101.
What is
a Smart Host? Where would you configure it?
Smarthosts are used to connect
Exchange Server to an external (to the organization) messaging system. Typical
use of a smarthost involves relaying outbound SMTP email to a non-Exchange SMTP
host in perimeter networks; or to an ISP or hosted service provider that may
offer functionality like mail relaying and spam and virus scanning
A smarthost is a common term for a server that accepts
outbound mail and passes it on to the recipient.
A smart host is
a type of mail relay server which allows an SMTP server to route e-mail to an
intermediate mail server rather than directly to the recipient’s server. Often
this smart host requires authentication from the sender to verify that the
sender has privileges to have mail forwarded through the smart host. This is an
important distinction from an open relay that will forward mail from the sender
without authentication. Common authentication techniques inc Set Up Private Outbound DNS
Route mail to Outbound Services by setting up an
external DNS server. For an overview of Private Outbound DNS concepts, see Alternate
Option: Set up Private Outbound DNS.
1.
|
Select the Start Menu -> Programs -> Microsoft Exchange ->
System Manager.
|
2.
|
Expand the top level -> Servers -> <Your Mail Server> -> Protocols -> SMTP.
|
3.
|
Right-click Default SMTP Virtual Server & select Properties.
 |
4.
|
Click the Delivery Tab.
 |
5.
|
Click Advanced to go to the Advanced Delivery dialog box.
 |
6.
|
If you have a Smarthost set to point to Outbound Services for mail
filtering, clear the Smarthost. The
Private Outbound DNS will replace your Smarthost for routing.
|
7.
|
Click Configure.
 |
8.
|
 |
The appropriate IP address depends on your system.
To find what system to use, see Identify
Your System.
System
|
IP Address to use for Private Outbound DNS
|
5
|
64.18.4.12
|
6
|
64.18.5.12
|
7
|
64.18.6.12
|
8
|
64.18.7.12
|
20
|
64.18.9.14
|
200
|
207.126.147.11
|
201
|
207.126.154.11
|
9.
|
Click OK again. You should see your IP address listed as an External
DNS.
 |
10.
|
Click OK twice to return to the System Manager.
|
11.
|
In System Manager, restart your mail server.
|
lude SMTP-AUTH and
POP
before SMTP.
102.
What are
Routing Groups? When would you use them?
Routing
groups These are logical group of servers based on the
company’s physical topology, used to control mail flow and public folder
referrals. Routing groups share one or more physical connections. In a routing
group, all Exchange servers communicate and transfer messages directly to one
another, using Simple Mail Transfer Protocol (SMTP) virtual servers. In a
native mode organization, routing groups can include servers from different
administrative groups. However, in a mixed mode organization, routing groups
cannot span multiple administrative groups, due to backward compatibility with
Exchange Server 5.5. This is because the routing topology in
Exchange 5.5 is defined by sites, and sites provide the functionality of
both the administrative group and the routing group.
103.
What are
the types of Connectors you can use in Exchange?
Routing
group connectors A routing group connector enables
message transfer between two routing groups. The following Exchange connectors
can be used to establish message transfer paths between routing groups:
Routing group
connectors A routing group connector provides a one-way
connection path in which messages are routed from servers in one routing group
to servers in another routing group. Routing group connectors use Simple Mail
Transfer Protocol (SMTP) to communicate with servers in connected routing
groups. Routing group connectors provide the best connection between routing
groups.
SMTP
connector An
SMTP connector can be used to connect routing groups, but this is not
recommended. SMTP connectors are designed for external message delivery. SMTP
connectors define specific paths for e-mail messages that are destined for the
Internet or an external destination, such as a non-Exchange messaging system.
X.400
connectors Although you can use X.400 connectors to connect
routing groups, X.400 connectors are designed to connect servers running
Exchange with other X.400 systems or to servers running Exchange
Server 5.5 outside an Exchange organization. A server running
Exchange Server 2003 can then send messages over this connector using
the X.400 protocol.
Connectors
to non-Exchange messaging systems
These connectors support message
transfer and directory synchronization between Exchange and non-Exchange
messaging systems. When appropriate connectors are implemented, the user
experience is similar on both messaging systems and the transfer of messages
and other information between the Exchange and non-Exchange messaging system is
transparent to the user. However, some message properties might be lost during
message conversion from an Exchange format to a non-Exchange format, or vice
versa.
Using
X.400 Connectors
In the beginning of this chapter,
you learned that the X.400 MTA handles message transfer both within the
organization and to servers outside it. Normally, the X.400 message transfer is
handled within routing groups and not between them. You can, however, configure
X.400 connectors to connect two routing groups in the same Exchange
organization. The primary reason to do this is when you need to strictly
control bandwidth usage between the routing groups. You can also use X.400
connectors to connect an Exchange routing group with a foreign X.400 messaging
server.
The key reason for using an X.400
connector instead of another type of connector is that the X.400 connector
incurs less overhead than other connectors when sending large messages. This
means that sending large messages through an X.400 connector requires less
bandwidth than sending the same messages through other types of connectors.
Understanding
X.400 Connectors
Because X.400 connectors are more
complex than other types of connectors, they're difficult to use. Unlike other
connectors, X.400 connectors have several variations, including these:
TCP/IP
X.400 connectors Used to transfer messages over a standard
TCP/IP network. Use this connector when you have a dedicated connection such as
a T1 line. Because most X.400 messaging systems support TCP/IP, this is the
most common type of X.400 connector used.
X.25
X.400 connectors Configured to connect to an X.25 adapter
on a remote mail server. With this connector, you can support standard X.25
protocols as long as an X.25 adapter is available and you know the X.121
address of the remote server.
Before you configure an X.400
connector, you must install and configure an X.400 transport stack that is the
same type as the connector. The transport stack contains configuration
information that the connector needs to properly transport messages. The
available transport stacks include the TCP/IP X.400 stack and the X.25 X.400
stack.
104.
What is
the cost option in Exchange connectors?
Cost
is used to detect the best path.
105.
What is
the Link State Table? How would you view it?
Link State Algorithm
(LSA)
It contains
information about whether the Link is up or down. It is very similar to OSPF
protocol. Every 60 seconds it updates this information.
Exchange Server
2003 determines the route that an e-mail must take based on the status and
availability of connectors between different routing groups and to external
messaging systems through an SMTP connector or other connectors.
Every exchange
server stores its status information in a Link State Table (LST). The Link
State Table is a small table which requires about 32 bytes per entry which is
held in the Exchange Servers' RAM.
All information
will be collected by the Routing Group Master (RGM) of the routing group. The
Routing Group Master uses TCP Port 691 to talk with other exchange servers
in the routing group and is responsible for generating / updating the LST and
for the distribution of the LST to each exchange server in the routing group.
The updated LST
is propagated to other routing groups through Bridgehead Servers. The Routing
Group Master (RGM) then sends the updated information to the Bridgehead Server,
and then the Bridgehead Server sends the information to Bridgehead Servers in
other Routing Groups over TCP Port 25.
Figure 6: Link State Table
The Link State
Table lists all connectors, and their status, in an Exchange Server 2003
organization. The following information is included in the LST:
Link status
There are only
two states for any given link: up or down. For this reason, connection
information, such as whether a link is active or in a retry state, is not
propagated between servers running Exchange Server 2003, and it is only available
on the server involved in the message transfer. Exchange Server 2003 only
considers routing messages by using connectors with a link status of up.
Link cost
The Link State
Table stores costs for each connector. Exchange Server 2003 uses the cost
values stored in the link state table to select the least cost route for a
message. Costs are configured on each connector, and Exchange Server 2003
records them in the Link State Table.
106.
How
would you configure mail transfer security between 2 routing groups?
107.
What is
the Routing Group Master? Who holds that role?
When
you create a routing group, the first server in that routing group is assigned
the role of routing group master. The routing group master maintains current
link state information for its routing group and propagates it to the other
servers within the routing group.
108.
What is
DS2MB?
Directory Service/Metabase Synchronization process (DS2MB
process). In short the DS2MB process overwrites new configuration information
in the local metabase (the metabase is kind of a registry for IIS) with
configuration information that was last set in Active Directory by using the
Exchange System Manager snap-in.
DS2MB is short
for Directory Service to Metabase and the purpose of this process is to
transfer configuration information from Active Directory to the IIS Metabase.
The configuration is stored in the IIS Metabase instead of the registry mainly
for performance and scalability reasons. The DS2MB process is a one-way write
from Active Directory to the IIS Metabase, which means that the Metabase never
writes back to Active Directory.
This can be
done either by using the Metabase Explorer tool form the IIS
6.0 Resource Kit, or by using ADSUtil which by default is
located in the AdminScripts folder under Drive:\Inetpub. Lastly there’s a
method which involves editing directly in the Metabase.xml file using Notepad
or a similar text editor.
DS2MB is synchronizing exchange
configuration setting in AD to the IIS Metabase. It depends upon Netlogon
service, when changes take place in AD, DS2MB job to replica the changes to
Metabase, when changes happens DS2MB gets notified within 15 Seconds.
Remember for you interview one day with Microsoft (-:
Metabase update service, also referred to as the directory service/metabase synchronization process, or DS2MB (because this process is implemented in DS2MB.dll) is a component in Exchange Server 2003 that is used to synchronize several Exchange configuration settings in Active Directory with counterpart settings in the IIS metabase. The function of DS2MB is to replicate configuration information from Active Directory to the local IIS metabase.
The DS2MB process copies entire subtrees from Active Directory, without changing the shape of the subtree. This is a one-way write from Active Directory to the metabase; the metabase never writes to Active Directory. The DS2MB process does not add or compute any attribute when copying. The paths in the metabase are called keys. Properties can be set at each key, and each property can have attributes that customize that property. All identifiers that are present in the directory service image of the subtree are required in the metabase, including identifiers such as KeyType. In addition, the Relative Distinguished Name of the object in the directory is mapped directly to the key name in the metabase.
DS2MB Operations
Remember for you interview one day with Microsoft (-:
Metabase update service, also referred to as the directory service/metabase synchronization process, or DS2MB (because this process is implemented in DS2MB.dll) is a component in Exchange Server 2003 that is used to synchronize several Exchange configuration settings in Active Directory with counterpart settings in the IIS metabase. The function of DS2MB is to replicate configuration information from Active Directory to the local IIS metabase.
The DS2MB process copies entire subtrees from Active Directory, without changing the shape of the subtree. This is a one-way write from Active Directory to the metabase; the metabase never writes to Active Directory. The DS2MB process does not add or compute any attribute when copying. The paths in the metabase are called keys. Properties can be set at each key, and each property can have attributes that customize that property. All identifiers that are present in the directory service image of the subtree are required in the metabase, including identifiers such as KeyType. In addition, the Relative Distinguished Name of the object in the directory is mapped directly to the key name in the metabase.
DS2MB Operations
The metabase update is a subprocess that is launched when System Attendant is started. The operation of SMTP, POP3, IMAP4, Outlook Web Access and Outlook Mobile Access are all dependent on the replication by DS2MB. DS2MB registers with the config domain controller after startup, enabling the config domain controller to notify DS2MB of any changes that are made to the Exchange configuration. This notification occurs within 15 seconds of the change. As soon as the change is replicated to the configuration domain controller, the change should be replicated to the metabase by DS2MB. DS2MB tracks changes to directory objects based on update sequence numbers (USNs).
1.
What is
Forms Based Authentication?
Exchange Server 2003 has greatly improved the Outlook
Web Access (or OWA for short) experience when compared to older Exchange
versions. Besides the nice new GUI, spell-checking in different languages,
drag-and-drop features, S/MIME and more, Exchange Server 2003 has added a new
logon method that can be used on OWA.
Exchange Server 2003 offers a feature called
"form-based authentication" that can make your Outlook Web Access
more secure. Instead of entering
the username and password in an annoying pop-up screen, when configured with
Forms-Based Authentication (or FBA for short), OWA will display a logon screen
that enables the user to select various options and get a generally better look
for the logon process.
FBA can
also be used to enable compression and other nice features. Exchange Server
2003 Outlook Web Access (OWA) supports forms-based authentication technology.
Also known as cookie authentication .Forms-based
authen
When you enable this authentication method, OWA stores the user’s
name and password in a cookie, rather than client’s browser. After a certain
period of inactivity, the cookie is automatically cleared. This offers better
security because the user’s credentials are not cached on the client’s
computer. The credentials are only valid for the duration of the session and
there’s no "Remember my password" option available to the client.
To
configure form-based authentication in Exchange, go to the
Properties of the Exchange Virtual Server (see Fig. 1) and check the box
"Enable Forms Based Authentication." Optionally, you can also select
a Low or High level of compression. The main difference between High and Low
compression is that High compresses both static and dynamic pages, while Low
only static pages. However, to avoid putting extra loads on your server you
should not select this option if you only have one Exchange Server in your environment.
You need to restart the IIS service
after you enable forms-based authentication by simply typing iisreset at the
command prompt.
Once you’ve enabled form-based
authentication, you might also want to configure the time-out value for cookie
authentication. With OWA, clients can select one of the two security options:
- Public or shared computer The default option is ideal for kiosks or other computers that are in a shared environment. The user session will time-out after 15 minutes of inactivity with this option.
- Private computer Useful when clients don't share their computers with others and desire a longer session time-out value. Select it and the cookie will last for 24 hours before it's cleared.
You can change the default time-out
values by modifying the registry. There are two settings in the registry for
clients: PublicClientTimeout and TrustedClientTimeout. The first value refers
to the "Public or shared computer" security option on the OWA logon
screen, which defaults to 15 minutes. The second value refers to the
"Private computer" security option, which defaults to 24 hours.
Here are the two registry settings that can be added. The values
are set in minutes between 1 and 43200 (i.e. 30 days). If the
PublicClientTimeout and TrustedClientTimeout registry values do not exist then
OWA uses the default values mentioned above.
Registry location:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\
MSExchangeWeb\OWA
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\
MSExchangeWeb\OWA
Value name:
PublicClientTimeout
Value type: REG_DWORD
Value data: Between 1 and 43200
Base: Decimal
Value type: REG_DWORD
Value data: Between 1 and 43200
Base: Decimal
Value name:
TrustedClientTimeout
Value type: REG_DWORD
Value data: Between 1 and 432000
Base: Decimal
Value type: REG_DWORD
Value data: Between 1 and 432000
Base: Decimal
To set a cookie time-out value of 36
hours for "Private computer," you use a value of 864 (see Fig. 2).
You need to restart the W3SVC service after you make these registry
modifications. You can type net stop w3svc and net start w3svc at the command prompt to restart the service.
Figure 1. Configuring
forms-based authentication for OWA.
 |
Figure 2. Modifying client
session time-out value in registry.
|
- .
If you have a front-end/back-end server environment, make
sure that you only enable forms-based authentication on the frontend -- do
not enable this feature on the backend. If you are not using a front-end
server, then enable forms-based authentication on the mailbox server. Check out
Microsoft’s Knowledge Base article 830827, "How to
manage Outlook Web Access features in Exchange Server 2003," for more
information on this topic.
Whether you are using forms-based authentication or
not, OWA should always be secured with Secure Socket Layer (SSL) to ensure data
is transferred securely across the Internet. Fortunately, you can’t configure
forms-based authentication unless SSL is enabled. Forms-based authentication
offers administrators additional security by storing the user’s name and
password in a cookie, rather than client’s browser. You can control the session
time-out value by modifying the registry for public and private computers. This
allows you to manage the period of inactivity on client’s computer before the
session cookie is automatically cleared.
3.
What are
Recipient Policies?
When you perform the initial install of Exchange, the
Recipient Update Service is installed and a default recipient policy is
created. This policy is responsible for ensuring that all mail-enabled objects
in the Exchange organization have a valid SMTP address following the
username@domain.com naming format. You can create a new policy that can be
configured to create each SMTP address following a different naming convention
such as Firstname.Lastname@domain.com. Microsoft has a list of best practices
to follow when creating and/or editing recipient policies.
- Create a new recipient policy and assign it a higher precedence rather than editing the default policy
- Keep the number of recipient policies to a minimum
- Rebuild the RUS with caution
4.
How
would you work with multiple recipient policies?
In
Exchange Server 5.5 or Microsoft Exchange 2000 Server mixed-mode, only the
default recipient policy is in effect. The default recipient policy is created
based on the site addressing of the Exchange Server 5.5 site. The default
recipient policy that is based on the site addressing of the Exchange Server
5.5 site permits backward compatibility with Exchange Server 5.5. In
native-mode, multiple recipient policies can be in effect on different groups
of users.
Create
Recipient Policies in the Exchange System Manager
1.
|
Click Start, point to Programs, point to Microsoft
Exchange, click System Manager
|
2.
|
In the left System Manager window pane, click to expand Organization,
click to expand Recipients, and then click Recipient Policies.
Note In the right pane, there is a Default Policy that applies to all recipients. In mixed mode, there is a Default Policy for each site. |
3.
|
Right-click Recipient Policies, point to New, and
then click Recipient Policy.
|
4.
|
Specify an LDAP filter (that is, to whom the policy applies) and
the e-mail addresses for these recipients.
|
Also note that Exchange 2000
and Exchange 2003 support automatic generation of secondary e-mail addresses.
5.
What is
the "issue" with trying to remove email addresses added by recipient
policies? How would
you fix
that?
6.
What is
the RUS?
The Recipient Update Service (RUS) is a very important
component in your Exchange installation, it is RUS that is responsible for
updating address lists and email addresses in your Active Directory.
The Recipient Update Service (RUS) is a Microsoft® Exchange 2003
service that updates recipient objects within a domain with specific types of
information. For example, the RUS updates recipient objects with e-mail
addresses and address list membership at scheduled intervals. Usually an
administrator is responsible for determining the intervals at which this
service runs.
When you modify or create a recipient policy, the e-mail addresses
for the address types that you have modified or added will be generated the
next time the RUS is scheduled to run. The RUS only processes changes that were
made since the last time it was run, so it is very efficient.
10.
What is
a Front End server? In what scenarios would you use one?
Microsoft®
Exchange Server2003 and Microsoft Exchange2000 Server support
using a server architecture that distributes server tasks among front-end and
back-end servers. In this architecture, a front-end server accepts requests
from clients and proxies them to the appropriate back-end server for
processing. A front-end server is a specially configured server running either
Exchange Server2003 or Exchange 2000 Server software.
Many organizations that implement Microsoft Outlook Web Access
(OWA) based on Exchange Server 2003 or Exchange 2000 Server don't connect client
browsers directly to the Exchange server on which the user's mailbox is
located. Rather, a front-end Exchange server accepts the OWA connection from a
client, then proxies the connection to the back-end server on which the user's
mailbox resides. The front-end model offers the advantage of letting all users
specify the same URL to access their mailboxes.
However, the traditional front-end model also has disadvantages,
especially with regard to authentication. Let's look at how the traditional
front-end server model works and examine the limitations of that model's
authentication method. Then, I outline an alternative mechanism for using a
variant of the front-end server configuration to implement a normalized
namespace with OWA. This alternative approach avoids the drawbacks of Basic
authentication while letting all users enter the same URL to access their email
11.
What
type of authentication is used on the front end servers?
New for Exchange Server 2003
is the ability for the Exchange front-end server to use Kerberos authentication
for HTTP sessions between the front-end and its respective back-end servers.
While the authentication is now using Kerberos, the session is still being sent
using clear text. Therefore, if the network is public or the data is sensitive,
it is recommended that you use Internet Protocol security (IPSec) to secure all
communication between the Exchange front-end and back-end servers
12.
When
would you use NLB?
When the load on the Front-End server is
more.
14.
What are
the 4 types of Exchange backups?
Several backup methods are written
that do not use the Microsoft backup API. The following is an overview of
backup methods that you can use.
This article divides backups into
two categories: what Microsoft supports and does not directly support.
Exchange
Backups that Microsoft Supports
1.
Online
Backups and Types of Online Backups
2.
Offline
Backups
Exchange
Backups that Microsoft Does Not Directly Support
1.
Open
File Agent Backups
2.
Mailbox
(Brick) Level Backups
3.
Snap
or Snapshot and Hot Split Backups
For
More Information
Online
Backups and Types of Online Backups
Online backups are backups done
while Exchange services are running. None of the Exchange services have to be
stopped for this backup to complete.
Online backup does not mean that you
try to back up Exchange database files and Exchange folder structure while
Exchange services are running. Online backup means backing up a separate
Microsoft Exchange or Microsoft Exchange Server object that is available in
backup software. You can do an online backup using Backup if you install
Exchange administrator or Exchange System Manager in Exchange 2000 Server
on a server that will do a backup. If you use third-party backup software, you
have to install the Exchange Agent or Exchange-aware backup software. Agents
are popular because they extend the functionality of third-party backup
software. You will be backing up Exchange Directory (Exchange Server
version 5.5) or Microsoft Exchange Information Store service objects. You
will not be able to select individual files to back up or select individual
mailboxes that need to be backed up.
If you try to back up actual
Exchange Server files and folders while services are running, backup will
complete but with files that are skipped. Database files are skipped because
the Exchange database engine has opened them, and only one program can have
exclusive access to a single file on the disk. If disaster strikes and this is
the only type of backup available, it is possible that Exchange information
will not be recoverable.
When
backing up Exchange Server databases, there are four backup types available:
Normal (or Full) The
normal backup process backs up the directory or Exchange store in its entirety,
as well as the log files. To restore from a normal backup, only one normal
backup is needed. A normal backup marks the objects it has backed up so that
incremental and differential backups have context. This is accomplished by
backing up the entire database and all the log files, and then purging the log
files.
Copy The copy backup is
the same as a normal backup except no marking takes place to give incremental
and differential context. This means that performing an incremental backup
after a copy backup is equivalent to performing it before a copy backup. Use a
copy backup to get a full backup of the directory or Exchange store without
disturbing the state of ongoing incremental or differential backups.
Incremental An
incremental backup backs up the subset of the component that has changed since
the last normal or incremental backup. Then it marks these objects as backed
up. To restore from incremental backups, each incremental backup since the last
normal backup and the normal backup are needed. An incremental backup backs up
only the log files, and then purges them.
Differential A
differential backup backs up changes in the directory or Exchange store that
have occurred since the last normal backup. To restore from differential
backups, one differential backup and one normal backup is required. A
differential backup backs up only the log files but does not purge them.
To restore an online backup in
Exchange 2000 Server, you need the Microsoft Exchange Information Store
service running, and the stores that are being restored need to be dismounted.
To restore an online backup in Exchange Server 5.5, you need to have the
Microsoft Exchange System Attendant service running.
Offline Backups
Offline backups are backups of
Exchange files and folders when Exchange services are not running. If services
are not running, backup software can have exclusive access to database files
and can back them up.
Planned offline backups will result
in consistent database files. When Exchange services are being gracefully shut
down, all transactions are being committed to the database. Resulting databases
will be consistent, marked consistent or clean shutdown, depending on what version of
Exchange you are running.
Unplanned offline backups are
backups that are taken when the server fails. Database files are copied to some
location because that is the only type of backup available. If Exchange Server
fails before this backup, databases do not have to be consistent, so they might
need repair after the restore procedure. Make sure to check if the backup was
before or after the failure or Exchange Server problem.
Exchange Backups that Microsoft Does
Not Directly Support
For backup methods that are not
supported, there is no guarantee that the methods will work. You should contact
your third-party backup software or hardware vendor in case of problems with
backup. The backup vendor should be the primary source of support in the case
that any of the following backups are used. Microsoft will work with any
customer that has any backup type. However, if the backup was created by one of
the following methods, the only help that Microsoft might be able to provide is
disaster recovery, which might involve data loss.
Open
File Agent Backups
There are third-party backup
programs that use special ways to do a file-level backup of files that are
already opened by some other application, such as Exchange Server. This might
or might not work. In most cases, it will not work for Exchange. There is no
guarantee that this type of backup will back up all mailbox and public folder
data, and that you will be able to recover from disasters such as this. Open
file agent backups, in most cases, back up inconsistent databases.
Mailbox
(Brick) Level Backups
There are several third-party backup
programs that can back up and restore individual mailboxes, rather than whole
databases. Because those backup solutions do not follow Microsoft backup
guidelines and technology, they are not directly supported.
There are known problems with some
versions of mailbox-level backup programs including loss of free/busy data and
incomplete restores. Every effort is made to help, and to look at the errors
and issues that you are having with this type of backup and restore, to
determine if there are Exchange problems documented that could cause this
error.
Snap
or Snapshot and Hot Split Backups
This type backup provides benefits
somewhat in between offline and open file agent backups. These backups are
typically done on a hard disk instead of tape devices, which allows much faster
transfer rates.
Traditionally, the snapshot backup
is done when databases are stopped. Because they are consistent, the restore
procedure is similar to offline restore procedures. Those types of snapshot
backups require downtime when backing up.
There are some backups that perform
what is called a Hot Split backup. This can be thought of as a snapshot backup
with an open file agent running. The result is a fast backup that does not
require downtime, but the backed up databases are inconsistent. Because of
that, the backup vendor might need to be contacted to make sure that data is
restored without any loss.
A server running Microsoft
Windows Server™ 2003 will support snapshot backups, and they are
supported in Exchange Server 2003. They will utilize the Volume Snapshot
service of Windows Server 2003, and they will require both the Exchange
snapshot DLL and the special storage hardware.
Online v Offline Backup
An online backup means that email is
not interrupted. New in Windows 2003 is the Volume Shadow Copy (VSS)
service which makes it possible to backup without dismounting the Exchange
stores. Most proprietary programs like Backup Exec, Legato or ArcServe
have agents or add-ons which specifically hook into the Windows 2003's VSS
APIs.
Offline backup. Dismount the
Store, then backup. Not your first choice. The main reason that I
can think of for choosing an offline backup, is if the online backup
failed. The disadvantages are that the logs are not purged and that
unlike an online backup, the database cannot be verified.
Another possible scenario is that
you are about to undertake risky restore. So you create a rollback
position by backing up what you have already, before you try a restore.
ASR
(Automated System Recovery)
I wanted to give you a timely
reminder that Exchange 2003 relies on the underling Windows Server 2003
operating system. In a worst case scenario you will have to rebuild the
operating system before you restore the Exchange .edb databases. An ASR
backup and recovery disk is the fastest way of building a base from which you
can restore those .edb files. Before you tackle an ASR recovery, I assume
you have tried Last Known Good, Safe Mode and the Recovery Console.
In NT 4.0 days this process was
known as RDISK. Both RDISK and ASR suffer from a fatal flaw, that is they are
no good unless the disk information is up-to-date. So, if you going to
make ASR diskettes, make sure you repeat the procedure every time the hardware
changes in any significant way.
Backup
Media Tactics
It is usually fastest to backup to
disk. So, your tactics could be initially backup to disk, followed by a
backup to a central server or to a local tape drive. Perhaps the best
strategy would be to employ a tape library on a SAN.
Summary of Backup Methods in
Microsoft Exchange Server 2003
If you want to successfully restore
your Exchange 2003 server, then spend time and plan your backup strategy
carefully. Make a full backup your first choice, and wherever possible,
avoid incremental backups since they take too long to restore.
115) What is
DSACCESS?
DSAccess is a component that optimizes the communication between Active Directory and components within exchange server. For example, Components such as Information Store and message categorizer.
Exchange components that needs to interact with active directory uses DSAccess to retrieve information instead of directly communicating with Domain Controller or Global Catalog servers.
DSAccess is also helpful for better
system performance as it maintains a cache which helps in reducing LDAP queries
that exchange server components does on active directory and thus load is reduced
on both domain controllers as well as global catalog servers.
Note: A
global Address List (GAL) query from Microsoft Outlook client does not use this
cache.
The system Attendant service is
responsible for initializing DSAccess which is in form of a DLL file i.e., DSACCESS.DLL.
There are also two more dll's associated which are DSCMGS.DLL
and DSCPERF.DLL.
Lets say, we want to see which
processes are using DSACCESS.DLL. for this we will be using tasklist.exe
(windows 2003 and XP) from command prompt.
tasklist -m dsaccess.dll
This will give you output similar as shown below.
tasklist -m dsaccess.dll
This will give you output similar as shown below.
DSAccess also have another important task to do, and that is "Discovery Process". In this discovery process DSAccess determines the complete active directory structure and accordingly chooses domain controller and global catalog servers that can be used by exchange.
To see which domain controller and
global catalog is being used by DSAccess, we need to open ESM
(exchange system manager) and drill down to server, then open the properties
page of server and go to Directory Access tab.
Note: This is available only if Exchange 2003 SP2 is installed. In prior versions you will need to use DSADIAG.EXE to get the list of domain controllers and global catalogs that are being used by DSAccess.
116)
When
would you use offline backup?
You must perform an offline defragmentation in the following
situations:
After performing a database repair (using Eseutil /p)
After moving a considerable amount of data from an Exchange Server database.
When an Exchange Server database is much larger than it should be.
After moving a considerable amount of data from an Exchange Server database.
When an Exchange Server database is much larger than it should be.
118)
What is
the dumpster?
When you delete
an item from your mailbox, the item will be kept on the dumpster for as long as
configured for your mailbox or for the mailbox database to which your mailbox
belongs. As administrator you need to keep in mind however that when you move a
mailbox from one mailbox database to another mailbox database, t hat the
content of the dumpster is not moved for that mailbox and therefore lost.
How to Recover Deleted Emails in Outlook
When you delete
an email in Outlook it goes to the Deleted Items folder.
Like the
Recycle Bin on the Desktop, this gives you a second chance if you delete an
email by accident.
Where do emails
go when you delete them out of the Deleted Items folder?
If Outlook is
using an account on an Exchange server, the answer is the Dumpster - the
American word for a skip.
This is the
place Exchange stores deleted emails for a length of time, called the Retention
Period, the length of which can set by an administrator, before finally and
permanently deleting them.
The Arrowmail
Exchange servers have a Retention Period of 14 days.
The Dumpster
The good news
is that you can access the Dumpster yourself from within Outlook.
Here's how:-
Select the
Deleted Items folder then click:-
Tools - Recover
Deleted Items…
A window opens
showing all the emails deleted from the Deleted Items folder which haven't
exceeded the Retention Period.
Select one or more emails you want to recover, click on Recover Selected Items and they will appear back in the Deleted Items folder:-  |
|
There's also the
option to purge items from the Dumpster if there's a particular email you
want to make disappear for good.
You can also access the dumpster from Outlook Web Access, from the Options page:-  | |
The Hidden
Dumpster
This is fine for
emails that have passed through the Deleted Items folder, but it's possible
to "hard delete" items straight to the Dumpster from any folder by
holding down the Shift key while deleting an email.
With Outlook open and an email selected in the Inbox, you're 4 key-presses away from disaster:- Ctrl+a then Shift+Del This means "Select all emails in the Inbox" then "move them all to the hidden dumpster". I've lost count of the number of support calls I've had where this has happened. Emails hard deleted from any folder go to the Dumpster but, by default, you can only retrieve ones that have passed through the Deleted Items folder. To be able to access the entire Dumpster you need to make a Registry change. (Remember that care should always be taken when editing the Registry as there are settings in there that can render your Windows installation inoperable.) Click: Start - Run and type regedit then click OK to open the Registry Editor. Navigate to:- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Exchange\Client\Options Click: Edit - New - DWORD Value Rename the new value: DumpsterAlwaysOn Double-click this new value and set its value to 1:-  |
|
Close Regedit
Close Outlook, if it's open, restart it and the Recover Deleted Items… option will now be enabled for every folder, including those that contain Contacts, Calendar items, etc. You'll need to make this Registry edit on every PC from which you want to access the hidden dumpster.
There's no way to
access the hidden part of the Dumpster from Outlook Web Access.
Recovering
Deleted Emails from the Cache on another PC
If some major
catastrophe has happened with your email, and missing items are not
recoverable from any part of the Dumpster, there may still be some things you
can do.
If you've been using Outlook with Exchange, in cached mode, on another PC, which is currently turned off, this PC will have a full copy of your Outlook data in a local OST file. This data will be as up-to-date as the last time you used Outlook on that PC, hopefully before the current problem occurred. The last thing you want to happen is for this PC synchronise with Exchange and so delete the items you're after from its cache so, before you turn this PC on or open Outlook, make sure that it's NOT connected to the Internet. Maybe pull out the network cable or turn off the wireless card. When you open Outlook on this PC, while it's off-line, you should see all the missing items still there. The first task is to copy them to a local PST file:- From within Outlook, click:- File - New - Outlook Data File… Select Outlook Office Personal Folders File then click OK Click OK then OK to accept the default location and name of the new PST file. You'll now see a new set of folders in Outlook called Personal Folders. Drag-and-drop all the items you need from the mail folders, contacts, calendar etc. in the Exchange folders to the equivalent place in Personal Folders. When the copying process has completed you can safely re-enable your Internet connection and allow Outlook to synchronise with Exchange. The next thing to do is to copy the items you've saved to Personal Folders, back into your Exchange folders, as the synchronisation process will have just deleted them from there. Exchange will accept these as valid new items and will copy them back, first to your mailbox on the server, and then to the local caches on all the other computers where you use Outlook. When you're sure that this has worked, right-click on Personal Folders and select Close "Personal Folders". The local cache of your Exchange data, held on a PC, is your insurance against a failure of the Exchange server that could be unrecoverable. Maybe the building housing the server and the backup tapes has burnt down. You could then arrange to have your incoming emails diverted to a POP3 mailbox and access a SMTP server so that your email is functional again. I've seen someone working this way, more than 2 years after the Exchange server they were using disappeared.
Archiving Email
This is where a
separate copy of all incoming and/or outgoing emails are stored on the
mail-server in a read-only folder, separate from your mail mailbox which you can access and search through when the original of an email is nowhere to be found. If this is the only reason you have for keeping a mail archive then it's not too hard, or expensive, to organise such a system for keeping the last 30 days' emails. |
15. What are the e00xxxxx.log files?
All
transactions are first logged to the current log file E00.LOG. If it gets full
it will be saved to a file of the log generation E00xxxxx.LOG. The log files are by default stored in the same
directories as the database files.
The current log file E00.LOG (Note: E00 will be increased by 1 for each
additional storage group.), which contains the most recent transactions. As soon as it gets full,
Exchange will automatically save a copy in a log generation file like E00xxxxx.LOG, where xxxxx is
a five digit hexadecimal number. The handling of the log generation depends on
whether circular logging is enabled or not.
16. What is the e00.chk file?
File- The checkpoint file is used to track which transactions have been
committed to the database and which transactions have to be committed to the
database. The name of the file is EX0.chk (X stands for the storage group) and
its size is 8KB.
The
checkpoint file E00.CHK has an important role in Exchange database logging. First
of, it maintains the current checkpoint. The current checkpoint always points
to the last transaction that was
successfully committed to the database. During normal operation, the Exchange Server always writes
transactions to the log files
first as
they
provide sequential access. This is much faster than writing to the database directly since it provides random access. The
server will eventually write transactions
to the databases as soon as it has idle time. The last transaction
committed
is pointed to by the current checkpoint. In case of a database corruption, it
allows the Exchange Server to roll-forward from the last backup to the last known consistent state.
The
checkpoint file also maintains the backup checkpoints. Backup checkpoints are used to store the position of the current
checkpoint at the beginning of a backup session to a temporary location.
17.
What is
circular logging? When would you use it?
As
stated before, all transactions are first logged to the current log file
E00.LOG. If it gets full it will be saved to a file of the log generation E00xxxxx.LOG. This process is
called transaction log rollover. The way the current log file is rolled over depends
on the logging mechanism used. Microsoft Exchange provides circular and
sequential logging mechanisms.
Circular
logging automatically overwrites transaction log files after the data they contain has been
committed to the database. It reduces disk storage space requirements; however, if circular logging is
enabled, you cannot perform incremental backups.
To enable circular logging, go to
the Properties window of a Storage Group and choose the General tab.
Circular
logging (disabled by default) uses transaction log technology but does not maintain
previous transaction log files.
Instead, it maintains a window of a few log files, then removes the existing
log files and
discards the previous transactions after the transactions in the transaction
log files have been
committed to the database.
This
helps to manage disk space and keeps transaction logs from building up, but it prevents
you from using differential or incremental backups, because they require the past transaction log files. In fact, because
circular logging purges some transaction log files, you may not be able to recover to a point
of failure by roll forward through the
transaction log files—one
or more may be missing. For this reason it is a good idea to disable circular
logging on all Storage Groups (default setting). You can manage disk space
easily enough by performing regular online backups, which purge the log files from the hard disk
after they have been backed up.
120)
How would
you plan for, and perform the offline defrag?
Defrag
Exchange 2003
defragments the Exchange database every night. But this is only an online
defrag of the database. An online defrag doesn’t reduce the size of the
information store. To reduce the size of the databases, you must use an offline
defrag.
When should I use an offline defrag?
Under normal
conditions you don't need an offline defrag, but when you add tons of new users
due to a merger or aquisition or when you delete many objects from the store it
can be necessary to do an offline defrag.
You can do a
space dump with ESEUTIL /MS to determine the space. Also ensure that you have
110% free diskspace associated with the Exchange database size.
Figure 4: ESEUTIL /MS
120)
What is
the isinteg command? What is the eseutil command?
ESEUTIL is a
tool to defragment your exchange databases offline, to check their integrity
and to repair a damaged/lost database.
ESEUTIL is
located in the \EXCHSRVR\BIN directory. This directory is not in the system
path so you must open the tool in the BIN directory or enhance the system path
with the \EXCHSRVR\BIN directory.
1.
Name
all the client connection options in Exchange 2003.
Outlook 2000/2003
Outlook Web Access.
Outlook Mobile Access.
RPC over Http/Https.
2.
What is
Direct Push? What are the requirements to run it?
'Direct Push'
technology is an additional feature added to Microsoft Exchange 2003 with a new
service pack that adds messaging and security features currently also known as
AKU2. Exchange Server enabled to push Outlook messaging directly to a phone
device running Windows Mobile 5, using a subscriber's existing wireless phone
account (instead of the device having to "pull" e-mail from the
server). To achieve pushmail with any e-mail provider (i.e. other than
Exchange) there is a plug-in from for emansio (formerly VGS Mail)
that enables push mail with any e-mail provider, i.e. Google mail etc.
3.
How would you remote wipe a PPC?
Remote Wipe
The Microsoft Exchange ActiveSync Mobile Administration Web tool enables the remote wipe feature
added in SP2. This tool enables administrators and help desk professionals to
manage the process of remotely erasing lost, stolen, or otherwise compromised
mobile devices. After the remote wipe has been completed, the administrator
receives an acknowledgement that the mobile device has been wiped. The ability
to perform a remote wipe is useful when an end user loses his or her mobile
device, or if the device is stolen and there is a risk that personal or
confidential information could be accessed.
This feature is enabled over a Web application that is restricted
to Exchange Administrators by default. Other individuals can be added as
required. Using this Web application, you can perform the following tasks:
- View a list of all mobile devices that are being used by any enterprise user.
- Send or cancel remote wipe commands to mobile devices.
- View the status of pending remote wipe requests for each mobile device.
- View a transaction log that indicates which administrators have issued remote wipe commands, in addition to the mobile devices those commands pertain to.
- Delete an old or unused partnership between devices and users.
4.
What is Cached Mode in OL2003/2007?
Outlook 2002 and earlier gives you
the capability to use an offline file with an Exchange Server account. The
offline file is a local copy of your mailbox data stored on your computer's
local hard disk. By using an offline file, you can continue working with your
mailbox even when your server isn't available. So, you can still read e-mail messages
you've already downloaded, work on tasks, compose messages, and perform all of
the other standard tasks you can accomplish by using Outlook when your computer
is connected to the server.
In Outlook 2003, offline file
capability is improved with better connection management and synchronization.
The offline file feature in Outlook 2003 is called Cached Exchange Mode.
To turn on
Cached Exchange Mode for your account in Outlook 2003
1. Exit Outlook.
2. Click Start, click Control
Panel, and then double-click Mail.
3. In the Mail Setup dialog box,
click E-mail Accounts.
4. In the E-mail Accounts Wizard, select
View or change existing e-mail accounts, and then click Next.
5. Select Microsoft Exchange Server,
and then click Change.
6. Select the Use Cached Exchange
Mode check box, click Next, and then click Finish.
The next time that you start Outlook,
it will begin creating the local cache copy of your mailbox and synchronize
your local cache with the mailbox on the server. If you have a lot of items in
your mailbox, synchronization might take time. It's best to synchronize the two
the first time through a local connection to your server, rather than through a
remote connection (such as using RPC over HTTP).
To set up an
offline file in Outlook 2002
1. Exit Outlook.
2. Click Start, click Control
Panel, and then double-click Mail.
3. In the E-mail Setup dialog
box, click E-mail Accounts.
4. In the E-mail Accounts Wizard, select
View or change existing e-mail accounts, and then click Next.
5. Select the Microsoft Exchange
Server account, and then click Change.
6. On the third page of the wizard,
click More Settings.
7. In the Microsoft Exchange Server
dialog box, click the Advanced tab, and then click Offline Folder
File
Settings.
8. Select a location and file name for
the Office Folder file (.ost).
9. Do one of the following:
§ To accept the defaults and create the
file, click OK.
§ Type a location and file name in the File
box, and then click OK.
10. In the Microsoft Exchange Server
dialog box, click OK, click Next, and then click Finish.
11. Close any remaining dialog boxes.
Using Remote Mail
Outlook includes a specific feature
called Remote Mail, which you can use to view message headers (that is, the
summary information about messages, including the subjects and senders of the
messages) and to manage messages without downloading them. Why is that
important when you work away from the office? If you receive a lot of mail,
particularly with documents or other attachments, downloading your mail over a
slow connection (such as a dial-up connection) seems to take forever. By using
Remote Mail, you can download just the header, and then look at the subject and
sender to determine whether you want to download the message itself. If so, you
mark the message header for download and review the remaining message headers.
When you've marked all of the headers for the messages that you want
downloaded, you can direct Outlook to download the messages.
Remote Mail is also helpful for
cleaning out junk e-mail messages from your mailbox without taking the time
required to download the messages. Just mark the headers for deletion so that
Outlook deletes the messages from your mailbox the next time Outlook connects
to the server.
Remote Mail was originally a feature
specific to Exchange Server accounts; but because Outlook evolved, so has this
handy feature. You can still use Remote Mail for Exchange Server accounts, but
as explained in detail in Microsoft Office Outlook 2003 Inside Out, you
can use Remote Mail for non–Exchange Server accounts as well.
The following link has complete
instructions on setting up and using Remote Mail for Exchange Server: Use Remote Mail
to download headers and messages.
Note You must add an Offline
Folder file (.ost) to your Outlook profile to use Remote Mail. You can't use
Remote Mail if you are using Cached Exchange Mode in Outlook 2003.
5.
What are
the benefits and "issues" when using cached mode? How would you
tackle those issues?
Benefits
1. By using an offline file, you can
continue working with your mailbox even when your server isn't available. So,
you can still read e-mail messages you've already downloaded, work on tasks,
compose messages, and perform all of the other standard tasks you can
accomplish by using Outlook when your computer is connected to the server.
2.
You need not be Online to view your emails.
Issues
If you have a lot of items in your mailbox,
synchronization might take time.
6.
What is
S/MIME? What are the usage scenarios for S/MIME?
S/MIME
(Secure Multi-Purpose Internet Mail Extensions) is a secure method of sending e-mail
that uses the Rivest-Shamir-Adleman
encryption
system . An alternative to S/MIME is PGP/MIME, which has also been proposed as
a standard.
S/MIME
(Secure / Multipurpose Internet Mail Extensions) is a protocol that adds
digital signatures and encryption to Internet MIME (Multipurpose Internet Mail
Extensions) messages described in RFC 1521. MIME is the official proposed
standard format for extended Internet electronic mail. Internet e-mail messages
consist of two parts, the header and the body. The header forms a collection of
field/value pairs structured to provide information essential for the
transmission of the message. The structure of these headers can be found in RFC
822. The body is normally unstructured unless the e-mail is in MIME format.
MIME defines how the body of an e-mail message is structured. The MIME format
permits e-mail to include enhanced text, graphics, audio, and more in a standardized
manner via MIME-compliant mail systems. However, MIME itself does not provide
any security services. The purpose of S/MIME is to define such services,
following the syntax given in PKCS #7 (see Question 5.3.3) for digital
signatures and encryption. The MIME body section carries a PKCS #7 message,
which itself is the result of cryptographic processing on other MIME body
sections. S/MIME standardization has transitioned into IETF, and a set of
documents describing S/MIME version 3 have been published there.
S/MIME provides the following cryptographic security
services for electronic messaging applications: authentication, message
integrity and non-repudiation of origin (using digital signatures)
and privacy and data security (using encryption). S/MIME specifies the
application/pkcs7-mime (smime-type "enveloped-data") type for data
enveloping (encrypting): the whole (prepared) MIME entity to be enveloped is
encrypted and packed into an object which subsequently is inserted into an
application/pkcs7-mime MIME entity.
S/MIME functionality is built into the vast majority of
modern e-mail software and interoperates between them.
S/MIME Certificates
Before S/MIME can be used in any of the above
applications, one must obtain and install an individual key/certificate either
from one's in-house certificate authority (CA) or from a public
CA such as one of those listed below. Best practice is to use separate private
keys (and associated certificates) for Signature and for Encryption, as this
permits escrow of the encryption key without compromise to the non-repudiation property of the signature key.
Encryption requires having the destination party's certificate on store (which
is typically automatic upon receiving a message from the party with a valid
signing certificate). While it is technically possible to send a message
encrypted (using the destination party certificate) without having one's own
certificate to digitally sign, in practice, the S/MIME clients will require you
install your own certificate before they allow encrypting to others.
A typical basic personal certificate verifies the owner's
identity only in terms of binding them to an email address and does not
verify the person's name or business. The latter, if needed (e.g. for signing
contracts), can be obtained through CAs that offer further verification
(digital notary) services or managed PKI service. For more detail on
authentication, see Digital Signature.
Depending
on the policy of the CA, your certificate and all its contents may be posted
publicly for reference and verification. This makes your name and email address
available for all to see and possibly search for. Other CAs only post serial
numbers and revocation status, which does not include any of the personal
information. The latter, at a minimum, is mandatory to uphold the integrity of
the public key infrastructure
Really good article guys
ReplyDeleteWebsite Design Company in Bangalore