Exchange .NET Framework Upgrade – The Unsupported Kangaroo In The Room

Exchange Upgrade CU .NET Framework Support

It is critical Exchange installations are properly maintained in all regards.  In order to stay current with Exchange Cumulative Updates (CUs), it is necessary to read the release notes for a given CU to determine if an update is required for the .NET Framework.  Staying current on updates is required to receive full support from Microsoft.  Exchange Hybrid supports N and N-1 for on-premises CUs, … Read the rest “Exchange .NET Framework Upgrade – The Unsupported Kangaroo In The Room”


Should I Overwrite The Default Exchange SMTP Certificate?

Exchange Prompt To Overwrite Default SMTP Certificate

When adding a TLS certificate on an Exchange server, the inevitable prompt will appear to enquire if you wish to overwrite the default SMTP certificate binding.  While the UI in the current versions of Exchange is slightly different, it was basically the same prompt in Exchange 2010 & Exchange 2007.

Exchange Prompt To Overwrite Default SMTP Certificate

While the prompt language was the same in Exchange 2007 and newer versions, the way that transpo… Read the rest “Should I Overwrite The Default Exchange SMTP Certificate?”


Can You Fix This? Exchange 2013 Setup – Server-Gui-Mgmt-Infra Isn’t Installed

There was a request to fix the issue below when installing Exchange 2013 CU23.  When running setup the error received was "Installing Exchange Error - Server-Gui-Mgmt-Infra isn't installed".

If you look closely at the image below, you might be able to state the answer in advance…

Installing Exchange Error - Server-Gui-Mgmt-Infra isn't installed

Alternative Reality

As a side note.  If you are installing Exchange 2016 onto Windows Server 2016 and receive this error, … Read the rest “Can You Fix This? Exchange 2013 Setup – Server-Gui-Mgmt-Infra Isn’t Installed”


April 2021 Exchange Security Updates

Today is patch Tuesday for April 2021 and there are critical Exchange server security updates in the release.  You can review all of the affected products on the MSRC blog or on the Security Update Guide (SUG).

Updates have been released for supported versions of Exchange 2013, 2016 and 2019.  Details can be found in KB 5001779.

Update 5-5-2021.  Two articles with known issues relating to this securitRead the rest “April 2021 Exchange Security Updates”


Exchange & TCP/IP Port Range

The below is an interesting result after installing Exchange.  The act of installing Exchange will change how TCP/IP operates on the server with respect to ephemeral connections.

This may manifest itself in a few ways.

For example:

  • Security or Network are "surprised" with different network behaviour on an Exchange server when reviewing captures
  • Network team sets a very restrictive firewall ACL which is
Read the rest “Exchange & TCP/IP Port Range”

Exchange Setup Fails – Error 3221685616

The saying goes that nothing monitors AD better than Exchange.  While the symptom is an Exchange issue, the underlying root cause is typically something else. Though as an added "feature" Exchange can also monitor additional elements of your infrastructure and indicate they are also unhealthy...

This is one of those such cases, where an Exchange CU was not installing.    In the screenshot below, yo… Read the rest “Exchange Setup Fails – Error 3221685616”


QuickTip – Query Block Mode

Exchange 2010 SP1 introduced the concept of block mode or granular replication.  This minimised the time taken for transactions on the active node to be replicated to passive nodes.  Since the feature is enabled by default and is self-managing, there is a good chance that you are benefiting from it without being fully aware of it.

See also understanding High Availability and Site Resilience

If you d… Read the rest “QuickTip – Query Block Mode”


Install March 2021 Security Update–Exchange 2013 Net Framework 4.7.2

You will have seen the multiple posts and communications around the Hafnium Exchange security issue.  One of the most disconcerting issues has been the number of Exchange installs that have not been patched in several years.  Once the storm has abated, I'll put down some thoughts and talk through some of the most problematic issues, but for now let's focus on the task in hand.  Security updates ar… Read the rest “Install March 2021 Security Update–Exchange 2013 Net Framework 4.7.2”


Collected Links For Hafnium – March 2021 Exchange Security Issue

The below are a series of links, tips and some very brief thoughts on Hafnium.  I will purposefully not include the content of the other locations as it is changing so rapidly, and there is no way to ensure that it would be updated here in a timely fashion.



If you read nothing else, please ensure that you install the update from an elevated CMD prompt if you are manually installing. 

FaiRead the rest “Collected Links For Hafnium – March 2021 Exchange Security Issue”


Out of Band Critical Exchange Security Updates–March 2021

Security updates were released today for Exchange 2010, 2013, 2016 and 2019.  Attacks were detected which leveraged these vulnerabilities, so an out of band set of updates was released

This a remote code execution on TCP 443 and is already being exploited as a 0-Day attacks against on-premises Exchange servers.

Microsoft strongly recommends installing this update immediately.  Internet facing serverRead the rest “Out of Band Critical Exchange Security Updates–March 2021”