What’s the default replication interval for Edge sync and what is the step to force replication?

When the Exchange Edge server starts, the Microsoft Exchange EdgeSync service starts and establishes a synchronization schedule.Configuration data is synchronized to ADAM once every hour.Recipient data is synchronized to ADAM once every four hours.
Steps to Sync Edge sync replication
Use the EMS to immediately start synchronization of data from the Active Directory service to the subscribed Edge Transport servers. Run the below command on the HB transport server.

You cannot modify the synchronization intervals.

Start-EdgeSynchronization -Server <Hub Transport server name>

What is Edge subscription and process to enable Edge subscription?

Exchange 2007 Edge Transport server role is always deployed in organization’s DMZ (perimeter) network. Edge Transport server handles all Internet mail flow. It also provides some additional protection and security provided by a series of agents running on the Edge Transport server. These agents protect messages against viruses and spam and apply transport rules to control message flow.

This is an optional process, subscribing an Edge Transport server provide anti-spam features, recipient lookup or safelist, or secure SMTP communications.

Edge Subscription Process

A. Make sure that the Hub Transport servers and the Edge Transport server can resolve the each other FQDNs by using DNS.

B. Run the New-EdgeSubscription cmdlet in the EMS on the Edge Transport server to export the Edge Subscription file.

C. Copy the Edge Subscription file to a Hub Transport server.

D. Run the New-EdgeSubscription cmdlet in the EMS or EMC to import the Edge Subscription file.

Types of Data Replicated to ADAM

A. Edge Subscription information

Provision and maintain the credentials to help secure the LDAP connection.

Arbitrate the synchronization lock and lease process.

Optimize the EdgeSync synchronization process

B. Configuration information

Hub Transport servers

Accepted domains

Message classifications

Remote domains

Send connectors

Internal SMTP servers

Domain Secure lists

C. Recipient information

Recipients

Proxy addresses

Safe Senders List and Safe Recipients List

Per recipient anti-spam settings

D. Topology information

Notification of newly subscribed Edge Transport servers. This data is refreshed every five minutes.

Where does Edge role store its settings?

Edge Transport server role installed doesn’t have access to Active Directory. The Edge Transport server stores all configuration and recipient information in ADAM. Because Active Directory and ADAM both use Lightweight Directory Access Protocol (LDAP), and because both directory services use the Exchange 2007 schema, you can replicate data from Active Directory to ADAM.

What is Receive Connectors? Provide two default receive connector names?

Receive Connector: By default, when you install the Hub Transport server role, two Receive connectors exist. No additional Receive connectors are needed. The default Receive connectors do not require any additional configuration changes.

Default Receive connector:

(A) Client <Servername>: This Receive connector accepts SMTP connections from all non-MAPI clients, such as POP and IMAP. This connector work on port 587.

(B) Default <Servername>: This Receive connector accepts connections from Edge Transport servers to receive messages from the Internet and from other Hub Transport servers. This connector work on port 25

Where does Exchange 2007 get its routing topology from?

Exchange 2007 uses the Active Directory site topology to determine how messages are transported in the organization. The Hub Transport server uses the Active Directory Topology service to retrieve the Exchange organization’s configuration information. Unlike earlier versions of Exchange, Exchange 2007 does not use a link state routing table and does not try to calculate an alternative route when a connection is unavailable.

Named the Exchange 2007 components use certificates?

SMTP

EdgeSync synchronization

POP3 and IMAP4

Unified Messaging

Autodiscover

Client Access applications such as Outlook Anywhere, OWA, and Exchange ActiveSync

How to Determine When to Use Certificates Issued by Public CAs and When to Use Self-Signed Certificates?

Whenever your users are access Exchange components that require authentication and encryption from outside your corporate firewall, it is time to deploy a certificate issued by a public CA. Let users are accessing Exchange ActiveSync, POP3, IMAP4, and Outlook Anywhere. so in this case you require a certificate that is issued by a public CA.

A self-signed certificate used by Exchange 2007 component that uses Kerberos, Direct Trust, or NTLM authentication. These are all internal Exchange 2007 components, to the fact that the data paths are between Exchange 2007 servers and within the corporate network that is defined by Active Directory.

What are the certificates can be installed on Exchange 2007 and Name a few commercial CAs?

Wildcard Certificate: Exchange Server support certificates with wildcard names, such as *.nakshatrait.com. This is an acceptable domain. Please make sure that some legacy clients and mobile devices do not support wildcard names on a certificate.

SAN Certificate: This is the most widely used certificate type such as it has one common name like webmail.nakshatrait.com and some additional domain name refer to Exchange other services like Autodiscover.nakshatrait.com, pop.nakshatrait.com, imap.nakshatrait.com.

What is Outlook Anywhere and describe the method for enabling Outlook Anywhere?

Outlook Anywhere feature (previously known as RPC over HTTP) provide a facility to connect your Internet-based Microsoft Outlook clients to connect to your Exchange Server 2007. This featureeliminates the need to use virtual private networks (VPNs) if Exchange server 2003 with Sp1 and Exchange 2007.

Outlook Anywhere can be enabled by using the 

Exchange Management Console

Open Exchange Management console tree > expand Server Configuration > then click Client Access. 

In the action pane, click Enable Outlook Anywhere.

Exchange Management Shell

Enable-OutlookAnywhere -Server: <ServerName> -ExternalHostName: <ExternalHostName> -ClientAuthenticationMethod:Basic -IISAuthenticationMethods <MultiValuedProperty> -SSLOffloading:$false

Requirement of Outlook anywhere

 Install a valid Secure Sockets Layer (SSL) certificate from a trusted certification authority (CA).

 Install the Windows RPC over HTTP Proxy component

What is Autodiscover service?

This service enables Outlook clients and some mobile devices to receive their necessary profile settings directly from the Exchange server by using the client’s Active Directory domain credentials or user’s SMTP domain. 

What is Availability service

The Availability service provides free/busy information using secure, consistent, and up-to-date free/busy data to users that are running Outlook 2007. Outlook 2007 uses the Autodiscover service to obtain the URL of the Availability service.

What is the Exchange ActiveSync?

Exchange ActiveSync is a feature which synchronize you email data between your mobile device and Exchange server. Using Active sync you can synchronize e-mail, contacts, calendar and tasks. Mobile devices running Windows Mobile software and Windows Mobile 5.0, are all supported.

What is OWA?

OWA refer to Outlook Web Access in Exchange 2007 by you access your e-mail from any Web browser. Outlook Web Access contains many new features such as meeting booking, Microsoft SharePoint Services and Windows file share integration, and a rich user experience from any computer that has a Web browser. 

What is the difference between Distribution group and Dynamic Distribution group?

Mail-enabled (Universal distribution group): This is an Active Directory distribution group object that can be used only to distribute messages to a group of recipients.

Mail-enabled (Universal security group):A mail-enabled Active Directory security group object that can be used to grant access permissions to resources in Active Directory, and can also be used to distribute messages.

Mail-enabled (Non-universal group): This is an Active Directory global or local group object. Mail-enabled non-universal groups are de-emphasized in Exchange 2007 and can exist only if they were migrated from previous versions of Exchange. You cannot use Exchange 2007 to create new non-universal distribution groups.

Dynamic distribution group: A distribution group that uses recipient filters and conditions to derive its membership at the time messages are sent.

What is the difference between mail user and mail contact?

Mail user: This is an Active Directory user that represents e-mail address outside your Exchange organization. Each mail user has an external e-mail address to which all messages sent to the mail user are routed.

Mail contact: This is an Active Directory contact that contains e-mail address information about people or organizations that exist outside your Exchange organization. Each mail contact has an external e-mail address. All messages sent to the mail contact are routed to this external e-mail address.

What are the different Exchange Recipient types?

User mailbox: This mailbox is created for an individual user to store mails, calendar items, contacts, tasks, documents, and other business data.

Linked mailbox: This mailbox is created for an individual user in a separate, trusted forest. For example AD account is created in A.COM and Mailbox is created in B.COM Exchange Server.

Shared mailbox: This mailbox is not primarily associated with a single user and is generally configured to allow logon access for multiple users.

Legacy mailbox: This mailbox is resides on a server running Exchange Server 2003 or Exchange 2000 Server.

Room mailbox: This mailbox is created for a meeting location, such as a meeting or conference room, auditorium, or training room. When we create this mailbox, by default a disabled user object account is created.

Equipment mailbox: A resource mailbox is created for a non-location specific resource, such as a portable computer projector, microphone, or a company car. When we create this mailbox, by default a disabled user object account is created. Equipment mailboxes provide a simple and efficient way for users to use resources in manageable way.

What is the server roles in Exchange 2003 and 2007/2010 ?

Exchange server 2003	Exchange server 2007/2010
Front End Server (SMTP Service)	HUB Transport Server
Front End Server	Client Access Server
Backend End Server	Mailbox Server
	Edge Transport Server (NEW)
	Unified Messaging

Exchange 2007 main Services:

Microsoft Exchange Active Directory Topology 

Microsoft Exchange Monitoring

Microsoft Exchange IMAP4

Microsoft Exchange POP3

Microsoft Exchange Transport Log Search

Microsoft Exchange Transport: On Hub and Edge

Microsoft Exchange Service Host

Microsoft Exchange Search Indexer

Microsoft Exchange Replication Service

Microsoft Exchange Mail Submission

Microsoft Exchange Mailbox Assistants

Microsoft Exchange File Distribution: On CAS Server

Microsoft Exchange Information Store

Microsoft Exchange System Attendant 

Microsoft Exchange EdgeSync: on Hub Transport Server

Microsoft Exchange Anti-spam Update

What is Back-Pressure?

The settings for back-pressure can be configure on Hub Transport and Edge Server. If utilization of a system resource exceeds the specified limit, the Exchange server stops accepting new connections and messages. This prevents the system resources from being completely overwhelmed and enables the Exchange server to deliver the existing messages.