1

Exchange 2016 CU20 PrepareAD Required

Posted on by Rhoderick Milne [MSFT]

This is a quick heads up for those who may be deploying Exchange 2016 in the near future.  If you are currently on Exchange 2016 CU19 there are no AD schema changes required, but there are AD changes.  The former is performed by /PrepareSchema, and the latter by /PrepareAD.

You can take a look at the history of Exchange 2016 schema changes in Active Directory schema changes in Exchange Server and th… Read the rest “Exchange 2016 CU20 PrepareAD Required”

0

Exchange .NET Framework Upgrade – The Unsupported Kangaroo In The Room

Posted on by Rhoderick Milne [MSFT]
Exchange Upgrade CU .NET Framework Support

It is critical Exchange installations are properly maintained in all regards.  In order to stay current with Exchange Cumulative Updates (CUs), it is necessary to read the release notes for a given CU to determine if an update is required for the .NET Framework.  Staying current on updates is required to receive full support from Microsoft.  Exchange Hybrid supports N and N-1 for on-premises CUs, … Read the rest “Exchange .NET Framework Upgrade – The Unsupported Kangaroo In The Room”

0

Exchange 2019 Setup Screenshots – Commandline Install

Posted on by Rhoderick Milne [MSFT]
Exchange 2019 Setup

This is a reference post for Exchange 2019 screenshots of the command line installation process.  You will note similarities to the Exchange 2016 installation.

Update 30-9-2021 Newer versions of Exchange 2019 have slightly modified the prerequisites and also the original command line options that are shown below.  Please see the Exchange 2019 CU11 setup changes post for details.

Planning And Preparat

Read the rest “Exchange 2019 Setup Screenshots – Commandline Install”
13

Should I Overwrite The Default Exchange SMTP Certificate?

Posted on by Rhoderick Milne [MSFT]
Exchange Prompt To Overwrite Default SMTP Certificate

When adding a TLS certificate on an Exchange server, the inevitable prompt will appear to enquire if you wish to overwrite the default SMTP certificate binding.  While the UI in the current versions of Exchange is slightly different, it was basically the same prompt in Exchange 2010 & Exchange 2007.

Exchange Prompt To Overwrite Default SMTP Certificate

While the prompt language was the same in Exchange 2007 and newer versions, the way that transpo… Read the rest “Should I Overwrite The Default Exchange SMTP Certificate?”

1

Azure Firewall Rule Not Working – Orange Triangle

Posted on by Rhoderick Milne [MSFT]

The below is from a customer situation where an Azure Network Security Group (NSG) firewall rule entry was not working as they expected.  This was was created to allow RDP connectivity for some of their test servers.

However they were not able to connect to the server, and were being blocked by the NSG.

Ideally we do not want to allow RDP to our Azure VMs are there are more secure methods such as cliRead the rest “Azure Firewall Rule Not Working – Orange Triangle”

0

Faulting Module Name NTdll.dll

Posted on by Rhoderick Milne [MSFT]

One of my hosted lab environments ran into series of issues, and after unplanned maintenance there were multiple problems to resolve.  The below error with a faulting ntdll.dll module was something I recall seeing many years ago with a Microsoft Operations Manager (MOM) deployment where the MOM agent simply would not start.  On every single attempt to start the service it would crash with the erro… Read the rest “Faulting Module Name NTdll.dll”

0

Microsoft Defender for Identity–Replaced Domain Controller

Posted on by Rhoderick Milne [MSFT]

The below environment was migrated from one hosting provider to another.  Unfortunately one DC did not survive, and it was removed from the domain.  This was done by using dsa.msc as it can now clean up the AD metadata rather than using NTDSUtil.  That was a welcome change in Windows Server 2008.

A replacement server with the same name was built, joined to the domain and then promoted to be a DC.  T… Read the rest “Microsoft Defender for Identity–Replaced Domain Controller”

0

Can You Fix This? Exchange 2013 Setup – Server-Gui-Mgmt-Infra Isn’t Installed

Posted on by Rhoderick Milne [MSFT]

There was a request to fix the issue below when installing Exchange 2013 CU23.  When running setup the error received was "Installing Exchange Error - Server-Gui-Mgmt-Infra isn't installed".

If you look closely at the image below, you might be able to state the answer in advance…

Installing Exchange Error - Server-Gui-Mgmt-Infra isn't installed

Alternative Reality

As a side note.  If you are installing Exchange 2016 onto Windows Server 2016 and receive this error, … Read the rest “Can You Fix This? Exchange 2013 Setup – Server-Gui-Mgmt-Infra Isn’t Installed”

1

April 2021 Exchange Security Updates

Posted on by Rhoderick Milne [MSFT]

Today is patch Tuesday for April 2021 and there are critical Exchange server security updates in the release.  You can review all of the affected products on the MSRC blog or on the Security Update Guide (SUG).

Updates have been released for supported versions of Exchange 2013, 2016 and 2019.  Details can be found in KB 5001779.

Update 5-5-2021.  Two articles with known issues relating to this securitRead the rest “April 2021 Exchange Security Updates”

0

Exchange & TCP/IP Port Range

Posted on by Rhoderick Milne [MSFT]

The below is an interesting result after installing Exchange.  The act of installing Exchange will change how TCP/IP operates on the server with respect to ephemeral connections.

This may manifest itself in a few ways.

For example:

  • Security or Network are "surprised" with different network behaviour on an Exchange server when reviewing captures
  • Network team sets a very restrictive firewall ACL which is
Read the rest “Exchange & TCP/IP Port Range”