Security related items and thoughts
Endpoint security has always been a cornerstone of enterprise protection. Microsoft Defender for Endpoint (MDE) is the enterprise offering from Microsoft in this space. MDE is a leading solution for advanced threat detection and response. MDE is not a new product, it has already been in market for several years. You would have recognised it by the previous names Microsoft Advanced Threat Prote… Read the rest “Initial Defender for Endpoint Setup”
After installing Defender for Identity sensor onto AD FS, you may experience an issue where the service does not enter the running state.
In the Microsoft Defender for Identity portal the sensor is reported as "Not Configured"
Since the AD FS sensor is new (January 2021), you initially installed sensors onto all of your AD Domain Controllers.
The below indicates that all o… Read the rest “Defender For Identity Sensor Service Fails To Start on AD FS – Sequence Contains No Elements”
Please be aware that Exchange 2013, Exchange 2016 and Exchange 2019 security updates were released as part of the December 2020 patch Tuesday release. The overall rating is critical, and the update resolves multiple issues.
Details for these, and previously released updates can be found in the Security Update Guide. Also note that Exchange 2010 SP3 RU31 was also released.
For all of th… Read the rest “Exchange December 2020 Security Updates”
In most enterprise customers there is a segregation of duties between multiple teams. This could be networking and desktop. Or Windows Server platform and messaging. It was the split in these roles, and especially a dearth of communication which led to this tale of woe with TLS 1.2 and Exchange.
The reasons for moving to TLS 1.2 and avoiding SSL2, SSL3, TLS 1.0 and TLS 1.1 should be well underst… Read the rest “Exchange Managed Availability Broken With TLS 1.2 Changes”
The security space is constantly evolving, and while a lot of the recent work has been on moving to TLS 1.2, a previous focus in the industry was to stop issuing SHA1 certificates and transition to SHA2 based certificates. As a result, many will run security scans to review the presence of installed certificates and their properties. In one such engagement, the security team noted their displeas… Read the rest “A Tale of Two Certificates–SHA1 Certificate Created During Exchange 2016 Installation”
After preparing AD and installing the first Windows Server 2019 DC into an existing AD environment, it was noted that there were unresolved SIDs listed at the root of the domain. This was corelated to the AD 2019 upgrade as permissions had been audited and cleaned up prior due to previous issues in the environment. Previously all DCs were Windows Server 2012 R2 with all updates installed.
After r… Read the rest “Unresolved RID 526 and 527 After ADPrep”
When you try to install a PowerShell module or connect to the PowerShell Repository you may get the below error messages:
WARNING: Unable to download from URI 'https://go.microsoft.com/fwlink/?LinkID=627338&clcid=0x409' to ''.
WARNING: Unable to download the list of available providers. Check your internet connection.
For make most glorious benefit engine of search:
PackageManagement\Install-Packag… Read the rest “Unable To Install PowerShell Modules – Unable To Download From URI Error”
Today is patch Tuesday for September 2020, and amongst the updates released today are security fixes for Exchange 2016 and Exchange 2019.
More specifically, the fix is only available for the versions of Exchange 2016 and 2019 that are open for servicing. This means that only the latest CUs can be serviced, and if you are running on an outdated CU then there is not way that you can receive these se… Read the rest “September 2020 Security Updates For Exchange 2016 and 2019”
Installing a Web Application Proxy (WAP) server consists of two distinct actions. The first is installing the Remote Access role, and the second is to then configure the role. The act of configuring Remote Access enables WAP to function as an AD FS proxy, and optionally enables you to also publish other applications.
Over time some of those servers may have been replaced without fully uninstallin… Read the rest “Quick Tip – Manually Removing WAP Server”
During the upgrade process it is expected that there will be multiple versions of AD FS and WAP servers operating in a farm at a given time. This is actually a good option as it allows us to easily upgrade from AD FS 2012 R2 to a newer version such as 2016 or 2019. We can do this without having to build a brand new farm from scratch and then cutting over applications to the new farm wi… Read the rest “Unable to Edit WAP Published Application in Mixed Mode Farm”