Sunday, June 20, 2010

Exchange Server 2010 Interview Questions - Federation

1. What is federated sharing?

Federated Sharing allows easy sharing of availability information, calendar, and contacts with recipients in external federated organizations

2. What are the options shared in federated sharing?

  1. Free busy information

  2. Calendar and contact sharing

  3. Sharing policy


3. How federated sharing works in Exchange server 2010?

4. Explain the operation of federation?

5. What are the benefits of federation?

Allow users to act on behalf of specific user

  • Specific user identified by E-mail address

  • User not prompted for credentials


Reduces explicit trust management

  • No AD trusts, service to cloud accounts to manage

  • Minimizes certificate exchanges

  • Verifies domain ownership


6. Explain the federation commands in Exchange server 2010?

Establish federation trust = New-federation Trust

  • Install signing certificate on CAS servers

  • Exchange certificate with federation gateway


Prove domain ownership = domainname.com IN TXT AppId = xxxxxxxx

  • Create DNS TXT record


Add domain to trust = set-federatedOrganizationIdentifier

Add-federatedDomain

  • Must be accepted domain


7. How to establish federated sharing in Exchange Server 2010?

  1. Create trust with certificate exchange

  2. Prove domain ownership

  3. Add domains


8. What is Microsoft Federation Gateway?

Exchange Server 2010 uses Microsoft Federation Gateway (MFG), an identity service that runs in the cloud, as the trust broker. Exchange organizations wanting to use Federation establish a Federation Trust with MFG, allowing it to become a federation partner to the Exchange organization. The trust allows users authenticated by Active Directory , known as the identity provider (IP), to be issued Security Assertion Markup Language (SAML) delegation tokens by MFG. The delegation tokens allow users from one federated organization to be trusted by another federated organization. With MFG acting as the trust broker, organizations are not required to establish multiple individual trust relationships with other organizations. Users can access external resources using a single sign-on (SSO) experience

9. What is Federation Trust?

A Federation Trust is established between an Exchange organization and MFG by exchanging the organization's certificate with MFG, and retrieving MFG's certificate and federation metadata. The certificate is used for encrypting tokens

10. What is Sharing Policy?

Sharing policies allow you to control how users in your organization can share calendar and contact information with users outside the organization. To provision recipients to use a particular sharing policy

11. Prerequisites to create a Sharing Policy

  • A federation trust has been created between your Exchange 2010 organization and Microsoft Federation Gateway, and the Federated Organization Identifier is configured.

  • Although you can create a sharing policy for any external domain, recipients from the specified domain can access your users' information only if they have a mailbox in an Exchange 2010 organization and their domain is federated

No comments:

Post a Comment