Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Office 365 is a hosted solution of Microsoft which offers services like Exchange Online, Link Online, Share
Point, One drive etc.,
Office 365 is a web based subscription service that gives anywhere access to Microsoft office tools
as well.
TENANT:
When we signup or subscribe for office 365 we actually gets a tenant, a tenant is basically an account we
create in Microsoft online service environment.
Domain.onmicrosoft.com is format of tenant, when you add a domain to a tenant Microsoft will
ask for DNS Records to add with their public DNS.
After subscription by default after signup the user gets created is an admin, these admin is called
Global Administrator.
1. TXT Record
2. MX Record
3. OTP Method
1. Power Shell
2. .CSV File export
3. GUI mode
Communication between all above roles is called RPC (Remote Procedure Call)
1. Connection filter – Blocking and Unblocking of Domains and IP Addresses is done in this filter
2. Recipient filter – It will Search for recipient and which mail address need to hit
3. Malware filter – It will check pishy mail which has contains harmful links and attachments
4. Spam filter – It will filter spam emails
5. Transport Rule – It will deviate the path of unwanted mails
Types of Recipients:
1. User Mail Box
2. Shared Mail Box
3. Link Mail Box
4. Arbitrations Mail Box
5. Distribution Group
6. Dynamic Distribution Group
7. Security Group
8. Mail User/ Mail Contact
9. Resource Mail Box
1. Send As
2. Send on behalf
3. Full Access
Distribution Group:
It is a type of Recipients created in O365 that is primarily used for distributing messages to multiple
recipients
In distribution group members are added by manually
Display name is starts with @
Security Group:
It also like Distribution group however permissions are assigned on the group to distribute group
Types of Domains:
Two types of Domains
1. Accepted Domains
2. Remote Domains
Accepted Domains: Is the one for which server is responsible for accepting emails
1. Authoritative
2. Internal Relay
3. External Relay
Authoritative: It set by default, If the domain is set to authoritative then edger server will perform the
recipient filtering this process is called DBED (Directory Base Edge Block).
Internal Relay: If the domain is set to internal relay, then edge will not perform DBEB it will pass to HUB
External Relay: If the domain is set to external relay where third party tool is hired for filtering the emails
Remote Domains: Remote domains are created to define setting for message transfer between Exchange
server and a domain which is outside the exchange organization.
Connectors:
Connectors are used to connect roles to exchange server
1. Send Connector
2. Receive Connector
In Exchange Server 2013, 2016 the above two connectors are called IN BOUND Connector and OUT
BOUND Connector.
Queues:
There are Five Types of Queues in Exchange Server
Transport Service:
This service runs on mail box server and it is virtually identical to hub transport server in previous versions
of exchange
This service handled message categorization and message content inspection.
Protocol logging:
When email is not able send and receive and issue is at connector level then we use protocol logging to
diagnose the mail flow issue
Protocol logging records the STMP conversations that occurs between messaging servers
By default protocol logging is disabled on all send and receive connectors
EWS:
It provides the functionality to unable client applications to communicate with exchange server.
EWS Describes three flies
1. Services.wsdl
2. Message.xsd
3. Types.xsd
AUTO DISCOVER:
Auto Discover is a Mechanism that allows users to easily configure their email client knowing only their
email address and password.
Auto Discover also enables Additional features for Microsoft exchange including: Downloading the Offline
Address Book, Viewing Free/Busy Time in your Calendar.
Auto Discover is a Process by which the client gets the XML which helps to Configuring outlook
SCP Lookup:
SCP Object has two components
1. SBI (Server Binding Info): it has the CAS URL
2. (Keyword): It has the information of the where the location of the CAS URL
URL is – https://domain.com/autodiscover/autodiscover.xml
To success the email client configuration through the above URL, it has to satisfy three conditions
1. A Record
2. Port No : 443 should be open
3. Third Party certificate
URL https://autodiscover.domain.com/autodiscover/autodiscover.xml
If it fails next it will go to port no 80, then it gets reply from 301, 302 after 301 and 302 it will check the
CNAME of the domain and then it will make the URL as
URL : https://autodiscover.outlook.com/autodiscover/autodiscover.xml
Again same three conditions should satisfy, if its not satisfy then it will configure from SRV Method.
In SRV Method it will do a DNS query for SCP lookup through NS Lookup Command,
Once NS Lookup Command runs it will get IP address this IP called CAS IP
Through that IP it gets XML to configure the email client/outlook.
NOTE: Remote Connectivity Analyzer (EXRCA) is a tool for diagnose/test the Auto discover issues
EXCHANGE AUDITING:
Auditing is done for compliance purposes, through auditing we can cross verify the issues in office 365,
you can use office 365 security and compliance center to search the audit logs to view user and
administrator activity in your exchange organization
JOURNALING:
Journaling is keeping records of incoming and outgoing emails of some other mail box, it is also done for
legal/compliance purposes
NDR:
1. Generating Server
2. Remote Server
3. Rejected Recipient
4. Enhanced Status Code
5. Original Header
NDR always go on Revers Path and it is also known as BOUNCE BACK EMAIL.
BACK SKETTLER:
If we receive NDRs for the email which we have not send then it is called back settler.
FORMAT OF NDR:
From :User@gmail.com
To :user@domain.com
SUB : XXX
1. Class
2. Subject
3. Details
Class Range:
2 Successful
4 Temporary Failure
5 Permanent failure
0- Unidentified
1- Email issue
2- Mail Box Status
3- Mail System
4- Network issue
5- Protocol
6- Content
7- Security Policies
SPAM CONFIDENTIAL LEVEL:
When an email message goes through spam filtering it assigned a spam score, this score is mapped to an
individual SCL rating and stamped in message header. Based on these ratings trouble shooting is done.
OUTLOOK TROUBLESHOOTING:
Problem: Password prompts (password keep asking)
If the same issue happen OWA that indicates problem at exchange server level
It is working fine in OWA issue is at system level, so we need to first create new profile then test
If that is also not working then remove the cache credentials from credential manger
Command for remove the cache credentials
RUN -> run as admin
Rundll32.exe keymgr.dll, KRShowKeyMgr
Even problem not been solved run the SARA tool.
QUARANTINE:
QUARANTINE EMAIL MESSAGE IN OFFICE 365:
We can setup Quarantine for incoming email messages in office 365 where messages have been filtered
as spam, bulk, phishing emails, malwares and mail that Matches a specified criteria can be kept in
quarantine for later review.
E-DISCOVERY:
e-DISCOVERY are electronic discovery for email, It is used to search emails or mail boxes if deleted, to
perform e-discovery the admin has to be e-discovery manager.
E-discovery path:
EAC->Security & compliance ->eDiscovery->properties->eDiscovery permissions
E-DISCOVERY HOLD:
In place eDiscovery hold search results goes on hold, there are three types of hold.
1. Time based hold
2. Query based hold
3. Indefinite time hold.
4 Once disconnected reestablishes the Once disconnected the last session is paused for
connection all over agian 15 min and can be resumed
Active manager:
Active Manager is a roles on each DAG server which decides which server has to be active in case of other
if other server is down
If server is down then active manager will see that which site has the majority of active servers, it will then
check that which server from the majority has most updated database and it will make that server active.
Witness Server:
It is basically a windows machine linked with the server at site to overcome split brain syndrome.
Service Provisioning: Assign the licenses to the users is called as service provisioning.
MESSAGE TRACE:
In office 365 as an administrator you can find out what happen to an email message by running message
trace, after running the message trace you can view the results in a list, and then view the details about a
specific message
Message trace in security and compliance center follows email messages as they travel email
message through your exchange online organization. You can determine the message was received,
rejected or delivered
Exchange Online KIOSK: KIOSK licenses are aim at users whom need to access emails only and doesn’t
required full functionality.
KIOSK license can only connect QWA and Smart phones
Mail box limit is given only 1GB.
Office 365 E1:
Services includes
1. Exchange
2. One drive
3. Share point
4. Microsoft Teams
5. Yammer
E1 Features:
1. You will get email hosting with 50GB email box
2. Web versions of outlook, MS office
3. File storage and sharing with 1TB of storage
4. Host unlimited HD video conferencing meeting with up to 250 people
5. Hosts meeting per up to 10000 with the Skype or teams
6. 24/7 phone and web support.
E1 Features:
1. You will get email hosting with 100GB email box
2. Desktop and Web versions of MS office
3. File storage and sharing with unlimited personal and cloud storage
4. Host unlimited HD video conferencing meeting with up to 250 people
5. Hosts meeting per up to 10000 with the Skype or teams
6. 24/7 phone and web support.
7. E3 get ATP as add on subscription.
POWER BI:
Power BI is a business analytic service that delivers to site to enable and transform data into visuals. I. e
visually explore and analyze data.
244447250030