0

End of Exchange 2019 Mainstream Support

Posted on by Rhoderick Milne [MSFT]
Exchange 2019 Support Lifecycle Policy

Today marks the end of Exchange 2019’s mainstream support.  This will likely resurface the discussion about what do we do with on-premises Exchange, where is the next version and do we even still need Exchange Server if all mailboxes are in Exchange Online?  While there is a solution to removing the last Exchange Server from on-premises it does have it's caveats and considerations.  Please ensure … Read the rest “End of Exchange 2019 Mainstream Support”

0

Enable DMARC For OnMicrosoft.com Domains

Posted on by Rhoderick Milne [MSFT]
DMARC Record For onmicrosoft.com Domain

It is possible to add a Domain Based Message Authentication Reporting and Conformance (DMARC) record for your onmicrosoft.com domain in M365.

Is that a good thing?

Well, your viewpoint may depend on your experiences with this domain.  If you actually use the onmicrosoft.com domain to send email, then yes!  Adding the DMARC record enables the DMARC alignment check to pass and the mail to be successfu… Read the rest “Enable DMARC For OnMicrosoft.com Domains”

1

How To Generate File Hash Using Certutil

Posted on by Rhoderick Milne [MSFT]
Create File Hash using Certutil

Windows has the ability to easily generate a hash for a given file using the Certutil.exe utility.  Administrators may have previously used to this tool when they need to generate TLS certificates or to perform other tasks against AD Certificate Services.  As an example of the former, this was a common task for AD FS certificates as described in this post.

To generate the file hash we will use the … Read the rest “How To Generate File Hash Using Certutil”

0

Using PowerCfg To Set Server Power Plan From Command Line

Posted on by Rhoderick Milne [MSFT]
Set Power Plan Via Command Line

Being able to automate and set Power Plan options via the command is useful for both automation and tasks on Server Core.  We can use powercfg.exe to control power plans - also called power schemes - to use the available sleep states, to control the power states of individual devices, and to analyze the system for common energy-efficiency and battery-life problems.

Below are multiple examples of the … Read the rest “Using PowerCfg To Set Server Power Plan From Command Line”

0

Unable To Access OWA Externally Via WAP 2019

Posted on by Rhoderick Milne [MSFT]
Unable To Access OWA - Still Working On It

After upgrading Web Application Proxy (WAP) to Windows Server 2019 you may run into an issue with certain applications that are published via WAP to the Internet.

In the below example the AD FS upgrade went well with no issues.  The AD FS farm and WAP servers were upgraded to Windows Server 2019 and all appeared to be going well.  Too well that was, as when the external tests were validated against… Read the rest “Unable To Access OWA Externally Via WAP 2019”

0

Stale DNS Server Blocking Captive Portal Or Simply Inaccessible

Posted on by Rhoderick Milne [MSFT]
Stale DNS Server Entries Causing Issues On Windows 10 and 11

It’s always DNS.  That’s the typical mantra when troubleshooting AD issues.

But what about a fully updated Windows 10/11 machine totally ignoring the DNS server it was told to use via DHCP?  Yes, that unfortunately was a recent problem.  On the machine it appeared to have the public Google DNS server (8.8.8.8) stuck.  Regardless of what network the machine connected to, it ignored the DNS server as… Read the rest “Stale DNS Server Blocking Captive Portal Or Simply Inaccessible”

0

Exchange Unexpected InternalNLBBypass URL – RecoverServer

Posted on by Rhoderick Milne [MSFT]
Exchange Server Unexpected URL RecoverServer

Reviewing the output of an environement's CAS Namespaces showed that there was an unexpecte URL present for the version of Exchagne that was installed.  With Exchange 2013 onwards InternalNLBBypassURL is not something that we need to set.  That was an Exchange 2007 and 2010 thing.

In the environment below note that there are couple of things that pique my interest.

Any thoughts?

Exchange WebServices Showing InternalNLBBypassURL

What is interesting i… Read the rest “Exchange Unexpected InternalNLBBypass URL – RecoverServer”

0

Exchange Healthcheck Script – EWS Internal Bypass URL Set

Posted on by Rhoderick Milne [MSFT]
Exchange Healthcheck InternalNLBBypassURL

The amazing Exchange Healthcheck script really has gotten to the point where Exchange Best Practices Analyser (ExBPA) used to be. Exchange admins should heavily use the Healthcheck script.  This should be done before and after maintenance tasks such as installing CUs and security updates.

There is a handy dandy shortcut URL to download the script:  https://aka.ms/ExchangeHealthChecker

Note that this… Read the rest “Exchange Healthcheck Script – EWS Internal Bypass URL Set”

0

Quick Tip – Easily Allow JIT to Azure VMs In A Resource Group

Posted on by Rhoderick Milne [MSFT]
Azure Portal Connect to VM

Controlling connections to Azure VMs using the just in time (JIT) policy of Microsoft Defender for Cloud (MDC) certainly improves the overall security of the Azure resource.  However, then having to enable JIT on a given VM runs into issues pretty quickly.

Azure Portal Too Permissive

Who thought it was a great idea to have “All configured IPs” as the default option? No thanks – I do not want to enab… Read the rest “Quick Tip – Easily Allow JIT to Azure VMs In A Resource Group”

0

How to Get Newer Version of PowerShellGet – Install, Don’t Upgrade

Posted on by Rhoderick Milne [MSFT]
Update PowerShellGet

Current versions of Windows come with a version of PowerShellGet pre-installed.  The PowerShellGet and PackageManagement modules originally were released in Windows PowerShell 5.0 which itself was part of the Windows Management Framework (WMF) 5.0 RTM.  This was back in early 2016. The PowerShellGet module is also integrated with the PackageManagement module as a provider.

The 1.0.0.1 version of Powe… Read the rest “How to Get Newer Version of PowerShellGet – Install, Don’t Upgrade”