Office365

1. What is Exchange Server and how it works?

Microsoft Exchange Server uses clients and servers to accomplish tasks across the
network. Exchanging e-mail is similar to using the postal service to send a letter. For
example, when a client application sends a message, the server acts as a central post
office and routes the message to its destination
(or)
The server which is responsible for email communication called Exchange Server.

2. What is the use of office 365 if we already have on premise exchange setup?
In today’s cloud driven world, organizations are continually faced with the decision to
keep their email solution in-house, or utilize a public cloud solution like Office 365. The
standard for years has been an on-premise Microsoft Exchange server. This solution
still works for many deployment scenarios, but moving your email and calendar
solutions to Office 365 is a growing trend. over 63% of respondents indicated they are
currently using Office 365.
3. What are the different types of licences in office 365?
 Exchange Online Plan 1
 Exchange Online Plan 2
 Exchange Online Kiosks
 Exchange online Protection(EOP)
 Office365 Business Essentials
 Office365 Business Premium
 Office365 Enterprise E1
 Office365 Enterprise E3
 Office365 Enterprise E5
 Office365 A1
 Office365 A3
 Office365 A5

 Here are some major features you gain with Office 365 Enterprise plans: Skype for
Business Cloud (now Microsoft Teams) PBX and PSTN conferencing (PSTN calling is
available as an add-on in E3 and E5) Advanced Information Protection. Advanced
Threat Protection and Power BI.
 4. How you will recover deleted emails in office365
In your Office 365 account, go to the Mail app. Now, on the left folder pane,
go to the Deleted Items folder, right-click on the folder, and select the Recover
deleted items option. or, if you are already in the Deleted Items folder, click the
link Recover deleted items on top of a deleted-email list.

5. What are the difference between litigation hold in-place hold

Litigation Hold migration involves putting a user's entire mailbox on hold for the purpose of retaining
it for legal review.

In-Place Hold migration involves putting a subset of a user's entire mailbox on hold for the purpose
of retaining only certain types of email.

The only difference between these two types of migration is a query. Litigation Hold can be enabled
to hold all items that are deleted or modified. In-Place Hold is set up like Litigation Hold, but adds a
filter query to only retain specific kinds of email.

6. How to prevent your organization from spam emails?

 Train your filter. When you find spam in your inbox, don't just delete it. ...
 Never respond to spam. If you recognize something as spam before you open it, don't open
it. ...
 Hide your email address. ...
 Use a third-party anti-spam filter. ...
 Change your email address.
 How to Block Unwanted Email in Outlook
1. Open Outlook and navigate to the 'Home' tab.
2. Right click a spam email and select Junk.'
3. Choose Block Sender to automatically filter this user's future email to the Junk folder.
4. Click the Junk icon and then Junk E-mail Options.

7. Which DNS record is used to prevent organization from spam emails

MX Record and DKIM.

8. User is not able to receive emails?

Steps to troubleshoot:

 How many users are affecting? – If all users

 What is the environment – If cloud only environment then:
 Does if MX is pointing on O365 or not?
 Is user able to login on OWA or not?
 Have you made any recent changes in your environment?
 If any transport rule made for user? If the user blocked transport rules can
be checked.
 Create a new profile for the user in outlook and then ask to user to login
with new profile (after creating new profile for the user and still not able to
receive emails then remove the profile, that means issue is not with the
profile)

 How many users are affecting? If single user

 What is the environment? Cloud only environment
 Have you made any recent changes in the environment? Yes, I have done
migration.
 Which type of migration? If stage migration
 Are you receiving emails on on-premises or not? In stage migration there
is will be no mailbox. So, we cannot see the emails. It must be converted
to mailbox through a script. Once mail box is created then only user will
start receiving emails.
10. Purpose of message trace ?

Message tracking, or message tracing, as it is called in Office 365, is one of the most
basic tools used by administrators to monitor the email flow. As emails travel through
Office 365, some information about them gets stored in logs and is available for
administrative purposes. No matter if users delete or purge messages, the administrator
is able to view basic information about sent and received emails
11. Difference between SPF, DKIM and DMARC?

SPF DKIM DMARC

Domain-based
Message
What does it stands Sender Policy DomainKeys Identified
Authentication,
for? Framework Mail
Reporting and
Conformance

An e-mail
A system to declare An e-mail authentication system
and verify who can authentication system that helps determining
What is it?
send e-mails from a based on asymmetric what to do when
given domain cryptographic keys. messages fail SPF or
DKIM checks.

The receiving hosts

The sending host signs
The receiving host applies the DKIM and
email body and/or
checks if the sending SPF checks. Then it
headers with its private
host is allowed to send validates the results
key. The receiving host
e-mails from the against the published
verifies the signature,
sender domain. DMARC policy and
identifying if the fields
decides what to do:
How does it work? are intact.
Block, quarantine,
The information stating
deliver, report to sender.
who can send e-mails
No digital certificate is
is stored on a TXT
required. Public key is
record in the DNS The DMARC policy is
published using DNS
zone. published via DNS TXT
TXT records.
record.

Helps receiving
Greatly reduces the organization decide
It helps preventing
chances that your what to do with e-mails
spoofing and can
Why is it important? messages are treated that fails checks and
prevent damage to
as spam by digital create a feedback loop
your brand.
signature. to allow course
correction.

Domain-based
Message
Where can I learn Sender Policy DomainKeys Identified
Authentication,
more? Framework Mail
Reporting &
Conformance
 12. How will you release am email from Quarantine?

Open the spam quarantine mailbox in Outlook on a client computer. In the Mailview, find the
message you want to recover in the Inbox, and then double-click the message to open it. In the
Move section of the Ribbon, click Actions > Resend this Message.

13. What is SCL range?

SCL
Rating Spam Confidence Interpretation Default Action

-1 Non-spam coming from a safe sender, safe recipient, Deliver the message to the
or safe listed IP address (trusted partner). recipients' inbox.

0, 1 Non-spam because the message was scanned and Deliver the message to the
determined to be clean. recipients' inbox.

5, 6 Spam Deliver the message to the

recipients' Junk Email folder.

7, 8, 9 High confidence spam Deliver the message to the

recipients' Junk Email folder.

SCL ratings of 2, 3, 4, 7, and 8 are not set by the service. These can be customized (or) can be
made some rule for it.

14. What is availability service?

The Availability service retrieves free/busy information directly from the

target Exchange mailbox. Outlook uses the Exchange Autodiscover service to obtain the URL
of the Availability service.

(or)

For topologies that have Exchange 2007, Exchange 2010, or Exchange 2013 mailboxes in
which all clients are running Outlook 2007 or higher, the Availability service is used to retrieve
 free/busy information. Outlook uses the Exchange Autodiscover service to obtain the URL of
the Availability service.

16. Difference between E3 and E5 license?

Office365 E3 license: In this license services which are included like Exchange,
Onedrive, Share point, Yammer, MS team and ATP.

 Email hosting with 100gb mail box and custom email domain addresses.
 Web and desktop origin of applications are included. (Outlook, Excel, Word and
Power point).
 One license will cover 5 tablets, 5 PC’s and 5 phones.
 Unlimited personal and cloud storage.
 SharePoint.
 Host online and video conferencing meetings up to 250 people.
 Host meetings for up to 10000 people with skype or MS teams.
 E-Discovery with in-place search, hold and export.
 24*7 phone and web support.
 ATP(Advanced Treat Protection) can be taken as an addon.

Office365 E5 License:

You get everything included in E3 along with a few more benefits:

 Advanced Security & Information Protection: The E5 license takes

measures to protect your data from threats like phishing and zero-day
malware. In this way, users of E5 stay protected from threats in attachments
and links. DLP assures the safety of your content.
 Analytics Tools: This is the only Enterprise plan that offers analytics tools
such as MyAnalytics and PowerBI Pro for data analysis and visualization.

17. Diff between EOP and ATP?

Major differences:
Office 365 provides robust email protection against spam, viruses and malware with
Exchange Online Protection (EOP). But as hackers around the globe launch increasingly
sophisticated attacks, many organizations are seeking tools that provide advanced
protection. That’s why Microsoft introduce Exchange Online Advanced Threat Protection
(ATP), a new email filtering service that provides additional protection against specific types
of advanced threats.
Advanced threat protection (ATP) in Exchange Online Protection (EOP) helps you prevent
zero-day malware attacks in your email environment. ATP provides a way for you to create
policies in the Exchange admin center (EAC) that help ensure your users access only links in
emails or attachments to emails that are identified as not malicious.

 Note: Are the two separate services or do I need both, at the same time?
Yes, Advanced threat protection (ATP) is separate service. It is sufficient you can add
Exchange Online Advanced Threat Protection to the Office 365 Business Premium Plan. To
add Advanced Threat Protection to your subscription, contact your volume licensing re-
seller.

18. Basic concept of DAG?

DAG is the basic component of mailbox sever, which provides high availability. DAG is
a set of databases and provides automatic database level recovery from failures that
affects individual servers or database.
(or)

A database availability group (DAG) is a high availability (HA) and data recovery feature of
Exchange Server 2010. A database availability group, which can consist of up to 16
Exchange mailbox servers, automates recovery at the database-level after a database, server
or network failure.

19.What is the role of connectors in exchange?

Exchange uses connectors to enable incoming and outgoing mail flow on Exchange servers,
and also between services in the transport pipeline on the local Exchange server. Below are
the types of connectors that are available in Exchange.

Connector Description

Receive Receive connectors control incoming SMTP mail flow. They listen for
connectors incoming connections that match the configuration of the connector.
Multiple default Receive connectors are created when you install
Exchange.
 Connector Description

Send connectors Send connectors control outgoing SMTP mail flow. A Send connector
is chosen based on the message recipients and the configuration of
the connector. No default Send connectors for external mail flow are
created when you install Exchange, but implicit and invisible Send
connectors exist, and are used to route mail between internal
Exchange servers.

Delivery agents Delivery agents and Delivery Agent connectors control outgoing mail
and Delivery flow to non-SMTP systems. Outgoing messages are put into message
Agent Connectors queues for delivery to the non-SMTP system. Delivery agents and
Delivery agent connectors are preferred over Foreign connectors due
to their improved performance and management.

Foreign Foreign connectors control outgoing mail flow to non-SMTP systems.

connectors Outgoing messages are written to files in a location called the Drop
directory to be picked up by the non-SMTP system.

20. Types of migration?

There are two types of migration namely:
1. Location migration.
2. Remote migration or Cross forest migration.

Remote migration has 5 different types of migration namely:

1. IMAP migration
2. Cutover migration
3. Stage migration
4. Hybrid migration
5. Personal Storage Table
21. Diff between cached mode and online mode?

 Cached mode takes a while to download all the messages on the first use and
take lots of space and compared to online mode.
 Depending on the mode you are using, different features of cached and Online
Mode becomes available in Outlook.
  If you are running Outlook in Cached Mode, you can search emails with specific
conditions whereas in online mode you don’t need to search email with specific
conditions.
 Searching can be indexed locally and therefore be faster in Cached Mode
compared to online mode.
 Emails search works in Online Mode but doesn’t really work in cache mode.

22. Diff between Stage and Cutover migration?

 Cutover Migration:
 Exchange server 2003 and above supported
 It will take all kind of data(Emails, contacts and folders)
 AD connect should be disabled in Cutover migration

 Stage Migration:
 Exchange server 2003 and 2007 are supported
 Unlimited mail boxes can be migrated
 AD connect should be enabled in Stage migration
25. What are the components of AD connect?
Three primary components make up AD Connect.

 Sync services – These services make sure that identity information from your connected data
sources match what is in your Azure AD tenant. Two sync services exist:
 Azure AD Connect sync – This component resides on-premises.

 Azure AD Connect sync service – This component resides in Azure AD.

 ADFS – Optional component that can be used if you want to make use of 3rd party multi-factor
authentication solutions for example.

 Health – Monitors your on-premises AD infrastructure and the synchronisation services.

26. What are the pre-requisites to install AD connect?

 There should be Offics365 subscription
 Machine should be joined domain joined
 AD connect tool
 Can sync up to 50k objects, when domain is not verified
 Can sync up to 300k, when domain is verified
 As a recommendation, you should enable the AD Recycle Bin.
28.What do you mean by Single Sign-On (SSO)?
Single sign-on (SSO) is an authentication process that allows a user to access multiple
applications with one set of login credentials. SSO is a common procedure in enterprises,
where a client accesses multiple resources connected to a local area network (LAN).

29. What is Passthrough Authentication?

Pass-through user authentication is a form of active authentication; the user is prompted to
enter a username and password when pass-through authentication is invoked. If the user's
identity is validated, the user is allowed to pass through the firewall and gain access to the
requested resources.
 30. What is PowerShell command for full access and send as access on mail
box?

PowerShell command syntax – Send as

1.Add-RecipientPermission <Identity> -AccessRights SendAs -Trustee <Identity>
PowerShell command example
1. Add-RecipientPermission John -AccessRights SendAs -Trustee Suzan

Powershell Command syntax – Full access

Add-MailboxPermission -Identity "Terry Adams" -User "Kevin Kelly" -AccessRights
FullAccess -InheritanceType All

33. What the frequency of AD connect sync?

synchronization frequency is 30 minutes.

34. User is getting NDR is 5.1.1?

When you send email messages by using Microsoft Outlook in Office 365, you may
experience one or both of the following issues:

Symptom 1: You receive non-delivery reports (NDRs)

Email messages or meeting invitations are not delivered successfully. For example, you
receive an NDR that resembles the following:

Generating server: <server name>.local

IMCEAEX-
_O=CONTOSO_ou=first+20administrative+20group_cn=Recipients_cn=<username>@<ser
ver name>.local

#550 5.1.1 RESOLVER.ADR.ExRecipNotFound; not found ##

Symptom 2: The AutoComplete feature in Outlook does not work as expected

When you create a new email message and then type a name in the To line, the user's name
is auto-populated. However, when you double-click the name, you experience one of the
following issues:

 The dialog box information is not displayed correctly.

 Information is missing from the dialog box.

CAUSE

These issues may occur if one of the following conditions is true:

 You reply to messages that were migrated from personal folders (.pst) files or were
migrated by using a third-party migration tool.
 The Outlook nickname cache (AutoComplete) contains a bad entry.
 The OfflineAddressBook is not updated or cannot be downloaded.

SOLUTION
To resolve these issues, follow these steps:

1. Reset the nickname and the autocomplete caches in Outlook. For more information
about how to do this, click the following article number to view the article in the
Microsoft Knowledge Base:
287623 How to reset the nickname and the automatic completion caches in Outlook
2. If you reply to a migrated message, type the whole email address of the recipient again.
If the Autocomplete feature tries to input the recipient name or address for you, click
the "X" to delete the entry, and then manually type the whole email address again.
 3. Make sure that the Offline Address Book is operating correctly. For more information
about how to troubleshoot the Offline Address Book, click the following article number
to view the article in the Microsoft Knowledge Base:
2429946 How to troubleshoot the Outlook Offline Address Book in an Office 365
environment

36. Diff between the types of retention tags and which tag will get more
precedence?
There are 3 different types of retention tags
1. Default policy tag
2. Retention policy tag
3. Personal tag
1. Default Policy Tag: These tags are applied by administrators. Default policy tag
means no tags are applied or untag.
2. Retention Policy Tag: These tags are applied by administrators. Retention policy
tags are applied on default folders. Ex: Inbox, Sent items & Deleted items.
3. Personal Tag: Personal tags are applied by users itself but made availability by
administrators. Ex: personal folders.

 Personal tags will get more precedence than Default policy tag and Retention
policy tag.

37. What is the default size of archive mail box? Can it be extended till 150gb?
The default size of archive mail box is 100gb.
Yes, it can be extended till 150gb.
 38. How to check the details of shared mail box through PowerShell?

The first cmdlet will collect all the shared mailboxes and insert them into a variable.
$Mailboxes = Get-Mailbox -RecipientTypeDetails SharedMailbox -ResultSize:Unlimited |
Select Identity,Alias,DisplayName | sort displayname
This step will take that variable of mailboxes, and for each one output the name of the
mailbox, user with access and the access rights assigned, and write it to a txt file.
$mailboxes | sort displayname | foreach {Get-MailboxPermission -Identity $_.alias | ft
identity,user,accessrights} >SharedPermissions.txt

39. If you want to restart the exchange server, what are the settings you will
check before restarting?
The following is the procedure to follow when preparing to reboot the Exchange Server:
1. Double Click on the Services Icon located in Control Panel.
2. Locate Microsoft Exchange System Attendant.
3. Click Stop. Then Click OK.
4. When ALL Services are stopped click Close.
5. The Exchange Server can now be restarted.

40. What are the possible reasons that takes an exchange server down?
There are several factors that can cause this: Data center issues such as extended power
outage, network outage, affected by disaster, or termination of service. Serverissues such as
operating system malfunction, server software malfunction, or serverhardware fault.
 41. How do you open outlook in safe mode?
Start Outlook in safe mode and disable add-ins
1. Choose Start > Run.
2. Type Outlook /safe, and choose OK.
3. In the Choose Profiles dialog box, accept the default setting of Outlook and choose OK.
4. If prompted, enter your password and choose Accept.

42. Difference between distribution group and dynamic distribution group?

Dynamic distribution groups are mail-enabled Active Directory group objects that are created
to expedite the mass sending of email messages and other information within a
Microsoft Exchange organization. ... A dynamic distribution groupincludes any recipient in
Active Directory with attribute values that match its filter.

 In distribution group users are added manually and in dynamic distribution group
users are added automatically.
 Any recipient can be member of Distribution group. In dynamic distribution group
membership is calculated each time a message sent to mailbox or mailbox.