Exchange 2013 Exam Notes

General

70-341 Core Solutions of Microsoft Exchange Server 201270-342 Advances Solutions of Microsoft Exchange Server 2012Technet Exchange 2013Exchange & Office 365 Ignite Technical training (4 days)

SMTP TCP 25SMTP (MSA) TCP 587 SMTP (Encrypted) TCP 465 Exchange Online Protection (EOP)EAC Feature Panes infoSite mailboxes accessible through sharepoint and Outlook 2013, but don't appear in OWAHybrid Configuration Wizard (HCW)

Various

What's New in Exchange 2013

Planning and deployment

The *-ServerMonitoringOverride and *-GlobalMonitoringOverride cmdlets enable administrators to set, remove, or view overrides.Get-ServerHealth is used to retrieve the raw health data, while Get-HealthReport operates on the raw health data and provides a current snapshot of the health.For DAG membership Server 2008 enterprise or Server 2012 Standard/Datacenter required

1) setup /PrepareSchema or setup /ps2) setup /PrepareAD [/OrganizationName:] or setup /p [/on:]3) setup /PrepareDomain: to prepare a specific domain. setup /PrepareAllDomains or setup /pad to prepare all domains in your organization.

Prepare AD:

Compliance ManagementDelegated SetupDiscovery ManagementExchange ServersExchange Trusted SubsystemExchange Windows PermissionsExchangeLegacyInteropHelp DeskHygiene ManagementOrganization ManagementPublic Folder ManagementRecipient ManagementRecords ManagementServer ManagementUM ManagementView-Only Organization Management

New OU in the root domain called Microsoft Exchange Security Groups. This OU should contain the following new Exchange USGs:

Exchange 2013 setup.exe parameters

FQDN DNS record type Value

Contoso.com MX Mail.contoso.com

Mail.contoso.com A 172.16.10.11

Owa.contoso.com A 172.16.10.11

Autodiscover.contoso.com A 172.16.10.11

DNS name configuration:

Virtual directory External URL value

Autodiscover No external URL displayed

ECP https://mail.contoso.com/ecp

EWS https://mail.contoso.com/EWS/Exchange.asmx

Microsoft-Server-ActiveSync https://mail.contoso.com/Microsoft-Server-ActiveSync

OAB https://mail.contoso.com/OAB

OWA https://mail.contoso.com/owa

PowerShell http://mail.contoso.com/PowerShell

Virtual directories:

Verify installation using get-exchangeserver and checking \ExchangeSetupLogs\ExchangeSetup.logVirtualizing Exchange roles is supported. Using snapshots, live migration, etc is not supported.

Cd C:\Program Files\Microsoft\Exchange Server\V15\Scripts

Configure-EnterprisePartnerApplication.ps1 -AuthMetaDataUrl https://sharepoint.contoso.com/_layouts/15/metadata/json/1 -ApplicationType SharePoint

Configure-EnterprisePartnerApplication.ps1 -AuthMetaDataUrl https://sharepoint.contoso.com/metadata/json/1 -ApplicationType Lync

Oauth for (3rd party) applications, uses Configure-EnterprisePartnerApplication.ps1 script:

Permissions

Built-in role groupsBuilt-in management rolesAdd-PSSnapin Microsoft.Exchange.Management.PowerShell.SnapIn

Get-RoleGroupMember "View-Only Organization Management"

Set-Mailbox Brian -RoleAssignmentPolicy "Unified Messaging Users"

Get-ManagementRole | Format-List

Get-ManagementRole "Mail Recipients" -Recurse

Get-ManagementRoleAssignment -Role -GetEffectiveUsers

Get-ManagementRole -Cmdlet

Add-ManagementRoleEntry "Recipient Administrators\Set-Mailbox"

Get-ManagementRoleEntry \*

New-ManagementRoleAssignment -Name "Exchange Servers_SeattleAdmins" -SecurityGroup SeattleAdmins -Role "Exchange Servers"

Mail Flow

& $env:ExchangeInstallPath\Scripts\Disable-Antimalwarescanning.ps1

Set-MalwareFilteringServer -BypassFiltering $true

Anti-virus client on exchange server exclusions to configure includes important path locationsWith routing groups and Routing Group connectors you can consolidate communication between servers by designating bridgehead servers that act as communication points between routing groups.

Exchange 2013 exam noteszaterdag 27 oktober 2012 12:02

Exchange 2013 exam notes Page 1

With routing groups and Routing Group connectors you can consolidate communication between servers by designating bridgehead servers that act as communication points between routing groups.Modify NDR with New-SystemMessageMessage size limits and how to configure using powershell

Queue ViewerTracking log explorer

Mail flow tools

Eemote connectivity analyzerDetails Templates Editor

Configuration management tools

Exchange Toolbox console MMC

Pickup directory is %ExchangeInstallPath%TransportRoles\Pickup. Replay directory is %ExchangeInstallPath%TransportRoles\Replay.Edge Transport server not currently available in Microsoft Exchange Server 2013. Use 2007 or 2010 version.

New-Mailbox -Alias pilarp -Name "Pilar Pinilla" -FirstName Pilar -LastName Pinilla -DisplayName "Pilar Pinilla" -UserPrincipalName [email protected] -Password (ConvertTo-

SecureString -String 'Pa$$word1' -AsPlainText -Force)

Set-Mailbox -Identity patc -DeliverToMailboxAndForward $true -ForwardingAddress [email protected]

Get-Mailbox -OrganizationalUnit "Marketing" | Set-Mailbox -IssueWarningQuota 209715200 -ProhibitSendQuota 262144000 -ProhibitSendReceiveQuota 293601280 -UseDatabaseQuotaDefaults

$false

Get-Mailbox -Filter "Department -eq 'Customer Service'" | Set-Mailbox -MaxSendSize 2097152

Mailbox

New-DistributionGroup -Name "IT Administrators" -Alias itadmin -MemberJoinRestriction

New-DistributionGroup -Name "All Administrators" -IgnoreNamingPolicy

New-DistributionGroup -Name "File Server Managers" -Alias fsadmin -Type security

Set-DistributionGroup -Identity "Goverment_Contracts_NWRegion" -Name "Government_ContractEstimates_NWRegion" -DisplayName "Government_ContractEstimates_NWRegion" -IgnoreNamingPolicy

Set-DistributionGroup "Seattle Employees" -EmailAddresses SMTP:[email protected],smtp:[email protected]

Distributiongroup

New-DynamicDistributionGroup -IncludedRecipients MailboxUsers -Name "Mailbox Users DDG" -OrganizationalUnit UsersGet-DynamicDistributionGroup -ResultSize unlimited | Set-DynamicDistributionGroup -HiddenFromAddressListsEnabled $true -MaxReceiveSize 5MB -ModerationEnabled $true -ModeratedBy

administrator

Set-DynamicDistributionGroup -Identity "All Employees" -EmailAddresses SMTP:[email protected], smtp:[email protected]

Dynamicdistributiongroup

New-MailContact -Name "Debra Garcia" -ExternalEmailAddress [email protected] -OrganizationalUnit Users

Enable-MailContact -Identity "Karen Toh" -ExternalEmailAddress [email protected]

Use the Get-Contact and Set-Contact cmdlets to view and change organization and contact information properties.Use the Get-MailContact and Set-MailContact cmdlets to view or change mail-related properties, such email addresses, the MailTip, custom attributes, and specify whether the contact is hidden from address lists.

Mailcontact

Mail users are similar to mail contacts. Both external. Unlike a mail contact, a mail user has Active Directory logon credent ials and can access resources. New-MailUser -Name "Jeffrey Zeng" -Alias jeffreyz -ExternalEmailAddress [email protected] -FirstName Jeffrey -LastName Zeng -UserPrincipalName [email protected] -Password (ConvertTo-

SecureString -String 'Pa$$word1' -AsPlainText -Force)

Mailuser

New-Mailbox -Database "Mailbox Database 1" -Name ConfRoom1 -OrganizationalUnit "Conference Rooms" -DisplayName "Conference Room 1" -Room

Get-User and Set-User to view and set general properties such as location, department, and company names.

Get-Mailbox and Set-Mailbox to view and set mailbox properties, such as email addresses and the mailbox database.

Get-CalendarProcessing and Set-CalendarProcessing to view and set booking options and delegates.

Room mailbox

Similar to room mailboxes, but uses parameter -equipment instead of -roomNew-Mailbox -Database "Mailbox Database 1" -Name MotorVehicle2 -OrganizationalUnit Equipment -DisplayName "Motor Vehicle 2" -Equipment

Equipment mailbox

Recipients

Site mailbox picture explanationThe lifecycle of a site mailbox is managed through SharePoint. It is through SharePoint that you should perform all site mailbox tasks such as creating and removing site mailboxes. In addition, you can create a SharePoint Lifecycle policy tomanage the lifecycle of a site mailbox. For example, you can create a lifecycle policy in SharePoint that automatically closes all site mailboxes after 6 months. If the user still requires the use of the site mailbox, the user can reactivate the sitemailbox through SharePoint. We recommend that you use the Lifecycle application is in the farm. Manually deleting active site mailboxes from Exchange will result in orphaned site mailboxes. .

When the lifecycle application in SharePoint closes a site mailbox, the site mailbox is retained for the period stated in the lifecycle policy in the closed state. The mailbox can then be reactivated by an end -user or by an administrator from SharePoint. After the retention period, the Exchange site mailbox that is housed in the mailbox database will have its n ame prepended with MDEL: to indicate that it has been marked for deletion. You will need to manually remove these site mailboxes from the mailbox database in order to free storage space and the alias. If you dont have the Sha rePoint Lifecycle Policy enabled, youll lose the ability to determine which site mailboxes are marked for deletion. Until the site mailbox has been removed by an administrator, the content of the mailbox is still recoverable.

You can use the following command to search for and remove site mailboxes that have been marked for deletion.

Get-Mailbox MDEL:* | ?{$_.RecipientTypeDetails -eq "TeamMailbox"} | Remove-Mailbox -Confirm:$false

Site mailboxes do not support retention at the item level. Retention works on a project level for site mailboxes, so when the entire site mailbox is deleted, the retained items will be deleted.

Site mailbox

Public folders in Microsoft Exchange 2013 have been modernized to take advantage of the existing high availability and storag e technologies of the mailbox database. The public folder architecture uses specially designed mailboxes to store both the hierarchy and the public folder content. This also means that theres no longer a public folder d atabase. Public folder replication now uses the continuous replication model. High availability for the hierarchy and content mailboxes are provided by a database availability group (DAG).

The master hierarchy mailbox was the first one created in the organization and cannot be changed.

If the master hierarchy public folder mailbox goes down, the user can still view the public folders. However, they wont be able to write to the public folders. To help prevent the hierarchy from going down, we recommendthat your public folders are included in a database availability group (DAG).

New-Mailbox -PublicFolder -name MasterHierarchy

New-Mailbox -PublicFolder -name Istanbul -Database DB01Istanbul

Create a secondary public folder hierarchy mailbox for load balancing purposes

Limit for public folders same as private folders, 100GB.

New-Mailbox -PublicFolder -name Istanbul -Database DB01Istanbul

Mail enable public folder : Enable-MailPublicFolder -Identity "\Help Desk" -HiffenFromAddressListsEnabled $True

Migrate Public Folders to Exchange 2013 From Exchange 2010 SP3 .

Public folder

Mailbox that multiple users can use to read and send email messages. Provides common calendar (schedule vacations, work shifts, etc)

New-Mailbox -Shared -Name "Sales Department" -DisplayName "Sales Department" -Alias Sales | Set-Mailbox -GrantSendOnBehalfTo MarketingSG | Add-MailboxPermission -User MarketingSG -AccessRights

FullAccess -InheritanceType All

Convert mailbox to shared mailbox: Set -Mailbox -Identity MarketingDepartment@contoso .com -Type Shared

Shared mailboxes

Collaboration

Email addresses and address books

All contactsAll groupsAll roomsAll usersDefault Global Address List (GAL)Public folders.

Several address lists are created by default. Default address lists are:

Should help people find who/what they're looking for more easily than the default lists.New-AddressList -Name MyAddressList -RecipientFilter {((RecipientType -eq 'UserMailbox') -and ((StateOrProvince -eq 'Washington') -or (StateOrProvince -eq 'Oregon')))}New-AddressList -Name "Building 34 Meeting Rooms" -Container "\All Rooms" -IncludedRecipientsResources -ConditionalCustomAttribute1"Building 34"Update-AddressList "North America\Sales"Remove-AddressList -Identity Departments -RecursiveNew-GlobalAddressList -Name "GAL_Contoso" -IncludedRecipients MailboxUsers -ConditionalCompanyContosoNew-GlobalAddressList -Name "GAL_AgencyA" -RecipientFilter {CustomAttribute15 -like "AgencyA"}Set-GlobalAddressList -Identity 96d0c505-eba8-4103-ad4f-577a1bf4ad7b -Name FourthCoffee

Custom address lists

Address lists


Set-GlobalAddressList -Identity 96d0c505-eba8-4103-ad4f-577a1bf4ad7b -Name FourthCoffeeSet-GlobalAddressList -Identity Fourth Coffee -RecipientFilter {Company -eq "Fourth Coffee"}

One GAL

One OABOne room list (for booking purposes)One or more address lists

ABPs contain the following lists:

Graphical representation of an Address Book PolicyAssign ABPs to individual mailbox users: New-Mailbox / set-mailbox cmdlet with the AddressBookPolicy parameterNew-OfflineAddressBook -Name "OAB_FAB" -AddressLists "GAL_FAB"

New-AddressBookPolicy -Name "ABP_TAIL" -AddressLists "AL_TAIL_Users_DGs"," AL_TAIL_Contacts" -OfflineAddressBook "\OAB_TAIL" -GlobalAddressList "\GAL_TAIL" -RoomList "\AL_TAIL_Rooms"

Get-Mailbox -resultsize unlimited | where {$_.CustomAttribute15 -eq "TAIL"} | Set-Mailbox -AddressBookPolicy "ABP_TAIL"

Address Book Policies

Details templates control the appearance of the object properties that are accessed by using address lists in an email client, such as Microsoft Outlook. For example, when a user opens an address list in Outlook, theproperties of the recipients in that address list are presented as defined by the details template that exists in your Exchange organization.

Details templates editor is in the exchange toolbox.Restore a details template to the default: Restore-DetailsTemplate -Identity "en-US\Contact"

Details templates

Email address policies generate the primary and secondary email addresses for your recipients so they can receive and send email.By default, Exchange contains an email address policy for every mail-enabled user. For example, [email protected].

If you want to specify additional email addresses for all recipients or just a subset, you can modify the default policy or create additional policies.

New-EmailAddressPolicy -Name "southeast offices" -IncludedRecipients MailboxUsers -ConditionalStateorProvince "Georgia","Alabama","Louisiana"-EnabledEmailAddressTemplates "SMTP:%s%[email protected]"

%s = surname / lastname and %2g = first two letters of the given name.

New-EmailAddressPolicy -Name 'Execs' -EnabledEmailAddressTemplates 'SMTP:%2g%[email protected]' -RecipientFilter {((RecipientType -eq 'UserMailbox') -and (Title -like 'executive'))}

Set-EmailAddressPolicy -Identity "South East Offices" -ConditionalStateorProvince "Georgia","Alabama","Louisiana","Texas"

Email address policies

Graphical representation of Hierarchical Address Book

100 for David Hamilton50 for Rajesh M. Patel25 for Amy Alberts

You can provide an additional level of hierarchical structure by using the SeniorityIndex parameter. When creating an HAB, use the SeniorityIndex parameter to rank individual recipients or organizational groups by seniority within these organizational tiers. This ranking specifies the order in which the recipients or groups are displayed in the HAB. For example, in the preceding example, the SeniorityIndex parameter for the recipients in the Corporate Office

division is set to the following:

Create a distribution group that will be used for the root organization (top-level tier). If desired, you can use an existing organizational unit in your Exchange forest for the distribution group.1.

Create distribution groups for the child tiers and designate them as members of the HAB. Modify the SeniorityIndex parameter of these groups so they're listed in the proper hierarchical order within the root organization.2.

Add organization members. Modify the SeniorityIndex parameter of the members so they're listed in the proper hierarchical order within the child tiers.3.

For accessibility purposes, you can use the PhoneticDisplayName parameter, which specifies a phonetic pronunciation of the DisplayName parameter.4.

Detailed instructions for creating HABs are included in the topic Enable or Disable Hierarchical Address Books . The general steps are as follows:

Cmdlet Parameter

Set-OrganizationConfig HierarchicalAddressBookRoot

Set-Group IsHierarchicalGroupSeniorityIndex

PhoneticDisplayName

Set-User SeniorityIndexPhoneticDisplayName

Set-Contact SeniorityIndexPhoneticDisplayName

Commands and parameters

Example of how to configure HAB

Hierarchical address books (HAB)

New-OfflineAddressBook -Name "OAB_Contoso" -AddressLists "\Default Global Address List" -Server SERVER01 -VirtualDirectories "SERVER01\OAB (Default Web Site)

Set-OfflineAddressBook -Identity "My OAB" -AddressLists AddressList1,AddressList2,AddressList3

Set-OfflineAddressBook -Identity "My OAB" -IsDefault $trueSet-OfflineAddressBook -Identity "My OAB" -Schedule "Sun.1:15 AM-Sun.1:30 AM"

Get-User -ResultSize Unlimited -Filter { Company -eq "Contoso" -and RecipientType -eq "UserMailbox" } | Where { $_.CountryOrRegion -eq "United States"} | Set-Mailbox -OfflineAddressBook "Contoso UnitedStates

Set-OABVirtualDirectory "OAB (Default Web Site)" -ExternalUrl https://contoso.com/OAB

Offline address books

Federated sharing: A group of Exchange features that leverage a federation trust with the Microsoft Federation Gateway (free Microsoft cloud -based service) to work across Exchange organizations, including cross -premises Exchange deployments. Together, these features are used to make authenticated requests between servers on behalf of users across multi ple Exchange organizations.Federation example

Create and configure a federation trust1.Create an organization relationship2.Create a sharing policy3.Configure an Autodiscover public DNS record4.

Configure Federated Sharing

Federation

An organization relationship enables users in your Exchange organization to share calendar free/busy information as part of f ederated sharing with other federated Exchange organizations.New-OrganizationRelationship -Name "Contoso" -DomainNames "contoso.com","northamerica.contoso.com","europe.contoso.com" -FreeBusyAccessEnabled $true -FreeBusyAccessLevel

LimitedDetails

Organization relationships

Sharing policies enable user-established, people-to-people sharing of both calendar and contact information with different types of external users. Sharing polices are assigned to user mailboxes and allow your users to self-manage and share both their free/busy and contact information (including the Calendar and Contacts folders) with recipients in other externalfederated organizations.

For recipients that aren't in an external federated organization or are in non-Exchange organizations, sharing policies allow people-to-people sharing of their calendar information with anonymous users through the use ofInternet Calendar Publishing.

New-SharingPolicy -Name "Contoso" -Domains contoso.com: CalendarSharingFreeBusyDetail, ContactsSharing

Get-Mailbox -Filter {Department -eq "Marketing"} | Set-Mailbox -SharingPolicy "Contoso Marketing"

Sharing policies

Sharing

The Windows RPC over HTTP Proxy component, which Outlook Anywhere clients use to connect, wraps remote procedure calls (RPCs) with an HTTP layer. This allows traffic to traverse network firewalls without requiring RPC ports to be opened. In Exchange 2013, this feature is enabled by default, because all Outlook connectivity takes place ov er Outlook Anywhere.

Test-OutlookConnectivity -GetDefaultsFromAutoDiscover:$trueTest-OutlookConnectivity -RpcProxyTestType:Internal -RpcTestType:ServerTest-OutlookConnectivity -RpcTestType:Server - RpcProxyAuthenticationType:Basic -RpcClientAccessServer:CAS01 -RpcAuthenticationType:NTLM

Test end-to-end client connectivity using Exchange Remote Connectivity Analyzer or Test-OutlookConnectivity

Outlook anywhere (RPC over HTTP)

Exchange ActiveSync is a client protocol that lets you synchronize a mobile device with your Exchange mailbox. Enabled by def ault.Windows Phone 7 mobile phones support only a subset of all Exchange ActiveSync mailbox policy settings. For a complete list, see Windows Phone 7 Synchronization.

Direct Push keeps a mobile device current over a cellular or wireless network connection (443). It notifies the mobile devicewhen new content is ready to be synchronized.Direct Push

New-MobileDeviceMailboxPolicy -Name:"Management" -AllowBluetooth:$true -AllowBrowser:$true -AllowCamera:$true -AllowPOPIMAPEmail:$false -PasswordEnabled:$true -

AlphanumericPasswordRequired:$true -PasswordRecoveryEnabled:$true -MaxEmailAgeFilter:10 -AllowWiFi:$true -AllowStorageCard:$true -AllowPOPIMAPEmail:$false

Add users to Mobile mailbox policy : Get-Mailbox | where { $_.CustomAttribute1 -match "Manager"

} | Set-CASMailbox -activesyncmailboxpolicy(Get-ActiveSyncMailboxPolicy "Contoso").Identity

Remote wipeDevice security features

Commonly used features in Mobile Device Mailbox Policies include:

Mobile Device Mailbox Policies

Exchange ActiveSync (EAS)

Clients and mobile


Remote wipe

Minimum password lengthPassword complexity (minimum number of character sets, require alphanumeric password)Enforce password historyInactivity time before locking device

After a remote device wipe has occurred, data recovery is very difficult. However, no data removal process leaves a mobile de vice as free from residual data as when it's new. Recovery of data from a mobile device may still be possible using sophisticated tools.

Wipe device after x failed attempts

Password recovery

Device password policies

Require encryption on deviceRequire encryption on storage cards

Device encryption policies

Allow CameraAllow Wi-FiAllow unsigned applicationsUnapproved InROM application listDisable removable storageDisable IrDADisable BluetoothDisable Desktop SyncBlock Remote DesktopBlock Internet SharingIRM enabled

Other security policies

IMAP4 and POP3 clients have limited access to calendar information for Exchange.

Microsoft Exchange POP3 serviceMicrosoft Exchange POP3 Backend serviceMicrosoft Exchange IMAP4Microsoft Exchange IMAP4 Backend service

By default, POP3 and IMAP4 are disabled in Microsoft Exchange Server 2013. To enable them, start the services

Set-CASMailbox -Identity "John Smith" -POPEnabled $true -IMAPEnabled $trueEnable POP3 and/or IMAP4 for users

POP3 and IMAP4

Outlook Web App in Microsoft Exchange Server 2013 provides rich attachment preview functionality. All attachments in an email message are displayed in a filmstrip that includes a thumbnail of each attachment. Users are able to previewattachments online in full fidelity.

For Office attachments, this means users can use a rich user interface to preview and modify the attachment online. This functionality is made possible by the integration of Microsoft Office Web Apps Server.

Word documents (doc, docx, dotx, dot, dotm extensions)

Excel documents (xls, xlsx, xlsm, xlm, xlsb extensions)PowerPoint documents (ppt, pptx, pps, ppsx, potx, pot, pptm, potm, ppsm extensions)

By default, the following file types are displayed using Office Web Apps Server:

Configure Office Web Apps Server URL: Set-OrganizationConfig -WACDiscoveryEndPoint https://Server1/hosting/discovery

Set-OwaVirtualDirectory "Server01\owa (Default Web Site)" -WacViewingOnPrivateComputersEnabled $trueSet-OwaVirtualDirectory "Server01\owa (Default Web Site)" -WacViewingOnPublicComputersEnabled $true

Enable Office Web Apps Server rendering:

Set-OwaVirtualDirectory "Server01\owa (Default Web Site)" -ForceWacViewingFirstOnPublicComputers $true -ForceWacViewingFirstOnPrivateComputers $trueForce Office Web Apps Server rendering before they can open them:

Office Web Apps Server Integration

Management of the client protocols of Exchange ActiveSync, Outlook Web App, POP3, IMAP4, the Autodiscover service, Exchange W eb Services, and the Availability service.

the Exchange Administration Center (EAC)the Exchange Management ShellInternet Information Services (IIS) Manager.

Management occurs in three different areas:

The settings that are managed in each location vary per client protocol.In Exchange 2013, the client protocol management for Exchange ActiveSync is split between the Client Access server and the Ma ilbox server. Because of this architecture change, you can run different virtual directory management tasks on both the Client Access server and the Mailbox server. If these two servers arent installed on the same p hysical computer, the parameters that you use with the virtual directory cmdlets will change based on the server role on which you are running them.

Settings applicable to the mailbox session (user settings)Settings applicable to the server and the virtual directory

There are two types of settings that can be applied to the Exchange ActiveSync virtual directory:

If running CAS and Mailbox server role on same computer, any changes to POP3 or IMAP4 settings are automatically applied to the correct POP3 and IMAP4 services.

If running CAS and Mailbox server role on separate computers, you need to manage settings on the computer that manages the setting you want to change.

Consider the following as you manage POP3 and IMAP4 connectivity in your organization:

InternalURL, internal clients use to access the virtual directory. It is usually in the format https://servername/Microsoft-Server-ActiveSync. ExternalURL, external clients use to access the virtual directory. For example, https://www.contoso.com.Authentication settings, Basic authentication and Client certificate authentication.

You can modify the following properties and settings on the Exchange ActiveSync virtual directory:

Exchange ActiveSync virtual directory settings

Client Protocol management

What's New for Outlook Web App in Exchange 2013.

New-OwaMailboxPolicy -Name Policy1Set-OwaMailboxPolicy -Identity Default -CalendarEnabled $true

Create and configure an OWA Mailbox Policy

Set-CASMailbox -Identity [email protected] -OwaMailboxPolicy:CalendarSet-CASMailbox -Identity [email protected] -OwaMailboxPolicy:$null

Apply or remove an OWA Mailbox Policy

Outlook Web App

MailTips are informative messages displayed to users while they're composing a message. Microsoft Exchange Server 2013 analyz es the message, including the list of recipients to which it's addressed, and if it detects a potential problem, it notifies the user with MailTips prior to sending the message. With the help of the information provided by MailTips, senders can adjust the message they're composing to avoid undesirable situations or non-delivery reports (NDRs).

MailTips aren't supported when working in offline mode in Outlook.

When a message is addressed to a distribution group, the MailTips for individual recipients that are members of that distribution group aren't evaluated. However, if any of the members is an external recipient, the External

Recipients MailTip is displayed, which shows the sender the number of external recipients in the distribution group.

If the message is addressed to more than 200 recipients, individual mailbox MailTips aren't evaluated due to performance reasons.Custom MailTips are limited to 250 characters.If the sender starts composing a message and leaves it open for an extended period of time, the Automatic Replies and Mailbox Full MailTips are evaluated every two hours.

MailTips are subject to the following restrictions:

Set-OrganizationConfig -MailTipsAllTipsEnabled $true

MailTipsAllTipsEnabledMailTipsExternalRecipientsTipsEnabledMailTipsGroupMetricsEnabledMailTipsLargeAudienceThreshold (default is more than 25)MailTipsMailboxSourcedTipsEnabled

Other MailTips related parameters for Set-OrganizationConfig:

Microsoft Exchange Server 2013 allows you to configure organization relationships with Microsoft Exchange Online or other Exchange organizations. Establishing an organization relationship allows you to enhance the user experience when dealing with the other organization. For example, you can share free or busy data, configure secure message flow, and enable message tracking across both organizations.

Control the MailTips access level using the MailTipsAccessLevel parameter on the Set-OrganizationRelationship cmdlet.When you enable MailTips over an organization relationship and set the access level to All, the recipient-specific MailTips, Mailbox Full, Automatic Replies, and custom MailTips, are returned for all users. However, you may only want to allow these MailTips for a specific set of users. For example, if you set up an organization relationship with a partner, you may want to allow these MailTips only for the users that work with thatpartner.

To achieve this, you need to first create a group and add all users for whom you want to share recipient-specific MailTips to that group. You can then specify that group on the organization relationship.

After you implement this restriction, your Client Access servers will first verify whether the recipient for whom they received a MailTips query is part of this group. If the recipient is a member of this group, the Client Access servers will proxy back all MailTips including the recipient-specific MailTips. Otherwise they won't include the recipient-specific MailTips in their response.

Set-OrganizationRelationship "Contoso Online" -MailTipsAccessEnabled $trueSet-OrganizationRelationship "Contoso Online" -MailTipsAccessLevel All

MailTips over organizational relationships

MailTips


Set-OrganizationRelationship "Contoso Online" -MailTipsAccessLevel Limited

Set-OrganizationRelationship "Contoso Online" -MailTipsAccessScope [email protected]

MailTips that provide information about the size of distribution groups and dynamic distribution groups rely on group metrics data. Group metrics data is generated on designated Mailbox servers.Set-MailboxServer MBX1 -ForceGroupMetricsGeneration $true

Set-MailboxServer MBX1 -GroupMetricsGenerationTime 23:30

MailTips and group metrics

Unified messaging in general

IPv6 supportUnified Messaging Cmdlet updates

Backwards compatible with Exchange 2010 and Exchange 2007 UM servers.

Incorporates hotfixes and patches.Supports IPv6.Automated and simplified deployment.UCMA 4.0 setup includes all prerequisites for Exchange 2013.UCMA 4.0 provides more accurate speech engine translations and more scalable voice platform support across multiple products.Supports using the same version of the Speech Engine for both Text-to-Speech (TTS) and Automatic Speech Recognition (ASR)

UCMA 4.0 (Unified Communications Managed API)

Improvements in grammar generation, core voice services, and support for multiple languages. Exchange Server 2013 UM also includes several enhancements for transcription services that are delivered to end users and increased confidence and accuracy for Voice Mail Preview. For details, seeVoice Mail Preview Enhancements.

Improved Voice Mail Preview

Enhancements and improved accuracy for Voice Mail Preview.

Support for the Microsoft Speech Platform Runtime (Version 11.0).Speech grammar generation using the system mailbox for an organization.

Enhancements to speech platform and speech recognition

UM extends the scope of the search to include the users other Exchange and personal contact folders that were created manually and also also supports contact aggregation from external social networks.provides intelligenceto link multiple contacts that refer to the same person, and uses that data to present person-centric (rather than contact-centric) views. This means that contacts that are aggregated from external social networks can be placed in thecontact folder stored in the users mailbox in Microsoft Outlook Web App and Outlook. These contacts can now also be added to any additional contact folders that users create.

Caller ID look-up is integrated with contact aggregation, so that it searches across external contacts.

The PersonID property, where present and set to a value other than Null, improves the user experience for caller ID resolution by suppressing duplicate matches to contacts that are associated with the same person. Because thePersonID property is the same on both results, UM treats this as a match to a single contact.

Enhanced caller ID support

Dial plans

Topology Dial plan

Client Access and Mailbox on the same server (without Communications Server 2007 R2 or Lync

Server 2010 non-SIP dial plans)

Dial plans are no longer required to be associated with a Client Access or Mailbox server. You arent allowed to add the Clie nt Access or Mailbox servers to a dial plan. If you run the Set-UMService cmdlet, it will generate an error if you try to associate a Mailbox server with a non -SIP dial plan.

Client Access and Mailbox on different servers (without Communications Server 2007 R2 or Lync

Server 2010 non-SIP dial plans)

Dial plans are no longer required to be associated with Client Access or Mailbox servers. You arent allowed to add Client Ac cess or Mailbox servers to a dial plan. If you run the Set-UMService cmdlet, it will generate an error if you try to associate a Mailbox server with a non -SIP dial plan.

Client Access and Mailbox server on the same physical server (with Communications Server 2007 R2 and Lync Server 2010 with SIP dial plans)

For a single SIP dial plan, add all Client Access and Mailbox servers to the SIP dial plan. For multiple SIP dial plans, add all Client Access and Mailbox servers to each SIP dial plan. This will make both servers trusted peers of Office Communications Server 2007 R2 or Lync Server. You must use the same certificate in your Office Communications Server 2007 R2 or Lync Server deployment as you do on each Client Access and Mailbox server.

Client Access and Mailbox server on different

physical servers (with Communications Server 2007 R2 and Lync Server 2010 with SIP dial plans)

For a single SIP dial plan, add all Client Access and Mailbox servers to the SIP dial plan. For multiple SIP dial plans, add all Client Access and Mailbox servers to each SIP dial

plan. This will make both servers trusted peers of Office Communications Server 2007 R2 or Lync Server. If the certificates b eing used on the Client Access and Mailbox servers are different, you must use the same certificate in your Office Communications Server 2007 R2 or Lync Server deployme nt as you do on each Client Access and Mailbox server in your organization.

Because Client Access server runs the Microsoft Unified Messaging Call Router service and the Mailbox server runs the Microsoft Exchange Unified Messaging service. The same performance counters for the Microsoft Exchange Unified Messaging service are available to administrators as in earlier versions of Exchange UM. However, there are also additional performance counters that you can use on the Client Access server to verify the status of the Microsoft Unified Messaging Call Router service and for troubleshooting.

Performance counters and thresholds

UM Call Router performance counters

For the Mailbox server, youll use the Set/Get/Enable/Disable-UMService for the Microsoft Exchange Unified Messaging service.For the Client Access Server, you'll use Set/Get-UMCallRouterSettings for the Microsoft Exchange Unified Messaging Call Router service properties. This ensures that the existing Get-UMServer, Set-UMServer, Enable-UMServer, and Disable-UMServer cmdlets from Exchange 2007 and Exchange 2010 will work in a coexistence deployment with Exchange 2013 Mailbox servers. This also ensures that thecmdlets will work when the Mailbox and Client Access servers are installed on the same or different servers.

[-DialPlans ][-MaxCallsAllowed ][-SipTcpListeningPort ][-SipTlsListeningPort ][-Status ][-UMStartupMode ]

Parameters and settings available on both the Client Access Server and the Mailbox Server:

Unified messaging on the CAS and Mailbox Server

Voice Architecture Changes

New voice mail features

Planning your voice mail system

Choosing the correct VoIP gateway, IP PBX, or Session Border Controller (SBC).Planning your UM deployment

Connecting your telephony network

Deploy and configure your telephony components or Microsoft Lync Server with Unified Messaging.1.

Verify that you've correctly installed the Client Access and Mailbox servers that are required by Unified Messaging.2.

Create and configure the required Unified Messaging components, including UM dial plans, UM IP gateways, UM hunt groups, and UM mailbox policies.3.

Perform post-deployment tasks, including obtaining certificates for mutual TLS, creating UM auto attendants, and configuring faxing.4.

Deploy

Planning for unified messaging

Deploy voice mail and UM

Install Mexican and Spanish : setup.com /AddUmLanguagePack:es-MX,de-DE /s:d:\Exchange\UMLanguagePack

UM languages, prompts and greetings

Contains configuration information related to your telephony network. Establishes a link from the telephone extension number of a user enabled for voice mail to their UM-enabled mailbox.When created, you can configure the number of digits in the extension numbers, the Uniform Resource Identifier (URI) type, and the Voice over IP (VoIP) security setting.When created, an UM mailbox policy is also created Default Policy.

A Unified Messaging (UM) dial plan:

New-UMDialplan -Name MyUMDialPlan -UriType SIPName -NumberofDigits 5

Set-UMDialPlan -Identity MyUMDialPlan -AudioCodec

Set-UMDialPlan -Identity MyUMDialPlan -ContactScope 'GlobalAddressList' -UMAutoAttendant $null -AllowDialPlanSubscribers $false -AllowExtensions $falseSet-UMDialPlan -Identity MyUMDialPlan -ContactScope DialPlan -AllowDialPlanSubscribers $false -AllowExtensions $false

You can specify which users can receive transferred calls or voice mail messages from Outlook Voice Access users. By default,the In this dial plan only option is selected.

Set-UMDialPlan -Identity MyUMDialPlan -DialByNamePrimary

When you create a dial plan, you can configure the primary and secondary ways that callers can search for names to locate a user when they call an Outlook Voice Access number or a UM auto attendant that's associated with the dial plan.

Set-UMDialPlan -identity MyUMDialPlan -LogonFailuresBeforeDisconnect 5

Set-UMDialPlan -identity MyUMDialPlan -MaxCallDuration 10

Set-UMDialPlan -identity MyUMDialPlan -MaxRecordingDuration 10Set-UMDialPlan -identity MyUMDialPlan -RecordingIdleTimeout 10

Set-UMDialPlan -identity MyUMDialPlan -InputFailuresBeforeDisconnect 5

Set-UMDialPlan -identity MySecureDialPlan -VoIPSecurity

Other configuration options

UM Dial plans

A Unified Messaging (UM) IP gateway represents a physical Voice over IP (VoIP) gateway, IP Private Branch eXchange (PBX), or Session Border Controller (SBC) hardware device. Before a VoIP gateway, IP PBX, or SBC can be used to answer incoming calls and send outgoing calls for voice mail users, a UM IP gateway must be created in the directory service.

Create a new UM IP gateway or configure an existing UM IP gateway with an IPv6 address for each of the IP gateways, IP PBXs, or SBCs on your network. When youre creating and configuring the required UM IP gateways, you must add the IPv6 address or the Fully Qualified Domain Name (FQDN) for the UM IP gateway. If youre adding the FQDN to the UM IP gateway, you must have created the correct DNS records to resolve the UM IP gateway FQDN to the IPv6 address. If you have an existing UM IP gateway, you can use the Set-UMIPgatewaycmdlet to configure the IPv6 address or FQDN.

1.

Configure the IPAddressFamily parameter on each UM IP gateway. To enable the VoIP gateway to accept IPv6 packets, you must set the UM IP gateway to either accept both IPv4 and IPv6 connections, or accept only

IPv6 connections, by using the Set-UMIPgateway cmdlet.

2.

After you install your Client Access and Mailbox servers, you need to create UM IP gateways, and if you need them to support IPv6, you must also:

UM IP Gateways

Connect your voice mail system to your telephone network

Unified messaging (UM)


IPv6 connections, by using the Set-UMIPgateway cmdlet.

After youve configured your UM IP gateways, you must also configure the VoIP gateways, IP PBXs, and SBCs on your network to support IPv6. For details, see your hardware vendor for a list of devices that support IPv6 and how to correctly configure them.

3.

New-UMIPGateway -Name MyUMIPGateway -Address "MyUMIPGateway.contoso.com" -Port 5061 (Enabled by default)Set-UMIPGateway -Identity MyUMIPGateway -OutcallsAllowed $true -MessageWaitingIndicatorAllowed $true

Set-UMIPGateway -Identity MyUMIPGateway -Address fe80::39bd:88f7:6969:d223%11 -IPAddressFamily Any -Status Disabled -OutcallsAllowed $false

Set gateway as VOIP gateway simulator to be used with Test-UMConnectivity: Set-UMIPGateway -Identity MyUMIPGateway -Simulator $trueEnable-UMIPGateway -Identity MyUMIPGateway

Example commands

Auto attendants help internal and external callers locate users or departments that exist in an organization and transfer calls to them.transfers callers to the extension of a user or department without the intervention of a receptionist or an operator.Multiple languages possible

Non-business hours and business hours custom greetings.

It provides corporate or informational greetings.

It provides custom corporate menus. You can customize these menus to have more than one level.It provides a directory search function that enables a caller to search the organization's directory for a name.It enables a caller to connect to the telephone of, or leave a message for, members of the organization.

Auto attendant features:

New-UMAutoAttendant -Name MyUMAutoAttendant -UMDialPlan MyUMDialPlan -PilotIdentifierList55000 -Enabled $falseNew-UMAutoAttendant -Name MyUMAutoAttendant -UMDialPlan MyUMDialPlan -PilotIdentifierList 56000,56100 -SpeechEnabled $true

Set-UMAutoAttendant -Identity MyUMAutoAttendant -PilotIdentifierList "12345, 72000, 75000"

Set-UMAutoAttendant -Identity MyUMAutoAttendant -BusinessHoursSchedule 0.10:45-0.13:15,1.09:00-1.17:00,6.09:00-6.16:30 -HolidaySchedule "New

Year,newyrgrt.wav,1/2/2013","Building Closed for Construction,construction.wav,4/24/2013,4/28/2013"

Configure a DTMF Fallback Auto Attendant Set-UMAutoAttendant -Identity MySpeechEnabledAA -DTMFFallbackAutoAttendantMyDTMFAA Create menu navigationCreate business and non-business hours navigation menu Set-UMAutoAttendant -Identity MyAutoAttendant - BusinessHoursKeyMappingEnabled $true -BusinessHoursKeyMapping

"1,Sales,,SalesAutoAttendant","2,Support,12345","3,Directions,,,directions.wav"

Set-UMAutoAttendant -Identity MyUMAutoAttendant -AfterHoursKeyMappingEnabled $true -AfterHoursKeyMapping "AfterhoursOperator,12345","Directions,23456"

Example commands:

UM Auto AttendantAutomatically answer and route incoming calls

Before enabling users for UM, consider dial plan to use, extension numbers, PIN policies, Outlook Voice Access and other feat ures youll allow users to have access to.New-UMMailboxPolicy -Name MyUMMailboxPolicy -UMDialPlan MyUMDialPlan

Enable-UMMailbox -Identity [email protected] -UMMailboxPolicy MyUMMailboxPolicy -Extensions 51234 -PIN 5643892 -SIPResourceIdentifier "[email protected]" -PINExpired $true

Disable-UMMailbox -Identity [email protected] -KeepProperties $True

Reset Outlook Voice Access PIN.

Add a personal operator extension number.Add other extension numbers.Enable or disable Automatic Speech Recognition (ASR).Enable or disable Call Answering Rules.Enable or disable access to their email or calendar.

Configuration options for voice mail include:

Set UMMailbox -Identity [email protected] -AllowUMCallsFromNonUsers -AnonymousCallersCanLeaveMessages $true

Set up voice mail for users

Evolution of the Exchange 2010 database availability group (DAG):

Transaction log code has been refactored for fast failover with deep checkpoint on passive database copies.To support enhanced site resiliency, servers can be in different locations.As mentioned in the beginning of this topic, Exchange 2013 now hosts some Client Access components, the Transport components, and the Unified Messaging components.The Exchange Store has been re-written in managed code to improve performance in additional I/O reduction and reliability.Each Exchange 2013 database now runs under its own process.Smart Search has replaced the Exchange 2010 multi-mailbox search infrastructure.

New Mailbox features

New-MoveRequest -Identity '[email protected]' -TargetDatabase DB01 -ArchiveTargetDatabase -DB03

New-MigrationBatch -Local -Name LocalMove1 -CSVData ([System.IO.File]::ReadAllBytes("C:\Users\Administrator\Desktop\LocalMove1.csv")) -TargetDatabases MBXDB2 -TimeZone

"Pacific Standard Time"

Cross forest: New-MigrationEndpoint -Name Fabrikam -ExchangeRemote -Autodiscover -EmailAddress [email protected] -Credentials (Get-Credential fabrikam\tonysmith) $csvData=[System.IO.File]::ReadAllBytes("C:\Users\Administrator\Desktop\batch.csv")

New-MigrationBatch -CSVData $csvData -Timezone "Pacific Standard Time" -Name FabrikamMerger -SourceEndpoint Fabrikam -TargetDeliveryDomain "mail.contoso.com"

Prepare-MoveRequest.ps1

On-premise movesMailbox moves

Deleted item retentionSingle item recoveryIn-Place HoldLitigation holdMailbox audit loggingCalendar logging

To protect from accidental or malicious deletion and to facilitate discovery efforts commonly undertaken before or during litigation or investigations, Microsoft Exchange Server 2013 uses the Recoverable Items folder. The Recoverable Items folder replaces the feature known as the dumpster in Exchange Server 2007. The Recoverable Items folder is used by the following Exchange features:

Delete. Item is deleted from any folder and placed in the Deleted Items default folder.

Soft delete. Item is deleted from the Deleted Items default folder (or Shift+delete) and placed in the Recoverable Items folder.

Hard delete. item is marked to be purged from the mailbox database. This is also known as a store hard delete.

Terminology

Recoverable Items folder

Mailbox server

New-MailboxDatabase -Name "MailboxDatabase01" -EdbFilePath D:\DatabaseFiles\MailboxDatabase01.edb

Get-MailboxDatabase -IncludePreExchange2013

Get-MailboxDatabase -Identity MailboxDatabase01 -Server Server01 -Status | Format-List

Set-MailboxDatabase "Mailbox Database01" -DeletedItemRetention 7.00:00:00

Move-DatabasePath -Identity MyDatabase01 -EdbFilePath C:\NewFolder\MyDatabase01.edb

Mount-Database -Identity ExchangeServer1.Contoso.com\MyDatabas

Dismount-Database -Identity MyDatabase

Remove-MailboxDatabase -Identity MailboxDatabase01

Manage mailbox databases in Exchange 2013

Cmdlet Description

New-MailboxImportRequest Starts the process of importing a .pst file to a mailbox or personal archive. You can create more than one import request per mailbox. Each request must have a unique name.

Set-MailboxImportRequest Changes import request options after the request is created or recover from a failed request.

Suspend-MailboxImportRequest Suspends an import request any time after the request is created but before the request reaches the status of Completed.

Resume-MailboxImportRequest Resumes an import request that's suspended or failed.

Remove-MailboxImportRequest Removes fully or partially completed import requests. Completed import requests aren't automatically cleared. You must use th is cmdlet to remove them.

Get-MailboxImportRequest View general information about an import request.

Get-MailboxImportRequestStatistics View detailed information about an import request.

Mailbox Import and Export Requests

There is no Exchange 2013 Edge server role (yet), but it will work with the Exchange 2010 Edge server role.Every Active Directory site that contains a Mailbox server must also contain a Client Access server.The Client Access server provides authentication, limited redirection, and proxy services, and offers all the usual client ac cess protocols: HTTP, POP and IMAP, and SMTP. The Client Access server, a thin and stateless server, doesnt do any data rendering.Theres never anything queued or stored on the Client Access server.CAS management includes digital certificates, some of the client protocol management for Exchange ActiveSync, POP3, and IMAP4 .Microsoft Exchange Remote Connectivity Analyzer (ExRCA) can help test and diagnose connectivity and configuration.The Remote Connectivity Analyzer website offers tests for Microsoft Exchange ActiveSync, Exchange Web Services, Microsoft Outlook, and Internet email.

Enable-OutlookAnywhere -Server: -ExternalHostName:mail.contoso.com -SSLOffloading $falseSet-ActiveSyncVirtualDirectory -Identity \Microsoft-Server-ActiveSync -ExternalUrl "https://mail.contoso.com/Microsoft-Server-ActiveSync"

Configuration examples:

Client Access Server (CAS)

Mailbox and client access servers


Set-ActiveSyncVirtualDirectory -Identity \Microsoft-Server-ActiveSync -ExternalUrl "https://mail.contoso.com/Microsoft-Server-ActiveSync"Set-WebServicesVirtualDirectory -Identity \Microsoft-Server-ActiveSync -ExternalUrl "https://mail.contoso.com/EWS/Exchange.asmx"Set-OabVirtualDirectory -Identity \Microsoft-Server-ActiveSync -ExternalUrl "https://mail.contoso.com/OAB"

Is the base component of the high availability and site resilience framework built into Exchange 2013.Is a group of up to 16 Mailbox servers that host a set of databases and provides automatic, database-level recovery from failures that affect individual databases, networks, or servers. Any server in a DAG can host a copy of a mailbox database from any other server in the DAG. DAGs are available in both Exchange 2013 Standard and Exchange 2013 Enterprise. In addition, a DAG can contain a mix of serve rs running Exchange 2013 Standard and Exchange 2013 Enterprise.Exchange 2013 is supported on both the Windows Server 2008 R2 and Windows Server 2012 operating systems. All members of a given DAG must run the same operating system.

New-DatabaseAvailabilityGroup -Name DAG1 -DatabaseAvailabilityGroupIPAddresses 10.0.0.5,192.168.0.5Add-DatabaseAvailabilityGroupServer -Identity DAG1 -MailboxServer EX1Add-DatabaseAvailabilityGroupServer -Identity DAG1 -MailboxServer EX2Add-DatabaseAvailabilityGroupServer -Identity DAG1 -MailboxServer EX3Set-DatabaseAvailabilityGroup -ManualDagNetworkConfiguration $TrueSet-DatabaseAvailabilityGroupNetwork -Identity DAG1\MapiDagNetwork -ReplicationEnabled:$falseExclude by example iSCSI network adapter from DAG: Set-DatabaseAvailabilityGroupNetwork -Identity DAG2\DAGNetwork02 -ReplicationEnabled:$false -IgnoreNetwork:$trueSet-MailboxServer -Identity EX1 -AutoDatabaseMountDial Set-MailboxServer -Identity EX1 -DatabaseCopyAutoActivationPolicy Set-MailboxServer -Identity EX1 -MaximumActiveDatabases 20Suspend-MailboxDatabaseCopy -Identity DB1\MBX3 -SuspendComment "Maintenance on MBX3"Resume-MailboxDatabaseCopy -Identity DB1\MBX3Installing update rollups: use StartDagServerMaintenance.ps1, StopDagServerMaintenance.ps1 and RedistributeActiveDatabases.ps1

Configure DAG

Disabled by default and should be enabled for all DAGs with two or more members that use continuous replication.Can be enabled only by using the Exchange Management Shell: Set-DatabaseAvailabilityGroup -Identity DAG2 -DatacenterActivationMode DagOnly

Datacenter Activation Coordination Mode (DAC)

Database availability groups (DAG)

Changes in high availability from Exchange 2010The high availability and site resilience features used first introduced in Exchange 2010 are used in Exchange 2013 to create and maintain database copies. Exchange 2013 also leverages the concept of database mobility, which is Exchange-managed database-level failovers.

Planning for high availability and site resilience

Deploying high availability and site resilienceManaging high availability and site resilienceBackup, restore and disaster recovery

High availability and site resilience

Exchange management shell

Exchange Administration Center

The Exchange Administration Center (EAC) is the web-based management console in Microsoft Exchange Server 2013 that allows for ease of use and is optimized for on-premises, online, or hybrid Exchange deployments. The EAC replaces the Exchange Management Console (EMC) and the Exchange Control Panel (ECP), which were the two interfaces that w ere used to manage Exchange Server 2010

Supported browsers/OS combinationEAC UI interface elements

Internal URL: https:///ecp

External URL: https://mail.contoso.com/ecp

If you are in a coexistence scenario, where you have Exchange Server 2010 and Exchange Server 2013 in the same organization a nd your mailbox is still housed on the Exchange 2010 mailbox server, the browser will default to the Exchange Server 2010 ECP. You can access the EAC by adding the Exchange version into the URL. For example, to access the EAC whose virtual directory is hosted on the Client Access server CAS15 -NA, use the following URL: https://CAS15-NA/ecp?ExchClientVer=15

Default URLs

Get-ECPVirtualDirectory | Format-List Name,InternalURL,ExternalURL

Find (custom) URLs for the ECP virtual directory:

Set-ECPVirtualDirectory -Identity "CAS01\ecp (default web site)" -AdminEnabled $false

Turn off Internet access to the EAC:

MailboxesGroupsResourcesContactsSharedMigration

Recipients

Admin rolesUser rolesOutlook Web App Policies

Permissions

In-place eDiscovery & holdAuditingData loss preventionRetention policiesRetention tagsJournal rules

Compliance management

SharingApps

Organization

Malware filterConnection filterContent filterOutbound spamQuarantine

Protection

RulesDelivery reportsMessage traceAccepted domainsConnectors

Mail flow

Mobile device accessMobile device mailbox policies

Mobile

Public foldersPublic folder mailboxes

Public folders

UM dial plansUM IP gateways

Unified messaging

Menu structure Exchange Admin Center (EAC):

Probe engine The probe engine takes measurements on the server.

Monitoring probe engine The monitoring probe engine stores the business logic about what constitutes a healthy state. It functions like a pattern recognition engine, looking forpatterns and measurements that differ from

a healthy state, and then evaluating whether a component or feature is unhealthy.

Responder engine When the responder engine is alerted about an unhealthy component, its first action is to try to recover that component. Managed availability enables multi-stage recovery actions. The first attempt may

be to restart the application pool, the second attempt may be to restart the corresponding service, and the third attempt may be to restart the server. And, the final attempt may be to put the server offline, so that it no longer

accepts traffic. If all of these actions fail, an alert is sent to the help desk.

Exchange 2013 introduces the concept of managed availability. Managed availability runs on every Exchange 2013 server. Its made up of two processes, the Exchange Health Manager Service (MSExchangeHMHost.exe) and the ExchangeHealth Manager Worker process (MSExchangeHMWorker.exe), and the following asynchronous components:

Managed Availability

Server Health and Performance


accepts traffic. If all of these actions fail, an alert is sent to the help desk.

For more information about managed availability, see Lessons from the Datacenter: Managed Availability , and Server Health, Monitoring, and Performance Cmdlets .

An Exchange workload is an Exchange Server feature, protocol, or service thats been explicitly defined for the purposes of E xchange system resource management. Each Exchange workload consumes system resources such as CPU, mailbox database operations, or Active Directory requests to run user requests or background work. Examples of E xchange workloads include Outlook Web App, Exchange ActiveSync, mailbox migration, and mailbox assistants.

Settings can be customized. For more information, see Exchange Workload Management and Server Health, Monitoring, and Performance Cmdlets .

New-ResourcePolicyRemove-ResourcePolicyGet-ResourcePolicySet-ResourcePolicy

Resource policies

New-WorkloadManagementPolicyRemove-WorkloadManagementPolicyGet-WorkloadManagementPolicy

Workloadmanagement policies

New-WorkloadPolicyRemove-WorkloadPolicyGet-WorkloadPolicySet-ResourcePolicy

Workload policies

System Workload management (new in Exchange 2013)

New-ThrottlingPolicyGet-ThrottlingPolicySet-ThrottlingPolicyRemove-ThrottlingPolicy

Manage throttling policies

Get-ThrottlingPolicyAssociationSet-ThrottlingPolicyAssociation

Assign throttling policies

User workload management (called user throttling in Exchange Server 2010)

Includes the following components:

New-WorkloadPolicy OrgIMAPWorkloadPolicy -WorkloadType IMAP -WorkloadClassification Discretionary -WorkloadManagementPolicy GlobalOverwrittenWorkloadManagementPolicyChange workload management policy settings for all servers in your organization

New-WorkloadPolicy DublinIMAPWorkloadPolicy -WorkloadType IMAP -WorkloadClassification Discretionary -WorkloadManagementPolicy DublinWorkloadManagementPolicy.Set-ExchangeServer -WorkloadManagementPolicyDublinWorkloadManagementPolicy -Server Dublin01.

Change workload management policy settings for a specific server

Configuration examples:

Workload management reference

Exchange workload Management


Documents

Exchange 2013 Exam Notes