Rhoderick Milne [MSFT] - 250 Hello

2

Defender For Identity Sensor Service Fails To Start on AD FS – Sequence Contains No Elements

Posted on 17th February 2021 by Rhoderick Milne [MSFT]

After installing Defender for Identity sensor onto AD FS, you may experience an issue where the service does not enter the running state.

In the Microsoft Defender for Identity portal the sensor is reported as "Not Configured"

Lab Starting Reference Point

Since the AD FS sensor is new (January 2021), you initially installed sensors onto all of your AD Domain Controllers.

The below indicates that all o… Read the rest “Defender For Identity Sensor Service Fails To Start on AD FS – Sequence Contains No Elements”

1

Unable to Install Windows Updates or Windows Components

Posted on 10th February 2021 by Rhoderick Milne [MSFT]

Checkdsk Scan To Troubleshoot DISM Issues

The below post initially stemmed from an Exchange Risk Assessment which noted that all of the customer's Exchange servers were missing critical Windows updates. The customer's security team were slightly upset as they believed (mistakenly) that all assets were properly updated. This was not the case. When we looked into the details, the monthly Windows Server 2012 R2 updates had been failing to… Read the rest “Unable to Install Windows Updates or Windows Components”

0

Most Popular Blog Posts For 2020

Posted on 31st December 2020 by Rhoderick Milne [MSFT]

Well, good bye to 2020. That was some year to put it mildly…

Again, we see that on-premises content has been reduced and the overall focus is Office 365 and Hybrid. AD FS certificates keep on expiring and so do WAP, thus those articles remain popular as ever.

Most Popular 2020 Posts

1. How To Run Manual DirSync / Azure Active Directory Sync Updates
2. Remote Desktop Connection Manager Download

… Read the rest

2

Exchange 2019 CU8 Released

Posted on 15th December 2020 by Rhoderick Milne [MSFT]

Exchange 2019 CU8 has been released to the Microsoft Volume Licensing Center! Exchange 2019 has a different servicing strategy than Exchange 2007/2010 and utilises Cumulative Updates (CUs) rather than the Rollup Updates (RU/UR) which were used previously. CUs are a complete installation of Exchange 2019 and can be used to install a fresh server or to update a previously installed one. Exchange… Read the rest “Exchange 2019 CU8 Released”

2

Exchange 2016 CU19 Released

Posted on 15th December 2020 by Rhoderick Milne [MSFT]

Exchange 2016 CU19 has been released to the Microsoft download centre! Exchange 2016 has a different servicing strategy than Exchange 2007/2010 and utilises Cumulative Updates (CUs) rather than the Rollup Updates (RU/UR) which were used previously. CUs are a complete installation of Exchange 2016 and can be used to install a fresh server or to update a previously installed one. Exchange 2013 h… Read the rest “Exchange 2016 CU19 Released”

1

Exchange 2010 SP3 RU31 Released

Posted on 14th December 2020 by Rhoderick Milne [MSFT]

Today is patch Tuesday for December 2020 and contains a security advisory bulletin for Exchange 2010. Due to the way that Exchange 2010 is serviced, security updates are released as a new update rollup (RU).

You can visit the Microsoft Security Response Center to read the details about this and the other released security updates.

This is build 14.03.0509.000 of Exchange 2010, and KB 4593467 has the… Read the rest “Exchange 2010 SP3 RU31 Released”

0

Exchange December 2020 Security Updates

Posted on 8th December 2020 by Rhoderick Milne [MSFT]

Please be aware that Exchange 2013, Exchange 2016 and Exchange 2019 security updates were released as part of the December 2020 patch Tuesday release. The overall rating is critical, and the update resolves multiple issues.

Details for these, and previously released updates can be found in the Security Update Guide. Also note that Exchange 2010 SP3 RU31 was also released.

For all of th… Read the rest “Exchange December 2020 Security Updates”

1

Exchange 2013 OnPremisesSmtpClientSubmission – Unhealthy After Disabling TLS 1.0 and TLS 1.1

Posted on 7th December 2020 by Rhoderick Milne [MSFT]

After going through the steps to disable TLS 1.0 and TLS 1.1, it was noted that Managed Availability was not happy with one particular component in Exchange 2013. This was the OnPremisesSmtpClientSubmission probe and the monitor which was associated to it. The below is a reproduction of the customer environment.

For reference, you can review Protocols in TLS/SSL (Schannel SSP) for a listing of wh… Read the rest “Exchange 2013 OnPremisesSmtpClientSubmission – Unhealthy After Disabling TLS 1.0 and TLS 1.1”

0

Exchange Managed Availability Broken With TLS 1.2 Changes

Posted on 3rd December 2020 by Rhoderick Milne [MSFT]

In most enterprise customers there is a segregation of duties between multiple teams. This could be networking and desktop. Or Windows Server platform and messaging. It was the split in these roles, and especially a dearth of communication which led to this tale of woe with TLS 1.2 and Exchange.

The reasons for moving to TLS 1.2 and avoiding SSL2, SSL3, TLS 1.0 and TLS 1.1 should be well underst… Read the rest “Exchange Managed Availability Broken With TLS 1.2 Changes”

2

Exchange Managed Availability Error – OutlookRpcSelfTestProbe

Posted on 30th November 2020 by Rhoderick Milne [MSFT]

This case illustrates the "fun" with Managed Availability a particular customer had after making changes to their servers. The servers were built back in 2014, and as such the default self signed certificates had expired and were previously replaced. This is because the Exchange self signed certificates have a 5 year validity period.

It was noted that Managed Availability was not healthy in all r… Read the rest “Exchange Managed Availability Error – OutlookRpcSelfTestProbe”