250 Hello - Security

10

Sign-In Error 5000811 — Unable to verify token signature. The signing key Identifier Does Not Match Any Valid Registered Keys

Posted on 29th November 2021 by Rhoderick Milne [MSFT]

The error message "Sorry, that didn’t work. Please go back to office.com and try again” is probably one of the most vague that I've seen. It's up there with "please contact your administrator", which is fine unless you are the administrator...

The below is a repro of a case where all users were unable to sign into Office 365. They would receive the aforementioned "Sorry, that didn't work" message… Read the rest “Sign-In Error 5000811 — Unable to verify token signature. The signing key Identifier Does Not Match Any Valid Registered Keys”

0

Why Is The Exchange Security Update Not Installed?

Posted on 22nd November 2021 by Rhoderick Milne [MSFT]

The issue of "Why is the Exchange Security Update not installed?" has popped up frequently over the last few months due to the number of security releases for on-premises Exchange.

Due to Hafnium, security teams have increased the monitoring of Exchange to make sure that it is fully patched. In some of these cases, the Exchange and server admins think that they are all good as they run Windows Upd… Read the rest “Why Is The Exchange Security Update Not Installed?”

0

Does Manually Running Azure AD Connect Change Schedule?

Posted on 19th November 2021 by Rhoderick Milne [MSFT]

Despite the current versions of Azure AD Connect running the main synchronisation task every 30 minutes, there are still times when we want to force the task. As a result of this, a question was floated if that changed the existing schedule. If the next scheduled instance is in 10 minutes, and we run a manual task right now does that mean that another task will execute in 10 minutes?

TL;DR

In shor… Read the rest “Does Manually Running Azure AD Connect Change Schedule?”

9

AD FS Web Application Proxy Re-Establish Proxy Trust

Posted on 16th November 2021 by Rhoderick Milne [MSFT]

In the Tailspintoys environment the AD FS Proxy was offline for month. It was unable to contact the AD FS server on the internal network, and this allowed the short lived authentication certificate to expire. At this point the AD FS Proxy was "dead to me" as far as the AD FS server was concerned. The internal AD FS server was OK, the issue was just with the proxy.

Bummer....

How do we fix this? … Read the rest “AD FS Web Application Proxy Re-Establish Proxy Trust”

0

Exchange Online Transport Rule Audit

Posted on 27th September 2021 by Rhoderick Milne [MSFT]

This is a topic that still comes up when doing email investigations. After there has been an issue, we want to perform analysis to determine what may have happened any potentially why certain security controls did not act the way we expected.

With email one example would be around the audit information collected when an Exchange Online transport rule acts upon a message.

It is common to see that ad… Read the rest “Exchange Online Transport Rule Audit”

2

Is Exchange Fully Updated? If Not, Go Update Now

Posted on 22nd September 2021 by Rhoderick Milne [MSFT]

The Exchange team just posted that the September 2021 updates are going to be slightly delayed. The priority will always be to ship quality updates rather than force it out to meet a specific day.

You can look at the announcement, and Nino's additional comments here:

Delay of September 2021 Cumulative Update for Exchange Server - Microsoft Tech Community

This means that we have a little bit more tim… Read the rest “Is Exchange Fully Updated? If Not, Go Update Now”

1

Remote Desktop Connection Manager Download (RDCMan) 2.81

Posted on 24th June 2021 by Rhoderick Milne [MSFT]

Finally we have good news for all fans of the Remote Desktop Connection Manager (RDCMan) tool! It has risen from the ashes, and is now part of Sysinternals.

Over the years RDCMan built up a strong user base as it was a simple but powerful utility to manage connections to multiple machines. Sure, if you have three or four servers to manage you can get by with saved .rdp files or use the Universa… Read the rest “Remote Desktop Connection Manager Download (RDCMan) 2.81”

0

New And Advanced Azure AD Connect Topics

Posted on 2nd June 2021 by Rhoderick Milne [MSFT]

There have been some recent feature additions to Azure AD Connect. If we look at the Azure AD Connection Version History after a brief hiatus, there are newer versions as of March 2021. At the time of witing, the latest version is 1.6.4.0 and was released on the 31st May 2021.

There are multiple new features and changes in this build.

Updated ADSyncTools PowerShell module
Defaults to V2 synchronisati

… Read the rest

0

Microsoft Defender for Identity–Replaced Domain Controller

Posted on 19th April 2021 by Rhoderick Milne [MSFT]

The below environment was migrated from one hosting provider to another. Unfortunately one DC did not survive, and it was removed from the domain. This was done by using dsa.msc as it can now clean up the AD metadata rather than using NTDSUtil. That was a welcome change in Windows Server 2008.

A replacement server with the same name was built, joined to the domain and then promoted to be a DC. T… Read the rest “Microsoft Defender for Identity–Replaced Domain Controller”

1

April 2021 Exchange Security Updates

Posted on 13th April 2021 by Rhoderick Milne [MSFT]

Today is patch Tuesday for April 2021 and there are critical Exchange server security updates in the release. You can review all of the affected products on the MSRC blog or on the Security Update Guide (SUG).

Updates have been released for supported versions of Exchange 2013, 2016 and 2019. Details can be found in KB 5001779.

Update 5-5-2021. Two articles with known issues relating to this securit… Read the rest “April 2021 Exchange Security Updates”