Microsoft Exchange and Active Directory Blog
Microsoft has released new security updates for Exchange Server 2013, 2016 and 2019. Click here to go directly to the downloads: Exchange Server 2013 CU23 Exchange Server 2016 CU22 and CU23 Exchange Server 2019 CU11 and CU12 The update fixes a vulnerability (CVE-2022-21978) which is classified as "Important". The update should therefore be installed promptly. Details about the vulnerability can be found here: CVE-2022-21978 The ... Read more
A reader of this page asked whether it is possible for certain users to create and manage contacts for the organization. A separate RBAC (Role Based Access Control) role can be used for this with little effort. A corresponding role, which can only create and edit contacts in a specific organizational unit, can be created with little effort. ... Read more
The last Exchange 2019 Hybrid articles were about migrating Exchange on-prem mailboxes to Microsoft 365. This last article is about ending the hybrid mode and uninstalling the last on-prem Exchange server. Once all mailboxes have been migrated to Microsoft 365 and the synchronization of the local Active Directory accounts ... Read more
If you are already using Kemp Loadbalancer with Edge Security Pack (ESP) and Okta, you may find this article interesting. Multi-factor authentication (MFA) for OWA can be implemented using Kemp ESP and Okta. Unfortunately, only the MFA for OWA can be implemented in this way, other protocols such as MAPIoverHTTPs for Outlook or ActiveSync work ... Read more
The Exchange 2019 hybrid environment has already been set up in Part 4. I actually wanted to go into the migration batches in more detail in this article, but decided against it. The migration batches and their options are usually only relevant in larger environments. In smaller environments, the migration batches can be conveniently set up via the Exchange Online Admin Center ... Read more
The fourth part of this article series deals with the necessary adjustments to the DNS and the first tests. In part 3, the Exchange Hybrid configuration was completed to such an extent that only a small amount of configuration is now required. Essentially, once the SPF entry has been adjusted, the tests can begin. Adjust DNS settings (SPF) So that ... Read more
In the previous article, the Microsoft 365 Tenant and Azure Active Directory Connect were set up. This article now deals with the installation and configuration of the Hybrid Configuration Wizard (HCW). The HCW creates the Exchange Hybrid environment and enables you to migrate mailboxes from the Exchange on-prem installation to Microsoft 365. The HCW takes over all ... Read more
The second part of the article series "Setting up a hybrid environment" deals with the preparations for Exchange hybrid mode. The Microsoft 365 tenant must be set up accordingly and Azure AD Connect must be installed and configured. The necessary steps are described in this article. The setup of the Microsoft 365 Tenant is described in the ... Read more
I've often been asked if I could write an article on setting up a hybrid environment with Exchange 2019 and Microsoft 365. The last articles on this topic are a bit older, but they still work well apart from a few minor details. Nevertheless, it's time to publish an updated version again. In ... Read more
Exchange Emergency Mitigation (EM) is, as already mentioned in this article, available from CU 11 for Exchange 2019 and CU 22 for Exchange 2016. The way it works is as simple as it is effective: The Exchange servers check every hour whether there is a new set of rules for mitigating a vulnerability. For this purpose, a signed XML document is sent every hour from ... Read more
