
Meet Patrick Llona, an experienced trainer and consultant who specializes in exchange messaging, Office 365 migrations, and modern messaging infrastructure, with over 20 years in the field.
Design a modern messaging solution that protects data with data loss protection, enforces compliance and access controls, supports multiple devices, and covers on-prem, exchange online, or hybrid deployments.
Exchange 2019 architecture mirrors 2016 and 2013 while updating features from Exchange Online, focusing on two roles: mailbox server, edge transport, and active directory integration.
Explore Exchange Online architecture as Microsoft’s hosted messaging integrated with Office 365 apps. Learn cloud tenant concepts, Azure AD, license-based mailbox creation, DNS routing, bandwidth, and disaster recovery.
Explore hybrid deployment that links on-prem exchange with Exchange Online to form a single organization, using directory synchronization, TLS mail routing, and full or minimal hybrid options.
Outline the exchange server preferred architecture, including an unbounded namespace per client protocol, site resilience with auto discovery and round-robin DNS, and cross-data center DAGs for high availability.
Learn the messaging infrastructure requirements for Exchange 2019, including coexistence with Exchange 2013/2016, domain controllers, Windows Server 2019, memory and disk needs, and supported Outlook clients.
Explore virtualization considerations for deploying Exchange 2019 on virtual machines, including supported platforms like Hyper-V and VMware, hardware parity, memory and vCPU rules, no dynamic memory, and avoiding snapshots.
Explore exchange deployment prerequisites and how the deployment assistant guides on-prem, hybrid, and cloud deployments, including AD domain join, Windows updates, and required Visual C++ and RSAT tools.
Choose between a graphical setup wizard and a command line interface to install Microsoft 365 messaging, performing readiness checks, licensing terms, roles, and organization name.
Demonstrates installing Exchange Server 2019, detailing prerequisites, schema preparation, and admin rights, then performing setup and basic post-install verification.
Deploy exchange online by creating an Office 365 tenant, adding and verifying custom domains, provisioning cloud, synced, and federated users, assigning licenses, configuring groups, and setting MX and autodiscover DNS.
Explore exchange online deployment, a software-as-a-service alternative to on-premises exchange, and learn to create a tenant, verify a custom domain with a text record, and configure mailboxes and licenses.
Apply role based access control in exchange server 2019 and see how the exchange administrative center uses powershell commands to assign admin permissions and enable command login history.
Access the Exchange Admin Center to manage exchange deployments, compare on-prem and online interfaces (including hybrid setups), and learn to restrict access using client access rules for enhanced security.
Explore the exchange administrative center, a web-based management console for managing recipients, mail flow, compliance features, and hybrid Office 365 configurations in a unified GUI.
Discover the Exchange Management Shell, powered by PowerShell for Exchange Server, and learn to connect to Exchange Online with three steps, multifactor authentication considerations, and automation for bulk edits.
Explore the exchange management shell and PowerShell basics, mastering verb–noun syntax, get and set mailbox tasks, and using piping, tab completion, and online help for Office 365 and on-prem EMS.
Learn to update exchange with quarterly cumulative updates, plan maintenance windows, and manage on-premises dagg updates by moving database copies, plus exchange online release options, including standard and targeted releases.
Explore recipient types in Microsoft 365 messaging, including user and shared mailboxes, mail-enabled contacts and users, room and equipment mailboxes, remote and linked mailboxes, and address list concepts.
The user mailbox is the most common recipient object for employees, tied to an Azure AD or Active Directory account. Create it via the Exchange admin center or management shell.
Explore resource mailboxes as organizational resources for calendar sharing and meetings, including auto-accept rules, unlicensed and sign-in blocked accounts, and delegate controls for booking.
Learn how shared mailboxes provide a centralized team email for monitoring and replying, with permissions like full access and automatic outlook mapping for authorized users.
Explore exchange groups, from simple distribution lists to mail-enabled security groups and dynamic distribution lists, and learn how Office 365 Groups integrate email, SharePoint, and OneDrive for collaboration.
Create and manage user mailboxes in Microsoft 365 messaging using the Exchange server and the Exchange Management Shell. Configure required properties and set archives and size limits.
Learn to create and manage on-premises user mailboxes in Exchange, using GUI and PowerShell to set login names, quotas, policies, and mailbox features.
Create resource mailboxes in Microsoft 365 Messaging; they start as disabled user accounts, can be enabled or delegated, and support booking options, work hours, and custom resource properties.
Learn to create and manage resource mailboxes, including conference rooms and equipment, in the exchange admin center, and configure calendar processing, delegates, and resource property schema.
Create a shared mailbox using exchange management shell and PowerShell, assign full access and either send on behalf of or send as, with auto mapping for the HR group.
Create and manage shared mailboxes in Microsoft 365, assign permissions at creation, verify disabled user accounts, and ensure they appear in Outlook; use the shell to create and convert mailboxes.
Create new mail contacts and mail users in Exchange, using Active Directory concepts, mail enablement with external addresses, and csv-based PowerShell imports.
Grant mailbox permissions to manage shared, resource, or regular mailboxes using ad mailbox permission for full access, with send as or send on behalf settings for delegation.
Explore mailbox permissions for shared mailboxes using the GUI and PowerShell commands. Learn to configure set mailbox and add mailbox permissions, auto mapping, and folder permissions.
Create and manage Office 365 Groups and unified group, including security groups, distribution groups, and dynamic distribution groups, and learn core commands for adding members and managing recipients.
Explore how to create and manage exchange groups, including distribution, security, and dynamic distribution groups, and configure membership, delivery settings, and properties in both on premises and Office 365 environments.
Explore global and standard address lists. Learn to create custom filters and hierarchical lists by department or location to aid discovery in Outlook.
Discover how address book policies restrict global address list visibility by organizing multiple global address lists, custom lists, room lists, and an offline address book applied to users.
Provide offline address books with downloadable address lists for Outlook in cached mode, reducing server load and traffic. Create custom offline address books and assign them to users.
Apply SMTP addresses and aliases to recipients using on-premises Exchange email address policies. Define accepted domains to control mail responsibility, then create policies with filters to auto-assign addresses.
Examine how email address policies govern user addresses with a default policy, priorities, and primary versus reply addresses, and how address lists and dynamic distribution groups are created and previewed.
Explore how public folders evolved from databases to public folder mailboxes, achieve high availability with DAG, and the limitations for archiving, versioning, and modern collaboration.
Plan the public folder hierarchy with a primary hierarchy mailbox for write access and DAG-based high availability, and route users to the nearest mailbox to boost performance.
Plan public folder mailboxes for large data and many logons, ensuring location and availability in a DAG, and apply quotas at organization, database, and mailbox levels.
Office 365 groups offer a robust alternative to public folders, enabling email collaboration, integrated files and coauthoring via SharePoint, a shared calendar, and mobile access across Outlook and web.
Evaluate differences between exchange server versions before and after 2013 and explain how public folder mailboxes support replication, a single-location access model, and DAG-based read-only hierarchies.
Deploy and manage public folder mailboxes in Exchange 2013 and later, establishing the primary hierarchy mailbox for the writable hierarchy and secondary mailboxes for content, then create public folders.
Public folders can be created by admins via Iasi or shell, or by Outlook-permitted users, with folders defaulting to the primary mailbox, so limit who can create them.
Understand public folder permissions in Office 365, including read, create, edit own, and delete all, and how folder owners assign roles like owner, editor, author, and contributor.
Learn to create public folders and public folder mailboxes in Exchange Server 2019 and Office 365, set top-level folders, assign permissions, and manage mail-enabled folders via Outlook.
Enable mail for public folders, assign a mail address, and display them in the GAO so users and external senders can post via email; configure sender, size, and authentication settings.
Monitor public folders with Windows PowerShell, using get public folder and get public folder statistics to enumerate folders, display sizes, and move folders between mailboxes.
Troubleshoot public folders by checking permissions, recovered deleted items, and potential corruption; use repair commands, verify hierarchy, and review audit discover process for mailbox association.
Troubleshoot access to public folders by using auto discover data and logs (Outlook Web App, MAPI, RPC, FTP) to identify the contacted public folder mailbox.
Mailbox servers in exchange server 2019 host mailbox databases and client access; standard supports five databases, enterprise up to 100, and DAG replicates up to 16 copies across servers.
Learn how mailbox databases use the extensible storage engine to store private mailbox data and public folder hierarchies, with transaction logs, checkpoint files, and replication across a database availability group.
Explore how exchange uses transaction logs to record database changes and update checkpoints for client access. Consider circular logging, its impact on disaster recovery and mailbox moves.
Explore the default mailbox database in the Exchange Management Shell, review its EDB file path and log folder path, and discuss transaction logs and health monitoring processes supporting the database.
Exchange favors direct attached storage with multiple drives and SSD caching, avoiding NAS. If you skip RAID, deploy a database availability group with at least three copies for high availability.
Explore the exchange preferred architecture for mailbox databases, detailing traditional storage disks for data and logs and solid-state storage for the Metcash database.
Estimate hardware needs by sizing the server user load based on average profiles and daily messages, and plan tiered storage with SSD and memory, using active copies for indexing.
Use the macro-enabled exchange server role requirements calculator in Excel to input your messaging environment and get server recommendations for high availability. Fill out all sections to maximize accuracy.
Evaluate mailbox server performance by modeling load factors such as mailboxes, messages, and client types, and replicate production environments with identical hardware using Jetstress to simulate database and log workloads.
Create mailbox databases early as a one-time setup, often across multiple databases, using the Exchange Management Shell to specify the database name and log file locations; configure storage first.
Configure storage ahead of mailbox databases, create multiple databases to limit failures, move database and log paths, and mount them via PowerShell or admin center for on-premises Exchange.
Learn to troubleshoot database issues using a database availability group (DAG) with multiple copies across servers, enabling failover and guiding backups and restores for databases, mailboxes, and messages.
Establish a performance baseline by daily monitoring over a month to compare current data with server averages, enabling real-time monitoring, SLA measurement, and centralized System Center Exchange server management.
Analyze single-copy database failure scenarios, including disk space, transaction log growth, and backup failures that render the database inaccessible and require recovery.
Explore recovery options for exchange databases, including full database restore, recovery databases, database portability, and dial tone recovery, plus how backup logs drive restoration to the state before failure.
Configure complex password policies and password control policies in Office 365 and Active Directory to prevent dictionary attacks; enforce an eight character minimum, ban common passwords, and set periodic resets.
Enable self-service password reset in cloud environments via the Azure AD admin center, with licensing requirements, and configure multiple authentication methods such as the authenticator app, email, or phone.
Configure password expiration policies in the Azure AD admin center and enable self-service password reset with multiple authentication methods; understand hybrid versus cloud-only deployments.
Enable multifactor authentication to add a second or third factor at sign-in, using methods like passcodes, hardware tokens, or authenticator apps, with Office 365 and Azure MFA support and Duo.
Enforce multifactor authentication for end users and implement additional factors. Learn practical steps to enable MFA, address browsers with limited support, and ensure it works for every user.
Enable multifactor authentication for users in Office 365 by configuring MFA in the Azure AD admin center and guiding users to use the Microsoft authenticator app as the second factor.
Educate users to enter passwords only on trusted devices and sites and avoid untrusted machines. Enforce eight-character passwords, diverse credentials, and MFA for admin in Office 365 and Azure AD.
RBAC uses predefined roles in Exchange Server and Exchange Online to define functions, and assigns them to role groups or role assignment policies for managing mailboxes, databases, servers, and recipients.
Assign users to management role groups in Exchange to grant administrative permissions; ensure each admin has at least one role, with default or custom groups providing roles like manage recipients.
Identify default role groups in exchange server and online, including compliance management and discovery management. See how role assignments control powerful commands through PowerShell via the IAC and management shell.
Explore management roles in Microsoft 365 messaging, including PowerShell command lists, role entries, and scope delegation that allow admins to modify mailboxes across the organization.
Explore the fundamentals of role based access control, showing how role groups and admin or user roles bundle commands and policies in the exchange admin center and PowerShell.
Explore advanced role management with management scopes, including regular, explicit, and exclusive scopes, to control who can modify recipients and objects across the organization.
Create custom roles by copying a parent management role to a child, then remove unwanted entries and assign the tailored role to groups or users within a hierarchical framework.
Explore advanced role management in Microsoft 365 messaging by creating custom roles, removing commands from copied roles, and defining management scopes and role assignment policies using PowerShell and the GUI.
Follow Microsoft guidance to avoid changing built-in role groups; add permissions carefully, avoid removing roles from organization management, and plan ahead before creating new groups with defined scopes.
Troubleshoot RBAC by gathering task, object, and error details to determine if a permissions issue blocks PowerShell, and use get role group and admin audit log to verify changes.
Discover how Exchange workload management monitors CPU, memory, and network usage, prioritizes tasks, and enforces throttling with resource budgets and burst allowances via the Exchange Management Shell.
Configure resource and workload policies to preserve resources, monitor usage, and throttle access; create new policies and apply them at the organization or server level rather than modifying defaults.
Configure quotas to control mailbox and database growth and shorten backup and restore times. Apply database-level defaults with per-user overrides, and monitor sizes via reporting.
Explore how Office 365 add-ins personalize documents and streamline information access, deployed centrally via the Office 365 admin center; learn about global admin deployment, pilot testing, and automatic add-in download.
Deploy add-ins from the office admin center by office store or custom manifest, and assign deployment to everyone or specific users with automatic or optional deployment options.
Learn to configure and deploy Office add-ins through the Office 365 admin center, using centralized deployment, manifest uploads or store selections, and assign to users or groups.
Explore federated delegations to enable cross-organization sharing of availability and contacts via Azure AD. Configure federated trusts, organization relationships, and sharing policies for secure single sign on across partners.
Explore federation sharing components, including federation trust with the Azerrad authentication system, app ID, org ID, self-signed certificates, DNS text verification, and auto discover enabling federation.
Create an organization relationship after federation trust with Azure AD to enable federated sharing and calendar information sharing with another organization, using Iasi to define domains and sharing policies.
demonstrates configuring federation trust, creating organization relationships, and applying sharing policies to enable calendar sharing across trusted domains, with DNS verification and federated domain proof.
Explore how client access services route connections through proxies to the active mailbox database, enabling quick failover, with mapi over http as the default protocol and autodiscover.
Configure on-prem Exchange client access by replacing self-signed SSL with a trusted certificate, assigning DNS hostnames to virtual directories, and configuring Autodiscover and use URLs with authentication options.
Configure client access services by setting up virtual directories and a certificate, configure the external access domain and domain name records, and ensure the certificate covers autodiscover and mail names.
Understand how the autodiscover service provides Outlook and client configuration data, enabling server lookup, authentication, and mailbox access for internal and external connections.
Discover how autodiscover locates exchange services for domain-joined and non-domain-joined clients using DNS, service records, certificates, and the SICP object.
Explore Exchange auto discover settings via the shell, verify with Outlook’s test email auto configuration, and handle internal versus external DNS and certificate name issues.
The availability service provides free and busy information to Outlook and Outlook on the Web for the scheduling assistant, with correct internal and external web services URLs enabling AutoDiscover.
MailTips display pre-send guidance by querying the client access server for issues such as full mailboxes or out-of-office messages before sending, across Outlook and Outlook on the web.
Explore configuring mail tips in Exchange, focusing on the virtual directory, organization and custom mail tips for recipients and groups, and moderation settings in Outlook and Outlook on the Web.
Use Outlook as the primary exchange client, leveraging MAPI over HTTP and auto discover to locate mailbox UID and hosting server for secure SSL connectivity.
Outlook mobile delivers a superior user experience on mobile, with focused inbox, unsubscribe, fast search, large-file sharing, and guidance on basic and hybrid authentication for consistent migrations.
Outlook on the web offers exchange mail access via a thin client in major browsers, enabling reading and replying to messages, calendar booking, and HTML attachments.
Learn how to connect non-outlook clients, like Windows Mail, to Exchange using POP3 or IMAP4, enable and configure services via shell, and apply set POP settings with autodiscover, prioritizing Outlook.
Plan and apply mobile security strategies for BYOD and company devices, using MDM like Intune, PINs, remote wipe, and Outlook app with modern authentication to protect data.
Configure Outlook on the Web options using the Exchange Admin Center and PowerShell, covering certificate setup, authentication methods, virtual directory settings, and file access controls.
Configure redirection for Exchange Server 2019 to route HTTP requests to the correct virtual directory, adjust default website settings, and perform an IIS reset to reduce helpdesk calls.
Discover Office Online Server, a browser-based viewer for Word, Excel, PowerPoint, and OneNote that mimics Exchange Online in Office 365, and learn organization or mailbox server level endpoint configuration.
Configure outlook on the web, adjust the odwa virtual directory, set authentication to forms-based by default, manage features, file access, and public versus private session settings.
Scope authentication issues by confirming affected users with Outlook on web, then differentiate Kerberos, integrated Windows, and forms-based methods across Exchange Online and on premises, using logs to diagnose prompts.
Differentiate MAPI over HTTP and Outlook Anywhere to troubleshoot Outlook connectivity, verify prerequisites, ports, and enablement at organization and mailbox levels, and use connection status tools and the self-test probe.
Troubleshoot outlook on the web as a web app by verifying the World Wide Web publishing service is running and checking inet pub logs for default and backend sites.
Explore how exchange active sync enables mail, calendar, and contacts on iOS and Android, using http and xml for lightweight direct push and device management features.
Configure mobile device mailbox policies, formerly known as active sink policies, using AC or PowerShell to create a default or custom policy with password lockout settings and device access controls.
Explore how Microsoft 365 MDM policies override Exchange mailbox and device access rules, and examine testing, user impact, and data deletion risks for enrolled devices.
Configure MDM by adding publicly accessible name records, create the iOS app certificate in the Office 365 admin center, and enable optional MFA and device security policies; Intune is optional.
Administrators control mobile device access to Exchange ActiveSync with device access rules and organization settings, including default levels like allowed, blocked, or quarantined, plus a final demo.
Explore managing mobile devices with exchange active sync, view and configure mobile device mailbox policies, assign security settings, and use quarantine and remote wipe capabilities for admins.
Explore how Exchange message transport works across the front end transport, the transport service, and the mailbox transport, detailing mail flow, queues, connectors, and SMTP-based delivery between internal and external systems.
Explore how messages enter the transport pipeline via the smtp receive component or store driver, and how the submission queue and categories route, convert, and apply messaging policies.
Route messages on mailbox servers through categorization and recipient resolution. Use routing destinations and delivery groups with connectors to deliver across sites.
Explore configuring message transport in Exchange, including least cost routing, hub sites, and fallback, with PowerShell commands to set exchange cost and control distribution group expansion.
Explore how transport agents operate in the Exchange transport pipeline, triggered by SMTP events to affect routing and filtering, including transport rule and edge transport agents.
Configure transport options at server, connector, and organization levels with the exchange management shell. Set 10 MB size limits, 500 recipients, postmaster address, and enable shadow redundancy and safety net.
Configure accepted domains in Exchange to define which domains receive mail, using authoritative, internal relay, or external relay—most environments use authoritative, while internal relay supports migrations and hybrid setups.
Configure send and receive connectors to control smtp traffic, linking domains to source servers and choosing delivery methods, with default receive connectors listening for incoming messages.
Explore default connectors: no default send connectors, several receive connectors; front end accepts smtp on 25, client front end on 587, hub transport on 465, outbound proxy on 717.
Explore creating and configuring send and receive connectors in Exchange, including internet and partner scenarios, smart hosts, scoping, and transport settings for secure mail flow.
Enable message moderation on mailboxes and distribution groups to enforce approval workflows with multi-layer approvals and content-based rules, enable at the recipient level, and integrate moderator notifications with transport rules.
Explore how transport rules steer message flow by matching conditions and applying actions. Distinguish mailbox server rules, shared across servers, from edge rules stored locally for security.
Explore transport rule components in microsoft 365 messaging, detailing conditions (sender, recipient, words in subject or body), actions, exceptions, and properties, with time-based settings and/or logic.
Plan transport rules carefully, test them, and set priorities to avoid unintended deletions or deliveries; use regular expressions for content checks and back up rules for encrypted messages.
Learn to create and manage outbound transport rules in Exchange to restrict or modify message flow based on sender inside the organization, recipient outside, or keywords, using GUI or shell.
Understand mail flow across on premises, exchange online, and hybrid deployments, including transport pipelines, gateways, and rules that secure routing, with TLS encryption and domain security options.
Explore how Exchange on premises controls mail flow, including delivery groups and destinations, and learn to modify defaults with hub sites, routing cost, fallback, and expansion servers.
Manage on-premises mail flow in multisite Exchange by designating hub sites, adjusting site links and exchange costs, and configuring scoped send connectors with PowerShell to control routing.
Exchange online mail flow remains simple by default, with inbound dns mx pointing to exchange online and spf updated for anti-spam; connectors are only for hybrid routing.
Hybrid exchange mail flow uses centralized mail flow with a shared smtp namespace, inbound routing to exchange online and on-prem, and outbound mail from location, using internal relay as needed.
Master exchange troubleshooting tools from the toolbox, including the Q viewer, Get Q, delivery reports, message tracing, and the remote connectivity analyzer to diagnose mail flow.
Explore shared namespace scenarios, configure internal relay as the accepted domain, and set up a send connector to route messages across Exchange environments, especially in Office 365 migrations and hybrids.
Learn to enforce TLS encryption for SMTP with partner connectors, validate public trusted certificates, and require mutual authentication for specified partners.
Troubleshoot transport components and network-based mail flow for Exchange by validating ports, firewalls, and network devices; configure DNS and SPF records to ensure reliable mail delivery.
Review smtp protocol logs across front-end and mailbox transport, delivery service, submission, and edg to troubleshoot mail flow, and verify organization-wide send connectors, server-specific connectors, and gateway configurations.
Review transport logs to trace message activity and perform forensics on messages, troubleshoot send/receive connectors, and diagnose issues using on-premises traces and event logs, with 30-day retention.
Explore troubleshooting tools in the exchange toolbox, including the Q viewer, queue and message commands, delivery reports, message tracking logs, protocol and transport logs, and the remote connectivity analyzer.
Explain how high availability uses redundancy to eliminate single points of failure, covering data center power, cooling, network services, and the database availability group in Exchange Online.
Explore how database availability groups host live copies across servers and sites, with continuous replication of log files, heartbeat monitoring, and automatic failover to keep the active copy available.
Discover DAG characteristics in Microsoft 365 Messaging, including continuous replication of transaction logs to passive copies, failover coordination by the active manager, and DAG member flexibility.
Explain the DAG life cycle and incremental deployment to provide service and data availability for mailbox servers and databases, including DAGs without an administrative access point and PowerShell management.
Understand quorum in a Dagg cluster, how consensus and majority voting preserve access to databases, and the role of a witness when the DAG has an even number of members.
Examine lagged database copies, a delayed snapshot protected by the replay lag manager to guard against logical corruption, offering 7–14 days of history via logs and page patching.
Create and configure a DAG by specifying a valid, unique Active Directory computer name, and setting a witness server and directory before adding members and database copies.
Create and configure a database availability group (DAG) in an on-premises Exchange environment, including witness setup, DAG creation, and adding member servers with mailbox database copies.
Discover how automatic failover selects the best passive database copy using the active manager, health checks, and copy queues, with auto database mount settings and shadow redundancy safeguards.
Explains maintenance tasks for database availability groups, including placing a DAG member in maintenance mode, draining mail queues, moving active databases, seeding copies, and configuring auto activation to ensure continuity.
Monitor database health and freespace across dag members, ensure active directory topology service is healthy, assess replication health with test replication health and get-mailboxdatabasecopystatus, and use management scripts for diagnostics.
High availability is achieved by adding a second server, with stateless client access services handling authentication and proxy for internal and external connections using DNS round-robin or hardware load balancers.
Understand namespace planning for multi-site Exchange, choosing unified versus dedicated namespaces, and compare layer 4 and layer 7 load balancers with SSL termination and third-party options.
Explore managed availability, or active monitoring, and how load balancers use health probes on virtual directories and layer seven checks before routing traffic.
Explore highly available client access in Exchange by configuring load balancer timeouts and keepalives, monitoring latency, sizing properly, and standardizing certificates (SAN or wildcard) across servers.
Explore how to keep message transport highly available from external mail servers through the perimeter to the mailbox database, using DNS Round-Robin with MX records, shadow redundancy, and safety net.
Shadow redundancy creates a redundant copy of a message on another server before acceptance. It maintains two copies within the transport high availability boundary and discards the shadow copy.
Safety net is a default transport service feature that stores up to two days of delivered messages across mailbox servers, enabling redelivery during failures and ensuring message redundancy.
Plan a site resilient messaging solution with exchange to prevent outages and data inconsistency, guided by SLA, redundancy, primary and failover sites, and backup strategies.
Explore site resilience scenarios for microsoft 365 messaging, including two or more active sites, plus active/passive and file share witness configurations to maintain quorum and recovery.
Plan a unified namespace for site resiliency and select unbound, bound, or regional models. Deploy dag configurations across data centers, manage mailbox databases, and apply split brain dns.
Design and manage a multisite dag to restore quorum after site failures, using primary and secondary sites with witness servers, and enable data center activation coordination to prevent split brain.
Configure a dag witness in Azure to enable high availability for the database using a venette gateway, two data centers, and a multi-site vpn with on-prem devices.
Learn failover and switchover in a multisite setup, including DAG management, stopping DAG members, restoring the DAG to the secondary site with an alternate witness, and moving the active database.
Identify data loss scenarios such as deleted mailbox items, lost mailboxes, and data center failures, which lack native protection and require backup or exchange native data protection.
Discover data loss mitigation features that complement backups in Exchange. Leverage recoverable items, single item recovery, in-place hold, e-discovery, mailbox retention, and safety nets with database availability groups for resilience.
Explore backup and restore scenarios for Microsoft 365 messaging, including recovering hard deleted messages, post-retention period items, and databases without a database availability group, necessitating traditional backups.
Plan and quantify your recovery strategy by setting goals for recovery time and recovery point objective, focusing on outage duration, read-only capability for investigation, and full service restoration.
Explore exchange native data protection, a backup-less approach using built-in features like legal hold and single item recovery to protect mailbox data and reduce backups.
Evaluate backup options using the three to one rule, off-site copies, and multiple media, noting Exchange Online native data protection and Barracuda backups for mailbox, OneDrive, and SharePoint.
Explore backup considerations for Exchange, detailing what to back up from the system state of domain controllers and the mailbox server to database and log files, certificates, and AIS configuration.
Explore supported backup technologies for Microsoft 365 messaging, including exchange-aware backups, VSS shadow copy backups with DAG considerations, brick-level item restores, and Microsoft data protection options such as DPM.
Install and use the Windows Server Backup utility to back up Exchange data to a local drive or Azure, with schedule and notes on log purge and allow file restore.
Explore restore scenarios for Microsoft 365 messaging, including system state backups and Rickover server recovery. Learn database restoration options, recovery databases, database portability, dial tone recovery, and dag recovery.
Explore using the Exchange Management Shell's new mailbox repair request command let to discover and repair corrupted mailboxes, items, and databases online, with optional checks and events in event viewer.
Explore how Exchange Online Protection delivers message hygiene through anti malware, anti spam, and threat protection, included with Exchange Online and usable for on-premises, cloud, or hybrid deployments.
Learn how EOP protects Microsoft 365 messaging by scanning incoming, outgoing, and internal email with antivirus engines and antispam, plus directory-based blocking and spoofing protection.
Learn to route mail in hybrid environments using exchange online protection, configuring inbound and outbound flows with connectors and the hybrid wizard, and reconfiguring SPF and DMARC for trusted partners.
Explore exchange online protection versus on premises environment, and review antispam and antimalware capabilities, connectors, and mx records that link exchange online protection to your organization.
Explore how exchange uses antispam technologies to tag messages with antispam headers and a spam confidence level, guiding bulk mail and phishing analysis.
Learn how spam filters assign a spam score mapped to an ACL, distinguishing safe senders and IPs, and route messages to inbox, junk mail, or quarantine with policies.
Examine anti-spam and anti-malware protections in Exchange Server and Exchange Online Protection, compare built-in options with stand-alone or hybrid deployments, and evaluate compatibility with Exchange 2019 and cost considerations.
Enable antispam agents on mailbox servers when no edge transport server exists. Configure sender filter, content filter, safe list aggregation, quarantine, and sender reputation via shell.
Configure anti-malware protection in the Exchange admin center with inbound and outbound scanning policies, default and custom rules, and EMS commands plus scripts to enable, disable, and update engine definitions.
Configure anti-malware policies to define actions on infected messages, such as delete or replace attachments with default or custom text, set recipient filters, and manage notifications, recipients, and policy priorities.
Outbound spam in exchange online is enabled by default with limited configurability; you can specify addresses to receive copies or notifications under exchange online protection.
Explore how content policies route spam to quarantine, including transport rule matches, and contrast on-prem admin-only quarantine via outlook with online access through the Special Security and Compliance Center.
Explore anti-malware policies in the exchange admin center. Configure default and custom malware filters, detection actions, and notifications across on-prem and online environments.
Configure SPF as a DNS TXT record to list authorized servers and IPs for your domain, use proper syntax, and consider DMARC for stronger spoofing protection in Office 365.
DomainKeys Identified Mail (DKIM) adds a header signature to messages, stays with forwarding, reduces false positives, and is enabled via CNAME DNS records in Exchange Online for Microsoft domains.
dmarc creates domain-based message authentication, reporting and conformance using dns text records to prevent spoofing; start with a none policy, then quarantine or reject, with aggregate and failure reports.
Configure advanced anti-spam settings by editing SPF records, implementing DKIM selectors, and applying DMARC policies in DNS and Exchange Online to curb spoofing.
Explore how ATP delivers comprehensive exchange online protection with safe attachments, safe links, machine learning analysis, and phishing and spoof intelligence to guard Microsoft 365 Messaging.
Utilize safe attachments by using a hypervisor to open supported attachments in a virtual environment, enabling zero-day protection and testing that can block, replace, or deliver attachments dynamically while scanning.
Learn how safe links in advanced threat protection rewrite and test embedded URLs to block phishing, warn users, and prevent automatic redirects.
Discover spoofing intelligence in Microsoft 365 messaging to review spoofing senders, decide to allow or block external domains, and configure policies using true sender and spoofed user details.
Explore advanced threat protection in the Office 365 security and compliance center, including anti phishing policies, quarantine workflows, and threat management dashboards.
Develop and apply policies to manage the email lifecycle, including retention, archiving, data loss prevention, and e-discovery, using security and compliance features in Microsoft 365.
Explain how Microsoft 365 encryption safeguards data at rest and in transit, using BitLocker, Azure Storage encryption, and Office 365 message encryption, plus key management and S/MIME options.
Explore how the security and compliance center uses role-based access control to grant permissions for compliance tasks, including data loss prevention and e-discovery retention, via role groups and roles.
Explore how to manage RBAC roles in the security and compliance center, assign permissions across admin centers, and configure retention, archiving, DLP, e-discovery, supervision, and mail flow policies.
Implement retention policies to preserve content until the retention end date and delete it after, across locations, users, and content types, helping compliance, reduce risk, and keep knowledge current.
Explore how retention policies operate at the mailbox level, moving deleted messages to the recoverable items folder and allowing users to restore deleted items before permanent deletion.
Apply retention policies to content by prioritizing retention over deletion, longest retention period, explicit over implicit inclusion, and shortest deletion period across exchange mailboxes, groups, teams, and Microsoft 365 services.
Explore how to configure retention policies in the Security and compliance center, including choosing retention duration, delete rules, and scope across email, Office 365 Groups, SharePoint, OneDrive, and Teams.
Configure DLP policies with conditions and actions in the security and compliance center or Exchange admin center to protect content across Exchange Online, SharePoint Online, and OneDrive for Business.
Configure data loss prevention policies in the Security and Compliance Center or Exchange Admin Center, using templates to detect sensitive data types and enforce rules with policy tips.
Track messages across Exchange Online with message trace to determine delivery status and events, enabling troubleshooting, policy validation, and detailed investigation via Security and Compliance Center.
Demonstrates message trace in exchange online and compliance centers to troubleshoot mail flow. Filter by date range, sender, recipient, and client IP, then view delivery status and generate reports.
Explore in-place and litigation holds in Microsoft 365 messaging, preserving electronically stored information for litigation, with in-place holds using search criteria across primary and archive mailboxes.
Discover how holds place user mailboxes on hold and preserve items immutably, with optional duration, and how the recoverable items folder and in-place e-discovery support search and preservation.
Explore how the recoverable items folder under holds manages deleted items, including the deletions, purges, and versions folders, with discovery holds and e-discovery capabilities.
Demonstrates in-place holds and litigation holds for mailbox preservation with e-discovery, using discovery management roles, keywords, and content filters to preserve and recover items from recoverable items and purges.
Discover how messaging records management uses retention policy tags and retention policies to govern email lifecycle, with default, folder, and personal tags that archive, delete, or recover items.
Apply a single default policy tag to remove or move messages after a set period, with optional personal and folder-level tags for inbox and archive control.
Learn how the managed folder assistant, a throttle-based mailbox assistant running on mailbox servers, applies retention policies across mailboxes. Configure work cycles, refresh mailbox lists, and start managed folder assistant.
Explore configuring retention policies in the exchange admin center, creating retention tags, applying default and custom policies, and enforcing archive and deletion timelines for mailboxes.
Understand how the message tracking log records mail flow across mailbox and transport servers, enabling forensics and troubleshooting, with configurable log size, age, and subject logging.
Explore how to search message tracking logs and generate trace reports in Exchange Online, compare it with on-premises delivery reports, and learn to interpret SMTP paths and server details.
Enable in-place archiving to replace local and network files with archive mailboxes, improving searchability and performance. Support compliance, e-discovery, and retention by harmonizing primary and archive mailboxes in hybrid deployments.
Understand in-place archiving as an online-only extra mailbox accessible via Outlook and OWA, with a two-year retention policy, activation requirements, licensing, and auto-expanding quotas with warnings when limits are exceeded.
Learn to enable archive mailboxes for users using the Exchange admin center, Exchange Management Shell, or Security and Compliance Center. Create, move, and import data into archives as needed.
Explore in-place archiving in Exchange Online and Exchange on-prem, enable archive mailboxes, manage quotas, and use mailbox import/export tools to move content with retention policies.
Journaling records targeted messages in the transport pipeline as a transparent retention tool, distinct from archiving. Journal rules determine scope and generate journal reports sent to a journal mailbox.
Assess journaling considerations before activation, including decrypting journal reports and protected messages, impact on archiving tools, ensuring quotas are eliminated for an alternate journaling mailbox, and the ten-rule limit.
Compare administrator and mailbox audit logging in Exchange auditing, noting defaults and enablement, and learn to generate reports with shell through a hands-on demo.
Examine exchange auditing capabilities for on-premises and online deployments, including admin audit logs, mailbox auditing, and practical command-line and GUI reporting workflows.
Explore content searches as a core e-discovery tool for on-prem and web-based environments, with web-based searches faster but limited by 10 concurrent searches and 50,000 mailboxes, requiring role groups.
Decide who creates and runs content searches, select search type (new, guided, or by message IDs) and keywords, set conditions and locations, and choose actions like soft delete or export.
Create and manage content searches in the security and compliance center or via PowerShell with the compliant search command, clone searches to break up large searches, and optimize e-discovery workflows.
Discover how e-discovery supports regulatory and legal requirements by searching across multiple mailboxes and Office 365 services, with in-place searches, and options to preview, copy, or export results.
Learn about Microsoft 365 eDiscovery permissions, including the discovery management role group with mailbox search and legal roles, plus the security compliance center's manager, administrator, and reviewer access.
Demonstrates how to perform e-discovery and content searches across the security and compliance center (and exchange admin center), create cases, run searches, preview results, and export findings.
Are you looking to bolster your career with the Microsoft 365 Messaging Administrator Course? With the Microsoft 365 Messaging course, you can appreciate and manage messaging infrastructures, managing recipients and mailbox databases, client access, high availability and disaster recovery, threat protection, hybrid environments, and lots more.
During this program, you will learn the essential components of Microsoft 365 messaging administration, such as message transport and mail flow, messaging security, compliance, hygiene, hybrid messaging and hygiene. You will also gain hands-on experience to make a competent Messaging Administrator. Take the right step today and build your corporate future with the MS-203 Microsoft 365 Messaging. SIGN UP NOW!