Office 365 Interview Questions and Answers 7

What is Autodiscover service and how it works?

Microsoft Exchange Autodiscover service in Exchange helps the Autodiscover capable outlook clients to configure outlook profile easily by providing minimal input. Users know their user name and password information, by providing those information, other information to configure outlook profile can be retried from Exchange using Autodiscover Service. Autodiscover automatically configures user profile for outlook and mobile devices.

Outlook 2007 and later clients supports Autodiscover to connect Exchange 2007 and above.

How Autodiscover works

Information that are required to configure the outlook profile will be retrieved from Exchange in a XML format and outlook use that information to connect to different services to function properly.

How Autodiscover works when connecting from Internal network.

Note: To locate Autodiscover service, outlook uses LDAP query to Service Connection Point object first (Internal clients) and if it fails it uses DNS query (external clients).

  1. Once user enters the credential (email address and password, where email address considered as a user name), outlook authenticated with AD and queries for Service Connection Point objects to find the Autodiscover Service in Client access server to which it has to contact to get the Autodiscover information in xml format.

SCP object will be created when Exchange client access server installed and new SCP will be created when new CAS servers are installed, SCP will be updated with the servicebindinginformation FQDN of client access server name in the form of https://cas01.learnexchangeserver.com/autodiscover/autodiscover.xml and keyword that tells to which site this CAS server belongs.

  1. Once the client authenticated to active directory,

     

    1. The Autodiscover service information will be obtained from SCP object, for any reason it that fails
    2. Outlook will try the predefined URL like https://autodiscover.learnexchangeserver.com/autodiscover/autodiscover.xml by using DNS
    3. If the above fails, outlook will try the HTTP redirect method, it is same predefined URL, instead of https, http will be used
    4. If the above fails, SRV record lookup will be used which is the last lookup method and if that fails outlook auto configuration will fail.

     

  2. Autodiscover Service in CAS server contacts AD to get the URL and the configured Exchange Services details
  3. Autodiscover Service returns a HTTPS response with XML file that includes connection settings and URLS for available Exchange features
  4. Outlook client uses that information to connect to Exchange.

How Autodiscover works when connecting from Internet.

If the Client Machine is not AD domain joined,

  1. Outlook first tries to locate the Autodiscover service by looking up the SCP object in Active Directory. Since the client is in internet, it will not be able to contact Active Directory,
  2. Outlook Client will try to locate the Autodiscover service by DNS queury. For DNS query, outlook uses the right side of the email address, that is, learnexchangeserver.com (domain name first), and check the DNS for two predefined URLs. For example

https://learnexchangeserver.com/autodiscover/autodiscover.xml

https://autodiscover.learnexchangeserver.com/autodiscover/autodiscover.xml

Note: Need to create a DNS record in Internet to connect to your Client Access Server to make it work.

  1. Autodiscover Service in CAS server contacts AD to get the URL and the configured Exchange Services details
  2. Autodiscover Service returns a HTTPS response with XML file that includes connection settings and URLS for available Exchange features
  3. Outlook client uses that information to connect to Exchange.

When outlook clients connect to Autodiscover Service?

Outlook and Exchange Active Sync on mobile device uses Autodiscover for configuring and maintaining server settings for client

Outlook clients automatically connect to the Autodiscover service in the following conditions:

  • When outlook client starts, both opening for the first time and every time it starts
  • Every 60 minutes once
  • Any time that the client’s connection to an Exchange Server fails

What is Access Token and Refresh Token?

When a user successfully authenticates with Office 365 (Azure AD), they are issued both an Access Token and a Refresh Token.

  • The Access Token is very short-lived (valid for around 1 hour).
  • The Refresh Token is longer-lived – in some cases the token may be valid for up to 90 days if It is frequently use and the user hasn’t changed their password

The Access token is what is used to actually gain access to Resources such as Exchange or SharePoint Online. When the Access token expires, the Office client will present the Refresh token to Azure AD and request a new Access Token to use with the resource. The default lifetime for a Refresh Token is 14 days (expires 14 days after issue if not “used”). Features such as Conditional Access Policies may force users to sign-in again even though the Refresh Token is still valid. Once the Refresh token expires, users will need to sign-in again.

What is an Alternate Login ID?

Alternate Login ID is a feature of Azure AD that allows certain customers (that are synchronizing their directories with Office 365) to use a different value than their on-prem UPN.

What is a soft deleted mailbox and hard deleted mailbox?

A soft-deleted user mailbox is a mailbox that is deleted in the following cases:

  • The user mailbox’s associated Azure active directory user account is soft deleted (the Azure active directory user object is out of scope or in the recycle bin container).
  • The user mailbox’s associated Azure active directory user account is hard deleted but the Exchange Online mailbox is in a litigation hold or eDiscovery hold.
  • The user mailbox’s associated Azure active directory user account has been purged within the last 30 days; which is the retention length Exchange Online will keep the mailbox in a soft deleted state before it is permanently purged and unrecoverable.

A hard-deleted user mailbox is a mailbox that has been deleted in the following cases:

  • The user mailbox has been soft-deleted for more than 30 days, and the associated Azure active directory user has been hard-deleted. All mailbox content such as emails, contacts and files will be permanently deleted.
  • The user mailbox’s associated Azure active directory user account has been hard-deleted in the Azure active directory. The user mailbox is now soft-deleted in Exchange Online and stays in the soft deleted state for 30 days. If in the 30 days time period a new Azure active directory user is synchronized from the original on-premises recipient account with the same ExchangeGuid or ArchiveGuid, and that new account is licensed for Exchange Online, this will result in a hard deletion of the original user mailbox. All mailbox content such as emails, contacts and files will be permanently deleted.
  • The soft deleted mailbox has been deleted using the Remove-Mailbox -PermanentlyDelete cmdlet in Exchange Management Shell.

How to recover a deleted mailbox in Office 365 / Exchange Online?

Soft deleted mailboxes will be available for 30 days. If the mailbox available in soft deleted state, then we can restore the mailbox.

Leave a Reply