Microsoft Exchange and Active Directory Blog
Microsoft would like to improve the installation of Cumulative Updates (CUs) and Security Updates (SUs) for Exchange Server and is therefore asking for feedback from administrators in an anonymous online survey. Until the end of January 2023, Exchange administrators can fill out an online form and, if desired, also provide contact details to discuss possible improvements. Since readers of my blog keep ... Read more
Microsoft has released new security updates for Exchange Server 2013, 2016 and 2019 today. The security updates also include a new security feature, which currently still needs to be activated manually: Click here to download the security updates: The security updates fix the following security vulnerabilities classified as important: New security feature: Certificate Signing of PowerShell Serialization Payload To prevent ... Read more
I have already written several times about the configuration of certificates on Exchange servers, but mostly I have dealt with the front end certificates. However, Exchange servers also have a back end which is configured with a self-signed certificate. The back end certificate does not have to be replaced by a publicly valid certificate or by a ... Read more
I have just uploaded version 3.12 of the Exchange Reporter. The new version fixes 3 small bugs: The current version can be downloaded here: If you find any problems, please use the following form to report them. You can also use the form to send feature requests or other suggestions: I am currently working on the Exchange ... Read more
Attacks on outdated Exchange servers are currently underway again. Specifically, the ProxyNotShell vulnerability, which became known in October of this year, is being exploited again. The new attack method has been christened OWASSRF. The IIS rewrite rules published by Microsoft are bypassed in this new attack method. The only thing that helps at the moment is to install the available security updates from November: On the ... Read more
Many admins are familiar with the problem that size limits have been configured for mailboxes and every now and then there are messages about full mailboxes from users. As an admin, you really only have two options here: either you increase the mailbox size for the user, or you tell the user to clean up and delete old mails. The first ... Read more
A size limit for emails can be configured at various points on an Exchange server. The limits can be configured very granularly, for example at mailbox or protocol level. This article lists the options available. This article also applies to Exchange 2016. TransportConfig: Global size limit The global limits for emails are configured in TransportConfig. Read more
On Tuesday, Microsoft released new security updates for Exchange Server 2013, 2016 and 2019. The update closes the ProxyNotShell vulnerability (CVE-2022-41040 and CVE-2022-41082), which was known and actively exploited in September. Click here to download the security updates: Microsoft recommends installing the update as soon as possible. Click here for the article on the Exchange ... Read more
Two Outlook Autodiscover settings, which are active in the default setting, often cause problems when setting up Outlook accounts. In the default setting, Outlook always tries to retrieve Autodiscover settings from Microsoft 365, which often leads to problems with on-prem Exchange servers. Outlook also tries to retrieve the Autodiscover settings from the root domain ... Read more
AutoMapping is a very practical feature in Exchange Server, but unfortunately it is somewhat limited: AutoMapping only automatically connects a mailbox in Outlook if the user has full access to the mailbox. As soon as granular permissions are configured at mailbox level, AutoMapping no longer takes effect. In this case, the user must manually reconnect the mailbox with the granular rights. ... Read more
