Microsoft Exchange and Active Directory Blog
Although the official update to version 9.5 is not yet available, Sophos has released a mini update today. The update raises the version of UTM 9 to 9.412-2: The update contains the following bug fixes: Fix [NUTM-7483]: [Basesystem] Optimize LPC usage Fix [NUTM-7564]: [SUM] RED Link state is shown wrong in Gateway Manager ... Read more
In article 2, I had already written my opinion on RPCoverHTTP (Outlook Anywhere) in conjunction with Sophos XG and two public DNS names. Here again briefly to repeat: The background is that most of the protection mechanisms of the web server protection for Outlook Anywhere must be switched off. This then also applies to the remaining web services such as OWA ... Read more
In January, I published the first public version of the Exchange Autodiscover Whitepaper. So far the PDF has more than 5000 downloads, now there is an updated version. The PDF now comprises 64 pages on Exchange Autodiscover, including sample configurations (6 pages more). A revision was necessary, as I had previously only dealt with the topic of split DNS in conjunction with Autodiscover ... Read more
OPNSense is a fork of the well-known open source firewall PFSense, I personally like OPNSense better, the GUI is tidier, there is a REST api and the most important plug-ins are also available. As there is a plugin for HAProxy and also for Let's Encrypt for OPNSense, I have started testing this combination in conjunction with Exchange 2016. OPNSense ... Read more
Foreword This article is not meant to be completely serious. However, in my opinion, there are a few inconsistencies with the Windows Update. Creators Update for Windows Server 2016? Nils already published it on Twitter on March 15, Windows Update also offers the Creators Update on a Windows 2016 server: I found this funny and ... Read more
With Windows Server 2016, a new Privileged Access Management feature was introduced, which allows users to be added to a group for a certain period of time only and automatically removed again after this time has expired. This feature is useful if a user is only to be given administrative rights (e.g. Domain Admin) for a certain period of time. A ... Read more
The Chrome browser reports the following error for websites running on an IIS server on Windows Server 2016: ERR_SPDY_INADEQUATE_TRANSPORT_SECURITY In this case, Chrome does not allow the error to be ignored. The problem also occurs with Exchange 2016 servers installed on Windows Server 2016. The problem lies in old cipher suites and ... Read more
Part 1 has already covered the preparations for Let's Encrypt certificates and Exchange 2010. This article therefore builds directly on Part 1. In part 1, the Exchange organization was adapted accordingly, so part 2 continues directly with the configuration of the public DNS. I forgot to mention that the ... Read more
Certificates from Let's Encrypt are becoming increasingly popular, which is hardly surprising as the certificates are free and there are simple clients to obtain the certificates. Let's Encrypt certificates are only valid for 3 months, but the available clients take care of renewing the certificates. Exchange 2016 can even be managed with a small PowerShell ... Read more
If anyone is running an Exchange 2016 server with the Edge Transport role on Windows Server 2016, you should read the post from the Exchange Team Blog, it says: Today we are announcing an update to our support policy for Windows Server 2016 and Exchange Server 2016. At this time we do not recommend customers install ... Read more
