Microsoft Exchange and Active Directory Blog
The CU12 for Exchange 2019 and the CU23 for Exchange 2016 allow only the management tools to be installed on a server or workstation. Especially in a hybrid organization, where all mailboxes have already been migrated to Exchange Online, the last Exchange on-Prem can now be shut down. Before the Exchange Management Tools setup is executed ... Read more
Microsoft released new updates for Exchange Server on 20.04.2022. The new updates bring some new features and contain all previously released security updates. Click here to download directly: Exchange Server 2019 Cumulative Update 12 Exchange Server 2016 Cumulative Update 23 With the release of the updates, Microsoft is also changing the way Exchange ... Read more
Some readers of this blog have requested an article on delegating admin authorizations. Most requests revolve around the fact that certain administrative tasks, such as creating user accounts or resetting passwords, should be carried out by users. Of course, these users should not have Domain Admin authorizations, but only the authorizations required for their activities. Read more
Several readers of this blog have requested an article on the subject of "Outlook Anywhere for certain users only". The requirement is always quite similar: Only selected users should be allowed to connect to the Exchange Server from the Internet via Outlook Anywhere, all other users should not have this option. In other words, users should ... Read more
A reader asked for an article on how brute force attacks on Exchange servers can be prevented. Since Exchange servers in smaller environments are often directly accessible on the Internet (e.g. via port forward) and can also be identified very quickly thanks to autodiscover, Exchange servers are very suitable for brute force attacks. In a brute force attack ... Read more
Here you now have the opportunity to suggest a topic for a new article. So if you have a question about a specific topic related to Exchange or Active Directory, or simply want to know how function XY works and can be used, then you are welcome to submit a suggestion for a new post. A suggestion should ... Read more
A reader of this page asked whether it is possible for certain users to create and manage contacts for the organization. A separate RBAC (Role Based Access Control) role can be used for this with little effort. A corresponding role, which can only create and edit contacts in a specific organizational unit, can be created with little effort. ... Read more
Microsoft has released new security updates for Exchange Server 2013, 2016 and 2019. The updates can be downloaded here: Exchange Server 2013 CU23 Exchange Server 2016 CU21 and CU22 Exchange Server 2019 CU10 and CU11 The updates close the vulnerability CVE-2022-23277, which is classified as Critical, and the vulnerability CVE-2022-24463, which is classified as Important. As Exchange Server currently likes to ... Read more
The last Exchange 2019 Hybrid articles were about migrating Exchange on-prem mailboxes to Microsoft 365. This last article is about ending the hybrid mode and uninstalling the last on-prem Exchange server. Once all mailboxes have been migrated to Microsoft 365 and the synchronization of the local Active Directory accounts ... Read more
If you are already using Kemp Loadbalancer with Edge Security Pack (ESP) and Okta, you may find this article interesting. Multi-factor authentication (MFA) for OWA can be implemented using Kemp ESP and Okta. Unfortunately, only the MFA for OWA can be implemented in this way, other protocols such as MAPIoverHTTPs for Outlook or ActiveSync work ... Read more
