Microsoft Exchange and Active Directory Blog
Microsoft has released new security updates for Exchange Server 2013, 2016 and 2019. The updates can be downloaded here: Exchange Server 2013 CU23 Exchange Server 2016 CU21 and CU22 Exchange Server 2019 CU10 and CU11 The updates close the vulnerability CVE-2022-23277, which is classified as Critical, and the vulnerability CVE-2022-24463, which is classified as Important. As Exchange Server currently likes to ... Read more
The last Exchange 2019 Hybrid articles were about migrating Exchange on-prem mailboxes to Microsoft 365. This last article is about ending the hybrid mode and uninstalling the last on-prem Exchange server. Once all mailboxes have been migrated to Microsoft 365 and the synchronization of the local Active Directory accounts ... Read more
If you are already using Kemp Loadbalancer with Edge Security Pack (ESP) and Okta, you may find this article interesting. Multi-factor authentication (MFA) for OWA can be implemented using Kemp ESP and Okta. Unfortunately, only the MFA for OWA can be implemented in this way, other protocols such as MAPIoverHTTPs for Outlook or ActiveSync work ... Read more
Microsoft has released new security updates for Exchange Server 2013, 2016 and 2019. The security update is intended to fix the following three vulnerabilities CVE-2022-21969 (Important) CVE-2022-21855 (Important) CVE-2022-21846 (Critical) The three vulnerabilities mentioned are errors that allow remote code execution. The updates should therefore be installed as soon as possible, even if no exploitation is currently ... Read more
At the turn of the year, there is a problem with mail delivery on Exchange servers. Mails get stuck in the queue with the following message: "The message was put on hold by the categorization agent" Mails are neither sent nor received. This problem has been occurring on all Exchange 2016 / 2019 servers since 01.01.2022 and is caused by the transport agent "Malware Agent" ... Read more
The Exchange 2019 hybrid environment has already been set up in Part 4. I actually wanted to go into the migration batches in more detail in this article, but decided against it. The migration batches and their options are usually only relevant in larger environments. In smaller environments, the migration batches can be conveniently set up via the Exchange Online Admin Center ... Read more
Exchange Server leaves old data or versions of the OWA and ECP directories on the file system after almost every update. In particular, the directory "C:\Program Files\Microsoft\Exchange Server\V15\ClientAccess\Owa\prem" takes up a lot of space on the file system after a long runtime and correspondingly many updates. Here is an example of an Exchange Server that has been running for a while: Old file versions ... Read more
The fourth part of this article series deals with the necessary adjustments to the DNS and the first tests. In part 3, the Exchange Hybrid configuration was completed to such an extent that only a small amount of configuration is now required. Essentially, once the SPF entry has been adjusted, the tests can begin. Adjust DNS settings (SPF) So that ... Read more
There are currently still many Exchange servers that have not been provided with the urgently needed security updates. This is not only about the ProxyLogon and ProxyShell vulnerabilities, which were already closed in April by corresponding updates, but now also about the vulnerability CVE-2021-42321, which has been closed with the latest Exchange updates. About the exploitation of ... Read more
In the previous article, the Microsoft 365 Tenant and Azure Active Directory Connect were set up. This article now deals with the installation and configuration of the Hybrid Configuration Wizard (HCW). The HCW creates the Exchange Hybrid environment and enables you to migrate mailboxes from the Exchange on-prem installation to Microsoft 365. The HCW takes over all ... Read more
