Microsoft Exchange and Active Directory Blog
In part 1, the root CA was installed, which will later be taken offline (i.e. shut down). Now, however, we will first take care of the sub-CA that is to be integrated into Active Directory. This is the second part of the PKI installation. The first step is to publish the certificate and the revocation list of the root CA in the Active Directory. The easiest way to do this is ... Read more
A certification authority is quickly installed under Windows Server. Essentially, the "Certification authority" role is added, "Next" is clicked a few times and you have a CA that can issue all possible certificates. So you have a PKI, which works, but is bad. A PKI and its CAs need to be well planned, and this involves ... Read more
From time to time it can be quite helpful to be able to access snapshots of drives, be it to quickly restore a file or to compare the contents of two files. A VSS snapshot can always be made accessible without having to restore the snapshot. However, there are two different ways, depending on the attributes ... Read more
Anyone who publishes Exchange servers and their web interfaces directly via port forward on the Internet may be familiar with the problem: Someone tries to guess the users and passwords or tries to access the mail accounts using brute force. Unfortunately, neither the Windows on-board tools nor Exchange Server offer the possibility to block the IP address after a few failed login attempts. Here ... Read more
Subscribers to the Microsoft Developer Network have access to the update for Windows Server 2012 R2 and Windows 8.1 announced today as a "Spring Update". The update mainly brings improvements for mouse control, which is particularly useful for Windows Server. The update will be officially delivered on April 8th via Windows Update. With the next update ... Read more
Here is another small script from the "Quick & Dirty" series. The script can restart a server and sends a mail with the status: #Server restart $servername = "SERVER01" $to = "frank@frankysweb.de" $from = "rebooter@frankysweb.de" $smtpserver = "smtp.frankysweb.local" Send-MailMessage -To $to -From $from -SmtpServer $smtpserver -Subject "Restart for server $servername" -body "The server $servername ... Read more
Unfortunately, the IIS web server does not offer the option of automatically deleting older log files. Either you write log files to disk continuously, or only one with a selectable size. I have therefore created a small script which deletes the log files after a selectable period of time. The script is available for download: Using a scheduled task, the script can be ... Read more
I have always had the problem that VSS snapshots on servers were not cleaned up. At some point, the hard disk would fill up because the operating systems had countless snapshots that were never cleaned up. I have therefore created a small script that determines the number of active snapshots and the date of the first and last snapshot. $serverlist ... Read more
My small Sophos UTM filters HTTP traffic (Web Filter) and scans it for viruses and malware, which works quite reliably, unless the websites are encrypted (HTTPS). By default, the UTM cannot scan encrypted traffic and therefore cannot filter out viruses/malware. However, this can be easily changed. In the ... Read more
I've just started installing the new Windows Server 2012 and playing around with it a bit. Here are my first impressions: The installation is the same as with Windows Server 2012, which was to be expected. After the installation, the server boots directly to the desktop and does not start the Server Manager immediately, which I find ... Read more
