Rhoderick Milne [MSFT] - 250 Hello

1

Azure Firewall Rule Not Working – Orange Triangle

Posted on 26th April 2021 by Rhoderick Milne [MSFT]

The below is from a customer situation where an Azure Network Security Group (NSG) firewall rule entry was not working as they expected. This was was created to allow RDP connectivity for some of their test servers.

However they were not able to connect to the server, and were being blocked by the NSG.

Ideally we do not want to allow RDP to our Azure VMs are there are more secure methods such as cli… Read the rest “Azure Firewall Rule Not Working – Orange Triangle”

0

Faulting Module Name NTdll.dll

Posted on 23rd April 2021 by Rhoderick Milne [MSFT]

One of my hosted lab environments ran into series of issues, and after unplanned maintenance there were multiple problems to resolve. The below error with a faulting ntdll.dll module was something I recall seeing many years ago with a Microsoft Operations Manager (MOM) deployment where the MOM agent simply would not start. On every single attempt to start the service it would crash with the erro… Read the rest “Faulting Module Name NTdll.dll”

0

Microsoft Defender for Identity–Replaced Domain Controller

Posted on 19th April 2021 by Rhoderick Milne [MSFT]

The below environment was migrated from one hosting provider to another. Unfortunately one DC did not survive, and it was removed from the domain. This was done by using dsa.msc as it can now clean up the AD metadata rather than using NTDSUtil. That was a welcome change in Windows Server 2008.

A replacement server with the same name was built, joined to the domain and then promoted to be a DC. T… Read the rest “Microsoft Defender for Identity–Replaced Domain Controller”

0

Can You Fix This? Exchange 2013 Setup – Server-Gui-Mgmt-Infra Isn’t Installed

Posted on 14th April 2021 by Rhoderick Milne [MSFT]

There was a request to fix the issue below when installing Exchange 2013 CU23. When running setup the error received was "Installing Exchange Error - Server-Gui-Mgmt-Infra isn't installed".

If you look closely at the image below, you might be able to state the answer in advance…

Alternative Reality

As a side note. If you are installing Exchange 2016 onto Windows Server 2016 and receive this error, … Read the rest “Can You Fix This? Exchange 2013 Setup – Server-Gui-Mgmt-Infra Isn’t Installed”

1

April 2021 Exchange Security Updates

Posted on 13th April 2021 by Rhoderick Milne [MSFT]

Today is patch Tuesday for April 2021 and there are critical Exchange server security updates in the release. You can review all of the affected products on the MSRC blog or on the Security Update Guide (SUG).

Updates have been released for supported versions of Exchange 2013, 2016 and 2019. Details can be found in KB 5001779.

Update 5-5-2021. Two articles with known issues relating to this securit… Read the rest “April 2021 Exchange Security Updates”

0

Exchange & TCP/IP Port Range

Posted on 12th April 2021 by Rhoderick Milne [MSFT]

The below is an interesting result after installing Exchange. The act of installing Exchange will change how TCP/IP operates on the server with respect to ephemeral connections.

This may manifest itself in a few ways.

For example:

Security or Network are "surprised" with different network behaviour on an Exchange server when reviewing captures
Network team sets a very restrictive firewall ACL which is

… Read the rest

2

Exchange Setup Fails – Error 3221685616

Posted on 9th April 2021 by Rhoderick Milne [MSFT]

The saying goes that nothing monitors AD better than Exchange. While the symptom is an Exchange issue, the underlying root cause is typically something else. Though as an added "feature" Exchange can also monitor additional elements of your infrastructure and indicate they are also unhealthy...

This is one of those such cases, where an Exchange CU was not installing. In the screenshot below, yo… Read the rest “Exchange Setup Fails – Error 3221685616”

0

QuickTip – Query Block Mode

Posted on 8th April 2021 by Rhoderick Milne [MSFT]

Exchange 2010 SP1 introduced the concept of block mode or granular replication. This minimised the time taken for transactions on the active node to be replicated to passive nodes. Since the feature is enabled by default and is self-managing, there is a good chance that you are benefiting from it without being fully aware of it.

If you d… Read the rest “QuickTip – Query Block Mode”

1

Intermittent Azure DNS Resolution Issues With With New Domain Controller

Posted on 6th April 2021 by Rhoderick Milne [MSFT]

The default option for DNS resolution on an Azure virtual network is to use the Azure DNS service. This is perfectly fine for regular Internet requests, if you need the capability to register internal DNS records for Active Directory then you will typically need to run your own DNS service. This is the case here and is also something observed with multiple customers. In each of these cases the … Read the rest “Intermittent Azure DNS Resolution Issues With With New Domain Controller”

0

Stages of AD Changes When Installing and Uninstalling Exchange

Posted on 3rd April 2021 by Rhoderick Milne [MSFT]

This is a post to capture the stages of change in Active Directory when the first Exchange server is installed, and opposingly when the last Exchange server is uninstalled. We will not get into any specific details about the individual changes made to AD, rather this is a 20,000 foot view.

Starting Configuration

A brand new lab was created using Windows Server 2016 for the DCs and Exchange servers.… Read the rest “Stages of AD Changes When Installing and Uninstalling Exchange”