Microsoft Exchange and Active Directory Blog
Microsoft announced some time ago that Basic-Auth (standard authentication) will be deactivated in all tenants for the MAPIoverHTTP, EWS, POP, IMAP and ActiveSync protocols in Exchange Online from October 1, 2022. From October 1, 2022, it will therefore no longer be possible to use Basic-Auth (transmission of user name and password via HTTPS) in Exchange Online for ... Read more
Microsoft has released new security updates for Exchange Server 2013, 2016 and 2019 today. The update closes a total of 6 vulnerabilities for Exchange 2019, 3 of the vulnerabilities are considered critical. Click here to download the updates: Exchange Server 2013 CU23 Exchange Server 2016 CU22 and CU23 Exchange Server 2019 CU11 and CU12 These vulnerabilities are closed: Microsoft Exchange Information Disclosure Vulnerability ... Read more
It's been quite a while since I wrote an article about the Exchange 2019 installation. The original article dealt with the installation on Windows Server 2019, but since Windows Server 2022 is now also supported by Exchange and a few small things have changed, here is a fresh article. Defender ... Read more
The vacation season is just beginning and many colleagues are starting their summer vacation. Unfortunately, they often forget to activate the out-of-office assistant. I have created the "Out of Office Assistant for Admins" so that the Out of Office Assistant does not have to be activated via Exchange Shell, but can be conveniently activated in a small GUI. The small PowerShell script provides a simple GUI for activating the ... Read more
The first part of the article dealt with the installation and configuration of Apache as a reverse proxy for Exchange Server, this article deals with the installation and configuration of ModSecurity as a web application firewall for Exchange 2019. ModSecurity is an open source web application firewall that uses a corresponding set of rules to protect Exchange ... Read more
Today, Microsoft published a whole series of news about Exchange Server 2019 and the next Exchange Server version. I summarize the most important news in this article. The successor to Exchange 2019 (vNext) was first announced in September 2020 (at MS Ignite). At that time, it was said that the new Exchange version would be released in the second ... Read more
Many readers of this blog have requested an article on the subject of "Exchange Server and Reverse Proxy". Although there are already HowTos with Kemp, Sophos and F5, there also seems to be a need for open source solutions. Therefore, here is a HowTo for the use of Apache as a reverse proxy for ... Read more
Microsoft has released new security updates for Exchange Server 2013, 2016 and 2019. Click here to go directly to the downloads: Exchange Server 2013 CU23 Exchange Server 2016 CU22 and CU23 Exchange Server 2019 CU11 and CU12 The update fixes a vulnerability (CVE-2022-21978) which is classified as "Important". The update should therefore be installed promptly. Details about the vulnerability can be found here: CVE-2022-21978 The ... Read more
Since CU12 for Exchange 2019 and CU23 for Exchange 2016, certificates can no longer simply be requested or imported via the Exchange Admin Center. This is due to a change to the CMDLets "New-ExchangeCertificate", "Import-ExchangeCertificate" and "Export-ExchangeCertificate", where UNC paths can no longer be used. In the Exchange Admin Center there were before CU12 and CU23 ... Read more
The CU12 for Exchange 2019 and the CU23 for Exchange 2016 allow only the management tools to be installed on a server or workstation. Especially in a hybrid organization, where all mailboxes have already been migrated to Exchange Online, the last Exchange on-Prem can now be shut down. Before the Exchange Management Tools setup is executed ... Read more
