Microsoft Exchange and Active Directory Blog
I recently added 3 Ubiquiti (UBNT) switches to my private network. After replacing the old switches with the new UBNT switches, these now also had to be integrated into the monitoring. I use the free version of PRTG to monitor my network. For the Unifi access points there is already ... Read more
After a long time, I have once again revised the Exchange Reporter and fixed various bugs. Most of the modules now also work with Exchange 2019. The following fixes and new functions are now included in version 3.4: New functions Support for Server 2016 (AD) and Exchange 2019 Bugfixes Link in the PSPKI documentation corrected ... Read more
This third part of the article series "Simple measures for more security in AD" deals with the passwords of local administrator accounts. In many environments, the local administrator passwords are always the same, but this sometimes opens the door to malware and makes lateral movement possible or at least simplifies it. Different passwords for the ... Read more
An Exchange 2016 DAG recently encountered the problem that the mail.que, i.e. the Exchange queue, had grown to over 60 GB. If the mail.que had continued to grow, the hard disk would inevitably have filled up, in which case the Exchange server in question would no longer have been able to deliver mails. Also on the other Exchange servers within the DAG ... Read more
New Cumulative Updates for Exchange Server 2013, 2016 and 2019 were released today. Click here to go directly to the downloads (the links may not work directly, just try again later): Exchange Server 2019 Cumulative Update 2, VLSC Download Exchange Server 2016 Cumulative Update 13 Exchange Server 2013 Cumulative Update 23 CUs ... Read more
I have already described the basic functionality of Admin Tiers in Part 1 of this article series; this article will now focus on setting up Admin Tiers in an existing environment. Basically, it makes sense if at least one Admin Host has already been installed. By and large, this article is first of all about ... Read more
Microsoft has released a new security update for all currently supported Exchange Server versions. What exactly the problem is with the Exchange Server versions has not been published. The description of the security advisory only states: Microsoft has released an update for Microsoft Exchange Server that provides enhanced security as a defense in depth measure. ... Read more
In this article, I already described how the Sophos UTM certificate can be exported via REST API. A few people have now reported that an automatic export and import for Exchange Server is interesting. I have therefore extended the script and successfully tested the export and import with Exchange Server 2016. ... Read more
Part 1 of this article series has already presented measures to improve the security of the Active Directory. The next articles are now dedicated to the implementation of these measures within an existing Active Directory using an example environment. This article will first deal with the Admin Host. Introduction The fictitious company "FrankysWebLab" can be used as an example here. Read more
Sophos UTM can now automatically request and renew certificates from Let's Encrypt. This function is particularly useful for web server protection (WAF). The certificate for the various WAF services is thus managed by the UTM and renewed accordingly before it expires. I have already received several requests from people who would like to use the ... Read more
