Wednesday, October 25, 2017

Microsoft Exchange Server Interview Questions & Answers Part 4



How can I see when Exchange last updated the OAB?

Get-OfflineAddressBook|FL LastTouchedTime


Extensible Storage Engine

The database engine Exchange Server uses is built on the ESE. The ESE exists in several flavors:

  • ESE97 for Exchange Server 5.5
  • ESE98 for Exchange Server 2000/2003
  • ESENT for Active Directory
  • ESE for Exchange Server 2007 and Exchange Server 2010

What is Transport Rules in Exchange Server 2013?

By using transport rules in Exchange 2013 we can filter, inspect or block any confidential emails that match any specific conditions with the email that matches the transport rule. By using this we would be able to prevent the leakage of the sensitive data in any organization.

Transport rules along with DLP and policy tips can be used to give end users warning informational tips when they try to send any emails which does not abide the company policy.

In-order to achieve this we need to create a transport rule first, and then create an associated DLP policy and then configure policy tips for the same.


Explain Accepted Domain and Remote Domain in Exchange Server 2013?

An Accepted Domain name is any SMTP namespace that your organization used to send and receive emails. Also the Accepted Domain includes the domains that are authoritative domain, internal relay or external relay domain.

Remote Domains are configured to control the settings of message transfer between your Exchange Organization and the remote domains. We control the settings like Message Format, Automatic Replies and NDR using the Remote domains


Categories /types of accepted domains in exchange 2013?

Authoritative Domain – It is the SMTP name space that is used by your Exchange Organization to send\receive emails

Internal Relay Domain – When an Exchange Organization is sharing the same address space with 3rd party messaging or other exchange organization, the you need to create a internal relay domain, and you have to configure a Send Connector in Mailbox Server as the source with address space matches to the internal relay domain.
For example: If your company (A) and your partner company (B) is sharing the same SMTP namespace as @ab.com and your domain is authoritative to receive emails for Chennai.com. If an email sent for the user xyzr@ab.com first received by A and if the user mailbox is not there, then the email will be route to B organization using Send Connector

External Relay Domain – When you configure an external relay domain, messages are relayed to an email server that’s outside your Exchange organization and outside the organization’s network perimeter
By default the active directory domain name will be created as the default accepted domain for the Exchange Organization


Difference in replication of public folder in 2010 &2013 exchange DAG?

In Exchange2010, the public folders were not part of Database Availability Groups (DAGs) and used same PF replication method to achieve resilience and high availability. The drawback with this replication is that sometimes the user needs to wait for minutes to get the PF updated.

In Exchange 2013 the Public Folder is no longer a separate database. These are special mailboxes which store both the public folder hierarchy and the content and the replication uses continuous replication model. The PF is moving away from Multi-Master Replication Model to a Single-Master Replication Model of the Database Availability Groups (DAGs).


How Autodiscover works in exchange 2010 /2013?

  1. Look in Active Directory to see if there is information about Exchange
  2. Look at the root domain of the user’s email Address for configuration info
  3. Look at autodiscover.emaildomain.com for configuration info
  4. Look at the domain’s root DNS to see if any SRV records exist that point to a host that holds configuration info.

Note here that Outlook will only move from one step to the next if it doesn’t find configuration information.

For each step above, Outlook is looking for a specific file or a URL that points it to that file. The file in question is autodiscover.xml. By default, this is kept at https://<exchangeservername>/autodiscover/autodiscover.xml. Each step in the check process will try to find that file and if it’s not there, it moves on. If, by the end of step 4, Outlook finds nothing, you’ll get an error saying that an Encrypted Connection was unavailable, and you’ll probably start tearing your hair out in frustration.

How an internal, domain joined (which has Active Directory access) looks up the AutoDiscover record

  1. Outlook opens, and queries Active Directory for the Service Connection Point on an Exchange server for the AutoDiscover URI / URL (I will explain more about this below)
  2. Active Directory returns the URI / URL to the Outlook client, which then looks it up within DNS
  3. Outlook connects to Exchange using the AutoDiscover URL over TCP 135 (RPC Endpoint Mapper) to Authenticate, pulls a ton of Exchange attributes from the mailbox (mainly find the mailbox using the homeMDB attribute along with the version of Exchange the user is on using the msExchangeVersion attribute), pulls the proper TCP ports (RPC Client Access, Address Book Service, Public Folders) and also pulls the Outlook provider record (e.g: EXPR: which gives the EWS InternalURL)
  4. Outlook then negotiates its connection and connects into Exchange 

How an external, non-domain joined client (or domain joined clients who are out of the office) looks up AutoDiscover

  1. Outlook will try to contact the local active directory domain but fails, thus falling back to URLs
  2. Outlook will then attempt to query the https://domain.com/autodiscover/autodiscover.xml, but most likely fails. It falls back to http://domain.com/autodiscover/autodiscover.xml which will also most likely fail
  3. Outlook then tries to connect using https://autodiscover.domain.com/autodiscover/autodiscover.xml, and if this fails it will try over HTTP using http://autodiscover.domain.com/autodiscover/autodiscover.xml
  4. If this fails it will try to locate an SRV record for AutoDiscover (which I won't cover, since I rarely see them utilized in enterprise or medium-small business environments)
  5. If everything fails it will most likely return a HTTP 500 error (service not found)

Eventually Autodiscover will connect over HTTPS if configured properly (e.g: SSL certificates and all) and also make its connection over Outlook Anywhere (RPC/HTTPS). Exchange will return the EXCH Outlook provider record that will contain the ExternalURL for EWS (for things such as Availability service, OOF, ect)


What is an email contact?

Mail contacts are mail-enabled directory service objects that contain information about people or organizations that exist outside your Exchange or Exchange Online organization. Each mail contact has an external email address


How to Monitor DAG

Test-ReplicationHealth –identity EXCHANGESERVERNAME1
Test-ReplicationHealth –identity EXCHANGESERVERNAME2
get-mailboxdatabasecopystatus *

Test-MapiConnectivity cmdlet to verify server functionality and database availability.

Only by monitoring and measuring performance across these three components can you be sure that your Database Availability Groups are actually delivering high availability.


How the flow of the mail is tracked in MS Exchange 2013?

To track message flow in MS Exchange 2013, Delivery Reports are used.  It is applicable for Outlook and Outlook web only.  However, Message Tracking Logs are also helpful to know the flow of the mail


Types of certificates used in Exchange?

Public CA, Internal CA or self-signed

  • Wildcard certificates: These can be used for the entire domain and they are easy to spot because they have a format like *.domain.ca We can have unlimited hosts using that certificate on that domain. The drawbacks are that one single certificate is used for all your servers and in a larger company you do not want to have several departments with access to the same certificate, also they may bring some security concerns because their private key can be in several servers.
    In the past, they used to be more expensive than SAN Certificate but that is not the case anymore.
  • SAN Certificates (Subject Alternative Names)
    This type of certificate allows more than a single name in a single SSL certificate which makes total sense for the new Microsoft products (Lync and Exchange) because several services are using names and all of them are underneath the same IIS Web Site. In some Public CA these certificates are also known as UC Certificates.

When do we need to configure Split brain DNS in AD with Exchange?

When our internal AD is running on private network using .local suffix. Then require configuration in the internal DNS by creating a mirror of the Public Zone in our internal network. This configuration is also known as split-brain DNS.


What is a Smart Host? Why we need to use it?

A smart host is a type of email message transfer agent that allows a Simple Mail Transfer Protocol (SMTP) server to route email to an intermediate mail server rather than directly to the recipient's server.


Where is Exchange Related info stored in Active Directory?

  • Schema Partition: This contains a blueprint of all objects and properties in Active Directory. In a programming scenario, this would be called a class. When you create an object such as a user, it’s instantiated from the user blueprint in Active Directory.
  • Configuration Partition: This contains information used throughout the forest. Regardless of the number of domains configured in Active Directory, all DCs use the same Configuration Partition in that particular Active Directory forest. As such, it’s replicated throughout the Active Directory forest. All changes to the Configuration Partition have to be replicated to all DCs. All Exchange Server 2010 information is stored in the Configuration Partition.
  • Domain Partition: This contains information regarding the domains installed in Active Directory. Every domain has its own Domain Partition, so if there are 60 domains installed, there will be 60 different Domain Partitions. User information, including Mailbox information, is stored in the Domain Partition.

Microsoft Exchange Server Interview Questions & Answers Part 3



How to know the build number for the version of Exchange 2013 that you’re running?
Get-ExchangeServer | Format-List Name, Edition, AdminDisplayVersion

What is white space in exchange and how to find it?
Database white space is the area within Exchange Server mailbox databases that has been reclaimed after an item or object -- such as a mailbox -- has been deleted.
Get-MailboxDatabase -Status | select Name,DatabaseSize,AvailableNewMailboxSpace
To get a completely accurate representation of white space in the mailbox database, admins should use the ESEUTIL /MS command: When using ESEUTIL /MS, you must dismount the target database while the process runs.
Don't worry too much about white space; Exchange does a good job managing it for you. However, if you begin running out of space on a mailbox disk and see that there's a large amount of white space within a particular database that resides on that disk, you should install a new set of disks (or provision a new LUN), create a new store and move the mailboxes over.

How to repair Mailbox DB without dismounting /on live? (Mailbox corruption due to oversized EDB)
Use the New-MailboxRepairRequest cmdlet to detect and fix mailbox corruptions. You can run this command against a specific mailbox or against a database. While this task is running, mailbox access is disrupted only for the mailbox being repaired. If you're running this command against a database, only the mailbox being repaired is disrupted. All other mailboxes on the database remain operational.

What is a recovery database in exchange how it works?
A recovery database allows us to mount a copy of a database on an Exchange server without having any impact on the live copy of that same database. In fact we can even use recovery databases to mount copies of databases from other servers within the same Exchange organization, thanks to database portability.

Delivery groups in exchange? Types?
This is (an evolution of the routing group) and are collections of transport servers that are responsible for delivering messages to a particular routing destination. Transport servers can either be Exchange 2013 Mailbox servers or Exchange 2010 Hub Transport servers (only for routing destinations that are connectors and distribution group expansion servers).
Routable DAG,Mailbox DG,Connector source DG,AD site DG,Server list DG

Explain Exchange Transport pipeline?
Transport pipeline is made up of three different services:
  • Front end transport service: It does basic message filtering based on domains, connectors, senders and recipients. It only connects with the transport service on a mailbox server and does not backlog any messages locally
  • Transport service: It runs on all mailbox servers, and it handles SMTP mail flow. It helps in message categorization and content inspection. The transport services routes messages between the Mailbox Transport service, the Transport Service and Front End Transport service.  This service does not queue messages locally
  • Mailbox Transport: This system includes receiving and sending SMTP to the transport service from mailbox using RPC (Remote Procedure Call).
 

The Mailbox Transport Delivery service receives SMTP messages from the Transport service and connects to the mailbox database using an Exchange Remote Procedure Call [RPC] to deliver the message.
The Mailbox Transport Submission service connects to the mailbox database using RPC to retrieve messages and submits them over SMTP to the Transport service. The Mailbox Transport service also does not queue any messages locally.

The steps for installing cumulative updates and service packs on Exchange 2013?

  • Take a confirmed backup of Active Directory.
  • Take a confirmed backup of your existing Exchange 2013 servers and databases
  • Have documented any customizations such as OWA, config files on servers, registry changes, Lync integration, or third party add-ons.
  • Review the known issues with receive connectors that can cause upgrades to fail, leaving servers in a non-operational state.
  • Verify that your Exchange SSL certificates have not expired.
  • The first servers to be updated in a site are the Mailbox servers.
  • The Client Access servers are updated second.
  • Edge Transport servers can be updated last.

How to determine the current Domain Controller and Global Catalog servers being used by Exchange 2007, 2010, 2013, or 2016 via PowerShell?
Application Event Logs under Event ID 2080.
Get-ExchangeServer -Identity “ServerName” -status | fl

What is the role of GC in Exchange server Scenario?
In order to send and receive email, both the Exchange server and Microsoft Outlook client must be able to query a global catalog server. Exchange server must also query a global catalog server to resolve recipient email addresses. Microsoft Outlook clients can't even open the Global Address List (GAL) unless they can connect to a global catalog server (either directly or via DSProxy).


Name the protocols used by Outlook 2013 with exchange? Is there any changes happened after SP 1 release?
Outlook 2013 normally uses RPC over http for connecting to the exchange but after SP1 up gradation Exchange will use MAPI over RPC.

Explain what is the role of categorizer?
Categorizer performs following functions
  • Recipient Resolution: The e-mail address of the recipient is resolved to decide whether the recipient has got a mailbox in the Exchange Organization or an external e-mail address
  • Routing Resolution: Once the information regarding the recipient is resolved, the ultimate destination for the mail is routed, and the next hop are determined
  • Content Conversion: Once the mail has reached its determined address, the SMTP is converted into readable format like HTML, rich text format or plain text
What is SPF Record? Sender Policy Framework record
An SPF record is a type of Domain Name Service (DNS) record that identifies which mail servers are permitted to send email on behalf of your domain. The purpose of an SPF record is to prevent spammers from sending messages with forged From addresses at your domain

Exchange regenerates the OAB, What is the Default generation schedule?
Default generation schedule 24 hours (Event ID 17002)
8 hours in exchange 2016

Exchange OAB Server distributes the OAB (Only for Exchange 2010, Exchange 2013 uses proxying instead) Default distribution schedule
Default distribution schedule: 480 minutes (8Hours)

Outlook downloads the OAB Default update schedule?
Default update schedule: 24 hours
This means that in the worst possible scenario, an update to the Address Book won’t become available to the user until about 48 hours after the change.
This situation however is extremely rare since the default maintenance time on Exchange is at 5:00 AM and updates and downloads are usually performed during working hours.

If I cannot see a see if a user/group/shared mailbox in my Outlook OAB, how can I tell if it is present in the Global Address List
Look in the Outlook Web App (OWA). OWA looks directly to the GAL for email referencing,