Exchange 2010 total has 5 roles in it

Mailbox server role – this has all the mailboxes and primary role of this role is to host the databases and
provide storage and advance scheduling services for outlook users. Also handles public folder databases

CAS – client access server role – connection point for all type of mailboxes, it provides outlook web app,
exchange active synch, exchange web services POP/IMPAP and outlook anywhere. In addition the CAS
role provides free/busy through the Availability service.
CAS role also allow certain clients to access automatic configuration settings through the Auto-discover
services, handles the distribution of the offline address book.

Hub Transport Role – This is used for mail transportation and deployed within the AD forest, this role
handles mail flow within the organization. Important features includes are.
1: Transport Rules:
2: journaling
3: Edge synchronizing (If you have Edge Transport Server)
4: Anti-Spam Agents
5: Send/Receive Connectors
6: Email Address Policies
7: Accepted Domain and Remote Domains

Unified Messaging Role: Provides the ability to have a universal mailbox that includes upcoming emails,
faxes and voice mails, an auto attended will help answer calls and direct them to the right voicemail.

Edge Transport Role:

IPV6 shouldn’t be disabled while installing exchange else it will give you error while installing hub and
client access role

In EMC (exchange management console) under organization configuration -Mailbox – sharing policies –
it is mostly used to free/busy information and how you want to share your calendar

There is checkpoint file in c/exchnagedb log – keeps tracking which transaction file is committed
Transaction file and database file is very very important
Journal – if we select this option in exchange that means a copy of that mailbox will be sent to admin
account – this is basically for tracking purpose

Circular logging – if you select this option in maintenance option in database then exchange will not
create more than four (4) log file in c drive – it will automatically cleaning the log and use in emergency
purpose when you don’t have more space

Understanding of CAS (Client Access Role) server: this role is the main server and basically for client
access and is the main connection point for all the client – all the clients (they can be connected from
outlook, active sync) connect to CAS, from CAS it will take user name and password to DC and when
authenticated it connect to mailbox
There are 2 type of policies 1) outlook web app mailbox policy
And another on is active sysnc policy: it will basically user for smart phones from they are connected to
their mailboxes through smart phones
For changing the OWA name for making it simpler – we need to go in DNS and create a Cname and that
Cname will be pointing our server, by doing this end user not need to remember the server name they
only need to remember the web mail

ECP- Exchange control Penal: it’s a tool and new feature in exchange 2010 and it wasn’t available in
exchange 2007, this is for make the basic changing in users profile by them own – it is new feature in
2010 and wasn’t in exchange 2007 – it also has a website

Exchange ActiveSync: this is for Smartphone, user will be accessing their mails through smart phone and
active sync provides them real time data

HUB Transport Role: this is for responsible for transporting of emails, there are 2 transport roles is used
1: Hub transport role – is mainly work internally in the organization
2: Edge transport role – is used in DMG or externally

In Hub there are again 2 roles

1: messaging polices – is used protect emails in organization like – filter confidential information, track
or achieve specific messages
2: Transport rules – it like rules in outlook and it is including Condition, Exception and Action in it
Within transport server there are 2 very important configuration
1: is Send connector: Is used to whenever we send out email to certain domain we must have a send
and receive connector

2: Accepted domain: Just like send connector we need to create accepted domain if we need to accept
anything/emails from outside the organization, we need to create accepted domain.
= According to Microsoft an accepted domain is any SMTP name space which transfer simple mail
transport protocol to sends and receive emails.

Accepted connectors are 3 types

1: Authoritative: our own domain where we have all authority, there are the Domains where the
exchange organization literally host mailboxes, there are email addresses that connect the mailboxes
within the organization.

2: Internal Relay Domain: Receive message for another exchange domain and relay message to it within
organization – this is the one where exchange domain host some maybe not all the mailboxes that use
this domain, some called this as a shared name space.

3: External Relay Domain: exchange receive emails another exchange organization and forward to all
externally, this the one where exchange organization can accept mail but there is no mailboxes in that
organization for that domain

Exchange Online: Migrating Mailboxes to Office 365

These migrations are basically 5 types

1: IMAP Migration
2: Cutover Migration: it is designed to small and fast migration also limited and maximum of 1000
mailboxes
4: Hybrid Migration: This works on exchange 2010 SP3, 2013 CU1 and later versions
5: PST Migration: this is used in small organization, which has no IT staff

Differences between exchange 2010 and 2016

There is cross communication with MAPI in 2010 however it’s not in 2013 and 2016

MX Record: Mails from outside from our exchange will not know, how to get to your server without an
MX record in public DNS
What is “Append” in exchange: While creating Transport rule in Hub transport server under organization
configuration there are 2 options for discriminator- for that we want the mail in bottom of the email
need to select Append option and for top of the mail is called Prepend.

Edge Transport Server: this server is unique because when you compare the other server role in that
you deployed not only in Active Directory but in DMZ or Perimeter Network and it’s not a member of
AD,
This is used to apply the transport rule from the Perimeter, Anti-Spam (included) Anti-Virus Protection
(Not Included), Address rewriting

Questions for Exchange Admin Interview

1: Mention what are the new features in MS Exchange 2013?

Integration with Lync and SharePoint

Provide a resilient solution
Supports a multigenerational workforce
Provide an engaging experience
Meet the latest demand
DAG system

3: Mention what are the roles in MS exchange 2013?

In MS exchange 2013, there are two roles Client Access Server and Mailbox Server.

5: Mention what is the role of Mailbox server?

Mailbox servers help in

 e-mail storage
 Host public folder databases
 Host mailbox databases
 Calculate e-mail address policies
 Performs multi-mailbox searches
  Provide high availability and site resiliency
 Provide messaging records management and retention policies
 Handle connectivity as clients don’t connect directly to the mailbox services
 For given mailbox, it provides all core exchange functionality
 When a database fails over, it also fails access to the mailbox

6: Explain the term DAG (Data Availability Group)?

DAG or Data Availability Group is a framework build is MS Exchange 2013. It is a group of up to 16

mailbox server that hosts a set of databases and provides automatic database level recovery due to
failure of servers of databases.

7: Mention how many types of delivery groups found in MS Exchange 2013

 Routing DAG
 Mailbox delivery groups
 Connector source service
 AD site
 Server List

9: Explain how message is delivered to the mailbox database in Exchange 2013?

In exchange 2013, after the message reaches the target mailbox server in the destination AD site, the
transport service avails SMTP to carry the message to the mailbox. After that, using RPC, Transport
Service delivers the message to the local mailbox.

10: How the flow of the mail is tracked in MS Exchange 2013?

To track message flow in MS Exchange 2013, Delivery Reports are used. It is applicable for Outlook and
Outlook web only. However, Message Tracking Logs are also helpful to know the flow of the mail.

Office 365 Admin questions:

1: What are the levels of Office 365 Administration and what functionality does each level provide or
limit?

 Global Admin: has access to all admin features

 Billing Admin: makes purchases, manages subscriptions, manages support tickets, monitors
service health
 Password Admin: resets passwords
 Service Admin: manages service requests and monitors service health
  User Management Admin: resets passwords, manages user accounts, user groups, and service
requests
 Exchange Admin: has administrative access to Exchange Online through the Exchange admin
center
 SharePoint Admin: has administrative access to SharePoint Online through the SharePoint
Online admin center
 Skype for Business Admin: has administrative access to Skype for Business through the Skype
for Business admin center

2: Who can assign permissions in Office 365?

 In Office 365 Enterprise, Office 365 Midsize Business, Office 365 Business Essentials, Office 365
Business, and Office 365 Business Premium, only global admins can assign an admin role
 In Office 365 Small Business and Office 365 Small Business Premium, any Office 365 admin can
assign admin permissions to other Office 365 users.

3: Do these servers need to be installed in a particular order?

Yes, ADFS and federated ID need to be configured first and then Directory Sync Server can be installed.

5: What is the Compliance Center and who can access it?

The Compliance center manages compliance activities across Office 365, Exchange Online, and
SharePoint Online. It can be accessed by the Global Admin. This includes: archiving, data loss prevention,
device management, eDiscovery, import, permissions, retention, and search.

6: You need to determine whether someone other than the mailbox owner most recently accessed a
specific Office 365 user’s mailbox. What should you do?

Run a non-owner mailbox access report in the Microsoft Exchange Control Panel

7: What should you modify in order to prevent users from initiating remote wipes of mobile devices in
the Office 365 portal?

Exchange ActiveSync Access settings

1: What are the different Exchange Recipient types?

User mailbox: This mailbox is created for an individual user to store mails, calendar items, contacts,
tasks, documents, and other business data.

Shared mailbox: This mailbox is not primarily associated with a single user and is generally configured to
allow logon access for multiple users.
Room mailbox: This mailbox is created for a meeting location, such as a meeting or conference room,
auditorium, or training room. When we create this mailbox, by default a disabled user object account is
created.

Equipment mailbox: A resource mailbox is created for a non-location specific resource, such as a
portable computer projector, microphone, or a company car. When we create this mailbox, by default a
disabled user object account is created. Equipment mailboxes provide a simple and efficient way for
users to use resources in manageable way.

2. What is the difference between mail user and mail contact?

Mail user: This is an Active Directory user that represents e-mail address outside your Exchange
organization. Each mail user has an external e-mail address to which all messages sent to the mail user
are routed.

Mail contact: This is an Active Directory contact that contains e-mail address information about people
or organizations that exist outside your Exchange organization. Each mail contact has an external e-mail
address. All messages sent to the mail contact are routed to this external e-mail address.

3. What is the difference between Distribution group and Dynamic Distribution group?

Mail-enabled (Universal distribution group): This is an Active Directory distribution group object that
can be used only to distribute messages to a group of recipients.

Mail-enabled (Universal security group):A mail-enabled Active Directory security group object that can
be used to grant access permissions to resources in Active Directory, and can also be used to distribute
messages.

Dynamic distribution group: A distribution group that uses recipient filters and conditions to derive its
membership at the time messages are sent.

EXCHNAGE CAS Role:

1. What is OWA?
OWA refer to Outlook Web Access in Exchange 2007 by you access your e-mail from any Web browser.
Outlook Web Access contains many new features such as meeting booking, Microsoft SharePoint
Services and Windows file share integration, and a rich user experience from any computer that has a
Web browser.

2. What is the Exchange ActiveSync?

Exchange ActiveSync is a feature which synchronize you email data between your mobile device and
Exchange server. Using Active sync you can synchronize e-mail, contacts, calendar and tasks. Mobile
devices running Windows Mobile software and Windows Mobile 5.0, are all supported.

3. What is Availability service

The Availability service provides free/busy information using secure, consistent, and up-to-date
free/busy data to users that are running Outlook 2007. Outlook 2007 uses the Auto discover service to
obtain the URL of the Availability service.

4. What is Autodiscover service?

This service enables Outlook clients and some mobile devices to receive their necessary profile settings
directly from the Exchange server by using the client’s Active Directory domain credentials or user’s
SMTP domain.

Exchange Management Console

Open Exchange Management console tree > expand Server Configuration > then click Client Access.
In the action pane, click Enable Outlook Anywhere.

DLP (Data Loss Prevention): - this can be configured in three ways

1: New DLP Policy from TEMPLATE: - It put the default rule to follow the procedure like credit card
number and so on… templates are already built in rules based and same can be setup in Exchange online
via DLP
2: Import DLP Policy
3: New Custom DLP Policy

TLP is also like connectors in exchange on-premises; we can create inbound and outbound TLS in office
365

ADFS: Federation Services (ADFS) is a software component developed by Microsoft that can be installed
on Windows Server operating systems to provide users with single sign-on access to systems and
applications located across organizational boundaries

SSO: with hybrid deployments. ... Here are a few other advantages to single sign-on: Exchange Online
Archiving When single sign-on is deployed, on-premises Outlook users are prompted for their
credentials when accessing archived content in the Exchange Online organization for the first time

Hybrid Cloud: It is a cloud computing environment which uses a mix of on-premises, private cloud and
third-party, public cloud services with orchestration between the two platforms

Organizational Unit: It is a subdivision within an Active Directory into which you can place users,
groups, computers, and other organizational units. You can create organizational units to mirror your
organization's functional or business structure. Each domain can implement its own organizational unit
hierarchy
MX Record: A mail exchanger record is a type of resource record in the Domain Name System that
specifies a mail server responsible for accepting email messages on behalf of a recipient's domain, and a
preference value used to prioritize mail delivery if multiple mail servers are available

Q. What is EOP?

A. EOP is a cloud-hosted email filtering service built to protect customers from spam and
malware, and to implement custom policy rules.

Q. Does the service work with legacy Exchange versions (such as Exchange Server 2010)
and non-Exchange environments?

A. Yes, the service is server agnostic and can be used with any SMTP mail transfer agent.

Q. What size organization can use the service?

A. Any size. The EOP network has sufficient capacity to accommodate your growth, no matter
how fast your organization grows.

What permissions do I need to set up EOP?

In order to configure EOP, you must be an Office 365 Global Admin, or an Exchange Company
Administrator (the Organization Management role group).

Q. Are there any limits I should be aware of, such as message size limitations?

A. Yes. For more information about limits in EOP, see Exchange Online Protection Limits.

Q. Does EOP support remote Windows PowerShell?

A. Yes, full EOP functionality is available via remote Windows PowerShell. For more
information, see PowerShell in Exchange Online Protection.

You can save Office 365 emails for an unlimited period, if the Exchange Online
administrator enables Litigation Hold.