Microsoft Exchange and Active Directory Blog
Microsoft has released new updates for Exchange Server 2016 and 2019 today. The CU21 now released for Exchange 2016 is the last CU to be released for Exchange 2016. From now on, there will only be security updates for Exchange 2016. Click here to download the CUs directly: Exchange Server 2019 ... Read more
From time to time it can be useful to get an overview of the Outlook versions in use. Every now and then you will certainly find old Office / Outlook versions that should no longer be in use. With Exchange 2016 / 2019 servers, the Outlook version can be removed with PowerShell from ... Read more
In the standard Active Directory setting, the display name is formed from the first and last name. However, many companies, mostly in German-speaking countries, change the generation of the display name to "last name and first name". This has the advantage that users are easier to find in the Exchange address book and in the Active Directory, as the sorting is based on the surname and ... Read more
Microsoft has released new security updates for all Exchange Server versions (2013 - 2019). This time it concerns the vulnerabilities that were successfully used in Pwn2Own 2021 to attack Exchange Server. The following vulnerabilities are fixed: CVE-2021-31209 CVE-2021-31207 CVE-2021-31198 CVE-2021-31195 Here is a description from the Pwn2Own website, presumably exactly this vulnerability is now fixed: The ... Read more
From time to time it happens that you have to remove an email from your mailbox, for example because it should not have been sent in this way. Experience shows that this often happens with internal newsletters. The question often arises as to whether the mail has already been read, and if so, by how many recipients. With Exchange servers ... Read more
Microsoft has released new security updates for all Exchange Server versions (2013 - 2019). These are likely to fix the vulnerabilities that were used in the Pwn2Own 2021 to attack Exchange Server. The following vulnerabilities are fixed: CVE-2021-28483 CVE-2021-28482 CVE-2021-28481 CVE-2021-28480 Here is a description from the Pwn2Own website, probably exactly this ... Read more
A single user was no longer able to access his mailbox after a database failure due to a full log file partition. The problem only affected one user, while all other users were able to access the mailboxes in the database again. A general problem with the database could therefore be ruled out. The settings of the ... Read more
On an Exchange 2016 server that had configured its certificate from Let's Encrypt with the WIN-ACME client, the installation of a CU was aborted with an error at step 16 of 18: Here is the full test of the error message: Error: The following error was generated when "$error.Clear(); Install-ExchangeCertificate -services "IIS, POP, IMAP" -DomainController $RoleDomainController if ($RoleIsDatacenter ... Read more
Microsoft provides the tool "Exchange On-premises Mitigation Tool (EOMT) to secure unpatched Exchange servers for download: https://github.com/microsoft/CSS-Exchange/tree/main/Security EOMT first secures the Exchange server against the vulnerability CVE-2021-26855 using URL rewrite and then downloads the Microsoft Safty Scanner to check the server for a successful attack. However, EOMT does not install the available updates ... Read more
In the case of successfully attacked Exchange servers with the HAFNIUM exploit, the directory permissions may be changed, resulting in affected Exchange servers reporting an error message when installing updates. Here is an example of a directory where the permissions have been changed: As can be seen in the screenshot, the permissions for the principal ... Read more
