackEnd server and FrontEnd server, Exchange 2007 has more granular divisions. Dividing Exchange features among several server roles has advantages: More flexible deployment topology: For a small or medium company that has only hundreds of mailboxes and all users are centralized, customer can install all required roles on one physical server. For a large enterprise where tens of thousands of mailboxes span multiple physical locations, customer can choose to deploy each role on a separate server or even multiple servers per role to provide better performance and fault tolerance. Better hardware utilization and scalability: Because each role only installs binaries and runs services for a specific feature set. Unlike older versions of Exchange, configuring a server that has only one or two roles will reduce Memory, CPU and disk space requirements for this server. In addition, roles are scalable so admin can load balance work of one role to multiple servers. Easy to maintain: Upgrading, applying hotfix, or other server changes that could cause server outage can be isolated to one server role. This reduces maintenance down time and end user impact. Admin can also install or uninstall roles on a server as needed.

What are the Exchange 2003 equivalents of the various Exchange 2007-2010 roles?
Exchange 2007 Exchange 2003 Created by Aslam Kader

Edge Transport Hub Transport Client Access Mailbox Unified Messaging

Bridgehead server Front-End server Back End server

The main differences between Exchange 2007 and Exchange 2010.

Feature Database Storage Groups Public Folders Web Services Desktop Clients DR Technologies Outlook clients connect to Exchange 2007 Exchange 2010 Jet EDB database Jet EDB database Yes None, only data stores Automatically created Manual creation ExOLEDB, CDOEX, WebDAV, EWS Exchange Web Services (EWS) Outlook 2003, Outlook 2007, Outlook 2007, Outlook 2010 Outlook 2010 SCC, CCR, SCR Database Availability Group (DAG) Mailbox Server Client Access Server

Why not install Exchange on the same machine as a DC?

There are some major reasons behind not installing Exchange Server on Domain Controller, some of them are as below. Redundancy and Stability: If both of these are running on the same system, it may reduce the performance and stability of server. If in any case Exchange Server services fails, the whole DC will fail, which may create critical problems. Port Conflict: Domain Controller & Exchange Server both uses port 389 for LDAP queries, which creates conflict. Disaster & Recovery: Disaster & Recovery can not be performed. DSAccess: DSAccess, DSProxy and many other services will perform well.

How do you prepare the AD schema for Exchange 2007 2010?

As with Exchange 2000 and 2003, the forest and domain needs to be prepared with schema extensions. However, unlike the previous versions, Active Directory does not need to be prepped beforehand, it is done automatically during setup, but the option does exist to allow for manual schema upgrades. During the setup process the server will connect to the Schema Master in an effort to update the schema and this requires that the Schema Master is available and that the account you are running setup with has permissions to modify the schema. If you wish to prep the domain manually, you can do so with the /PrepareAD switch on any server in the same domain that the Schema Master is in but it is recommended to do this on the Schema Master. Once you have completed this, you will have to wait for the schema updates to replicate throughout the forest before you install any additional Exchange 2007 servers in the organization. Preparing Active Directory manually offers more options than before and there maybe more commands for you to run, depending on your current environment. If you are currently running any Exchange 2000 or 2003 server the first command you must run is Setup.com Created by Aslam Kader

/PrepareLegacyExchangePermissions The next command will prepare the schema, and this means the account you run this command from, must be a member of the Schema Admins group as well as the Exchange Admins group. Setup.com /PrepareSchema The third command that you need to run preps the current domain, adds the Exchange Universal Security Groups and configures the Exchange objects with AD. Setup.com /PrepareAD The final step is optional and is only required to run if you have multiple domains within the forest. This command configures the other domain, or domains, in the forest. It does not need to be run on the domain that you run /PrepareAD in, but any additional domains will need this command run. You have three command line options with this command. Setup.com /PrepareDomain Prepares the current domain Setup.com /PrepareDomain:FQDN of target domain to be prepped Setup.com /PrepareAllDomains Prepares all domains in the forest.

What type or permissions do you need in order to install the first Exchange server in a forest? In a domain?
The following permissions are required:

To run the Setup /PrepareLegacyExchangePermissions command, you must be a member of the Enterprise Admins security group.

Why Run Setup /PrepareLegacyExchangePermissions Essentially, you must run the setup /PrepareLegacyExchangePermissions command so that the Exchange 2003 or Exchange 2000 Recipient Update Service functions correctly after you update the Active Directory schema for Exchange 2007.

To run the Setup /PrepareSchema command, you must be a member of the Schema Admins and Enterprise Admins security groups. To run the Setup /PrepareAD command, you must be a member of the Enterprise Admins security group.

To run the Setup /PrepareDomain, setup /PrepareDomain:<FQDN> command or the Setup /PrepareAllDomains command, you must be a member of the Enterprise Admins group or you must be a member of the Domain Admins group in any domain that you will prepare.

You have an Exchange 5.5 organization and finally decided to move forward and upgrade to Exchange 2007/2010. Whats your next obvious step?
Install an intermediary Exchange 2003 server. Then move mailboxes from Exchange 5.5 to Exchange 2003 using Exchange 2003's toolset, and then move from Exchange 2003 to Exchange 2010 using its toolset.

Youre looking to install Exchange 2007 2010 and Outlook on the same machine. Should you do that? Why?
We need Exchange 2007/2010 32bit and Outlook 2003 Service Pack 2 (SP2) or Outlook 2007 installed on same machine to export mailbox data to a .pst file.

How would you verify that the schema was in fact updated?
Created by Aslam Kader

You can verify that you are ready to start installing Exchange 2007 by looking for the following. 1. The Microsoft Exchange Systems Objects container contains a global group called Exchange 12 Domain Servers 2. The ESUG has the Exchange 12 Domain Servers global group as a member. 3. The ESUG will have permissions to the Manage Auditing and Security Log settings on all DCs in all domains that the commands were run against.

How would you check your Exchange configuration settings to see if theyre right? What types of permissions are configurable for Exchange?
1)Exchange full admin full control over the exchange organization including permission 2)Exchange Admin Manage everything within the organization except org permission. 3)Exchange view only administrator read only administrative access to Exchange organization

How can you grant access for an administrator to access all mailboxes on a specific server?
Grant permissions on a single mailbox Use the following command to grant access to just one mailbox: Add-MailboxPermission -Identity "" -User <UserorGroupIdentity> -AccessRights Fullaccess -InheritanceType all

Note: the User parameter can in fact be either users or groups, the parameter name User is a bit misleading! Example: Add-MailboxPermission -Identity "Test" -User Administrator -AccessRights Fullaccess -InheritanceType all

Or If I want to add the security Group Group2: Add-MailboxPermission -Identity "Test" -User Group2 -AccessRights Fullaccess -InheritanceType all

Created by Aslam Kader

Grant permissions on all mailboxes

Use the following command to grant access to all mailboxes:

Get-Mailbox | Add-MailboxPermission -User <UserorGroupIdentity> -AccessRights Fullaccess -InheritanceType all

Example:
Get-Mailbox | Add-MailboxPermission -User Administrator -AccessRights Fullaccess -InheritanceType all

Note: In the screenshot below I received a message saying that Administrator already have access to the mailbox Test (Yellow text message).

What is the Send As permission?

Use Send As permissions to configure a mailbox so that users other than the mailbox owner can use that mailbox to send messages. After this permission is granted, any messages that are sent from the mailbox will appear as if they were sent by the mailbox owner. The Send As permission isn't granted until after replication has occurred. Replication times depend on your Exchange and network configuration. To grant the permission immediately, stop and then restart the Microsoft Exchange Information Store service. Also, before you perform this procedure, be aware that you cannot send e-mail messages on behalf of a mailbox if the mailbox is hidden from address lists. When sending a message, Exchange requires that an e-mail address is resolved in the From field. In the case where a message is sent on behalf of a mailbox that is hidden from address lists, the SMTP address is interpreted as an address that isn't from your organization (known as a foreign address) and is rejected. For information about how to change your mailbox settings, see Configure User and Resource Mailbox Properties. Created by Aslam Kader

In Outlook, users will receive the following errors when attempting to send a message on behalf of a mailbox that is hidden from address lists: Online mode When users press Send, they will receive the following error: "You do not have permission to send on behalf of the specified user." Cached Exchange Mode Outlook initially sends the message, but users will receive a non-delivery report (NDR) containing the following message: "You are not allowed to send this message because you are trying to send on behalf of another user without permission to do so. Please verify that you are sending on behalf of the correct sender, or ask your system administrator to help you get the required permission."

What are the different Exchange Recipient types?

Recipient type Description Dynamic distribution group - A distribution group that uses recipient filters and conditions to derive its membership at the time messages are sent. Equipment mailbox - A resource mailbox that's assigned to a non-location specific resource, such as a portable computer projector, microphone, or a company car. Equipment mailboxes can be included as resources in meeting requests, providing a simple and efficient way of utilizing resources for your users. Legacy mailbox - A mailbox that resides on a server running Exchange Server 2003. Linked mailbox - A mailbox that's assigned to an individual user in a separate, trusted forest. Mail contact - A mail-enabled Active Directory contact that contains information about people or organizations that exist outside the Exchange organization. Each mail contact has an external e-mail address. All messages sent to the mail contact are routed to this external e-mail address. Mail forest contact - A mail contact that represents a recipient object from another forest. Mail forest contacts are typically created by Microsoft Identity Integration Server (MIIS) synchronization. Important: Mail forest contacts are read-only recipient objects that are updated only through MIIS or similar custom synchronization. You can't use the EMC or the Shell to remove or modify a mail forest contact. Mail user - A mail-enabled Active Directory user that represents a user outside the Exchange organization. Each mail user has an external e-mail address. All messages sent to the mail user are routed to this external e-mail address. A mail user is similar to a mail contact, except that a mail user has Active Directory logon credentials and can access resources. Mail-enabled non-universal group - A mail-enabled Active Directory global or local group object. Mail-enabled nonuniversal groups were discontinued in Exchange Server 2007 and can exist only if they were migrated from Exchange 2003 or earlier versions of Exchange. You can't use Exchange 2010 to create non-universal distribution groups. Mail-enabled public folder - An Exchange public folder that's configured to receive messages. Mail-enabled universal distribution group - A mail-enabled Active Directory distribution group object that can be used only to distribute messages to a group of recipients.

Created by Aslam Kader

Mail-enabled universal security group - A mail-enabled Active Directory security group object that can be used to grant access permissions to resources in Active Directory and can also be used to distribute messages. Microsoft Exchange recipient - A special recipient object that provides a unified and well-known message sender that differentiates system-generated messages from other messages. It replaces the System Administrator sender used for system-generated messages in earlier versions of Exchange. Room mailbox - A resource mailbox that's assigned to a meeting location, such as a conference room, auditorium, or training room. Room mailboxes can be included as resources in meeting requests, providing a simple and efficient way of organizing meetings for your users. Shared mailbox - A mailbox that's not primarily associated with a single user and is generally configured to allow logon access for multiple users. User mailbox - A mailbox that's assigned to an individual user in your Exchange organization. It typically contains messages, calendar items, contacts, tasks, documents, and other important business data. Linked user - New in Exchange 2010, a linked user is a user that resides in one forest while their mailbox resides in another forest.

What are Dynamic Distribution groups?

A dynamic distribution group is a collection of mailbox users, other distribution groups, mail-enabled users, and mailenabled contacts. Unlike regular distribution groups that contain a defined set of members, the membership list for dynamic distribution groups is calculated based on the filters and conditions that you define. When an e-mail message is sent to a dynamic distribution group, it is delivered to all recipients in the organization that match the criteria defined for that dynamic distribution group.

What type of groups would you use when configuring distribution groups in a multiple domain forest?
Use Universal distribution groups in a multiple-domain environment. The membership of universal distribution groups is replicated to each global catalog server in each domain.

What are resource mailboxes? When would you use them?

Organizations had a need to make bookings for meeting rooms or equipment. The system should enable organizers to reliably find and book an available resource in one attempt and later confirm the reservation while minimizing attendee confusion. This is accomplished in Exchange Server 2007 with the help of resource mailbox functionality Exchange Server 2007 introduced two types of resource mailbox: Room Mailbox These are intended for locations such as meeting rooms and training rooms. Room mailboxes can be included as resources in meeting requests, providing a simple and efficient way of organizing meetings for your users. Equipment Mailbox These are intended for items such as pool cars, video projectors, or any other shared portable item. Equipment mailboxes can be included as resources in meeting requests, providing a simple and efficient way of utilizing resources for your users. Created by Aslam Kader

You created a mailbox for a user, yet the mailbox does not appear in ESM. Why?
Generally when you create a mailbox for a user, the user's e-mail address will be updated in the GAL during the regular update interval. But in order to be able to view the mail box, the user has to access the Exchange server (either through MS outlook or OWA). Then you will be able to view the user's mail box. OR if you send a test mail to that id then the mailbox will be populated in the ESM This situation happens because the securityDescriptor object (msExchMailboxSecurityDescriptor) is not read from Active Directory until the user first logs on to the mailbox or the mailbox is sent an item of mail.

You wanted to change mailbox access permissions for a mailbox, yet you see the SELF permission alone on the permissions list. Why?
In Microsoft Exchange 2000 Server or Microsoft Exchange Server 2003, when you create new mailbox-enabled accounts in Active Directory, they do not have inherited mailbox rights. The only object that is granted permission is Self, which is granted full mailbox access and read rights. To view mailbox rights, follow these steps: In Active Directory Users and Computers, click Advanced Features on the View menu. Note: This is not necessary on Exchange Server 2003 because of the fact that the Exchange Advanced tab is exposed by default. Under Active Directory Users and Computers, click the account, click the Exchange Advanced tab, and then click Mailbox Rights. The rights are displayed in the Permissions for account name dialog box. = Bad! This behavior occurs because the mailbox security descriptor is not read from the Active Directory account object until the user logs on or gets mail. The Recipient Update Service (RUS) does not stamp the inherited permissions when the mailbox is created. After the mailbox is created in the store, the store calculates inherited mailbox rights. To resolve this behavior perform one of the following actions: Log on to the mailbox you've created. You can do so by opening an Outlook profile for the new user and running Outlook, or by opening a OWA session the the destination mailbox by typing http://servername/exchange/username in the address bar of your browser. Note: Opening Outlook requires you to be logged on as the destination user, while OWA does not require you to be logged on as the user. However, both methods require that you know the destination user's password. Send a message to the mailbox. Note: The second method is quicker and easier to perform, that's why you'll need to know how to Send Mail from Script and to Test SMTP Service in IIS and Exchange. When the mailbox is created in the store, the store itself calculates the inherited permissions and stamps them on the store's copy of the mailbox security descriptor. = Good!

What are Query Based Distribution groups?

Created by Aslam Kader

In Exchange Server 2003, dynamic distribution groups were called query-based distribution groups. Dynamic distribution groups provide the same functionality as mail-enabled distribution groups. However, instead of containing a static group of recipients, the membership list for dynamic distribution groups is calculated based on their configuration each time they are used. When a message is sent to a dynamic distribution group, it's delivered to all recipients in the organization that match the criteria defined for that dynamic distribution group.

How Does a Query-Based Distribution Group Work?

An e-Mail is submitted to the submission queue of the Exchange store driver or through SMTP The message categorizer determines that the recipient is a Query-based Distribution Group The categorizer sends an LDAP request to an global catalog server The contacted global catalog server executes the query and returns the addresses that matches the query After receiving the complete set of addresses matching the query, the categorizer generates a recipient list containing all the users. After the categorizer sends the complete, list of recipients to routing, the normal message delivery process continues, and the e-mail message is delivered to the users mailboxes.

How can you grant access for an administrator to access all mailboxes in your organization?
Get-Mailbox -OrganizationlUnit MyOU | Add-MailboxPermssion -User UserOrGroup -AccessRights FullAccess Add-MailboxPermission -identity Joe Adams -AccessRights FullAccess -user janea Besides FullAccess, the following mailbox permissions can be granted using Add-MailboxPermission: 1. SendAs 2. ExternalAccount 3. DeleteItem 4. ReadPermission 5. ChangePermission 6. ChangeOwner

What type of groups would you use when configuring distribution groups in a multiple domain forest?
Universal Distribution Group.

Name a few configuration options for Exchange recipients.

Exchange Recipient paraments are valaues/attributes which can change exchange recipients message behavior. Types: 1. MicrosoftExchangeRecipientRecipientEmailAddresses: this parameter specifies one or more email address for same user.may be internal email associated with external email. 2. MicrosoftExchangeRecipientEmailAddressPolicyEnabled:This parameter specifies whether the default e-mail address policy is automatically applied to the Microsoft Exchange recipient. 3. MicrosoftExchangeRecipientPrimarySmtpAddress. 4. MicrosoftExchangeRecipientReplyRecipient. Created by Aslam Kader

Name a few configuration options related to mailbox stores.

Managing mailbox setting Changing e-mail addresse Configuring mailbox permissions Deleting mailboxe Moving mailboxes Reconnecting a disconnected mailbox in Active Directory Hiding a mailbox from the Global Address List (GAL) Specifying storage limits. Specifying delivery restrictions on a mailbox. Forwarding mailboxes to other e-mail addresses. Configuring and managing contacts. Change the status of Exchange features for mail-enabled objects

What are System Public Folders? Where would you find them?
System public folders (also known as the Non_IPM_Subtree) Users can't access these folders directly by using conventional methods. Client applications such as Outlook use these folders to store information such as free and busy data, OABs, and organizational forms. Other system folders contain configuration information used by custom applications or by Exchange. The public folder tree contains additional system folders, such as the EFORMS REGISTRY folder, that don't exist in general purpose public folder trees. System folders include the following:

EFORMS REGISTRY and Events Root By default, one content replica of each of these folders resides in the default public folder database on the first Exchange server installed in the first administrative group. This is the location where organizational forms are stored for legacy Outlook clients (clients using an Outlook version earlier than Outlook 2007). Offline Address Book and Schedule+ Free Busy The Offline Address Book folder and the Schedule+ Free Busy folder automatically contain a subfolder for each administrative group (or site) in your topology. By default, a content replica of a specific administrative group folder resides on the first server installed in the administrative group. These folders are used to store legacy free and busy information and OAB data for legacy Outlook clients. Legacy Outlook clients don't support the new features in Exchange 2010 or Exchange 2007 that manage free and busy information and OAB data. (These features include the Availability service, the Autodiscover service, and OAB distribution on Client Access servers.) OWAScratchPad Each public folder database has an OWAScratchPad folder, which is used to temporarily store attachments that are being accessed by using Microsoft Office Outlook Web App. Don't modify this folder. StoreEvents Each public folder database has a StoreEvents folder, which holds registration information for custom Exchange database events. Don't modify this folder. Other folders To support internal Exchange database operations, a tree may contain several other system folders, such as schema-root. Don't modify these folders.

How would you plan and configure Public Folder redundancy? How can you immediately stop PF replication? How can you prevent PF referral across slow WAN links? What types of PF management tools might you use?
Created by Aslam Kader

What are the differences between administrative permissions and client permissions in PF? How can you configure PF replication from the command prompt in Exchange 2003? What are the message hygiene options you can use natively in Exchange 2003? What are the configuration options in IMF? What are virtual servers? When would you use more than one? Name some of the SMTP Virtual Server configuration options.
Replace smtp virtual server on exchange 2003 backend with 2010 hub transport. The hub server will perform this role. But if you like it can do it also immidiatly, just create a send connector and permit the server to connect to servers on the internet on port 25.

What is a Mail Relay? Name a few known mail relay software or hardware options.
Often referred to as an e-mail server, a device and/or program that routes an e-mail to the correct destination. Mail relays are typically used within local networks to transmit e-mails among local users. (For example, all of the student and faculty e-mail of a college campus.) Mail relays are particularly useful in e-mail aliasing where multiple e-mail addresses are used but the mail relay forwards all messages to the specified e-mail addresses to one single address. A mail relay is different than an open relay, where an e-mail server processes a mail message that that neither originates or ends with a user that is within the servers local domain (i.e., local IP range).

What is a Smart Host? Where would you configure it?

A smart host is an SMTP server that receives outbound SMTP messages from another SMTP server and forwards the SMTP messages to the correct destination after resolving the MX domain name. The smart host takes the responsibility for resolving MX domain names from the original SMTP service to the smart host's SMTP service. For example, suppose our Exchange Server is responsible for mail in the mydomain.com domain. The Exchange Server receives a message for a user in the otherdomain.com domain. The SMTP service does not try to resolve the MX domain name for otherdomain.com. Instead, the Exchange Server's SMTP service forwards all mail not destined to the mydomain.com domain to the smart host. The message for the user at otherdomain.com is sent to the smart host. The smart host resolves the MX domain name for otherdomain.com and forwards the message to the SMTP server responsible for the otherdomain.com mail. There are several advantages to using a smart host: The Exchange Server does not need to generate traffic DNS name resolution traffic. You do not need to configure a DNS server on the internal network to resolve Internet host names. You do not need to configure the Ex Server's SMTP service to use a custom external DNS server. In Exchange 2003, it's possible to configure a smarthost on the Default SMTP Virtual Server but, if you do it this way, you can only set a single smarthost. The preferred method, therefore, is to use an SMTP Connector for your outgoing emails which does allow multiple smarthosts to be specified. For Exchange 2007/2010 there's only one way to configure a smarthost which is on the Send Connector. Created by Aslam Kader

What are Routing Groups? When would you use them? What are the types of Connectors you can use in Exchange? What is the cost option in Exchange connectors? What is the Link State Table? How would you view it? How would you configure mail transfer security between 2 routing groups? What is the Routing Group Master? Who holds that role? Explain the configuration steps required to allow Exchange 2003 to send and receive email from the Internet (consider a one-site multiple server scenario). What is DS2MB? What is Forms Based Authentication? How would you configure OWAs settings on an Exchange server? What is DSACCESS?
Exchange needs access to Active Directory domain controllers for a variety of reasons. Configuration information for the organization. Recipient information in the Global Catalog. Recipient information in a domain.

An Exchange service called DSAccess has the task of finding domain controllers and Global Catalog servers suitable for use by Exchange. DSAccess keeps an open connection to each server in the DSAccess profile. This avoids the expensive chore of building up and tearing down RPC and TCP connections each time the Exchange server needs information. Other Exchange services, such as the SMTP Routing Engine Categorizer and DSProxy, send their LDAP and NSPI requests to DSAccess, which selects a target domain controller or Global Catalog server from its profile and forwards the request to that server. It uses a round robin selection process for load balancing. Because all LDAP queries funnel through DSAccess, Exchange dramatically improves performance by caching the query results. By default, Exchange gives 4MB of physical memory to the DSAccess cache. DSAccess uses DNS to locate domain controllers and Global Catalog servers.

What are Recipient Policies?

The e-mail address recipient policy concept in Exchange 2003 is separated into two concepts in Exchange 2007: Email Address Policies (EAP) and Accepted Domains. This topic covers the relationship of EAP and accepted domains in Exchange 2007 and how the functionality of e-mail address recipient policies in Exchange 2003 maps to EAP and Accepted Domains in Exchange 2007. Created by Aslam Kader

Relationship of EAP and Accepted Domains in Exchange 2007 EAP defines the e-mail proxy addresses that are stamped onto recipient objects. Accepted domains define the SMTP namespaces for which an Exchange organization routes e-mail. Any accepted domain added to the system can be linked to an EAP so that it will generate recipient e-mail addresses for this accepted domain. And every EAP must link to an existing accepted domain so that e-mails sent to e-mail addresses that are defined by the EAP can be routed by Exchange 2007 transport servers. In Exchange 2007, authoritative and relay domains are managed together as accepted domains. In Exchange Management Console, the Accepted Domains tab of Hub Transport node under Organization Configuration work center is used to manage all accepted domains defined in the organization. E-Mail Address Policy wizard provides the console GUI used to select an accepted domain for which a new e-mail address policy applies. Only accepted domains defined in the Exchange 2007 organization can be added to the list in the EAP.

How would you work with multiple recipient policies? What is the issue with trying to remove email addresses added by recipient policies? How would you fix that? What is the RUS? When would you need to manually create additional RUS? What are Address Lists? How would you modify the filter properties of one of the default address lists? How can you create multiple GALs and allow the users to only see the one related to them? What is a Front End server? In what scenarios would you use one? What type of authentication is used on the front end servers? When would you use NLB? How would you achieve incoming mail redundancy? What are the 4 types of Exchange backups? What is the Dial-Tone server scenario?
A dial tone recovery involves creating an empty database on a server to replace a failed database. This empty, or dial tone, database allows users to send and receive e-mail while the failed database is recovered. By using a dial tone recovery approach, you can restore basic e-mail service to users (providing them with a "dial tone") and then restore users' previous data as it becomes available. Created by Aslam Kader

Basic steps: 1. Create a new empty dial tone database to replace the failed database This new database will allow users who had mailboxes on the failed database to send and receive new messages. Exchange 2007 has a feature called dial tone portability that allows you to point a user to a different database without moving the mailbox. If you created the dial tone database on a different server than the server that housed the failed database, you will need to move the mailbox configuration to that new server. 2. Restore the old database Use whatever backup and recovery software you typically use to restore the failed database. If there is no backup of the failed database, recover the failed database. If you are using the same server for dial tone recovery, you need to restore the database to a recovery storage group. 3. Swap the dial tone with the restored database After the failed database has been restored, swap it with the dial tone database. This gives the users the ability to send and receive e-mail and access all the data in the restored database. If users were moved to a dial tone database on another server, you then need to move the mailbox configuration back to the original server. Merge the databases To get the data from the dial tone database into the restored database, merge the data. You can do this with the Database Recovery Management tool included in the Exchange Management Console. When would you use offline backup? How do you re-install Exchange on a server that has crashed but with AD intact?

What is the dumpster?

Dumpster OR Single Item Recovery in Exchange Server 2010 What are the e00xxxxx.log files? What is the e00.chk file? What is circular logging? When would you use it? Whats the difference between online and offline defrag? How would you know if it is time to perform an offline defrag of your Exchange stores? How would you plan for, and perform the offline defrag?

What is the eseutil command?

The Exchange Server Database Utilities (Eseutil.exe) is a tool that you can use to verify, modify, and repair an Exchange database file. When a database is corrupt or damaged, you can restore data from backup or repair it using Eseutil. Eseutil is a command-line tool that works with the Extensible Storage Engine (ESE), database files, and log files associated with a Microsoft Exchange database. Eseutil is located in the Exchange default install folder, which is <SystemDrive>:\Program Files\Microsoft\Exchange Server\Bin.

Created by Aslam Kader

Eseutil can be used against any ESE database in Exchange Server 2007. In the past, Eseutil could only be used with mailbox and public folder ESE databases, but with Exchange 2007, Eseutil can be used with ESE databases on the Exchange 2007 Hub Transport and Edge Transport server roles as well. Eseutil can be run on one database at a time from the command prompt. You can use Eseutil to perform a range of database tasks including repair, offline defragmentation, and integrity checks. Table 1 lists the most common Eseutil switches. Eseutil examines the structure of the database tables and records at the low level of the database (Ese.dll). You can use the defragmentation mode to compact a database offline. Other Eseutil modes such as repair, recovery, and restore can be used to repair a corrupt or damaged database. Modes like integrity, file dump, and checksum can be used to verify the state of a database. Eseutil switches Eseutil mode Switch Description

Defragmentation /D Defragments the database offline but leaves the new, defragmented database in the temporary location with or without overwriting the original database. This mode reduces the gross size on the disk of the database (.edb) by discarding most empty pages and by rebuilding indexes. Repair /P Repairs a corrupt offline database by discarding any pages that cannot be fixed. In repair mode, the Eseutil tool fixes individual tables but does not maintain the relationships between tables. Use the Information Store Integrity Checker (Isinteg.exe) tool to check and fix links between tables if the repaired database is a mailbox or public folder database. Restore /C Displays restore log file (Restore.env file) and controls hard recovery after restoration from legacy online backups. Recovery /R Replays transaction log files or rolls them forward to restore a database to internal consistency or to bring an older copy of a database up to date. Integrity /G Verifies the page level and ESE level logical integrity of the database. Does not verify integrity at the application level. Application-level logical integrity can be verified with Isinteg for mailbox and public folder databases. File Dump /M Displays headers of database files, transaction log files, and checkpoint files. Also displays database page header information, and database space allocation and metadata. Checksum Copy File /K /Y Verifies checksums on all pages in the database, log files, and checkpoint files. Performs a fast copy of very large files.

What is the isinteg command?

You can use the Isinteg.exe tool to check and to fix the integrity of the information store databases including the private information store, Priv.edb, and the public information store, Pub.edb. To view the command-line help about usage of Isinteg.exe, type the following command line from a command prompt: c:\program files\exchsrvr\bin>isinteg /? Created by Aslam Kader

To run Isinteg.exe to fix and to check the integrity of the information store, run the following line from a command prompt: c:\program files\exchsrvr\bin>isinteg -s servername -fix -test alltests For example: exchsrvr\bin\isinteg -s server1 -fix -test alltests NOTE: You need to first start the information store service and dismount the databases; you can only check databases that are offline. Switch -? -pri -pub -fix Result Usage is displayed. Check private information store (default). Check public information store. Repair information store.

-l [logfilename] Store log information in logfilename.Default is isinteg.pri or isinteg.pub. -patch Offline backup restore patch.

How would you monitor Exchanges services and performance? Name 2 or 3 options.
Enhance your messaging environment by using the many tools available with Microsoft Exchange Server. This tools documentation provides detailed information about tools that can help you plan, install, manage, and troubleshoot Exchange Server.

Microsoft Exchange Server Analyzer Articles Exchange Remote Connectivity Analyzer Tool Auto Accept Agent Deployment and Administration Guide Microsoft Exchange Server Intelligent Message Filter v2 Operations Guide Microsoft Exchange Server User Monitor Microsoft Exchange Server Quota Message Service Deploying Exchange ActiveSync Certificate-Based Authentication Microsoft Exchange ActiveSync Mobile Administration Web Tool Microsoft Exchange Server MAPI Editor Microsoft Exchange Server Stress and Performance Tool Microsoft Exchange Load Generator Microsoft Exchange Server Public Folder DAV-based Administration Tool Microsoft Exchange Server Profile Analyzer Microsoft Exchange 2007 Anti-Spam Migration Microsoft Exchange Server Jetstress 2010 Microsoft Exchange Server Jetstress 2007 Inter-Organization Replication Tool Application Analysis Envisioning Process Microsoft Application Analyzer 2006 for Lotus Domino Exchange Server 2003 Coexistence and Migration for Lotus Domino Mail Migrating from Lotus Notes to the Microsoft Collaboration Platform Exchange 2010 UM Troubleshooting Tool Created by Aslam Kader

Operations Manager Management Pack for Exchange 2010 Operations Manager Management Pack for Exchange 2010 Guide Operations Manager Management Pack for Exchange 2007

Name all the client connection options in Exchange 2007/ 2010.

POP3 IMAP Outlook Anywhere (formerly known as RPC over HTTP).

What is Direct Push? What are the requirements to run it?

Direct Push is a feature that's built into Microsoft Exchange Server 2010. Direct Push keeps a mobile phone current over a cellular network connection. It provides notification to the mobile phone when new content is ready to be synchronized to the mobile phone. Overview For Direct Push to work, the mobile phone or other mobile device must be Direct Push capable. These devices include the following: Mobile phones that have Windows Mobile 5.0 with the Messaging and Security Feature Pack (MSFP) or a later version of Windows Mobile. Mobile phones that are produced by Microsoft Exchange ActiveSync licensees and are designed specifically to be Direct Push compatible.

By default, Direct Push is enabled in Exchange 2010. Mobile phones that support Direct Push issue a long-lived HTTPS request to the server running Microsoft Exchange. The Exchange server monitors activity on the user's mailbox and sends a response to the device if there are any changes, such as new or changed e-mail messages or calendar or contact items. If changes occur within the lifespan of the HTTPS request, the Exchange server issues a response to the device that states that changes have occurred and the device should initiate synchronization with the Exchange server. The device then issues this request to the server. When synchronization is complete, a new long-lived HTTPS request is generated to start the process again. This guarantees that e-mail, calendar, contact, and task items are delivered quickly to the mobile phone, and the device is always synchronized with the Exchange server.

How would you remote wipe a PPC?

Microsoft Exchange Server 2007 lets you send a command to a mobile device that will perform a wipe of the device. This process, known as a remote device wipe, clears all Exchange information that is stored on the device. You can use this procedure to clear data from a stolen device or to clear a device before assigning it to another user. Before You Begin To perform this procedure, the account that you use must be delegated the Exchange Server Administrator role. For more information about permissions, about how to delegate roles, and about the rights that are required to administer Exchange Server 2007, see Permission Considerations. Created by Aslam Kader

Note: To perform a remote device wipe on a device by using the Exchange Management Console, the user must be assigned to an Exchange ActiveSync mailbox policy. For more information about how to add users to an Exchange ActiveSync mailbox policy, see How to Add Users to an Exchange ActiveSync Mailbox Policy. Procedure To use the Exchange Management Console to perform a remote device wipe 1. 2. 3. 4. Open the Exchange Management Console. Under Recipient Configuration, click Mailbox. In the Mailbox window, select the user. In the action pane, click Manage mobile device or right-click the user's mailbox, and then click Manage mobile device. 5. Select the mobile device from which you want to clear all data. 6. In the Actions section, click Clear. 7. Click Clear again. To use Outlook Web Access to perform a remote device wipe 1. 2. 3. 4. 5. 6. 7. 8. Open Outlook Web Access. Log on to the device owner's mailbox. Click Options. In the navigation pane, select Mobile Devices. Select the ID of the device that you want to wipe and remove from the list. Click Wipe all data from device. Click OK. Click Remove Device from List.

To use the Exchange Management Shell to perform a remote device wipe 1. Run the following command to obtain the identity of the device: Get-ActiveSyncDeviceStatistics - Mailbox jeffhays | fl Identity 2. Run the following command: Clear-ActiveSyncDevice -Identity WM_jeffhayes Note: In these commands, <jeffhayes> represents the actual identity of the device owner.

What are the issues with connecting Outlook from a remote computer to your mailbox? What is RPC over HTTP? What are the requirements to run it?
In Microsoft Exchange Server 2010, the Outlook Anywhere feature, formerly known as RPC over HTTP, lets clients that use Microsoft Office Outlook 2010, Outlook 2007, or Outlook 2003 connect to their Exchange servers from outside the corporate network or over the Internet using the RPC over HTTP Windows networking component. Outlook Anywhere and Exchange 2010 Created by Aslam Kader

The Windows RPC over HTTP Proxy component, which Outlook Anywhere clients use to connect, wraps remote procedure calls (RPCs) with an HTTP layer. This allows traffic to traverse network firewalls without requiring RPC ports to be opened. In Exchange 2010, as in Exchange 2007, it's easy to deploy and manage this feature. To deploy Outlook Anywhere in your Exchange 2010 messaging environment, you need to enable Outlook Anywhere on at least one Client Access server using the Enable Outlook Anywhere wizard in the Exchange Management Console. Benefits of Using Outlook Anywhere Outlook Anywhere offers the following benefits to clients that use Outlook 2010, Outlook 2007, or Outlook 2003 to access your Exchange messaging infrastructure:

Users have remote access to Exchange servers from the Internet. You can use the same URL and namespace that you use for Outlook Web App and Microsoft Exchange ActiveSync. You can use the same Secure Sockets Layer (SSL) server certificate that you use for both Outlook Web App and Exchange ActiveSync. Unauthenticated requests from Outlook can't access Exchange servers. You don't have to use a virtual private network (VPN) to access Exchange servers across the Internet. You don't have to configure anything in Exchange 2010 when you're using SSL session ID load balancing on the Client Access server with Outlook Anywhere. If you already use Outlook Web App with SSL or Exchange ActiveSync with SSL, you don't have to open any additional ports from the Internet. You can test end-to-end client connectivity for Outlook Anywhere and TCP-based connections by using the Test-OutlookConnectivity cmdlet.

Deploying Outlook Anywhere Deploying Outlook Anywhere for your organization is straightforward. The following recommendations should be followed to successfully deploy Outlook Anywhere:

Use at least one Client Access server per site In Exchange 2010, a site is a network location with highbandwidth connectivity between all computers. We recommend that you install at least one Client Access server in each site to provide client access to the Mailbox server. However, you can have multiple Client Access servers in each site for increased performance and reliability. Enable Outlook Anywhere on at least one Client Access server We recommend that you have one Client Access server in each site that has Outlook Anywhere enabled. This lets clients that use Outlook 2010 or Outlook 2007 connect to a user's mailbox through the Client Access server in the site. Users will connect by using HTTPS to the Client Access server that's in the site where the user's mailbox is located. This reduces the risk associated with using RPCs across the Internet. Using RPCs across the Internet can adversely affect performance.

What is Cached Mode in OL2003/2007?

Created by Aslam Kader

Cached Exchange Mode, available in Outlook 2010, 2007, and 2003, is similar to offline folders in previous versions of Outlook, though easier to use. Cached Exchange Mode allows you to work with your Exchange account data when your connection to the Exchange server is interrupted or unavailable. Cached Exchange Mode stores a copy of your mailbox on your computer by automatically creating and using an offline folder file (an .ost file), into which it downloads and maintains a synchronized copy of the items in all the folders of your mailbox. Outlook automatically manages your server connection and data updates; when your connection is restored, Outlook synchronizes your cached mailbox with your mailbox on the server.

What are the benefits and issues when using cached mode? How would you tackle those issues?
By default Cached Exchange Mode is on for mailbox and off for public folder favorites. Benefits: Cached Exchange Mode isolate the customer from intermittent connectivity issues from the Exchange & GC servers. Since the user is primary working out of the offline address book and OST, it means fewer round trips to the server when looking at the same message lots of times. Less round tripping to the server means that one should be able to have a higher user per server count. Cached mode is also required in order for the junk email feature to work in Outlook. Issues: The biggest drawback is that it can take up to 24 hours before the end user sees a change to the global address list. This is because the default behavior of Outlook 2003 is to update the OAB once a day. If your organization have frequent address book changes than it is recommended to turn off Cached Exchange Mode.

What is S/MIME? What are the usage scenarios for S/MIME? What are the IPSec usage scenarios for Exchange 2003? How do you enable SSL on OWA? What are the considerations for obtaining a digital certificate for SSL on Exchange? What are SAN certificates?
Subject Alternative Names protect multiple host names with a single SSL certificate. It allows specifying a list of host names to be protected by a single SSL certificate. The Subject Alternative Name extension has been a part of the X509 certificate standard since before 1999, but only recently achieved widespread use with the launch of Microsoft Exchange Server 2007-which makes good use of Subject Alternative Name to simplify server configuration. What can a Subject Alternative Names do? Secure host names on different base domains in one certificate. Virtual Host Multiple SSL sites on a single IP address. Hosting multiple SSL-enabled sites on a single server typically requires a unique IP address per site, but a certificate with Subject Alternative Names can solve this problem. Microsoft IIS 6 and Apache are both able to Virtual Host HTTPS sites using Unified Communications SSL certificate, also known as SAN certificates. SAN Certificates can secure:

Created by Aslam Kader

 Multiple fully qualified domain names (FQDN) with a single certificate. SAN Certificates are often needed to secure Exchange 2007 Server or Office Communications Server 2007. Instances where there is a need to secure multiple domains that resolve to a single IP address (such as in a shared hosting environment). Using a SAN certificate saves the hassle and time involved in configuring multiple IP addresses on Exchange 2007 server, binding each IP address to a different certificate, and running a lot of low level PowerShell commands just to piece it all together.

Name a few 3rd-parties CAs. What do you need to consider when using client-type AV software on an Exchange server? What are the different clustering options in Exchange 2003? Which one would you choose and why. Why log file size reduced in exchange server 2010?
The transaction log files are a record of every transaction performed by the database engine. All transactions are written to the log first, and then lazily written to the database. Unlike Exchange Server 2003, the transaction log files in Exchange 2010 have been reduced in size from 5 MB to 1 MB. This change was made to support the continuous replication features and to minimize the amount of data loss if primary storage fails.

What is the difference between LCR, CCR and SCR?

The original RTM release of Exchange Server 2007 offered two different types of continuous replication: local continuous replication and cluster continuous replication. Local continuous replication provides a degree of fault tolerance on a single mailbox server. The basic premise is that LCR creates a secondary copy of an Exchange Server database on a separate volume than the server. In contrast, CCR uses a similar method to create a separate copy of the database and stores it on a separate Exchange server. When Microsoft released Service Pack 1 for Exchange Server 2007, it introduced a third type of continuous replication known as standby continuous replication (SCR). SCR is similar to CCR; however, CCR can only create one replica of a protected database. SCR can create multiple replicas of a database. Even though Exchange Server 2007 provides three different types of continuous replication, all three work in basically the same way. Continuous replication is based on a technique called log shipping, which involves copying each log file to the location where the backup database is stored while the log file is built. The log file is then replayed against the replica database, bringing the database into a current state. Microsoft classifies continuous replication as a storage group-level operation, but I think it's more accurate to classify it as a database-level operation. Log files reside at the storage group level, but continuous replication, in any form, limits the protected storage group to a single database. Therefore, continuous replication could be considered a database-level operation because it involves a single database.

What is SCC?
Created by Aslam Kader

A single copy cluster (SCC) is a clustered mailbox server that uses shared storage in a failover cluster configuration to allow multiple servers to manage a single copy of the storage groups. This feature is similar to the clustering features in previous versions of Microsoft Exchange. However, there are some significant changes and improvements that have been made. The way in which you build, manage, and troubleshoot an SCC is completely different from the way in which previous versions of Exchange clusters were built and managed. In addition, the out-of-box failover behavior has changed significantly in Microsoft Exchange Server 2007. SCCs require the use of a shared-nothing architecture, which includes shared disk storage. In a shared-nothing architecture, although all nodes in the cluster can access shared data, they cannot access it at the same time. For example, if a physical disk resource is assigned to node 1 of a two-node cluster, node 2 cannot access the disk resource until node 1 is taken offline, fails, or the disk resource is moved to node 2 manually. In an SCC, an Exchange 2007 Mailbox server uses its own network identity, not the identity of any node in the cluster. This network identity is referred to as a clustered mailbox server. If the node running a clustered mailbox server experiences problems, the clustered mailbox server goes offline for a brief period until another node takes control of the clustered mailbox server and brings it online. This process is known as failover. The storage hosting the clustered mailbox server's storage groups and databases is hosted on shared storage that is available to each possible host node of the clustered mailbox server. As the failover occurs, the storage associated with the clustered mailbox server is logically detected from the failed node and placed under the control of the new host node of the clustered mailbox server. In addition to failover, an administrator can manually move a clustered mailbox server between nodes in a cluster. This process is known as a handoff. A handoff should only be performed using the Move-ClusteredMailboxServer cmdlet in the Exchange Management Shell, or, if running Exchange 2007 SP1, by using the Manage Clustered Mailbox Server wizard in the Exchange Management Console.

You have installed Exchange 2007 RTM and are looking to enable SCR but cannot find the option to do so in the EMC or in PS. Why?
Standby continuous replication (SCR) is introduced with Service Pack 1, you have to install SP1 of higher to use SCR.

How do you enable LCR?

To use the Exchange Management Console to enable LCR for an existing storage group 1. 2. 3. 4. Start the Exchange Management Console. Expand Microsoft Exchange, expand Server Configuration, and then select Mailbox. In the result pane, select the Mailbox server that contains the storage group that you want to enable for LCR. In the work pane, right-click the storage group that you want to enable, and then select Enable Local Continuous Replication. The Enable Storage Group Local Continuous Replication Wizard will start. On the Introduction page, click Next. On the Set Paths page, you can specify the locations for the LCR log files and LCR system files by clicking Browse for the appropriate field. Click Next to continue. Created by Aslam Kader

5. 6.

7.

The database page appears with the name of the database in the storage group. Use Browse to specify the path for the LCR database file. Click Next to continue. Review the Configuration Summary information on the Enable page, and verify that the correct paths have been configured. After you have verified the paths, click Enable to enable LCR for the storage group. After the storage group and database have been enabled for LCR, click Finish to close the wizard.

8.

9.

To use the Exchange Management Shell to enable LCR for an existing storage group 1. 2. Open the Exchange Management Shell. Run the following command: Enable-DatabaseCopy -Identity <Server><StorageGroup><Database> CopyEDBFilePath:<FullPathIncludingDatabaseFileName> 3. After the Enable-DataBaseCopy command has successfully completed, run the following command: Enable-StorageGroupCopy -Identity CopySystemFolderPath:<FullPath> <Server><StorageGroup> -CopyLogFolderPath:<FullPath> -

Note: The account you use to perform this operation must be delegated the Exchange Server Administrator role and local Administrators group for the target server. After LCR has been enabled for a storage group, it will initially report a status of Initializing. The storage group will change from a status of Initializing to a status of Healthy after one transaction log file has been generated. LCR cannot be enabled on a Mailbox server that contains one or more standby continuous replication (SCR) targets. Although LCR can be enabled on a Mailbox server that is configured as an SCR source, LCR and SCR targets cannot be combined on the same Mailbox server.

What Exchange edition version do you need for LCR? What Windows edition version do you need for LCR?
Exchange 2007 RTM or higher SP level, Windows 2003 or higher.

How do you recover from a store corruption when using LCR? Name the procedures you would use.
To bring the LCR replica database online right-click on the (Sever Configuration => Mailbox => Database Management) storage group and choose Restore Storage Group Copy. Complete the wizard to enable the passive copy. This process checks that the replica log files have been brought completely up to date and replayed into the replica database so that it is ready to be mounted. Before the passive copy can be brought online it must be placed in the location of the original production database. For a large database file copying it from one location to the other would be very time consuming. Instead you should modify the drive letter and folder path of the passive copy so that it matches the original active copy. For example, if the passive copy was in F:SG1Data-LCR, use Disk Manager to re-assign that volume to the drive letter E: and then rename the path to SG1Data.

Created by Aslam Kader

Note that this is not necessary if during the Restore Storage Group Copy wizard you ticked the box to update the database paths to match the passive copy location. This method means that you can immediately mount the database without having to remap any volumes, however it may cause confusion for administrators later on when they encounter an active database in what they thought was a passive replica location. The activation of the passive copy is completed by simply mounting the database. Once the database is back online you then need to re-enable LCR to protect it from future failure situations

Describe DAG in Exchange 2010.

A DAG is a set of up to 16 Mailbox servers that provide automatic database-level recovery from failures that affect individual databases. Any server in a DAG can host a copy of a mailbox database from any other server in the DAG. When a server is added to a DAG, it works with the other servers in the DAG to provide automatic recovery from failures that affect mailbox databases, such as a disk failure or server failure. Each Mailbox server can host as many as 100 databases, and each database can have as many as 16 copies.

Considering DAGs in Exchange 2010, why does Microsoft claim that you can run raidless?
Exchange 2010 has a new I/O pattern that results in 70 percent lower I/O requirements than Exchange 2007 (and Exchange 2007 had 70 percent lower I/O requirements than Exchange 2003!). This reduced I/O pattern, thanks to optimizations that make it so writes don't come in bursts anymore, combined with advancements in SATA drives, means SATA is now a realistic storage platform for Exchange 2010. SATA was previously just for desktop systems. In addition, with the new database availability group (DAG) for high availability of mailboxes, the new guidance from Microsoft is that if you have databases replicated on at least three servers in the DAG, you don't even need RAID on the storage anymore. Because you have backups of the data in essentially real time on the mailbox duplicates and Hub Transport dumpster, you can use just a bunch of disks (JBOD) configurations. If you don't use DAG or have only two servers replicating a database, you should still use RAID for the database. RAID was previously used for I/O purposes in addition to high availability, but because of the drop in I/O requirements, single disks are now an option. Microsoft is suggesting one disk per database/transaction log going forward, providing you have the database replicated between at least three servers.

Would you run Backup-less even when implementing DAGs in Exchange 2010? Why?
For a backup-less environment to be feasible you must: Have at least three DAG members across two physical locations Have at least one lagged database copy (this is a copy that lags behind at a set interval before committing replication data to the database) Have circular logging enabled for all of the databases Have your archive and retention settings fully implemented and optimized to prevent permanent deletion of data Have your Role-Based Access Control fully locked down to prevent inexperienced administrators from destroying the DAG itself through error or malicious intent. Created by Aslam Kader

Not be using Public Folders (which are not protected by DAGs) Obviously that all becomes complex in its own right, not to mention potentially very expensive. Multiple physical locations mean more data-centre costs, and the number of DAG members increases the number of expensive Enterprise Edition licenses required for Windows Server 2008. Even with all of the complexities understood and the expenses affordable for an organization, there still remains some risk of complete loss of email data through a disaster. With that in mind it is more feasible that a less complex DAG deployment can simply be used to reduce the frequency of backups, rather than eliminate them entirely.

Brick level backups (From Exmerge to Import-Mailbox/Export-Mailbox)

Brick-Level mailbox backup is a method in which the backup program logs on into each mailbox on the store (by using MAPI, just like Outlook does) and then backs-up the contents of the mailboxes to the tape device. Each mailbox is backed up individually, and thus restoring a specific mailbox in case it has been deleted and purged from the database is easier than before. Only few backup software support Brick-Level backups. The main reasons for the lack of Brick-Level support are that a Brick-Level backup is not designed to fully protect an Exchange server, just one mailbox at a time. It is not an alternative to a monolithic (full) backup/restore. A Brick-Level restore cannot be used to recover the Information Store after a disaster. If used, a Brick-Level backup must be utilized in conjunction with a monolithic backup in order to fully protect the server. In order for any 3rd-party backup software to be able to do Brick-Level backups, the product would have to backup multiple copies of the same message. In other words, it would have to change the Exchange Single Instance architecture database. Removing the Single Instance architecture is possible but it would mean longer backup time and greater tape usage.

Can you use Exmerge in Exchange 2007 2010? Why?

Exmerge can be used with Exchange 2007, but it is not recommended. Export-Mailbox cmdlet introduced with Exchange 2007 to do the same task.

How do you export mailbox content in Exchange 2007 2010?

Export-Mailbox can be used to export mailbox data from one, or many mailboxes, to another mailbox or PST file, based on folders, message keywords, attachment file names or dates. It can also be used to delete original content from the mailbox once it has been extracted. The Export-Mailbox command can extract mailbox data from Exchange 2000 (SP3 or later), Exchange 2003 (SP2 or later) or Exchange 2007 servers. However, you must move extracted data to an Exchange 2007 server. For example, you cannot use the Export-Mailbox command to move Exchange 2007 data to an Exchange 2003 server. Previously, an administrator using Exmerge had to grant himself permission to access a user's mailbox before being able to extract information. This is also true for the Export-Mailbox command. You cannot export a mailbox's contents without first granting yourself permission to do so. Use Add-MailboxPermission cmdlet to grant full access rights to admin user id (it is recommended to use separate user account) used for exporting mailbox. Created by Aslam Kader

Add-MailboxPermission -Identity <mailboxUser> -AccessRights FullAccess -user <admin>@<domain.ext> Now Run as Exchange Management Shell with admin user id (to whom access rights granted in previous command) and run the following command Export-Mailbox Identity <mailboxUser> -PSTFolderPath <pathToSavePST> PSTFolderPath must be a full path pointing either to a directory or to a (.pst) file.

What are streaming backups?

Streaming backup is a backup method where copies of all desired database files and the necessary log files are made during the backup process. File copies may be saved directly to tape or can be made to any other storage device. No quiescing of activity of any kind is required with streamed backups. Both the database and log files are check summed to ensure that no data corruptions exist within the data set during the backup process. Streaming backups may also be incremental backups. Incremental backups are ones in which only the log files are copied and which can be restored along with a previous full backup to bring all databases to a recent state. Streaming backup functions on Extensible Storage Engine (ESE) application programming interfaces (API). The streaming backup technology is used by Microsoft Windows Server Backup as well as many third-party products. This technology has been available in all previous versions of Exchange and has a mature feature set.

What are VSS backups?

The Volume Shadow Copy Service provides the backup infrastructure for the Microsoft Windows XP and Microsoft Windows Server 2003 operating systems, as well as a mechanism for creating consistent point-in-time copies of data known as shadow copies. The Volume Shadow Copy Service feature in Microsoft Windows Server 2003 can be used to create applications that backup and restore Microsoft Exchange Server 2007. Solutions based on VSS infrastructure can use the shadow copies to backup and restore one or more Exchange Server 2007 databases. VSS coordinates communication between VSS Requestors (for example, backup applications), VSS Writers (for example, the Microsoft Exchange Server 2007), and VSS Providers (system, software, or hardware components that create the shadow copies). To use VSS to backup Exchange Server 2007, the backup application must include an Exchange Server 2007-aware VSS requestor.

How would you backup Exchange 2007 / 2010 on a Windows Server 2008 / R2 machine without using 3rd-party tools?
Exchange 2007 Service Pack 2 (also available with Exchange 2010) includes a VSS plug-in for Windows Server Backup to support Exchange backups. Once SP2 is installed, you can use Windows Server Backup to back up and restore your Exchange 2007 SP2 databases. The new plug-in is delivered in the form of a single executable called WSBExchange.exe. This plug-in is automatically installed by SP2 on all Exchange 2007 Mailbox servers. The plug-in enables Windows Server Backup to be able to make Exchange-aware VSS backups.

What is a Recovery Storage Group? How do you work with one?

Created by Aslam Kader

The Recover Storage Group (RSG) feature, which was originally introduced back in Exchange 2003, gives you as the Exchange administrator, the option of mounting a second copy of a mailbox database (typically a mailbox database restored from backup) so that you can extract data from one or more mailboxes in the respective database without affecting the production databases if you need to do so during working hours. RSG is created using the Exchange Troubleshooting Assistant (ExTRA) in Exchange 2007, which is launched via the Database Recovery Management tool, which is found under the Exchange Toolbox work center, or by using the Exchange Management Shell (EMS). When mounting a copy of a Mailbox database to an RSG you can extract the data from a mailbox and then merge the data with another mailbox located in a mailbox database in a production Storage Group, but you can also extract the data and then copy it to a specific folder in another mailbox.

What built-in tool do you have to allow you to manage Exchange store recoveries?
The following built-in tools are available with Microsoft Exchange Server 2007: 1. Database Recovery Management The Database Recovery Management tool uses the same engine as the Exchange Troubleshooting Assistant to programmatically execute a set of troubleshooting steps to identify issues with the database that you specify. It then provides multiple wizards to guide you through possible solutions for already identified issues. 2. Database Troubleshooter The Database Troubleshooter also uses the same engine as the Exchange Troubleshooting Assistant (ExTRA) to programmatically execute a set of troubleshooting steps to identify the root causes of database mounting issues. The tool automatically determines the set of data that is required to troubleshoot the identified symptoms and collects configuration data, performance counters, event logs, and live tracing information from Exchange Server and other appropriate sources. Then, it provide guidance for possible solutions with links to related database recovery management wizards. 3. Exchange Server Database Utilities Exchange Server Database Utilities (Eseutil.exe) is a command-line tool that works with the Extensible Storage Engine (ESE), database files, and log files that are associated with an Exchange database. You can use Eseutil to verify, modify, and repair an Exchange database file. When a database is corrupt or damaged, you can restore data from backup or repair it using Eseutil. 4. Information Store Integrity Checker The Information Store Integrity Checker (Isinteg.exe) finds and eliminates errors from the public folder and mailbox databases at the application level. Isinteg is not intended for use as a part of routine information store maintenance; it is provided to assist in disaster recovery situations. Because the Isinteg tool works at the logical schema level, it can recover data that Eseutil cannot recover. This is because data that is valid for the Eseutil tool at the physical schema level can be semantically invalid at the logical schema level. The Isinteg tool performs two main tasks: It patches the information store after a restore from an offline backup. It tests and optionally fixes errors in the information store. Created by Aslam Kader

These tools comprise the core disaster recovery applications for Exchange 2007. You can find the Database Recovery Management tool and the Database Trouble-shooter in the Toolbox of the Exchange Management Console. These tools provide a graphical user interface (GUI) for many of the command-line tools used to troubleshoot Exchange databases.

What is the difference between online and offline defrag?

Exchange Server 2007 performs an automated daily defragmentation as part of the scheduled database maintenance. This process, known as an online defragmentation, is intended to keep the databases healthy and free from corruption, but it does not shrink the physical size of the database. The process rearranges mailbox store and public folder store data more efficiently, eliminating unused storage space. Online defragmentation makes additional database space available by detecting and removing database objects that are no longer being used. In an Exchange environment, as more data is added to a database, the database grows in size. When messages or mailboxes are deleted, however, the database does not decrease in size, it simply frees up available whitespace that can be overwritten by new mail or mailboxes. Although this is not normally a problem for an environment, there are scenarios in which it can create issues. For example, if a database was to grow extremely large and, in an effort to redistribute the load, an administrator was to move 50% of the mailboxes to another server, the database would still remain the same size. Even though the database contains 50% whitespace, it still must be backed up in its entirety and, in the event of a disaster, would have to be restored as such. The only way to shrink a database is to perform an offline defragmentation, which is a manual process utilizing the eseutil /d command. To determine the amount of whitespace contained within a database, view the application log of the Exchange server and filter on Event ID 1221. This event shows how much free space exists within each database. Offline drag is a complicated process. Defrag actually works by reading the original database, and copying used database pages into the brand new database file. When that is all done, delete the original database file and rename the new one and copy it into original database file's place. You need to take your databases offline in order to run Offline drag and it is a time consuming process too. Offline defrag is definitely not something to do on regular basis. And it is typically not needed either. You usually do it when your exchange database is growing to its limits or you done a hard repair of the database. Online Defragmentation Defrag the database online Occurs automatically as part of the database maintenance process Detects and removes database objects that are no longer being used, without changing the file size of the database Offline Defragmentation Must dismount database first Run Eseutil /d manually. Reduce the physical size of the Exchange database.

Created by Aslam Kader

In Exchange 2010, is there any change in the way online and offline defrags are used (or should be used)?
In Exchange 2010, the architecture for online defragmentation has changed. Online defragmentation was moved out of the Mailbox database maintenance process. Online defragmentation now runs in the background 247. You don't need to configure any settings for this feature. Exchange monitors the database as its being used, and small changes are made over time to keep it defragged for space and contiguity. Online defragmentation is also throttled so it doesn't have a negative impact on client performance

What is The Availability Service?

The availability service in Exchange 2007 is largely concerned with how users access the free/busy information of other users. The availability service in Exchange 2007 is one of the new Web services. Briefly speaking, the Exchange 2007 Web services allow applications to access mailbox contents via HTTP, so clearly application development is aimed at these services in Exchange 2007. As we will discuss in detail, the free/busy information for a user hosted on Exchange 2007 is now stored directly in the mailbox, so accessing free/busy information can be achieved via the Web services and thus, specifically, the Availability service.

Where does Exchange 2007/2010 get its routing topology from?

The Exchange 2007 routing topology is derived from the Active Directory directory service site topology. Internal message routing relies on the configuration of Active Directory sites and IP site links to determine the following:

Which Exchange servers can communicate directly?

When messages must be relayed between Active Directory sites. When messages are routed to external domains, they must be routed to Send connectors. If an Exchange 2007 organization coexists with an Exchange 2003 or Exchange 2000 organization, you must maintain routing group connectors.

What protocol is used for the Mailbox to HT transport?

Hub Transport server communicates with a Mailbox Server using MAPI/RPC. If a message is sent between different Hub Transport servers in different Active Directory sites, the transport protocol used is SMTP. This holds true for communication between an Exchange 2007 Hub Transport server and a legacy Exchange routing group connector.

What is the ECP in Exchange 2010 OWA?

The Exchange Control Panel is a Web application that runs on a Client Access Server providing services for the Exchange organization. This Exchange Control Panel is installed automatically when you install a Client Access server. By default, the Exchange Control Panel URL is https://yourserver.yourdomain.com/ecp. The ECP is primarily targeted to be used by End users Personnel granted the authority to self-manage aspects of their accounts such as the ability to track messages they have sent and received, create and manage distribution lists, or edit aspects of their personal account information. Hosted tenants Tenant administrators for hosted customers. Specialists Personnel such as Help Desk operators, Department Administrators, and eDiscovery Administrators who have had the appropriate level of access delegated by administrators. Created by Aslam Kader

It is important to note the Exchange Control Panel is RBAC-aware, meaning that administrative options are available only to those who have the appropriate permissions to utilize them. ECP can show a user logged in with full administrative access several administrative tasks (note the Select What to Manage option in the top-left corner and the Manage your Organization option in the bottom-right corner) which show the same interface as viewed by a standard user.

A user opens an OWA session from an external computer. Which role does that user connect to?
Client Access server role.

What ports do you need to open between the DMZ holding the Edge role and your internal network?
The recommended practice is to put the Edge Transport server within a perimeter network. To make sure that the server can send and receive e-mail and receive recipient and configuration data updates from the Microsoft Exchange Edge-Sync service, you must allow communication through the ports that are listed in the following table. Communication port settings for Edge Transport servers Network interface Inbound from and outbound to the Internet mail flow to and from the Internet. Inbound from and outbound to the internal network mail flow to and from the Exchange organization. Local only local connection to AD LDS. Inbound from the internal network Edge-Sync synchronization. Open port 25/TCP Protocol SMTP Note This port must be open for

25/TCP

SMTP

This port must be open for

50389/TCP

LDAP

This port is used to make a

50636/TCP

Secure LDAP

This port must be open for

Inbound from the internal network 3389/TCP RDP Opening this port is optional. It provides more flexibility in managing the Edge Transport servers from inside the internal network by letting you use a remote desktop connection to manage the Edge Transport server.

What is lost log resilience?

In Exchange 2007, an internal component of Extensible Storage Engine (ESE) called LLR enables you to recover Exchange databases even if one or more of the most recently generated transaction log files have been lost or damaged. By default, LLR is enabled on all Exchange 2007 mailbox servers. LLR enables a mailbox database to mount even when recently generated log files are unavailable. One cause of unavailable log files is a lousy failover in a cluster continuous replication (CCR) environment, which is also known as an unscheduled outage. The order of write operations of Exchange data is always memory, log file, and then database file. LLR works by delaying writes to the database until the specified number of log generations have been created. LLR delays recent updates to the database file for a short time. The length of time that writes are delayed depends on how quickly logs are being generated. Created by Aslam Kader

In the event of a failover, the passive copy of the databases can be automatically mounted by the Microsoft Exchange Information Store service if the number of lost logs is fewer than the allowable amount as configured by an administrator. An administrator determines the maximum number of logs that can be lost before the database cannot be mounted on a failover by setting the AutoDatabaseMountDial parameter. This parameter, which is represented in the Active Directory directory service by an Exchange attribute called msExchDataLossForAutoDatabaseMount, has three values: Lossless, Good Availability, and Best Availability. Lossless is 0 logs lost, Good Availability is 3 logs lost, and Best Availability, which is the default, is 6 logs lost.

What is the default replication interval for Edge sync?

The configuration and recipient data is kept up to date by periodically synchronizing changes from Active Directory to Active Directory Lightweight Directory Services (AD LDS). By default, configuration data is synchronized to AD LDS once every hour, and recipient data is synchronized to AD LDS once every four hours. You can change these intervals using the Set-EdgeSyncService cmdlet.

What is Online Mailbox Move in Exchange 2010?

Exchange 2010 came up with a new feature called 'Online Mailbox Move' that allows end-users to be online in their email accounts during the movement of mailbox. On completing the move users just needs to reopen their Outlook clients. Mailbox Move Requests are a new feature set of Exchange 2010 and requires running a series of Cmdlets to perform asynchronous online mailbox moves with the help of a service agent called Mailbox Replication Service (MRS). MRS is available on all Exchange 2010 Client Access Servers. Note: Online mailbox moves are only supported in the following scenarios while moving mailboxes within the same forest or across forests. Between two Exchange 2010 databases From Exchange 2007 SP2 database to Exchange 2010 database

What is Edge synchronization?

The Edge Subscription process is the procedure that an administrator follows to establish an Edge Subscription for an Edge Transport server. You subscribe an Edge Transport server to an Active Directory site to associate the Edge Transport server with the Exchange organization.

How do you enable Edge subscription? How to set up an Edge Subscription

Open the Exchange Management Shell on the Edge Transport server, and enter this command: New-EdgeSubscription file "C:\subscription.xml" Answer Y Transfer EdgeSubscription.xml to the Hub Transport server Open Exchange Management Console In the left tree choose Organization Configuration and then Hub Transport Created by Aslam Kader

In the Actions pane click New Edge Subscription Choose active directory site, if you have multiple sites though, then you should make the Edge Transport server a member of the site that has the fastest (or most reliable) network connectivity to the perimeter network. Use the Browse button to browse for and select the subscription.xml file. Verify that the Automatically Create A Send Connector for this Edge Subscription checkbox is selected, then click the New button to import the XML file and create the Edge Subscription.

Where does Edge role store its settings?

The Edge Transport server uses Active Directory Application Mode (ADAM) to store the required Active Directory data, which is data such as Accepted Domains, Recipients, Safe Senders, Send Connectors and a Hub Transport server list.

How to turn on/off Exchange Cached Mode in Outlook 2003/2007 Deploying Exchange Server 2007 and Office Communications Server 2007 R2 (Part 1) Bare metal environment Database Availability Group (DAG) -Exchange 2010 Why Do You Need ForestPrep and DomainPrep? Difference between windows 2003 and windows 2008 Discontinued Features from Exchange 2003 & 2007 to Exchange 2010 RTM What to Check When Exchange Cannot Send Email to Certain Domains Dial tone recovery 2010 using EMC Dial Tone Recovery 2010 using Powershell Dumpster OR Single Item Recovery in Exchange Server 2010 Prepare Active Directory and Domains Download Microsoft Exchange Troubleshooting Assistant v1.1 Microsoft Exchange Server 2010 Transport Server Role Architecture Diagrams Exchange 2007 Interview Created by Aslam Kader

Exchange 2010 and Symantec Backup Exec Restore Scenarios Deploying Symantec Backup Exec Off-host Backups for Exchange Server 2007 Symantec Backup Exec (TM) 12.5 for Windows Servers Administrator's Guide (English) Corporate like Wipro, HP & HCL Interview Question and Answer Interview Question of 2003 / 2007

Created by Aslam Kader