250 Hello - Random Musings on Security and Exchange

10

AD FS Web Application Proxy Re-Establish Proxy Trust

Posted on 16th November 2021 by Rhoderick Milne [MSFT]

In the Tailspintoys environment the AD FS Proxy was offline for month. It was unable to contact the AD FS server on the internal network, and this allowed the short lived authentication certificate to expire. At this point the AD FS Proxy was "dead to me" as far as the AD FS server was concerned. The internal AD FS server was OK, the issue was just with the proxy.

Bummer....

How do we fix this? … Read the rest “AD FS Web Application Proxy Re-Establish Proxy Trust”

7

Unable To Renew Exchange Certificate – Friendly Name Is Too Long

Posted on 9th November 2021 by Rhoderick Milne [MSFT]

Your Exchange certificate is about to expire, so you initiate a standard process to renew it. It's only a 5 minute job as that's how long it took last time, right?

Well, no. All is fine until you try to renew the existing certificate. The easiest way to initiate the renewal is by using the Renew option in the Exchange Admin Center.

The current certificate is the one selected in the below screensho… Read the rest “Unable To Renew Exchange Certificate – Friendly Name Is Too Long”

0

Add Domain to Azure, What Is Its EXO Status?

Posted on 26th October 2021 by Rhoderick Milne [MSFT]

Add Domain To Azure AD - What Is The Domain Type in Exchange Online

A recent discussion revolved around adding domains to Azure, and how that would manifest iteslf in Office 365 and Azure. This was a customer where one set of admins was focused on Azure and others on Office 365 and they did not interact much.

Lab Starting Configuration

You will note that initially there are three domains shown in Exchange Online portal. One is a custom vanity domain - tailspintoys… Read the rest “Add Domain to Azure, What Is Its EXO Status?”

2

Exchange 2016 CU22 and Exchange 2019 CU11 Setup Changes

Posted on 30th September 2021 by Rhoderick Milne [MSFT]

With the release of this month's Exchange updates, there are changes to not only the installation prerequisites but also the installation parameters.

These changes break down into two main areas. What you must ensure is installed prior to installing this or a subsequent CU, and secondly that the command line options have been updated along with the corresponding GUI.

To summarise:

IIS URL rewrite mo

… Read the rest

0

Exchange 2019 CU11 Released

Posted on 28th September 2021 by Rhoderick Milne [MSFT]

Exchange 2019 CU11 has been released to the Microsoft Volume Licensing Center and the public Microsoft Download site! Exchange 2019 has a different servicing strategy than Exchange 2007/2010 and utilises Cumulative Updates (CUs) rather than the Rollup Updates (RU/UR) which were used previously. CUs are a complete installation of Exchange 2019 and can be used to install a fresh server or to upd… Read the rest “Exchange 2019 CU11 Released”

0

Exchange 2016 CU22 Released

Posted on 28th September 2021 by Rhoderick Milne [MSFT]

Exchange 2016 CU22 has been released to the Microsoft download centre! Exchange 2016 has a different servicing strategy than Exchange 2007/2010 and utilises Cumulative Updates (CUs) rather than the Rollup Updates (RU/UR) which were used previously. CUs are a complete installation of Exchange 2016 and can be used to install a fresh server or to update a previously installed one. Exchange 2013 h… Read the rest “Exchange 2016 CU22 Released”

0

Exchange Online Transport Rule Audit

Posted on 27th September 2021 by Rhoderick Milne [MSFT]

This is a topic that still comes up when doing email investigations. After there has been an issue, we want to perform analysis to determine what may have happened any potentially why certain security controls did not act the way we expected.

With email one example would be around the audit information collected when an Exchange Online transport rule acts upon a message.

It is common to see that ad… Read the rest “Exchange Online Transport Rule Audit”

2

Is Exchange Fully Updated? If Not, Go Update Now

Posted on 22nd September 2021 by Rhoderick Milne [MSFT]

The Exchange team just posted that the September 2021 updates are going to be slightly delayed. The priority will always be to ship quality updates rather than force it out to meet a specific day.

You can look at the announcement, and Nino's additional comments here:

Delay of September 2021 Cumulative Update for Exchange Server - Microsoft Tech Community

This means that we have a little bit more tim… Read the rest “Is Exchange Fully Updated? If Not, Go Update Now”

0

Unable to Prepare Schema For Exchange Server 2019–Forest Functional Level

Posted on 16th September 2021 by Rhoderick Milne [MSFT]

Imagine that you have spent weeks planning for your upgrade to Exchange 2019. There are no unsupported down-level versions of Exchange, only Exchange 2016 is present. Those pesky public folders were also taken out behind the farmer's shed never to return. That only taken 15 or so years, but hey life is a journey...

Imagine your surprise when you go to perform step #1 which is extending the… Read the rest “Unable to Prepare Schema For Exchange Server 2019–Forest Functional Level”

0

Updating to RDCMan 2.8

Posted on 20th July 2021 by Rhoderick Milne [MSFT]

Now that we have a new version of Remote Desktop Connection Manager (RDCMan), I wanted to list out some of my initial thoughts and upgrade experience as I did encounter a couple of minor bumps. Please add a comment if you are running into issues as well please.

Like many other administrators, I heavily used RDCMan 2.2 and 2.7 over the last 11 years. This was my primary tool for managing a wide r… Read the rest “Updating to RDCMan 2.8”