Академический Документы
Профессиональный Документы
Культура Документы
Vision deliver a fast, easy to deploy and operate, economical solution that can provide high
availability solution for exchange server Goals
1. deliver a high availability and site resilience that is native to exchange
2. Enables less expensive and less complex storage.
3. Simplify administration and reduce support cost
4. Increase end-end availability
5. Support exchange server 2010 online
2. What are the high availability solutions introduced in Exchange Server 2010?
1. Unified technology for high availability and site resilience
2. New framework for high creating high available mailboxes
3. Evolution of continuous replication
4. Can be deployed on a range of storage option
3. What are the High Availability features introduce in Exchange Server 2010?
Mailbox resiliency unified high availability and site resiliency Database Availability Group
a group of up to 16 Mailbox servers that holds the set of replicated databases Mailbox
database copy a mailbox database (.edb files and log file) that is either active or passive
copy of the mailbox database Database Mobility the ability of a single mailbox database to
be replicated to and mounted on other mailbox servers RPC Client Access Service a Client
Access Server feature that provides a MAPI endpoint for outlook clients Shadow redundancy
a transport feature that provides redundancy for messages for the entire time they are in
transit Incremental deployment the ability to deploy high availability or site resilience after
the exchange is installed Exchange third party replication API an exchange provided API
that enables use of third party replication for DAG
4. What is high availability?
High Availability is a solution that provide data availability; service availability and automatic
recover from site failures
5. What is disaster recovery?
It is a procedure used to manually a recover a failure
6. What is site resilience?
Site Resilience is a disaster recovery solution used for recovery from site failure
7. What is switch over and failover?
A switch over is a manual activation one or more databases when failure occurs A failover is
an automatic activation of one or more databases after failure.
8. What are the concepts deprecated in Exchange Server 2010?
1. Storage groups
2. Database identified by the servers which they live
3. Server names as part of database name Clustered Mailbox server
1. Pre-installation of failover cluster
2. Running setup in failover mode
3. Moving a CMS identity between servers
4. Shared storage Two high availability copy limits Private and public networks
9. Explain new features in Exchange Server 2010 High Availability?
1. No need to failover a server if a single database fails
2. Failover and switchover occurs at the database level and not the server level
3. With the new HA feature; we can have 100 databases per server
4. Databases are tied to specific server can be float across servers in organization
10. Give an idea on Exchange server 2007 High Availability Architecture changes?
In exchange server 2007 HA, there are four HA features available, they are LCR, SCR, SCC
and CCR. The concept of LCR and SCC has been completely removed in Exchange server
2010. The concept of SCR and CCR are incorporated with the new HA feature (Database
Availability Group) in Exchange Server 2010.
1. Whats new in Exchange Management Console?
In Exchange Server 2010 management console, the following are the new features included
1. Built on remote power shell and RBAC
2. Multiple forest support
3. Cross premises Exchange 2010 Management includes Mailbox move
4. Recipient bulk edit
5. PowerShell command logging.
2. What is Exchange Control Panel?
ECP its a new and simplified web based management console and its a browser based
management client for end user, administrators and specialist, ECP can be accessible via
URL, browsers and outlook 2010, ECP deployed as part of the client access server role,
Simplified user administration for management tasks and its RBAC aware
3. Who can use ECP and what are the manageable options?
Specialist and administrators administrator can delegate to specialist e.g. help desk
operators Change user name password etc., department administrator change OU and ediscovery administrators legal department. End users comprehensive self-service tools
for end users fetch phone number, changing name and create groups Hosted customers
tenant administrators and tenant end users
4. What is ROLA BASED ACCESS CONTROL?
RBAC is new authorization model in Exchange Server 2010, easy to delegate and customize
permission; this replaced the permission model used in Exchange Server 2007. Your role is
defined by What you do RBAC includes self administration, used by EMC, EMS, and ECP
5. Who are all affected by RBAC in Exchange Server 2010?
Administrator Role Groups and Universal security groups End User role assignment
policy we can set read /write
6. How to delegate a Role ?
1. Create the management role
2. Change the new management roles entries by removing old entries
3. Create a management scope if required
4. Assign the new management role
7. What is Remote power shell in Exchange Server 2010?
In Exchange 2010, the management architecture is based on Remote PowerShell included
with Windows PowerShell 2.0. Remote PowerShell provides an RBAC-based permission model
making it possible to grant much more granular permissions (Exchange 2007 used ACLs),
standard protocols that makes it easier to manage Exchange 2010 servers through firewalls,
and explicitly separates client and server portion of the cmdlet processing
federation for certain domains. Domains will not be federated unless theyre included in the
AppID.
The federated delegation namespace:- Regardless of whether an organization is
federating some or all of its domains, it must create a special namespace for federated
delegation. This namespace must be different from any of the accepted domains. Microsoft
recommends using ExchangeDelegation as the federated delegation name. For example, if
an organizations primary accepted domain name is Contoso.com, then the federated
delegation namespace would be ExchangeDelegation.contoso.com.
Certificate requirements:- The Exchange server that the federation trust is created from
must be provisioned with either a self-signed certificate or an X.509 certificate. Microsoft
normally advises against self-signed certificates in production environments, but a selfsigned certificate is actually preferred over an external CA certificate when it comes to
setting up federated trusts.
Microsoft doesnt elaborate on this recommendation, but it probably has to do with the
complexities of managing certificates from external CAs. Regardless of which type of
certificate you use, the certificate is only used for signing and encrypting delegation tokens.
Additionally, the certificate is automatically replicated to any additional Exchange servers
that need it.
4. Explain the operation of federation?
5. What are the benefits of federation?
Allow users to act on behalf of specific user
Specific user identified by E-mail address
User not prompted for credentials Reduces explicit trust management
No AD trusts, service to cloud accounts to manage
Minimizes certificate exchanges
Verifies domain ownership
6. Explain the federation commands in Exchange server 2010?
Establish federation trust = New-federation Trust
Install signing certificate on CAS servers
Exchange certificate with federation gateway Prove domain ownership =
domainname.com IN TXT AppId = xxxxxxxx
Create DNS TXT record Add domain to trust = set-federatedOrganizationIdentifier
Add-federatedDomain
Must be accepted domain
7. How to establish federated sharing in Exchange Server 2010?
1. Create trust with certificate exchange
2. Prove domain ownership
3. Add domains
8. What is Microsoft Federation Gateway?
Exchange Server 2010 uses Microsoft Federation Gateway (MFG), an identity service that
runs in the cloud, as the trust broker. Exchange organizations wanting to use Federation
establish a Federation Trust with MFG, allowing it to become a federation partner to the
Exchange organization. The trust allows users authenticated by Active Directory , known as
the identity provider (IP), to be issued Security Assertion Markup Language (SAML)
delegation tokens by MFG. The delegation tokens allow users from one federated
organization to be trusted by another federated organization. With MFG acting as the trust
broker, organizations are not required to establish multiple individual trust relationships with
other organizations. Users can access external resources using a single sign-on (SSO)
experience.
9. What is Federation Trust?
A Federation Trust is established between an Exchange organization and MFG by exchanging
the organizations certificate with MFG, and retrieving MFGs certificate and federation
metadata. The certificate is used for encrypting tokens.
10. What is Sharing Policy?
Sharing policies allow you to control how users in your organization can share calendar and
contact information with users outside the organization. To provision recipients to
use a particular sharing policy
11. Prerequisites to create a Sharing Policy .
A federation trust has been created between your Exchange 2010 organization and
Microsoft Federation Gateway, and the Federated Organization Identifier is configured.
Although you can create a sharing policy for any external domain, recipients from the
specified domain can access your users information only if they have a mailbox in an
Exchange 2010 organization and their domain is federated
1. Why Archive?
1. Growing E-Mail Volume everyone wants to have more E-mail because of this the storage,
Backup disk should be increased.
2. Performance and storage issue increase in Storage costs
3. Mailbox quota users are forced to manage quota
4. PSTs quota management often results in growing PSTs outlook Auto Archive
5. Discovery and Compliance issues PSTs difficult to discovery centrally, regulatory
retention schedules contribute to further volume/storage issues
2. How Archiving improved in Exchange Server 2010?
Archiving improved by providing larger mailbox architecture, simple migration of PSTs back
to server, discovery options, retention policies and legal hold. Large mailbox Architecture
maintains performance and provides option for DAS-SATA storage to reduce costs Archiving
enables simple migration of PSTs back to server. If the archiving option sin enabled for a
user, a new Mailbox will be created to the user name archive in which the user can set
retention policies to move the mails to archive mailbox or the admin can set retention
policies for the user mailbox. Archiving simplifies discovery, retention and legal hold
3. What are the archiving options introduced in Exchange Server 2010?
1. Personal Archive secondary Mailbox Node, they are the PST files of primary Mailbox
2. Retention Policies folder/item level and archive/delete policies
3. Multi-Mailbox search Role based GUI, admin can assign this permission to legal team
4. Legal Hold monitor or control a user from delete a mail by legal hold and searchable
with Multi Mailbox Search
5. Journaling Journal de-duplication (unwanted journaling on distributed mails). One copy of
also this gives a detailed report per To/Cc//Bcc/Alt-Recipient and DL expansion 2. Journal
report de duplication reduces duplication of journal reports. Exchange server 2010 creates
one report per message
11. What is journal decryption?
Journal decryption is a new feature in Exchange Server 2010, if a user sends an encrypted
message to recipient and if journaling was enabled for that user, then the Hub transport
Server decrypts the message and sends that decrypted message for journaling. The
intended recipient will receive the encrypted message
12. What is Set Quota in Archive management?
With Mailbox quota Management, we can assign mailbox size for a user. This option can be
enabled from the properties of the user account, and the default settings to Mailbox quota is
10 GB.