Microsoft Exchange and Active Directory Blog
In a previous article, I described where the AMSI log files of the Exchange server can be found. As the logs are stored locally on the Exchange server, the logs are of little use if nobody reads them and attacks are only detected when it is too late. However, the logs can also be easily ... Read more
Microsoft has released Windows Server 2022. The successor to Windows Server 2019 has the build number "20348.169, Version 21H2" and is available in the Standard and Datacenter editions. An additional edition with the name "Windows Server 2022 Datacenter: Azure Edition" is only available on Microsoft Azure. There are no Essentials with Windows Server 2022 ... Read more
During a migration from Exchange onPrem to Microsoft 365, the error occurred that users synchronized via AADConnect could not log in to some services (such as Exchange Online and Office Portal) (HTTP 500 error). However, it was possible to log in to Teams and OneDrive without any problems. Logging in via Edge and Internet Explorer was also possible on ... Read more
The ExchangeHealthChecker has been around for some time, but many people still seem to be unaware of this useful script. However, it is worth running the script from time to time to prevent problems. The ExchangeHealthChecker analyzes the Exchange configuration and lists the most common configuration problems. The script therefore makes troubleshooting much easier. For example, the ExchangeHealthChecker lists expired certificates, ... Read more
It's currently in the news again: attackers are trying to exploit Exchange security vulnerabilities. This time, however, the updates have been available for some time. Anyone who has not yet installed the latest security updates should do so as soon as possible. Here is a summary of the available security updates: New security updates for Exchange Server (April 2021) New security updates for Exchange Server ... Read more
With the July 2021 CUs for Exchange Server, Microsoft has introduced AMSI integration as a new feature for Exchange 2016 and 2019. Here is some information about the new feature. What is AMSI? The Windows AntiMalware Scan Interface (AMSI) is an interface with which services and applications can be integrated into anti-malware solutions. ... Read more
After installing the July security updates, it may happen that the Exchange Administrative Center (EAC) and OWA can no longer be opened. The cause is an expired certificate for Exchange Server OAuth authentication. Microsoft also refers to this problem in the release notes of the updates. Unfortunately, the notes on the updates are overlooked ... Read more
A week ago, Microsoft released new security updates for Exchange Server 2013, 2016 and 2019. I'm only reporting on this now because I've been on vacation for the last 14 days. But thanks to the CVE reporter, this shouldn't be a problem :-) The following four vulnerabilities are closed by the updates CVE-2021-31196 CVE-2021-34470 CVE-2021-33768 CVE-2021-31206 Here's ... Read more
The new AMSI integration introduced with CU21 for Exchange 2016 and CU10 for Exchange 2019 in conjunction with various anti-virus scanners causes some serious problems. The Outlook connection sometimes becomes so slow that it is no longer possible to work. Even starting Outlook can take several minutes. Outlook repeatedly fails to respond, ... Read more
Microsoft has released new updates for Exchange Server 2016 and 2019 today. The CU21 now released for Exchange 2016 is the last CU to be released for Exchange 2016. From now on, there will only be security updates for Exchange 2016. Click here to download the CUs directly: Exchange Server 2019 ... Read more
