Microsoft Exchange and Active Directory Blog
Ransomware such as Crypto Locker or Locky and other names are becoming more and more of a plague. Only in a few cases is it possible to restore the encrypted data. Without a backup, the damage can quickly become very extensive. Since the Trojans usually start encrypting data from a client and in doing so ... Read more
Today there is another useful PowerShell script that can be used to add remote users to local groups on servers or computers. The script expects a CSV file with computer names and then processes the list. The CSV file must be formatted as follows: An example is included in the archive. The first 5 lines ... Read more
Microsoft has released its new tool "Advanced Threat Analytics" (ATA). Reason enough to try out the new tool. ATA can be downloaded here in a 90-day demo: https://technet.microsoft.com/de-de/evalcenter/mt228154 By the way, there is also a key in the MSDN subscription: I am testing the whole thing in my Hyper-V playground. The ATA VM requires 2 network cards, and ... Read more
The Windows CA is able to send mails to inform about processes. For example, when the service is stopped or started. However, it is not easy to configure manually. I have therefore slightly modified a script from the Technet so that it also works if the CA has not yet issued any certificates. Simply ... Read more
The preview (download) of Exchange is available for download and I have started testing it. This article will first deal with the installation on a Server 2012 R2. In the first step, my test environment only consists of a domain controller on Windows Server 2012 R2 and another VM, also with Windows Server ... Read more
From 01.01.2016, Microsoft will declare SSL certificates with SHA1 as the hash algorithm invalid. Web servers or services that use certificates with SHA1 will therefore trigger certificate warnings in the user's browser. Therefore, SHA1 certificates should be replaced slowly but surely. In order for an internal CA to issue certificates with SHA256 (SHA2), the CA must ... Read more
The videos from the Microsoft Technical Summit 2014 in Berlin are available on Channel 9. A total of 46 videos on various topics are available there: .NET Compiler Framework "Roslyn" ASP.Net vNext closing keynote Alive and kicking: .NET vNext at a glance Authentication and single sign-on for mobile, web and desktop applications Automation 2.0 - data center automation in the public (Azure ... Read more
Currently the SChannel Fix (KB2992611) seems to cause problems with SQL and IIS servers. Various sources report problems connecting from Chrome to IIS servers that have installed the update. Exchange 2013 on Server 2012 R2 does not seem to have any problems with the update. OWA with Chrome and Internet Explorer work fine. Apparently in my ... Read more
I hate it when applications are started automatically when I log on to a system, including the server manager. If you don't want the server manager to start automatically when you log on, you can either deactivate the corresponding task in the task scheduler or apply a GPO to all servers: To do this, simply create a new GPO on a domain controller. Read more
In the last part of this series of articles, we will deal with the publication of certificates and revocation lists via HTTP. Part 1 and part 2 can be found here: https://www.frankysweb.de/server-20082012-pki-installieren-teil-1/ https://www.frankysweb.de/server-20082012-pki-installieren-teil-2/ First create a new share on the server that will later deliver the revocation lists and certificates via HTTP. I have created the share in the last ... Read more
