Exchange 2013 exam notes

zaterdag 27 oktober 2012

12:02

General

70-341 Core Solutions of Microsoft Exchange Server 2012

70-342 Advances Solutions of Microsoft Exchange Server 2012
Technet Exchange 2013
Exchange & Office 365 Ignite Technical training (4 days)

Well-known ports
SMTP TCP 25
SMTP (MSA) TCP 587
SMTP (Encrypted) TCP 465 <-- No SMTP Extensibility
POP3 TCP 110
POP3S TCP 995
IMAP TCP 143
IMAPS TCP 993
CAS listens for SIP unsecured on TCP 5060
CAS listens for SIP secured (TLS) on TCP 5061
Mailbox server when UMStartupMode is set to Dual, listens for SIP unsecured on TCP 5065 and 5067
Mailbox server when UMStartupMode is set to Dual, listens for SIP secured (TLS) on TCP 5065 and 5067
Mailbox server when set to TCP (Default) or TLS, listens for SIP on TCP 5065 and 5066.

Various
EAC (web based Exchange Administration Center)
Set-ServerComponentState to take CAS or Mailbox offline
Cmdlet enhancements
Forefront Online Protection for Exchange (FOPE) --> Exchange Online Protection (EOP)
EAC Feature Panes info
Site mailboxes accessible through sharepoint and Outlook 2013, but don't appear in OWA
Hybrid Configuration Wizard (HCW)
What's New in Exchange 2013
Planning and deployment

The *-ServerMonitoringOverride and *-GlobalMonitoringOverride cmdlets enable administrators to set, remove, or view overrides.
Get-ServerHealth is used to retrieve the raw health data, while Get-HealthReport operates on the raw health data and provides a current snapshot of the health.
For DAG membership Server 2008 enterprise or Server 2012 Standard/Datacenter required
Prepare AD:
1) setup /PrepareSchema or setup /ps
2) setup /PrepareAD [/OrganizationName:<organization name>] or setup /p [/on:<organization name>]
3) setup /PrepareDomain:<FQDN of domain you want to prepare> to prepare a specific domain.
setup /PrepareAllDomains or setup /pad to prepare all domains in your organization.

New OU in the root domain called Microsoft Exchange Security Groups. This OU should contain the following new Exchange USGs:
Compliance Management
Delegated Setup
Discovery Management
Exchange Servers
Exchange Trusted Subsystem
Exchange Windows Permissions
ExchangeLegacyInterop
Help Desk
Hygiene Management
Organization Management
Public Folder Management
Recipient Management
Records Management
Server Management
UM Management
View-Only Organization Management
Exchange 2013 setup.exe parameters
DNS name configuration:
FQDN

DNS record type Value

Contoso.com

MX

Mail.contoso.com

Mail.contoso.com

172.16.10.11

Owa.contoso.com

172.16.10.11

Autodiscover.contoso.com A

172.16.10.11

Virtual directories:
Virtual directory

External URL value

Autodiscover

No external URL displayed

ECP

https://mail.contoso.com/ecp

EWS

https://mail.contoso.com/EWS/Exchange.asmx

Microsoft-Server-ActiveSync https://mail.contoso.com/Microsoft-Server-ActiveSync
OAB

https://mail.contoso.com/OAB

OWA

https://mail.contoso.com/owa

PowerShell

http://mail.contoso.com/PowerShell

Verify installation using get-exchangeserver and checking <system drive>\ExchangeSetupLogs\ExchangeSetup.log

Virtualizing Exchange roles is supported. Using snapshots, live migration, etc is not supported.
Oauth for (3rd party) applications, uses Configure-EnterprisePartnerApplication.ps1 script:
Cd C:\Program Files\Microsoft\Exchange Server\V15\Scripts
Configure-EnterprisePartnerApplication.ps1 -AuthMetaDataUrl https://sharepoint.contoso.com/_layouts/15/metadata/json/1 -ApplicationType SharePoint
Configure-EnterprisePartnerApplication.ps1 -AuthMetaDataUrl https://sharepoint.contoso.com/metadata/json/1 -ApplicationType Lync

Permissions

Built-in role groups

Built-in management roles

Add-PSSnapin Microsoft.Exchange.Management.PowerShell.SnapIn
Get-RoleGroupMember "View-Only Organization Management"
Set-Mailbox Brian -RoleAssignmentPolicy "Unified Messaging Users"
Get-ManagementRole <role name> | Format-List
Get-ManagementRole "Mail Recipients" -Recurse
Get-ManagementRoleAssignment -Role <role name> -GetEffectiveUsers
Get-ManagementRole -Cmdlet <cmdlet>
Add-ManagementRoleEntry "Recipient Administrators \Set-Mailbox"
Get-ManagementRoleEntry <role name>\*
New-ManagementRoleAssignment -Name "Exchange Servers_SeattleAdmins" -SecurityGroup SeattleAdmins -Role "Exchange Servers"

Mail Flow
& $env:ExchangeInstallPath\Scripts\Disable-Antimalwarescanning.ps1
Set-MalwareFilteringServer -BypassFiltering $true

Anti-virus client on exchange server exclusions to configure includes important path locations
With routing groups and Routing Group connectors you can consolidate communication between servers by designating bridgehead servers that act as communication points between routing groups.

Exchange 2013 exam notes Page 1

With routing groups and Routing Group connectors you can consolidate communication between servers by designating bridgehead servers that act as communication points between routing groups.
Modify NDR with New-SystemMessage
Message size limits and how to configure using powershell
Exchange Toolbox console MMC
Mail flow tools
Queue Viewer
Tracking log explorer
Configuration management tools
Eemote connectivity analyzer
Details Templates Editor
Pickup directory is %ExchangeInstallPath%TransportRoles\Pickup.
Replay directory is %ExchangeInstallPath%TransportRoles\Replay.
Edge Transport server not currently available in Microsoft Exchange Server 2013. Use 2007 or 2010 version.

Recipients
Mailbox
New-Mailbox -Alias pilarp -Name "Pilar Pinilla" -FirstName Pilar -LastName Pinilla -DisplayName "Pilar Pinilla" -UserPrincipalName pilarp@contoso.com -Password (ConvertToSecureString -String 'Pa$$word1' -AsPlainText -Force)
Set-Mailbox -Identity patc -DeliverToMailboxAndForward $true -ForwardingAddress sunilk@contoso.com
Get-Mailbox -OrganizationalUnit "Marketing" | Set-Mailbox -IssueWarningQuota 209715200 -ProhibitSendQuota 262144000 -ProhibitSendReceiveQuota 293601280 -UseDatabaseQuotaDefaults
$false
Get-Mailbox -Filter "Department -eq 'Customer Service'" | Set-Mailbox -MaxSendSize 2097152
Distributiongroup
New-DistributionGroup -Name "IT Administrators" -Alias itadmin -MemberJoinRestriction <open|closed|owner>
New-DistributionGroup -Name "All Administrators" -IgnoreNamingPolicy
New-DistributionGroup -Name "File Server Managers" -Alias fsadmin -Type security
Set-DistributionGroup -Identity "Goverment_Contracts_NWRegion" -Name "Government_ContractEstimates_NWRegion" -DisplayName "Government_ContractEstimates_NWRegion" -IgnoreNamingPolicy
Set-DistributionGroup "Seattle Employees" -EmailAddresses SMTP:sea.admins@contoso.com,smtp:admins@contoso.com
Dynamicdistributiongroup
New-DynamicDistributionGroup -IncludedRecipients MailboxUsers -Name "Mailbox Users DDG" -OrganizationalUnit Users
Get-DynamicDistributionGroup -ResultSize unlimited | Set-DynamicDistributionGroup -HiddenFromAddressListsEnabled $true -MaxReceiveSize 5MB -ModerationEnabled $true -ModeratedBy
administrator
Set-DynamicDistributionGroup -Identity "All Employees" -EmailAddresses SMTP:All.Employees@contoso.com, smtp:Seattle.Employees@contoso.com
Mailcontact
New-MailContact -Name "Debra Garcia" -ExternalEmailAddress dgarcia@tailspintoys.com -OrganizationalUnit Users
Enable-MailContact -Identity "Karen Toh" -ExternalEmailAddress ktoh@fourthcoffee.com

Use the Get-Contact and Set-Contact cmdlets to view and change organization and contact information properties.
Use the Get-MailContact and Set-MailContact cmdlets to view or change mail-related properties, such email addresses, the MailTip, custom attributes, and specify whether the contact is hidden from address lists.
Mailuser
Mail users are similar to mail contacts. Both external. Unlike a mail contact, a mail user has Active Directory logon credent ials and can access resources.
New-MailUser -Name "Jeffrey Zeng" -Alias jeffreyz -ExternalEmailAddress jzeng@tailspintoys.com -FirstName Jeffrey -LastName Zeng -UserPrincipalName jeffreyz@contoso.com -Password (ConvertToSecureString -String 'Pa$$word1' -AsPlainText -Force)

Room mailbox

New-Mailbox -Database "Mailbox Database 1" -Name ConfRoom1 -OrganizationalUnit "Conference Rooms" -DisplayName "Conference Room 1" -Room
Get-User and Set-User to view and set general properties such as location, department, and company names.
Get-Mailbox and Set-Mailbox to view and set mailbox properties, such as email addresses and the mailbox database.
Get-CalendarProcessing and Set-CalendarProcessing to view and set booking options and delegates.

Equipment mailbox
Similar to room mailboxes, but uses parameter -equipment instead of -room
New-Mailbox -Database "Mailbox Database 1" -Name MotorVehicle2 -OrganizationalUnit Equipment -DisplayName "Motor Vehicle 2" -Equipment

Collaboration
Site mailbox
Site mailbox picture explanation
The lifecycle of a site mailbox is managed through SharePoint. It is through SharePoint that you should perform all site mailbox tasks such as creating and removing site mailboxes. In addition, you can create a SharePoint Lifecycle policy to

manage the lifecycle of a site mailbox. For example, you can create a lifecycle policy in SharePoint that automatically closes all site mailboxes after 6 months. If the user still requires the use of the site mailbox, the user can reactivate the site
mailbox through SharePoint. We recommend that you use the Lifecycle application is in the farm. Manually deleting active site mailboxes from Exchange will result in orphaned site mailboxes. .
When the lifecycle application in SharePoint closes a site mailbox, the site mailbox is retained for the period stated in the lifecycle policy in the closed state. The mailbox can then be reactivated by an end -user or by an administrator
from SharePoint. After the retention period, the Exchange site mailbox that is housed in the mailbox database will have its n ame prepended with MDEL: to indicate that it has been marked for deletion. You will need to manually
remove these site mailboxes from the mailbox database in order to free storage space and the alias. If you dont have the Sha rePoint Lifecycle Policy enabled, youll lose the ability to determine which site mailboxes are marked for
deletion. Until the site mailbox has been removed by an administrator, the content of the mailbox is still recoverable.

You can use the following command to search for and remove site mailboxes that have been marked for deletion.

Get-Mailbox MDEL:* | ?{$_.RecipientTypeDetails -eq "TeamMailbox"} | Remove-Mailbox -Confirm:$false

Site mailboxes do not support retention at the item level. Retention works on a project level for site mailboxes, so when the entire site mailbox is deleted, the retained items will be deleted.
Public folder

Public folders in Microsoft Exchange 2013 have been modernized to take advantage of the existing high availability and storag e technologies of the mailbox database. The public folder architecture uses specially designed
mailboxes to store both the hierarchy and the public folder content. This also means that theres no longer a public folder d atabase. Public folder replication now uses the continuous replication model. High availability for
the hierarchy and content mailboxes are provided by a database availability group (DAG).

The master hierarchy mailbox was the first one created in the organization and cannot be changed.

If the master hierarchy public folder mailbox goes down, the user can still view the public folders. However, they wont be able to write to the public folders. To help prevent the hierarchy from going down, we recommend
that your public folders are included in a database availability group (DAG).

Create a secondary public folder hierarchy mailbox for load balancing purposes
New-Mailbox -PublicFolder -name MasterHierarchy
New-Mailbox -PublicFolder -name Istanbul -Database DB01Istanbul

Limit for public folders same as private folders, 100GB.

New-Mailbox -PublicFolder -name Istanbul -Database DB01Istanbul
Mail enable public folder : Enable-MailPublicFolder -Identity "\Help Desk" -HiffenFromAddressListsEnabled $True
Migrate Public Folders to Exchange 2013 From Exchange 2010 SP3 .

Shared mailboxes

Mailbox that multiple users can use to read and send email messages. Provides common calendar (schedule vacations, work shifts, etc)

New-Mailbox -Shared -Name "Sales Department" -DisplayName "Sales Department" -Alias Sales | Set-Mailbox -GrantSendOnBehalfTo MarketingSG | Add-MailboxPermission -User MarketingSG -AccessRights

FullAccess -InheritanceType All

Convert mailbox to shared mailbox: Set -Mailbox -Identity MarketingDepartment@contoso.com -Type Shared

Email addresses and address books

Address lists
Several address lists are created by default. Default address lists are:
All contacts
All groups
All rooms
All users
Default Global Address List (GAL)
Public folders.
Custom address lists
Should help people find who/what they're looking for more easily than the default lists.
New-AddressList -Name MyAddressList -RecipientFilter {((RecipientType -eq 'UserMailbox') -and ((StateOrProvince -eq 'Washington') -or (StateOrProvince -eq 'Oregon')))}
New-AddressList -Name "Building 34 Meeting Rooms" -Container "\All Rooms" -IncludedRecipients Resources -ConditionalCustomAttribute1 "Building 34"
Update-AddressList "North America\Sales"
Remove-AddressList -Identity Departments -Recursive
New-GlobalAddressList -Name "GAL_Contoso" -IncludedRecipients MailboxUsers -ConditionalCompany Contoso
New-GlobalAddressList -Name "GAL_AgencyA" -RecipientFilter {CustomAttribute15 -like "AgencyA"}
Set-GlobalAddressList -Identity 96d0c505-eba8-4103-ad4f-577a1bf4ad7b -Name FourthCoffee

Exchange 2013 exam notes Page 2

 Set-GlobalAddressList -Identity 96d0c505-eba8-4103-ad4f-577a1bf4ad7b -Name FourthCoffee

Set-GlobalAddressList -Identity Fourth Coffee -RecipientFilter {Company -eq "Fourth Coffee"}
Address Book Policies
ABPs contain the following lists:
One GAL
One OAB
One room list (for booking purposes)
One or more address lists
Graphical representation of an Address Book Policy
Assign ABPs to individual mailbox users: New-Mailbox / set-mailbox cmdlet with the AddressBookPolicy parameter
New-OfflineAddressBook -Name "OAB_FAB" -AddressLists "GAL_FAB"
New-AddressBookPolicy -Name "ABP_TAIL" -AddressLists "AL_TAIL_Users_DGs"," AL_TAIL_Contacts" -OfflineAddressBook "\OAB_TAIL" -GlobalAddressList "\GAL_TAIL" -RoomList "\AL_TAIL_Rooms"
Get-Mailbox -resultsize unlimited | where {$_.CustomAttribute15 -eq "TAIL"} | Set-Mailbox -AddressBookPolicy "ABP_TAIL"

Details templates
Details templates control the appearance of the object properties that are accessed by using address lists in an email client, such as Microsoft Outlook. For example, when a user opens an address list in Outlook, the
properties of the recipients in that address list are presented as defined by the details template that exists in your Exchange organization.
Details templates editor is in the exchange toolbox.
Restore a details template to the default:
Restore-DetailsTemplate -Identity "en-US\Contact"

Email address policies

Email address policies generate the primary and secondary email addresses for your recipients so they can receive and send email.
By default, Exchange contains an email address policy for every mail-enabled user. For example, firstname.lastname@contoso.com.
If you want to specify additional email addresses for all recipients or just a subset, you can modify the default policy or create additional policies.
New-EmailAddressPolicy -Name "southeast offices" -IncludedRecipients MailboxUsers -ConditionalStateorProvince "Georgia","Alabama","Louisiana"
-EnabledEmailAddressTemplates "SMTP:%s%2g@southeast.contoso.com"

%s = surname / lastname and %2g = first two letters of the given name.
New-EmailAddressPolicy -Name 'Execs' -EnabledEmailAddressTemplates 'SMTP:%2g%s@contoso.com' -RecipientFilter {((RecipientType -eq 'UserMailbox') -and (Title -like 'executive'))}
Set-EmailAddressPolicy -Identity "South East Offices" -ConditionalStateorProvince "Georgia","Alabama","Louisiana","Texas"
Hierarchical address books (HAB)
Graphical representation of Hierarchical Address Book
You can provide an additional level of hierarchical structure by using the SeniorityIndex parameter. When creating an HAB, use the SeniorityIndex parameter to rank individual recipients or organizational groups by seniority within
these organizational tiers. This ranking specifies the order in which the recipients or groups are displayed in the HAB. For example, in the preceding example, the SeniorityIndex parameter for the recipients in the Corporate Office
division is set to the following:

100 for David Hamilton

50 for Rajesh M. Patel

25 for Amy Alberts

Detailed instructions for creating HABs are included in the topic Enable or Disable Hierarchical Address Books. The general steps are as follows:
1. Create a distribution group that will be used for the root organization (top-level tier). If desired, you can use an existing organizational unit in your Exchange forest for the distribution group.
2. Create distribution groups for the child tiers and designate them as members of the HAB. Modify the SeniorityIndex parameter of these groups so they're listed in the proper hierarchical order within the root organization.
3. Add organization members. Modify the SeniorityIndex parameter of the members so they're listed in the proper hierarchical order within the child tiers.
4. For accessibility purposes, you can use the PhoneticDisplayName parameter, which specifies a phonetic pronunciation of the DisplayName parameter.

Commands and parameters

Cmdlet

Parameter

Set-OrganizationConfig HierarchicalAddressBookRoot
Set-Group

IsHierarchicalGroup
SeniorityIndex
PhoneticDisplayName

Set-User

SeniorityIndex
PhoneticDisplayName

Set-Contact

SeniorityIndex
PhoneticDisplayName

Example of how to configure HAB

Offline address books

New-OfflineAddressBook -Name "OAB_Contoso" -AddressLists "\Default Global Address List" -Server SERVER01 -VirtualDirectories "SERVER01\OAB (Default Web Site)
Set-OfflineAddressBook -Identity "My OAB" -AddressLists AddressList1,AddressList2,AddressList3
Set-OfflineAddressBook -Identity "My OAB" -IsDefault $true
Set-OfflineAddressBook -Identity "My OAB" -Schedule "Sun.1:15 AM-Sun.1:30 AM"
Get-User -ResultSize Unlimited -Filter { Company -eq "Contoso" -and RecipientType -eq "UserMailbox" } | Where { $_.CountryOrRegion -eq "United States"} | Set-Mailbox -OfflineAddressBook "Contoso United
States
Set-OABVirtualDirectory "OAB (Default Web Site)" -ExternalUrl https://contoso.com/OAB

Sharing
Federation
Federated sharing:
A group of Exchange features that leverage a federation trust with the Microsoft Federation Gateway (free Microsoft cloud -based service) to work across Exchange organizations, including cross -premises Exchange
deployments. Together, these features are used to make authenticated requests between servers on behalf of users across multi ple Exchange organizations.
Federation example
Configure Federated Sharing
1. Create and configure a federation trust
2. Create an organization relationship
3. Create a sharing policy
4. Configure an Autodiscover public DNS record
Organization relationships
An organization relationship enables users in your Exchange organization to share calendar free/busy information as part of f ederated sharing with other federated Exchange organizations.
New-OrganizationRelationship -Name "Contoso" -DomainNames "contoso.com","northamerica.contoso.com","europe.contoso.com" -FreeBusyAccessEnabled $true -FreeBusyAccessLevel
LimitedDetails

Sharing policies
Sharing policies enable user-established, people-to-people sharing of both calendar and contact information with different types of external users.
Sharing polices are assigned to user mailboxes and allow your users to self-manage and share both their free/busy and contact information (including the Calendar and Contacts folders) with recipients in other external
federated organizations.
For recipients that aren't in an external federated organization or are in non-Exchange organizations, sharing policies allow people-to-people sharing of their calendar information with anonymous users through the use of
Internet Calendar Publishing.
New-SharingPolicy -Name "Contoso" -Domains contoso.com: CalendarSharingFreeBusyDetail, ContactsSharing
Get-Mailbox -Filter {Department -eq "Marketing"} | Set-Mailbox -SharingPolicy "Contoso Marketing"

Clients and mobile

Outlook anywhere (RPC over HTTP)
The Windows RPC over HTTP Proxy component, which Outlook Anywhere clients use to connect, wraps remote procedure calls (RPCs) with an HTTP layer. This allows traffic to traverse network firewalls without requiring
RPC ports to be opened. In Exchange 2013, this feature is enabled by default, because all Outlook connectivity takes place ov er Outlook Anywhere.
Test end-to-end client connectivity using Exchange Remote Connectivity Analyzer or Test-OutlookConnectivity
Test-OutlookConnectivity -GetDefaultsFromAutoDiscover:$true
Test-OutlookConnectivity -RpcProxyTestType:Internal -RpcTestType:Server
Test-OutlookConnectivity -RpcTestType:Server - RpcProxyAuthenticationType:Basic -RpcClientAccessServer:CAS01 -RpcAuthenticationType:NTLM

Exchange ActiveSync (EAS)

Exchange ActiveSync is a client protocol that lets you synchronize a mobile device with your Exchange mailbox. Enabled by def ault.
Windows Phone 7 mobile phones support only a subset of all Exchange ActiveSync mailbox policy settings. For a complete list, see Windows Phone 7 Synchronization .
Direct Push
Direct Push keeps a mobile device current over a cellular or wireless network connection (443). It notifies the mobile devicewhen new content is ready to be synchronized.
Mobile Device Mailbox Policies
New-MobileDeviceMailboxPolicy -Name:"Management" -AllowBluetooth:$true -AllowBrowser:$true -AllowCamera:$true -AllowPOPIMAPEmail:$false -PasswordEnabled:$true AlphanumericPasswordRequired:$true -PasswordRecoveryEnabled:$true -MaxEmailAgeFilter:10 -AllowWiFi:$true -AllowStorageCard:$true -AllowPOPIMAPEmail:$false

Add users to Mobile mailbox policy :

Get-Mailbox | where { $_.CustomAttribute1 -match "Manager"
} | Set-CASMailbox -activesyncmailboxpolicy(Get-ActiveSyncMailboxPolicy "Contoso").Identity

Commonly used features in Mobile Device Mailbox Policies include:

Device security features
Remote wipe

Exchange 2013 exam notes Page 3

 Remote wipe
Device password policies
Minimum password length
Password complexity (minimum number of character sets, require alphanumeric password)
Enforce password history
Inactivity time before locking device
Wipe device after x failed attempts
After a remote device wipe has occurred, data recovery is very difficult. However, no data removal process leaves a mobile de vice as free from residual data as when it's new. Recovery of
data from a mobile device may still be possible using sophisticated tools.
Password recovery
Device encryption policies
Require encryption on device
Require encryption on storage cards
Other security policies
Allow Camera
Allow Wi-Fi
Allow unsigned applications
Unapproved InROM application list
Disable removable storage
Disable IrDA
Disable Bluetooth
Disable Desktop Sync
Block Remote Desktop
Block Internet Sharing
IRM enabled
POP3 and IMAP4
IMAP4 and POP3 clients have limited access to calendar information for Exchange.
By default, POP3 and IMAP4 are disabled in Microsoft Exchange Server 2013. To enable them, start the services
Microsoft Exchange POP3 service
Microsoft Exchange POP3 Backend service
Microsoft Exchange IMAP4
Microsoft Exchange IMAP4 Backend service
Enable POP3 and/or IMAP4 for users
Set-CASMailbox -Identity "John Smith" -POPEnabled $true -IMAPEnabled $true

Office Web Apps Server Integration

Outlook Web App in Microsoft Exchange Server 2013 provides rich attachment preview functionality. All attachments in an email message are displayed in a filmstrip that includes a thumbnail of each attachment. Users are able to preview

attachments online in full fidelity.

For Office attachments, this means users can use a rich user interface to preview and modify the attachment online. This functionality is made possible by the integration of Microsoft Office Web Apps Server.
By default, the following file types are displayed using Office Web Apps Server:

Word documents (doc, docx, dotx, dot, dotm extensions)

Excel documents (xls, xlsx, xlsm, xlm, xlsb extensions)
PowerPoint documents (ppt, pptx, pps, ppsx, potx, pot, pptm, potm, ppsm extensions)
Configure Office Web Apps Server URL:
Set-OrganizationConfig -WACDiscoveryEndPoint https://Server1/hosting/discovery

Enable Office Web Apps Server rendering:

Set-OwaVirtualDirectory "Server01\owa (Default Web Site)" -WacViewingOnPrivateComputersEnabled $true
Set-OwaVirtualDirectory "Server01\owa (Default Web Site)" -WacViewingOnPublicComputersEnabled $true

Force Office Web Apps Server rendering before they can open them:
Set-OwaVirtualDirectory "Server01\owa (Default Web Site)" -ForceWacViewingFirstOnPublicComputers $true -ForceWacViewingFirstOnPrivateComputers $true

Client Protocol management

Management of the client protocols of Exchange ActiveSync, Outlook Web App, POP3, IMAP4, the Autodiscover service, Exchange W eb Services, and the Availability service.
Management occurs in three different areas:
the Exchange Administration Center (EAC)
the Exchange Management Shell
Internet Information Services (IIS) Manager.
The settings that are managed in each location vary per client protocol.
In Exchange 2013, the client protocol management for Exchange ActiveSync is split between the Client Access server and the Ma ilbox server. Because of this architecture change, you can run different virtual directory
management tasks on both the Client Access server and the Mailbox server. If these two servers arent installed on the same p hysical computer, the parameters that you use with the virtual directory cmdlets will change
based on the server role on which you are running them.
There are two types of settings that can be applied to the Exchange ActiveSync virtual directory:
Settings applicable to the mailbox session (user settings)
Settings applicable to the server and the virtual directory
Consider the following as you manage POP3 and IMAP4 connectivity in your organization:
If running CAS and Mailbox server role on same computer, any changes to POP3 or IMAP4 settings are automatically applied to the correct POP3 and IMAP4 services.
If running CAS and Mailbox server role on separate computers, you need to manage settings on the computer that manages the setting you want to change.
Exchange ActiveSync virtual directory settings
You can modify the following properties and settings on the Exchange ActiveSync virtual directory:
InternalURL, internal clients use to access the virtual directory. It is usually in the format https://servername/Microsoft-Server-ActiveSync.
ExternalURL, external clients use to access the virtual directory. For example, https://www.contoso.com.
Authentication settings, Basic authentication and Client certificate authentication.
Outlook Web App
What's New for Outlook Web App in Exchange 2013 .
Create and configure an OWA Mailbox Policy
New-OwaMailboxPolicy -Name Policy1
Set-OwaMailboxPolicy -Identity Default -CalendarEnabled $true

Apply or remove an OWA Mailbox Policy

Set-CASMailbox -Identity tony@contoso.com -OwaMailboxPolicy:Calendar
Set-CASMailbox -Identity tony@contoso.com -OwaMailboxPolicy:$null

MailTips
MailTips are informative messages displayed to users while they're composing a message. Microsoft Exchange Server 2013 analyz es the message, including the list of recipients to which it's addressed, and if it detects a
potential problem, it notifies the user with MailTips prior to sending the message. With the help of the information provided by MailTips, senders can adjust the message they're composing to avoid undesirable situations
or non-delivery reports (NDRs).
MailTips are subject to the following restrictions:
MailTips aren't supported when working in offline mode in Outlook.
When a message is addressed to a distribution group, the MailTips for individual recipients that are members of that distribution group aren't evaluated. However, if any of the members is an external recipient, the External

Recipients MailTip is displayed, which shows the sender the number of external recipients in the distribution group.
If the message is addressed to more than 200 recipients, individual mailbox MailTips aren't evaluated due to performance reasons.
Custom MailTips are limited to 250 characters.

If the sender starts composing a message and leaves it open for an extended period of time, the Automatic Replies and Mailbox Full MailTips are evaluated every two hours.

Set-OrganizationConfig -MailTipsAllTipsEnabled $true

Other MailTips related parameters for Set-OrganizationConfig:

MailTipsAllTipsEnabled
MailTipsExternalRecipientsTipsEnabled
MailTipsGroupMetricsEnabled
MailTipsLargeAudienceThreshold (default is more than 25)
MailTipsMailboxSourcedTipsEnabled
MailTips over organizational relationships
Microsoft Exchange Server 2013 allows you to configure organization relationships with Microsoft Exchange Online or other Exchange organizations. Establishing an organization relationship allows you to enhance
the user experience when dealing with the other organization. For example, you can share free or busy data, configure securemessage flow, and enable message tracking across both organizations.
Control the MailTips access level using the MailTipsAccessLevel parameter on the Set-OrganizationRelationship cmdlet.
When you enable MailTips over an organization relationship and set the access level to All, the recipient-specific MailTips, Mailbox Full, Automatic Replies, and custom MailTips, are returned for all users. However,
you may only want to allow these MailTips for a specific set of users. For example, if you set up an organization relationship with a partner, you may want to allow these MailTips only for the users that work with that
partner.
To achieve this, you need to first create a group and add all users for whom you want to share recipient-specific MailTips to that group. You can then specify that group on the organization relationship.
After you implement this restriction, your Client Access servers will first verify whether the recipient for whom they received a MailTips query is part of this group. If the recipient is a member of this group, the Client
Access servers will proxy back all MailTips including the recipient-specific MailTips. Otherwise they won't include the recipient-specific MailTips in their response.
Set-OrganizationRelationship "Contoso Online" -MailTipsAccessEnabled $true
Set-OrganizationRelationship "Contoso Online" -MailTipsAccessLevel All

Exchange 2013 exam notes Page 4

 Set-OrganizationRelationship "Contoso Online" -MailTipsAccessLevel Limited

Set-OrganizationRelationship "Contoso Online" -MailTipsAccessScope ShareMailTips@contoso.com

MailTips and group metrics

MailTips that provide information about the size of distribution groups and dynamic distribution groups rely on group metrics data. Group metrics data is generated on designated Mailbox servers.
Set-MailboxServer MBX1 -ForceGroupMetricsGeneration $true
Set-MailboxServer MBX1 -GroupMetricsGenerationTime 23:30

Unified messaging (UM)

Unified messaging in general
New voice mail features
IPv6 support
Unified Messaging Cmdlet updates
UCMA 4.0 (Unified Communications Managed API)
Backwards compatible with Exchange 2010 and Exchange 2007 UM servers.
Incorporates hotfixes and patches.
Supports IPv6.
Automated and simplified deployment.
UCMA 4.0 setup includes all prerequisites for Exchange 2013.
UCMA 4.0 provides more accurate speech engine translations and more scalable voice platform support across multiple products.
Supports using the same version of the Speech Engine for both Text-to-Speech (TTS) and Automatic Speech Recognition (ASR)
Improved Voice Mail Preview
Improvements in grammar generation, core voice services, and support for multiple languages. Exchange Server 2013 UM also includes several enhancements for transcription services that are delivered to end
users and increased confidence and accuracy for Voice Mail Preview. For details, see Voice Mail Preview Enhancements.
Enhancements to speech platform and speech recognition
Enhancements and improved accuracy for Voice Mail Preview.
Support for the Microsoft Speech Platform Runtime (Version 11.0).
Speech grammar generation using the system mailbox for an organization.
Enhanced caller ID support
UM extends the scope of the search to include the users other Exchange and personal contact folders that were created manually and also also supports contact aggregation from external social networks. provides intelligence
to link multiple contacts that refer to the same person, and uses that data to present person-centric (rather than contact-centric) views. This means that contacts that are aggregated from external social networks can be placed in the
contact folder stored in the users mailbox in Microsoft Outlook Web App and Outlook. These contacts can now also be added to any additional contact folders that users create.
Caller ID look-up is integrated with contact aggregation, so that it searches across external contacts.
The PersonID property, where present and set to a value other than Null, improves the user experience for caller ID resolution by suppressing duplicate matches to contacts that are associated with the same person. Because the
PersonID property is the same on both results, UM treats this as a match to a single contact.

Voice Architecture Changes

Dial plans
Topology

Dial plan

Client Access and Mailbox on the same server

Dial plans are no longer required to be associated with a Client Access or Mailbox server. You arent allowed to add the Clie nt Access or Mailbox servers to a dial plan. If you
(without Communications Server 2007 R2 or Lync run the Set-UMService cmdlet, it will generate an error if you try to associate a Mailbox server with a non -SIP dial plan.
Server 2010 non-SIP dial plans)
Client Access and Mailbox on different servers
Dial plans are no longer required to be associated with Client Access or Mailbox servers. You arent allowed to add Client Ac cess or Mailbox servers to a dial plan. If you run
(without Communications Server 2007 R2 or Lync the Set-UMService cmdlet, it will generate an error if you try to associate a Mailbox server with a non -SIP dial plan.
Server 2010 non-SIP dial plans)
Client Access and Mailbox server on the same
physical server (with Communications Server
2007 R2 and Lync Server 2010 with SIP dial
plans)

For a single SIP dial plan, add all Client Access and Mailbox servers to the SIP dial plan. For multiple SIP dial plans, add all Client Access and Mailbox servers to each SIP dial
plan. This will make both servers trusted peers of Office Communications Server 2007 R2 or Lync Server. You must use the same certificate in your Office Communications
Server 2007 R2 or Lync Server deployment as you do on each Client Access and Mailbox server.

Client Access and Mailbox server on different

physical servers (with Communications Server
2007 R2 and Lync Server 2010 with SIP dial
plans)

For a single SIP dial plan, add all Client Access and Mailbox servers to the SIP dial plan. For multiple SIP dial plans, add all Client Access and Mailbox servers to each SIP dial
plan. This will make both servers trusted peers of Office Communications Server 2007 R2 or Lync Server. If the certificates b eing used on the Client Access and Mailbox
servers are different, you must use the same certificate in your Office Communications Server 2007 R2 or Lync Server deployme nt as you do on each Client Access and
Mailbox server in your organization.

UM Call Router performance counters

Because Client Access server runs the Microsoft Unified Messaging Call Router service and the Mailbox server runs the Microsoft Exchange Unified Messaging service. The same performance counters for the
Microsoft Exchange Unified Messaging service are available to administrators as in earlier versions of Exchange UM. However, there are also additional performance counters that you can use on the Client
Access server to verify the status of the Microsoft Unified Messaging Call Router service and for troubleshooting.
Performance counters and thresholds
Unified messaging on the CAS and Mailbox Server
For the Mailbox server, youll use the Set/Get/Enable/Disable-UMService for the Microsoft Exchange Unified Messaging service.
For the Client Access Server, you'll use Set/Get-UMCallRouterSettings for the Microsoft Exchange Unified Messaging Call Router service properties. This ensures that the existing Get-UMServer, SetUMServer, Enable-UMServer, and Disable-UMServer cmdlets from Exchange 2007 and Exchange 2010 will work in a coexistence deployment with Exchange 2013 Mailbox servers. This also ensures that the
cmdlets will work when the Mailbox and Client Access servers are installed on the same or different servers.
Parameters and settings available on both the Client Access Server and the Mailbox Server:
[-DialPlans <MultiValuedProperty>]
[-MaxCallsAllowed <Int32>]
[-SipTcpListeningPort <Int32>]
[-SipTlsListeningPort <Int32>]
[-Status <Enabled | Disabled | NoNewCalls>]
[-UMStartupMode <TCP | TLS | Dual>]
Planning for unified messaging
Planning your voice mail system
Planning your UM deployment
Choosing the correct VoIP gateway, IP PBX, or Session Border Controller (SBC).
Connecting your telephony network
Deploy
1. Deploy and configure your telephony components or Microsoft Lync Server with Unified Messaging.
2. Verify that you've correctly installed the Client Access and Mailbox servers that are required by Unified Messaging.
3. Create and configure the required Unified Messaging components, including UM dial plans, UM IP gateways, UM hunt groups, and UM mailbox policies.
4. Perform post-deployment tasks, including obtaining certificates for mutual TLS, creating UM auto attendants, and configuring faxing.

Deploy voice mail and UM

UM languages, prompts and greetings
Install Mexican and Spanish : setup.com /AddUmLanguagePack:es-MX,de-DE /s:d:\Exchange\UMLanguagePack
Connect your voice mail system to your telephone network
UM Dial plans
A Unified Messaging (UM) dial plan:
Contains configuration information related to your telephony network.
Establishes a link from the telephone extension number of a user enabled for voice mail to their UM-enabled mailbox.
When created, you can configure the number of digits in the extension numbers, the Uniform Resource Identifier (URI) type, and the Voice over IP (VoIP) security setting.
When created, an UM mailbox policy is also created <DialPlanName> Default Policy.
New-UMDialplan -Name MyUMDialPlan -UriType SIPName -NumberofDigits 5
Set-UMDialPlan -Identity MyUMDialPlan -AudioCodec <G711|MP3|WMA|GSM>
You can specify which users can receive transferred calls or voice mail messages from Outlook Voice Access users. By default,the In this dial plan only option is selected.
Set-UMDialPlan -Identity MyUMDialPlan -ContactScope 'GlobalAddressList' -UMAutoAttendant $null -AllowDialPlanSubscribers $false -AllowExtensions $false
Set-UMDialPlan -Identity MyUMDialPlan -ContactScope DialPlan -AllowDialPlanSubscribers $false -AllowExtensions $false

When you create a dial plan, you can configure the primary and secondary ways that callers can search for names to locate a user when they call an Outlook Voice Access number or a UM auto attendant that's
associated with the dial plan.
Set-UMDialPlan -Identity MyUMDialPlan -DialByNamePrimary <FirstLast|LastFirst|SMTPAddress>

Other configuration options

Set-UMDialPlan
Set-UMDialPlan
Set-UMDialPlan
Set-UMDialPlan
Set-UMDialPlan
Set-UMDialPlan

-identity
-identity
-identity
-identity
-identity
-identity

MyUMDialPlan -LogonFailuresBeforeDisconnect 5
MyUMDialPlan -MaxCallDuration 10
MyUMDialPlan -MaxRecordingDuration 10
MyUMDialPlan -RecordingIdleTimeout 10
MyUMDialPlan -InputFailuresBeforeDisconnect 5
MySecureDialPlan -VoIPSecurity <Secured|SIPsecured|Unsecured>

UM IP Gateways
A Unified Messaging (UM) IP gateway represents a physical Voice over IP (VoIP) gateway, IP Private Branch eXchange (PBX), orSession Border Controller (SBC) hardware device. Before a VoIP gateway, IP PBX, or SBC
can be used to answer incoming calls and send outgoing calls for voice mail users, a UM IP gateway must be created in the directory service.
After you install your Client Access and Mailbox servers, you need to create UM IP gateways, and if you need them to support IPv6, you must also:
1. Create a new UM IP gateway or configure an existing UM IP gateway with an IPv6 address for each of the IP gateways, IP PBXs, or SBCs on your network. When youre creating and configuring the required UM IP
gateways, you must add the IPv6 address or the Fully Qualified Domain Name (FQDN) for the UM IP gateway. If youre adding the FQDN to the UM IP gateway, you must have created the correct DNS records to resolve
the UM IP gateway FQDN to the IPv6 address. If you have an existing UM IP gateway, you can use the Set-UMIPgatewaycmdlet to configure the IPv6 address or FQDN.
2. Configure the IPAddressFamily parameter on each UM IP gateway. To enable the VoIP gateway to accept IPv6 packets, you must set the UM IP gateway to either accept both IPv4 and IPv6 connections, or accept only
IPv6 connections, by using the Set-UMIPgateway cmdlet.

Exchange 2013 exam notes Page 5

IPv6 connections, by using the Set-UMIPgateway cmdlet.

3. After youve configured your UM IP gateways, you must also configure the VoIP gateways, IP PBXs, and SBCs on your network to support IPv6. For details, see your hardware vendor for a list of devices that support IPv6
and how to correctly configure them.
Example commands

New-UMIPGateway -Name MyUMIPGateway -Address "MyUMIPGateway.contoso.com" -Port 5061 (Enabled by default)

Set-UMIPGateway -Identity MyUMIPGateway -OutcallsAllowed $true -MessageWaitingIndicatorAllowed $true
Set-UMIPGateway -Identity MyUMIPGateway -Address fe80::39bd:88f7:6969:d223%11 -IPAddressFamily Any -Status Disabled -OutcallsAllowed $false
Set gateway as VOIP gateway simulator to be used with Test-UMConnectivity: Set-UMIPGateway -Identity MyUMIPGateway -Simulator $true
Enable-UMIPGateway -Identity MyUMIPGateway

Automatically answer and route incoming calls

UM Auto Attendant
Auto attendant features:
Auto attendants help internal and external callers locate users or departments that exist in an organization and transfer calls to them.
transfers callers to the extension of a user or department without the intervention of a receptionist or an operator.
Multiple languages possible
It provides corporate or informational greetings.
Non-business hours and business hours custom greetings.
It provides custom corporate menus. You can customize these menus to have more than one level.
It provides a directory search function that enables a caller to search the organization's directory for a name.
It enables a caller to connect to the telephone of, or leave a message for, members of the organization.
Example commands:

New-UMAutoAttendant -Name MyUMAutoAttendant -UMDialPlan MyUMDialPlan -PilotIdentifierList 55000 -Enabled $false

New-UMAutoAttendant -Name MyUMAutoAttendant -UMDialPlan MyUMDialPlan -PilotIdentifierList 56000,56100 -SpeechEnabled $true
Set-UMAutoAttendant -Identity MyUMAutoAttendant -PilotIdentifierList "12345, 72000, 75000"
Set-UMAutoAttendant -Identity MyUMAutoAttendant -BusinessHoursSchedule 0.10:45-0.13:15,1.09:00-1.17:00,6.09:00-6.16:30 -HolidaySchedule "New
Year,newyrgrt.wav,1/2/2013","Building Closed for Construction,construction.wav,4/24/2013,4/28/2013"
Configure a DTMF Fallback Auto Attendant Set-UMAutoAttendant -Identity MySpeechEnabledAA -DTMFFallbackAutoAttendant MyDTMFAA
Create menu navigation
Create business and non-business hours navigation menu
Set-UMAutoAttendant -Identity MyAutoAttendant - BusinessHoursKeyMappingEnabled $true -BusinessHoursKeyMapping
"1,Sales,,SalesAutoAttendant","2,Support,12345","3,Directions,,,directions.wav"

Set-UMAutoAttendant -Identity MyUMAutoAttendant -AfterHoursKeyMappingEnabled $true -AfterHoursKeyMapping "AfterhoursOperator,12345","Directions,23456"

Set up voice mail for users

Before enabling users for UM, consider dial plan to use, extension numbers, PIN policies, Outlook Voice Access and other feat ures youll allow users to have access to.
New-UMMailboxPolicy -Name MyUMMailboxPolicy -UMDialPlan MyUMDialPlan
Enable-UMMailbox -Identity tonysmith@contoso.com -UMMailboxPolicy MyUMMailboxPolicy -Extensions 51234 -PIN 5643892 -SIPResourceIdentifier "tonysmith@contoso.com" -PINExpired $true
Disable-UMMailbox -Identity tonysmith@contoso.com -KeepProperties $True

Configuration options for voice mail include:

Reset Outlook Voice Access PIN.
Add a personal operator extension number.
Add other extension numbers.
Enable or disable Automatic Speech Recognition (ASR).
Enable or disable Call Answering Rules.
Enable or disable access to their email or calendar.
Set UMMailbox -Identity tony@contoso.com -AllowUMCallsFromNonUsers <SearchEnabled|None> -AnonymousCallersCanLeaveMessages $true

Mailbox and client access servers

Mailbox server
New Mailbox features
Evolution of the Exchange 2010 database availability group (DAG):
Transaction log code has been refactored for fast failover with deep checkpoint on passive database copies.
To support enhanced site resiliency, servers can be in different locations.
As mentioned in the beginning of this topic, Exchange 2013 now hosts some Client Access components, the Transport components, and the Unified Messaging components.
The Exchange Store has been re-written in managed code to improve performance in additional I/O reduction and reliability.
Each Exchange 2013 database now runs under its own process.
Smart Search has replaced the Exchange 2010 multi-mailbox search infrastructure.
Mailbox moves
On-premise moves
New-MoveRequest -Identity 'ayla@humongousinsurance.com' -TargetDatabase DB01 -ArchiveTargetDatabase -DB03
New-MigrationBatch -Local -Name LocalMove1 -CSVData ([System.IO.File]::ReadAllBytes("C:\Users\Administrator\Desktop\LocalMove1.csv")) -TargetDatabases MBXDB2 -TimeZone
"Pacific Standard Time"
Cross forest: New-MigrationEndpoint -Name Fabrikam -ExchangeRemote -Autodiscover -EmailAddress tonysmith@fabrikam.com -Credentials (Get-Credential fabrikam\tonysmith)
$csvData=[System.IO.File]::ReadAllBytes("C:\Users\Administrator\Desktop\batch.csv")
New-MigrationBatch -CSVData $csvData -Timezone "Pacific Standard Time" -Name FabrikamMerger -SourceEndpoint Fabrikam -TargetDeliveryDomain "mail.contoso.com"

Prepare-MoveRequest.ps1
Recoverable Items folder
To protect from accidental or malicious deletion and to facilitate discovery efforts commonly undertaken before or during litigation or investigations, Microsoft Exchange Server 2013 uses the Recoverable Items folder. The
Recoverable Items folder replaces the feature known as the dumpster in Exchange Server 2007. The Recoverable Items folder is used by the following Exchange features:

Deleted item retention

Single item recovery
In-Place Hold
Litigation hold
Mailbox audit logging
Calendar logging

Terminology
Delete. Item is deleted from any folder and placed in the Deleted Items default folder.
Soft delete. Item is deleted from the Deleted Items default folder (or Shift+delete) and placed in the Recoverable Items folder.
Hard delete. item is marked to be purged from the mailbox database. This is also known as a store hard delete.

Manage mailbox databases in Exchange 2013

New-MailboxDatabase -Name "MailboxDatabase01" -EdbFilePath D:\DatabaseFiles\MailboxDatabase01.edb

Get-MailboxDatabase -IncludePreExchange2013
Get-MailboxDatabase -Identity MailboxDatabase01 -Server Server01 -Status | Format-List
Set-MailboxDatabase "Mailbox Database01" -DeletedItemRetention 7.00:00:00
Move-DatabasePath -Identity MyDatabase01 -EdbFilePath C:\NewFolder\MyDatabase01.edb
Mount-Database -Identity ExchangeServer1.Contoso.com\MyDatabas
Dismount-Database -Identity MyDatabase
Remove-MailboxDatabase -Identity MailboxDatabase01

Mailbox Import and Export Requests

Cmdlet

Description

New-MailboxImportRequest

Starts the process of importing a .pst file to a mailbox or personal archive. You can create more than one import request per mailbox. Each request must have a unique name.

Set-MailboxImportRequest

Changes import request options after the request is created or recover from a failed request.

Suspend-MailboxImportRequest

Suspends an import request any time after the request is created but before the request reaches the status of Completed.

Resume-MailboxImportRequest

Resumes an import request that's suspended or failed.

Remove-MailboxImportRequest

Removes fully or partially completed import requests. Completed import requests aren't automatically cleared. You must use th is cmdlet to remove them.

Get-MailboxImportRequest

View general information about an import request.

Get-MailboxImportRequestStatistics View detailed information about an import request.

Client Access Server (CAS)

There is no Exchange 2013 Edge server role (yet), but it will work with the Exchange 2010 Edge server role.
Every Active Directory site that contains a Mailbox server must also contain a Client Access server.
The Client Access server provides authentication, limited redirection, and proxy services, and offers all the usual client ac cess protocols: HTTP, POP and IMAP, and SMTP.
The Client Access server, a thin and stateless server, doesnt do any data rendering.
Theres never anything queued or stored on the Client Access server.
CAS management includes digital certificates, some of the client protocol management for Exchange ActiveSync, POP3, and IMAP4 .
Microsoft Exchange Remote Connectivity Analyzer (ExRCA) can help test and diagnose connectivity and configuration.
The Remote Connectivity Analyzer website offers tests for Microsoft Exchange ActiveSync, Exchange Web Services, Microsoft Outlook, and Internet email.
Configuration examples:
Enable-OutlookAnywhere -Server:<CAS15> -ExternalHostName:mail.contoso.com -SSLOffloading $false
Set-ActiveSyncVirtualDirectory -Identity <CAS15>\Microsoft-Server-ActiveSync -ExternalUrl "https://mail.contoso.com/Microsoft-Server-ActiveSync"

Exchange 2013 exam notes Page 6

 Set-ActiveSyncVirtualDirectory -Identity <CAS15>\Microsoft-Server-ActiveSync -ExternalUrl "https://mail.contoso.com/Microsoft-Server-ActiveSync"

Set-WebServicesVirtualDirectory -Identity <CAS15>\Microsoft-Server-ActiveSync -ExternalUrl "https://mail.contoso.com/EWS/Exchange.asmx"
Set-OabVirtualDirectory -Identity <CAS15>\Microsoft-Server-ActiveSync -ExternalUrl "https://mail.contoso.com/OAB"
High availability and site resilience
Database availability groups (DAG)
Is the base component of the high availability and site resilience framework built into Exchange 2013.
Is a group of up to 16 Mailbox servers that host a set of databases and provides automatic, database-level recovery from failures that affect individual databases, networks, or servers.
Any server in a DAG can host a copy of a mailbox database from any other server in the DAG.
DAGs are available in both Exchange 2013 Standard and Exchange 2013 Enterprise. In addition, a DAG can contain a mix of serve rs running Exchange 2013 Standard and Exchange 2013 Enterprise.
Exchange 2013 is supported on both the Windows Server 2008 R2 and Windows Server 2012 operating systems. All members of a given DAG must run the same operating system.
Configure DAG
New-DatabaseAvailabilityGroup -Name DAG1 -DatabaseAvailabilityGroupIPAddresses 10.0.0.5,192.168.0.5
Add-DatabaseAvailabilityGroupServer -Identity DAG1 -MailboxServer EX1
Add-DatabaseAvailabilityGroupServer -Identity DAG1 -MailboxServer EX2
Add-DatabaseAvailabilityGroupServer -Identity DAG1 -MailboxServer EX3
Set-DatabaseAvailabilityGroup <DAGName> -ManualDagNetworkConfiguration $True
Set-DatabaseAvailabilityGroupNetwork -Identity DAG1\MapiDagNetwork -ReplicationEnabled:$false
Exclude by example iSCSI network adapter from DAG: Set-DatabaseAvailabilityGroupNetwork -Identity DAG2\DAGNetwork02 -ReplicationEnabled:$false -IgnoreNetwork:$true
Set-MailboxServer -Identity EX1 -AutoDatabaseMountDial <BestAvailability|GoodAvailability|Lossless>
Set-MailboxServer -Identity EX1 -DatabaseCopyAutoActivationPolicy <Blocked|IntrasiteOnly|Unrestricted>
Set-MailboxServer -Identity EX1 -MaximumActiveDatabases 20
Suspend-MailboxDatabaseCopy -Identity DB1\MBX3 -SuspendComment "Maintenance on MBX3"
Resume-MailboxDatabaseCopy -Identity DB1\MBX3
Installing update rollups: use StartDagServerMaintenance.ps1, StopDagServerMaintenance.ps1 and RedistributeActiveDatabases.ps1

Datacenter Activation Coordination Mode (DAC)

Disabled by default and should be enabled for all DAGs with two or more members that use continuous replication.
Can be enabled only by using the Exchange Management Shell: Set-DatabaseAvailabilityGroup -Identity DAG2 -DatacenterActivationMode DagOnly
Planning for high availability and site resilience
Changes in high availability from Exchange 2010
The high availability and site resilience features used first introduced in Exchange 2010 are used in Exchange 2013 to create and maintain database copies. Exchange 2013 also leverages the concept of database mobility,
which is Exchange-managed database-level failovers.
Deploying high availability and site resilience
Managing high availability and site resilience
Backup, restore and disaster recovery

Exchange management shell

Exchange Administration Center

The Exchange Administration Center (EAC) is the web-based management console in Microsoft Exchange Server 2013 that allows for ease of use and is optimized for on -premises, online, or hybrid Exchange deployments. The
EAC replaces the Exchange Management Console (EMC) and the Exchange Control Panel (ECP), which were the two interfaces that w ere used to manage Exchange Server 2010
Supported browsers/OS combination
EAC UI interface elements
Default URLs
Internal URL: https://<CASServerName>/ecp
External URL: https://mail.contoso.com/ecp
If you are in a coexistence scenario, where you have Exchange Server 2010 and Exchange Server 2013 in the same organization a nd your mailbox is still housed on the Exchange 2010 mailbox server, the browser will
default to the Exchange Server 2010 ECP. You can access the EAC by adding the Exchange version into the URL. For example, to access the EAC whose virtual directory is hosted on the Client Access server CAS15 -NA, use
the following URL: https://CAS15-NA/ecp?ExchClientVer=15
Find (custom) URLs for the ECP virtual directory:
Get-ECPVirtualDirectory | Format-List Name,InternalURL,ExternalURL

Turn off Internet access to the EAC:

Set-ECPVirtualDirectory -Identity "CAS01\ecp (default web site)" -AdminEnabled $false

Menu structure Exchange Admin Center (EAC):

Recipients
Mailboxes
Groups
Resources
Contacts
Shared
Migration
Permissions

Admin roles
User roles
Outlook Web App Policies
Compliance management
In-place eDiscovery & hold
Auditing
Data loss prevention
Retention policies
Retention tags
Journal rules
Organization
Sharing
Apps
Protection
Malware filter
Connection filter
Content filter
Outbound spam
Quarantine
Mail flow
Rules
Delivery reports
Message trace
Accepted domains
Connectors
Mobile
Mobile device access
Mobile device mailbox policies
Public
folders

Public folders
Public folder mailboxes
Unified messaging
UM dial plans
UM IP gateways
Server Health and Performance

Managed Availability
Exchange 2013 introduces the concept of managed availability. Managed availability runs on every Exchange 2013 server. Its made up of two processes, the Exchange Health Manager Service (MSExchangeHMHost.exe) and the Exchange
Health Manager Worker process (MSExchangeHMWorker.exe), and the following asynchronous components:
Probe engine The probe engine takes measurements on the server.

Monitoring probe engine The monitoring probe engine stores the business logic about what constitutes a healthy state. It functions like a pattern recognition engine, looking for patterns and measurements that differ from
a healthy state, and then evaluating whether a component or feature is unhealthy.
Responder engine When the responder engine is alerted about an unhealthy component, its first action is to try to recover that component. Managed availability enables multi-stage recovery actions. The first attempt may
be to restart the application pool, the second attempt may be to restart the corresponding service, and the third attempt may be to restart the server. And, the final attempt may be to put the server offline, so that it no longer
accepts traffic. If all of these actions fail, an alert is sent to the help desk.

Exchange 2013 exam notes Page 7

accepts traffic. If all of these actions fail, an alert is sent to the help desk.

For more information about managed availability, see Lessons from the Datacenter: Managed Availability , and Server Health, Monitoring, and Performance Cmdlets .
Exchange workload Management
An Exchange workload is an Exchange Server feature, protocol, or service thats been explicitly defined for the purposes of E xchange system resource management. Each Exchange workload consumes system resources
such as CPU, mailbox database operations, or Active Directory requests to run user requests or background work. Examples of E xchange workloads include Outlook Web App, Exchange ActiveSync, mailbox migration, and
mailbox assistants.
Settings can be customized. For more information, see Exchange Workload Management and Server Health, Monitoring, and Performance Cmdlets .
Includes the following components:
System Workload management (new in Exchange 2013)
Resource policies

New-ResourcePolicy
Remove-ResourcePolicy
Get-ResourcePolicy
Set-ResourcePolicy

Workloadmanagement policies

New-WorkloadManagementPolicy
Remove-WorkloadManagementPolicy
Get-WorkloadManagementPolicy

Workload policies

New-WorkloadPolicy
Remove-WorkloadPolicy
Get-WorkloadPolicy
Set-ResourcePolicy
User workload management (called user throttling in Exchange Server 2010)
Manage throttling policies

New-ThrottlingPolicy
Get-ThrottlingPolicy
Set-ThrottlingPolicy
Remove-ThrottlingPolicy

Assign throttling policies

Get-ThrottlingPolicyAssociation
Set-ThrottlingPolicyAssociation
Configuration
examples:

Change workload management policy settings for all servers in your organization
New-WorkloadPolicy OrgIMAPWorkloadPolicy -WorkloadType IMAP -WorkloadClassification Discretionary -WorkloadManagementPolicy GlobalOverwrittenWorkloadManagementPolicy
Change workload management policy settings for a specific server
New-WorkloadPolicy DublinIMAPWorkloadPolicy -WorkloadType IMAP -WorkloadClassification Discretionary -WorkloadManagementPolicy DublinWorkloadManagementPolicy.
Set-ExchangeServer -WorkloadManagementPolicy DublinWorkloadManagementPolicy -Server Dublin01.
Workload management reference

Exchange 2013 exam notes Page 8