Exchange 2019 CU14 has been released to the Microsoft Volume Licensing Center and the public Microsoft Download site! Exchange 2019 has a different servicing strategy than Exchange 2007/2010 and utilises Cumulative Updates (CUs) rather than the Rollup Updates (RU/UR) which were used previously. CUs are a complete installation of Exchange 2019 and can be used to install a fresh server or to upd… Read the rest “Exchange 2019 CU14 Released (2024 H1)”
Below is a repro of a customer situation where the Exchange Healthcheck script was unable to connect to a remote Exchange server. The Healthcheck script would run locally with no issues, and reported a clean bill of health. The ability to run the health verification checks against multiple severs is an important aspect of the healthcheck tool, and means that we do not have to RDP to many servers.… Read the rest “Exchange Healthcheck Script– Unable to Connect to Remote Server”
If you want to easily view all of the VHD or VHDX files that have been configured on Hyper-V VMs, the below PowerShell command makes this easy.
Since I may use a temporary VHDX as a mechanism to copy files into VMs, it sometimes get left mounted and this makes it easy to see which VM has that particular disk file attached. Creating a temporary VHDX makes it easier to copy large source files to VMs… Read the rest “Quick Tip–Verify VHDs Mounted In Hyper-V VMs”
Today marks the end of Exchange 2019’s mainstream support. This will likely resurface the discussion about what do we do with on-premises Exchange, where is the next version and do we even still need Exchange Server if all mailboxes are in Exchange Online? While there is a solution to removing the last Exchange Server from on-premises it does have it's caveats and considerations. Please ensure … Read the rest “End of Exchange 2019 Mainstream Support”
It is possible to add a Domain Based Message Authentication Reporting and Conformance (DMARC) record for your onmicrosoft.com domain in M365.
Is that a good thing?
Well, your viewpoint may depend on your experiences with this domain. If you actually use the onmicrosoft.com domain to send email, then yes! Adding the DMARC record enables the DMARC alignment check to pass and the mail to be successfu… Read the rest “Enable DMARC For OnMicrosoft.com Domains”
Windows has the ability to easily generate a hash for a given file using the Certutil.exe utility. Administrators may have previously used to this tool when they need to generate TLS certificates or to perform other tasks against AD Certificate Services. As an example of the former, this was a common task for AD FS certificates as described in this post.
To generate the file hash we will use the … Read the rest “How To Generate File Hash Using Certutil”
Windows Server 2008 R2 Active Directory added the AD Recycle Bin feature. This allowed for an easier way to recover from an “oops” moment when a small number of objects were mistakenly deleted. The option to perform an authoritative restored remains to recover from mass deletion events. The AD Recycle Bin can be enabled via the AD Admin Centre or AD PowerShell using the Enable-ADOptionalFeature… Read the rest “Quick Tip – How Do I View The Deleted Objects Container”
Before deploying Microsoft Defender for Identity (MDI), administrators traditionally have relied on the MDI Test Readiness script to validate domain controller prerequisites. The script is intended to catch configuration issues early, such as missing directory permissions or insufficient system resources, before sensor installation begins. However, a recent update has caused a question to be raise… Read the rest “MDI Readiness Test Script”
In Active Directory, the Deleted Objects container is a hidden location where objects reside temporarily after they have been deleted, before they are fully removed by the tombstone or recycle bin process. This container plays a critical role in object recovery and directory hygiene. By default, permissions on it are limited and the container itself is often overlooked since it is out of sight.
Th… Read the rest “MDI–Assign & Verify Permissions To Deleted Objects Container”
In today's threat landscape, passwords alone are no longer sufficient to protect access to cloud systems. Enter Multifactor Authentication (MFA): a security mechanism that requires users to present two or more independent validation factors—typically something you know (e.g. password), something you have (e.g. a mobile authenticator or hardware key), or something you are (e.g. biometric data)—befo… Read the rest “Time To Stop Using The Legacy Azure MFA & SSPR Portal”