Friday, 14 September 2012

Exchange Server 2003 Interview Q&A


 

1. What is Exchange Server?
Exchange Server is a Microsoft’s Messaging system which provides Industry leading Email, calendaring and unified Messaging
2. Tell me a bit about the capabilities of Exchange Server.
  1. Outlook Anywhere (OWA)
  2. Mailbox can sync with Blackberry Device.
  3. Calendar Sharing.
  4. MAPI & POP3 Client support
3. What are the different Exchange 2003 versions?
  • Exchange server 5.5
  • Exchange Server 2000
  • Exchange Server 2003
  • Exchange Server 2007
  • Exchange Server 2010
4. What are the differences between Exchange Sever 2003 Standard and Enterprise Editions?
Following are the difference between Exchange server 2003 Standard and Enterprise Edition.































Feature Standard EditionEnterprise Edition
Storage groups support1 storage group4 storage groups
Number of databases per storage group2 databases5 databases
Individual database size16 gigabytes (GB)Maximum 16 terabytes, limited only by hardware
X.400 ConnectorNot includedIncluded
Exchange ClusteringNot supported Supported



5. What are the main differences between Exchange 5.5 and Exchange 2000/2003?

  • Exchange 2000 does not have its own directory or directory service; it uses Active Directory instead.
  • Exchange 2000 uses native components of Windows 2000 (namely, IIS and its SMTP, NNTP, W3SVC and other components, Kerberos and others) for many core functions.
  • SMTP is now a full peer to RPC, and is it the default transport protocol between Exchange 2000 servers.
  • Exchange 2000 supports Active/Active clustering and was recently certified for Windows 2000 Datacenter.
  • Exchange 2000 scales much higher.
  • It boasts conferencing services and instant messaging.
6. What are the minimum hardware requirements for Exchange Server 2003?
  • Processor – Pentium 133 MHz
  • Operating System – Windows 2000 SP3
  • Memory – 256 MB
  • Disk Space – 200 MB for system files and 500 MB where Exchange Server installation.
  • File System - NTFS
7. What are the steps involved in Exchange Server installation?
  1. Prerequisites Installation – ASP .Net, IIS, SMTP, NNTP and WWW services Installation
  2. Forest Preparation
  3. Domain Preparation
  4. Exchange Server 2003 Installation
8. Why not install Exchange on the same machine as a DC?
The main reason behind not to install Exchange Server is, when we used to restart the Exchange server for any reason it will take lot of time to shut down the Exchange Server services.
9. Which Services must be installed and running for Exchange Server installation?
Following are the services that should be installed before installing Exchange Server 2003
  1. ASP .Net
  2. Internet Information Service
  3. SMTP
  4. NNTP
  5. WWW
10. What can you do and what will be the effect if ASP.NET service is not available while installing Exchange Server 2003?

ASP .Net files are important for authentication, delegation and securing the web publication. Before installing exchange Server 2003 ASP .Net should be installed
11. What are Exchange Server 2003 deployment tools?

The Exchange Server 2003 Deployment Tools are a compilation of old and new Microsoft Product Support Services (PSS) support tools that you can use to prepare Microsoft Exchange Server 5.5 and the Microsoft Active Directory directory service infrastructure for the installation of Microsoft Exchange Server 2003.
  • Installation and Upgrade Prerequisites
  • Enabling Windows Services
  • DCDiag Tool
  • NetDiag Tool
  • ForestPrep
  • DomainPrep
12. What are the Windows versions supported by Exchange Server 2003?
  1. Windows 2000 Service pack 3 ( Standard, Enterprise and Datacenter Edition)
  2. Windows 2003 Service pack 1 ( Standard, Enterprise and Datacenter Edition)
13. In which domains domainprep must be run?
  1. The Forest root Domain
  2. All domain that will contain Exchange Server 2003
  3. All Domain that will contain Exchange Mailbox enable objects.
14. What is ForestPrep?
Forest prep updates the schema and configuration partition in Active directory. Extend the schema to include Exchange server 2003 specific classes and attributes
To run the Forest Prep, Administrator should have Schema and Enterprise Admin permission over the Domain
15. What is DomainPrep?
Domain Prep prepares the Domain partion in Active Directory. Forest prep should be run only once in forest where Domain Prep should be run in following Servers.
  1. The Forest root Domain
  2. All domain that will contain Exchange Server 2003
  3. All Domain that will contain Exchange Mailbox enable objects
16. Which two groups are created by DomainPrep?
The domain prep switch creates the groups and permissions required by exchange Server 2003. Two security groups created
  1. Exchange Enterprise Servers – Domain Local group contains all Exchange Server in a forest
  2. Exchange Domain Server – Global Group that contains all Exchange servers running in the Domain that you have selected.
17. What DomainPrep does?
Domain Prep Updates the Domain partition and Creates a Two New Security Groups for Exchange Server 2003
  1. Exchange Enterprise Servers
  2. Exchange Domain Servers
18. Which of the servers does the system that will host the first Exchange Server 2003 server in a forest need to be able to contact during installation?
19. How to run ForestPrep?
Go to the Command prompt and Type the following
D:\setup\i386\setup.exe /forestprep
Where D drive represents the CD drive.
Note: it will ask for the Administrator Account that has the required permission to run the Setup.
20. How to run DomainPrep?
Go to the Command prompt and Type the following
D:\setup\i386\setup.exe /domainprep - Where D drive represents the CD drive.
21. Which service pack is needed for Windows 2000 for installing Exchange Server 2003?
Windows 2000 service pack 3 in needed to install Exchange Server 2003
22. Which permissions are required to run ForestPrep?
Schema Administrator
Enterprise Administrator
Local Machine Administrator
23. Which permissions are required to run DomainPrep?
Domain Administrator and Local Machine Administrator
24. Which permissions are required to install Exchange server 2003 on the first server in a domain or on other systems within the domain?
The administrator Account should have the following permission to install the Exchange Server 2003
  • Schema Administrator
  • Enterprise Administrator
  • Domain Administrator
  • Local Machine Administrator
25. What is reason behind the error messages services not available while installing Exchange Server 2003 on a domain running at Windows Server 2003 functional level?
26. What is name of log file that Exchange Server 2003 setup creates during installation?
27. What is location of Exchange Server Setup Progress?
C:\Program Files\Exchangesvr
28. How unattended installation of Exchange Server 2003 works?
Unattended installation are useful for rapidly deploying subsequent Exchange Server 2003 installation into an existing organization.
The process of creating the file is essentially the same as the process for a manual setup selecting the component you want to install and the installation path, choosing whether to create a new organization or to join existing one; agreeing the license and so on.. Instead of doing manual installation the Exchange installation wizard writes the configuration file to .ini file. specifically for use with the /unattendfile setup switch to start the installation.
29. When you can use the unattended installation of Exchange Server 2003?
1. Unattended Installation of Exchange Server 2003 is very useful when you are going to install Exchange Server remotely.
2. It’s also useful when you are deploying number of New Exchange Server in Existing Organization. We can save time deploying multiple servers by automating the Entire installation procedure
30. When you cannot use unattended installation of Exchange Server 2003?
An Active Directory Forest can support only a single Exchange Server 2003 organization, so an un attended.ini file that is used to create an organization cannot be used for subsequent installation.
31. What is the command to create an answer file for unattended installation of Exchange Server 2003?
D:\setup\i386\setup.exe /createunattend c:\unattend.ini
Where D represents the CD ROM drive that holds the Exchange Server and C drive represent the created unattended file for installation
32. What is the command to start the unattended installation of Exchange Server 2003?
D:\setup\i386\setup.exe /UnattendFile c:\unattend.ini
Where D represents the CD ROM drive that holds the Exchange Server and C drive represent the created unattended file for installation
33. When you can specify the User account that will receive the Exchange Full Administrator permission?

After installing the exchange Server 2003, we can able to specify the administrative permission for particular user. We can delegate administrative permission by right click the Exchange organization and select delegate Administration permission.
34. Which account must be use to perform first Exchange installation?
A new dedicated service account specifically for Exchange server installation has to be created in Active Directory and the following permission are to be assigned the newly created user.
  • Schema Administrator
  • Enterprise Administrator
  • Domain Administrator
  • Local Machine Administrator
35. Can Exchange 2000 servers run on Windows Server 2003?
No, the only version of Exchange server that will run on Windows server 2003 is Exchange Server 2003, you will need to upgrade your Exchange environment to Exchange Server 2003 prior to upgrading the Windows Server Operating System to Windows server 2003

How to Manage Administrative groups

 

An administrative group is a logical administrative structure that is used to manage permissions and delegate permissions to Exchange servers.
  • Administrative groups organize servers for management purposes.
  • Administrative groups match your network administrative structure. Groups are often based on locations or major departments.
  • Use permissions to allow administrators to manage the Exchange servers within the group
If Exchange is running in native mode, you can rename administrative groups in Exchange System Manager. Otherwise, use Adsiedit to rename administrative groups.
Below diagram shows the first Administrative Group of our Exchange Server. 3 important containers are the there in every Administrative group
1. Server
2. Routing Groups
3. Folders
Servers – Includes the physical server in server container for Administration purpose, servers holds the Message Queues, Storage Groups which includes the mail box store and the public folder store, protocols – which includes virtual server for HTTP, IMAP4, NNTP, POP3 and SMTP
Routing Groups - It is the group of Exchange servers that are connected by constant, high-speed links. The routing group identifies Exchange servers that can contact each other without any additional routing considerations.
This includes the Routing Group Connectors (Routing group connector, SMTP connector and X.400 connector)
Folders – Folders deals with public folders
clip_image002
Important facts on Administrative Group
  • During installation you specify the name of the administrative group into which you install the Exchange server.
  • It is important to select the correct administrative group for each server because you cannot change it after installation.
  • During the installation, if there is only one administrative group, all Exchange servers will automatically be installed in that group. You are not prompted to select the administrative group if Exchange only has a single administrative group.
  • You can set up administrative groups prior to the installation of the first Exchange server. This gives you the advantage of being able to select multiple administrative groups during the install of the first Exchange Server. To set up administrative groups prior to installation:
    • Run /forestprep
    • Use Adsiedit to create administrative groups in Active Directory.
  • After installation, you can use Exchange System Manager to create new administrative groups.

Step by step procedure to Manage Administrative Group
1. Creating a New Administrative Group
Go to Start ->All Programs -> Microsoft Exchange ->System Manager ->right click Administrator Group and select New to create a New Administrative Group
clip_image004
2. Creating a new Routing Group
Go to Start ->All Programs -> Microsoft Exchange ->System Manager ->Administrative group -> Expand first Administrative Group -> Navigate to Routing Group, right click and point to New to create a new Routing Group
clip_image006
3. Delegate Permission – To Mange the designated option on servers
· Permissions are assigned either at the organizational level or the administrative group level.
· Use Exchange Delegation wizard to assign permission for particular User
Go to Start ->All Programs -> Microsoft Exchange ->System Manager ->right click the Organization Name and select delegate control
clip_image008

How to delegate Exchange Administrative Permission

 

To have a better Administration over the Exchange Organization, delegating Administrative permission is the best way.
The following shows the permissions options for Exchange administrator role.
Full Administrator Role - Full control over all objects within the hierarchy
Change all permissions, Delegate permissions and Read mailboxes
Administrator - Full control over all objects, except cannot change permissions
View Only Administrator – To view the configuration
Using permissions you can delegate Exchange server administrative tasks to other users. Keep in mind the following facts for managing Exchange permissions:
  • Permissions are assigned either at the organizational level or the administrative group level.
  • Use the Exchange Delegation Wizard in Exchange System Manager to manage delegations.
  • While running /forestprep or during the Exchange Server 2003 installation, you identify the default Exchange System Administrator. This administrator has all permissions to the Exchange organization.
  • Exchange administrators must have specific permissions in Active Directory for the objects and levels they will be working. They must also have permissions on the local computer.
Note: When you assign the Full Administrator or Administrator roles to an administrative group, the user also receives View Only permissions to the organization, allowing the administrator to view the configuration of the entire organization.
Step by step procedure to Delegate Administrative roles to particular users
Go to Start ->All Programs -> Microsoft Exchange ->System Manager ->right click the Organization Name and select delegate control
clip_image002
On the welcome page click next to continue
clip_image004
We can add the user or groups to grant administrative permission, Click add to find the user to be granted administrator permission over the exchange organization
clip_image006
On the delegate control window, click browse to find the user or group from AD
clip_image008
Select a user to grand permission
clip_image010
Select the required permission what you planned to grant and click ok to continue
clip_image012
After assigning particular permission, review the permission and click next
clip_image014
On the warning page click ok to continue. Make sure you are following the warning
clip_image016
On the last page click finish to end the delegation
clip_image018

How to Manage Exchange Server 2003

 

You have several tools available to you to monitor and manage Exchange servers. The below option describes some common Exchange management tools.
1. Exchange System Manager
2. Active Directory Users and Computers
3. Adsiedit
4. LDAP Viewer
Step by step procedure to Manage Exchange Server 2003
Exchange System Manager
The System Manager tool is installed by default and is the primary tool you use to monitor and manage your Exchange Server 2003 configuration. Use System Manager to:
  • Change server settings
  • Change database settings
  • Move databases
  • Create additional databases
  • Enable message tracking
System Manager runs on Windows 2003 or Windows 2000 SP3 as long as Active Directory Users and Computers are running on the machine. You can also use System Manager on a Windows XP machine with SP1 as long as SMTP service is running on the machine during the installation of the tools.
By default System Manager looks like this,
clip_image002
You can do the following steps,
1. Enabling Administrative Groups
By default Administrative Groups are disabled, you can enable by
Go to Start -> All programs -> Microsoft Exchange -> System Manager ->right click the exchange system Manager and go to properties,
clip_image004
2. Enabling Routing Groups
By default Routing Groups are disabled, you can enable by
Go to Start -> All programs -> Microsoft Exchange -> System Manager ->right click the exchange system Manager and go to properties,
clip_image006
A warning of restarting Exchange System Manager will show when you apply these settings
clip_image008
After enabling Administrative Group and Routing Group, the system manager window will look like this; the first server in your organization will come under the first Administrative Group
clip_image010
Active Directory Users and Computers
Active Directory Users and Computers is the primary tool you use to manage users in an Exchange Server 2003 environment. Use Active Directory Users and Computers to:
  • Create recipients
  • Modify recipients
  • Hide recipients
  • Manipulate additional recipient options
Active Directory Users and Computers runs on Windows 2003, Windows 2000 SP3, or Windows XP.
Following figure shows the diagram of Active Directory Users and Computers
clip_image012
Notes:
1. If you open the properties of the existing user the Exchange features tabs will not be there, to have the exchange properties, right click the user Accounts and click exchange tasks to create a Mailbox, after creating a Mail box you will have the New Exchange features tab
clip_image014
To get the Exchange Feature, right click an existing user, select Exchange tasks, on the welcome page click next
clip_image016
Select create Mailbox
clip_image018
Review the Mailbox location, alias name and the Administrative Group, click Next
clip_image020
Click finish to end the user mail box creation for existing user
clip_image022
Following figure shows the user properties after creating a Mailbox for existing user.
clip_image024
ADSIEDIT (for security reason, without knowing about the Active Directory Partition)
Adsiedit is the tool you use to modify advanced properties in Active directory. Use Adsiedit to:
  • Grant advanced security permissions
  • Add, modify, delete, and organize user accounts, computer accounts, security and distribution groups
Adsiedit runs on any Windows 2003, Windows 2000 SP3 or Windows XP machine that is part of the domain.
Install Adsiedit using the Support Tools available on the Windows 2000 or Windows 2003 CD
To run ADSIEDIT
Go to start ->Run ->adsiedit.msc
clip_image026
It will open up the ADSI edit window
clip_image028
For example if we are planning to edit the name of the first Administrative Group.
Navigate – configuration partition -> Services -> Microsoft Exchange -> Exchange Organization Name ->Administrative Group
From here you can create a New Administrative Group and edit the Name of First Administrative Group etc
clip_image030
LDAP Viewer
The LDAP viewer allows you to view advanced properties of recipients such as:
  • The SMTP addresses of users
  • The date and time of a user's last log on
  • SID of an object
  • Object history
  • How an object was migrated
Following figure shows the LDAP viewer
clip_image032
Important Notes:
  • Because Exchange System Manager and the Active Directory Users and Computers are snap-ins, you can create custom MMCs for both of them. You do this by typing MMC.exe at the command line to run the Microsoft Management Console.
  • Exchange System Manager can only be used to administer Exchange Server 2003.
  • Use Active Directory Users and Computers to move mailboxes within an organization. Use the migration wizard and other migration tools to move mailboxes between organizations.

How to prepare the Exchange Server

 

Following are the important considerations that have to be done before installing the Exchange Server
  1. Designate a account for exchange installation with the following permission
  2. Check the hardware requirements before installing Exchange server 2003
  3. Installing Important services – following are the important services
  4. Run the forest prep - extends the Active Directory schema by adding classes and attributes
  5. Run the Domain prep - adds the necessary objects for Exchange administration
1. Designate a account for exchange installation with the following permission
  • Enterprise Administrator
  • Domain Administrator
  • Schema Administrator
  • Local Administrator
2. Check the hardware requirements before installing Exchange server 2003
  • Processor – Pentium 3 or above
  • Memory - 512
  • Disk space – 200 MB for system file and 500 MB for database files
  • Partition – NTFS
  • NIC – Two for single exchange in small organization
3. Installing Important services – following are the important services
  • Microsoft .NET Framework
  • Microsoft ASP .NET
  • Internet Information Services (IIS)
  • Simple Mail Transfer Protocol (SMTP)
  • Network News Transport Protocol (NNTP)
4. Run the forest prep - extends the Active Directory schema by adding classes and attributes
5. Run the Domain prep - adds the necessary objects for Exchange administration
After running the Domain preparation, 2 new objects will be created
Exchange Domain Servers
Exchange Enterprise Servers
Note:
If you haven't run /forestprep or /domainprep they will run when you run the standard setup (if your account has the necessary rights).
Step by step procedures to prepare exchange server
Step 1: Designate an account for exchange installation
Go to the properties of the user account, on the Member Of Tab add the above permission
clip_image002
Step 2: check the Hardware prerequisites consideration
Check the hardware status mentioned above
Step 3: Installing important services
To know the installation and configuration procedures of important services, review the how to install IIS page
Step 4: Running forest Prep
Forestprep extends the Active Directory schema by adding classes and attributes used by Exchange.
  • Run Setup.exe /forestprep once on the forest root domain.
  • To run /forestprep, the account you use must have the following roles:
§ Schema Administrator
§ Enterprise Administrator
§ Domain Administrator
§ Local machine Administrator
1. Go to start ->Run -> type CMD. Command prompt will open, in that navigate to the drive wher your exchange installation files are present
2. Type setup.exe /forestprep
clip_image004
3. On the warning page click ok to continue
clip_image006
4. On the welcome page click next to start the forest prep operation
clip_image008
5. Click I agree and click next on the License agreement page
clip_image010
6. By default on the component selection page forest prep will automatically selected, review and click next
clip_image012
7. Check whether the administrative account pointed is what the designated account with administrator permission, by default it will select the login account
clip_image014
8. Click next to start the forest configuration, nearly 10 components will be updated during the process
clip_image016
9. Click finish to finish the installation
clip_image018
Step 5: Running Domain Preparation
Domainprep adds the necessary objects for Exchange administration.
  • Run Setup.exe /domainprep once in the following domains:
§ The forest root domain
§ Any domain that hosts an Exchange server
§ Any domain that contains users that will access Exchange mailboxes
  • To run /domainprep, the account you use must have the following roles:
    • Domain Administrator
    • Local machine Administrator
Procedure
1. Type setup.exe /domainprep
clip_image020
2. On the license agreement, click I agree and click next
clip_image010[1]
3. By default on the component selection page, the domain preparation option will be selected, click next to continue
clip_image022
4. On the warning message page click ok to continue
clip_image024
5. Completing the Domain Preparation by clicking finish
clip_image018[1]
Note:
Following figure shows the diagram before running the domain preparation command
clip_image026
Below figure shows the diagram after running the Domain Prep command
Two administrative permissions will be created by running the domain preparation command
Exchange Domain Servers
Exchange Enterprise Servers
clip_image028

How to promote a Domain Controller

 

Promoting a server to a domain controller is the process of installing Active Directory Services on that server
An administrator has the following options when promoting a server to a domain controller:
  • Installing the first domain controller in a new forest
  • Installing the first domain controller in a new domain tree
  • Installing the first domain controller in a new child domain
  • Installing an additional domain controller in a domain tree
  • Removing Active Directory from domain controller
Important Considerations for installing and configuring Domain Controller
1. An NTFS partition with enough free space
2. An Administrator's username and password
3. The correct operating system version
4. A NIC
5. Properly configured TCP/IP (IP address, subnet mask and - optional - default gateway)
6. A network connection (to a hub or to another computer via a crossover cable
7. An operational DNS server (which can be installed on the DC itself)
8. A Domain name that you want to use
9. The Windows Server 2003 CD media (or at least the i386 folder)
Step by Step procedure to configure a Domain Controller
Before Promoting a domain controller make sure u already check the important consideration checklist
1. Go to start -> Select Run ->type DCPROMO
clip_image002
2. On the Active Directory Installation Wizard click on Next
clip_image004
3. Click “Next” on the compatibility window
clip_image006
4. On Next window select the default option of “Domain Controller for a new domain” and click “Next”
clip_image008
5. In this we will create a domain in a new forest, because it is the first DC, so keep that option selected
clip_image010
6. Now we have to think of a name for our domain. If you have a domain like SYZADMIN, you can use it, but it isn’t suggested because computers inside of your domain may not be able to reach the company website. Active directory domains don’t need to be “real” domains like the one above - they can be anything you wish. So I will create “SYZADMIN.COM”
clip_image012
7. Now in order to keep things simple, we will use “SYZADMIN”, which is the default selection, as the NetBIOS name of the domain
clip_image014
8. The next window suggests storing the AD database and log on separate hard disk and you can just leave the default settings
clip_image016
9. The SYSVOL folder is a public share, where things like .MSI software packages can be kept when you will distribute packages and you can just leave the default settings or you can change the path.
clip_image018
  1. If your DNS server, zone and/or computer name suffix were not configured correctly you will get the following warning:
· This means the Dcpromo wizard could not contact the DNS server, or it did contact it but could not find a zone with the name of the future domain. You should check your settings.
· You have an option to let Dcpromo do the configuration for you. If you want, Dcpromo can install the DNS service, create the appropriate zone, configure it to accept dynamic updates, and configure the TCP/IP settings for the DNS server IP address.
  1. To let Dcpromo do the work for you, select "Install and configure the DNS server...".
12. Next Screen basically says that you will need a DNS server in order for everything to work the way we want it (i.e., our “SYZADMIN” to be reachable).we will install the DNS server on this machine or if you want you can installed elsewhere select “Install and Configure…” and click next.
clip_image020
11. Here you need to select the permissions for win 2000 or win 2003 server if you have any NT4 select first option otherwise select second option and click next
clip_image022
12. The restore mode password is the single password that all administrators hope to never use, however they should also never forget it because this is the single password that might save a failed server. Click next
clip_image024
13. Now we will see a summary, review and click next
clip_image026
14. Active directory installation process started this can take several minutes. It’s likely that you will be prompted for your Windows Server 2003 CD (for DNS) so have it handy.
clip_image028
15. Active directory Installation finish screen click Finish.
clip_image030
16. It will ask for restart. Click restart now. And Login to the Computer via Domain Account by selecting the option in the login window.
Here we go, we installed and configured the Domain Controller.