Академический Документы
Профессиональный Документы
Культура Документы
Mail flow issues can also happen when your MX record is not setup correctly.
I came into IT industry as an ATM support tech, as a result of my performance I was moved to
Lync team then it was (communicator) before emerging as Exchange administrator over 10
years ago in a commercial bank. Before completing my MBA in Japan, I acquired extensive
knowledge implementing Office 365 hybrid environment and Active Directory Administration.
Inspiring team accomplishment, delivering quality and on-time project are areas in which I excel
TELL ME ABOUT YOUR PREVIOUS POSITION?
In my last project, I lead my team to implement Office 365 hybrid environment that had 1200
users out of which 700 were migrated to the cloud. My team had 2 Senior Engineers and 2
admins, 20 databases, 3 sites, 2 Domain Controllers, 2 Hub and CAS Servers, 2 Edge Transport
Servers, 2 Mailbox Servers. Size of Data migrated was 16TB at a throughput of 1GB/HR
Configure ADFS based identity federation in order to provide users with a single sign-on (SSO) experience
when accessing services part of the Office 365 offering.
Configure directory synchronization (DirSync) so that on-premise users, groups and contacts are
synchronized to Office 365. By doing so there will only be one source of authority (the on-premise Active Directory
forest), which means that users migrated to Office 365 can be managed from the on-premise environment. Changes
made to a user in the on-premise environment will be reflected in Office 365.
Deploy Exchange 2013 Hybrid deployment servers into the existing on-premise Exchange organization so
that rich coexistence can be set up between the on-premise Exchange organization and Exchange Online. A hybrid
deployment provides functionality such as free/busy & calendar sharing, MailTips integration (between Exchange
Online & Exchange on-premise), Exchange Online-based online archiving support, option to offboard mailboxes from
Exchange Online (move mailbox back to Exchange on-premises) as well as the option to manage Exchange Online
users using the on-prem Exchange Management Console.
ISSUES FACED
Problems; 0n-premises servers were not allowing access from internet. Microsoft Exchange
Online Protection (EOP) services included in Office 365 couldnt reach the on-premises
environment.
Tasks; before troubleshooting, I checked if there was any misconfiguration in our on-premises
servers, and I realized that there was a problem with the way the firewall was configured onpremises.
Action; correctly published the on-premises Exchange servers to the internet to ensure that features are
working correctly in our hybrid deployment. Configured my on-premises firewall and security appliances to
allow inbound access from the internet to the Autodiscover and Exchange Web Services (EWS) endpoints
on the on-premises Exchange Servers
ADFS
Active Directory Federation Services (ADFS) is a software component developed by
Microsoft that can be installed on Windows Server operating systems to provide users
with single sign-on access to systems and applications located across organizational
boundaries. It uses a claims-based access control authorization model to maintain
application security and implement federated identity.
HOW IT WORKS Basically, in ADFS, identity federation is established between two
organizations by establishing trust between two security realms. A federation server on
one side (the Accounts side) authenticates the user through the standard means in
Active Directory Domain Services and then issues a token containing a series of claims
about the user, including its identity. On the other side, the Resources side, another
federation server validates the token and issues another token for the local servers to
accept the claimed identity. This allows a system to provide controlled access to its
resources or services to a user that belongs to another security realm without requiring
the user to authenticate directly to the system and without the two systems sharing a
database of user identities or passwords.
WINDOWS SERVER 2007/2010
EXCHANGE ONLINE ATP
Microsoft Exchange Online Advanced Threat Protection (ATP) is a cloud-based email filtering
service that helps protect your organization against unknown malware and viruses by
providing robust zero-day protection, and includes features to safeguard your organization
from harmful links in real-time. ATP has rich reporting and URL trace capabilities that give
admins insight into the kind of attacks happening in your organization.
The following are the primary ways you can use ATP for messaging protection:
In an Exchange Online Protection filtering-only scenario ATP provides cloudbased email protection for your on-premises Exchange Server 2013 environment,
legacy Exchange Server versions, or any other on-premises SMTP email solution.
The term Hybrid configuration or Hybrid environment, describe a scenario in which two
separated Exchange organizations that belong to different Active Directory forests are
working as a one unit The term Hybrid configuration was created, for describing this
type of relationship between the Exchange On-Premise infrastructure and the cloud
(Exchange Online) infrastructure.
The Autodiscover flow in an Exchange Hybrid based environment, can be considered
the most complex flow because the Autodiscover journey is implemented in two
different environments.
Regarding users whom their mailbox was migrated to the cloud (Exchange Online), the
Autodiscover journey will start by the Autodiscover client by addressing the Exchange
on-Premises infrastructure.
The Autodiscover flow is based on a scenario in which the Exchange on-Premises user
mailbox was migrated to the cloud (Exchange Online).
The user which try to create a new Outlook mail profile be address by default the
Exchange on-Premises infrastructure and because the user mailbox is a cloud mailbox,
the Exchange on-Premises server will send the recipient information about his cloud Email address.
The Outlook client will start the Autodiscover process by using the cloud E-mail
address.
In the Exchange Hybrid environment, we can point to the type of Autodiscover clients:
1. Exchange mail client
The Autodiscover process that is implemented by the Exchange client that needs access
to their mailbox.
The Autodiscover client could be any type of mail client such as- Outlook, mobile device
(ActiveSync client) and so on.
2. Server to server
The other type of Autodiscover client could be another Exchange server.
In the Hybrid environment, the Exchange On-Premise infrastructure and the Exchange
Online infrastructure operates as one logic entity.
When relating to the subject of Exchange web service, the information is shared
between the two different Exchange infrastructures (Exchange on-Premises and
Exchange Online (by Relies on the Autodiscover infrastructure.
When Exchange Online infrastructure needs to get information about a specific
Exchange on-Premises recipient, Exchange Online will locate the Exchange onPremises server by using the Autodiscover process.
For example, when a cloud user (user who has an Exchange Online mailbox) need to
see Free/Busy time of Exchange On-Premise user (user that his mailbox is hosted on
the Exchange On-Premise server), the request for the information will be sent from the
Exchange Online server to the Exchange On-Premise server.
decide what cloud account or tenant namespace you are pointing to for office
365 for traffic, 5 you need to implement a certificate on the ADFS server and
that certificate should to have a local certificate which is server to server
authentication or the OWA certificate as well as the third party certificate you
are using , 6 I tested for my traffic and also implemented the same process
for my ADFS proxy services
WHAT IS DIRSYNC? HOW DOES IT WORK? (YOU USE WIZARD TO
SYNC)
2.Verify domains
The IdFix tool is a tool that will find issues in your local Active Directory that
might cause issues with replication or with linked identities after you start
Active Directory replication. The tool will find issues and show them on
screen. When needed you can store the results in a CSV or TXT file.
WHAT ARE THE ATTRIBUTES YOU NEED TO SYNC AND NOT TO SYNC?
(1) Consumes memory for that profile even though the user is no longer logged
on, and (2) prevents the user's local registry changes from being copied back to
the server.
HOW DO YOU DESIGN WINDOWS 7&10
LEADERSHIP SKILLS?
I do not conform to a specific management style. I try to adjust my style of management to
each situation, since part of my job is to assess both the best way to complete the project
efficiently and the style of leadership that works best with current staff dynamics.
What is your proudest moment in your past?
At my last position, I oversaw the implementation of a new software system that enabled
Bulk migration of running VMs to pave way for site renovation. I developed a customized
training program, worked one-on-one with about one-quarter of the employees and
introduced an incentive program to ensure that they stay current with the software. This
allowed me to practice planning a large-scale project and motivating a sizable group of
employees.