Security

Security related items and thoughts

2

September 2020 Security Updates For Exchange 2016 and 2019

Posted on by Rhoderick Milne [MSFT]
September 2020 Exchange Security Updated - KB4577352

Today is patch Tuesday for September 2020, and amongst the updates released today are security fixes for Exchange 2016 and Exchange 2019.

More specifically, the fix is only available for the versions of Exchange 2016 and 2019 that are open for servicing.  This means that only the latest CUs can be serviced, and if you are running on an outdated CU then there is not way that you can receive these se… Read the rest “September 2020 Security Updates For Exchange 2016 and 2019”

2

Unable to Edit WAP Published Application in Mixed Mode Farm

Posted on by Rhoderick Milne [MSFT]

During the upgrade process it is expected that there will be multiple versions of AD FS and WAP servers operating in a farm at a given time.  This is actually a good option as it allows us to easily upgrade from AD FS 2012 R2 to a newer version such as 2016 or 2019.  We can do this without having to build a brand new farm from scratch and then cutting over applications to the new farm wi… Read the rest “Unable to Edit WAP Published Application in Mixed Mode Farm”

2

Unable To Access WAP AD FS Proxy Instance Externally

Posted on by Rhoderick Milne [MSFT]

When deploying AD FS and Web Application Proxy it is common to run into some networking issues.  Normally this is due to firewall rules not being set correctly.

However we need to be aware of the default behaviour of WAP and factor that into our deployment.

When WAP is installed, it will write additional firewall rules into the Windows firewall.  However, the default rules do not cover all monitorin… Read the rest “Unable To Access WAP AD FS Proxy Instance Externally”

2

RDCMan Download Removed

Posted on by Rhoderick Milne [MSFT]

Update 26-4-2021:  RDCMan is now available again!

Rejoice and be thankful - see this post for more details please.  I'll leave the post below for historical context.

A perennial favourite subject on the blog has been the topic of Remote Desktop Connection Manager (RDCMan).  This was an internal Microsoft tool which was made available to customers.  Initially version 2.2 then version 2.7 was released.

How… Read the rest “RDCMan Download Removed”

7

Easy Way To Retrieve Certificate Thumbprint Using PowerShell

Posted on by Rhoderick Milne [MSFT]

Since many certificate operations involve knowing the certificate’s thumbprint, it is always useful to to have an easy way to get this information.  In some of the online documentation it mentions you can copy the thumbprint out of the Certificate MMC snap-in and then manually delete the spaces between the data.  No thanks.

However, if you *really* want to do that, or a quick and easy way to launch… Read the rest “Easy Way To Retrieve Certificate Thumbprint Using PowerShell”

1

Update WAP Published Application Certificate

Posted on by Rhoderick Milne [MSFT]

A base Web Application Proxy (WAP) provides AD FS proxy capability in addition to also publishing on-premises web applications to the Internet.  This can be used to publish services such as Exchange OWA and Autodiscover.

Publish Applications using AD FS Preauthentication can used in certain situations to pre-authenticate the incoming request before it is passed onto the internal server.  Alternative… Read the rest “Update WAP Published Application Certificate”