Microsoft Exchange and Active Directory Blog
This short HowTo is about the configuration of OCSP (Online Certificate Status Protocol) or the "Online Responder" role on Windows Server 2022. OCSP (Online Certificate Status Protocol) is a protocol that is used within the PKI. It enables the status of certificates to be checked in real time. Instead of checking the validity of certificates in long revocation lists (Certificate Revocation ... Read more
The critical vulnerability CVE-2024-21410 in Exchange Server, which was made public on February 13, 2024, is now being actively exploited. The vulnerability CVE-2024-21410 allows attackers to perform an NTLM relay attack (pass the hash). In this case, attackers can trick a client such as Outlook into logging on to a malicious relay in order to obtain the NTLM credentials. The ... Read more
Microsoft released CU 14 for Exchange Server 2019 yesterday. CU 14 brings these new features: Support for TLS 1.3 was also planned, but this did not make it into CU 14. CU 14 can be downloaded here: As already mentioned, CU 14 activates the Extended ... Read more
In August 2023, I tried out a preview version of Windows Server vNext and was quite disillusioned with the new features. Now it's a new year and something has changed in the Windows Server vNext version. I have therefore tested the current build 26010 of Windows Server vNext and have to admit ... Read more
Today, mainstream support for Exchange Server 2019 has expired, so both Exchange Server versions that are still supported are now in extended support, which ends on October 14, 2025. While Exchange 2016 will only receive security updates, Exchange 2019 will receive two more CUs. The CU14 for Exchange 2019 will be released soon and CU15 will also be ... Read more
I wish all friends, readers and supporters a merry and peaceful Christmas, take care of yourselves and stay healthy. I wish all admins who are looking after the well-being of the systems during or between the holidays every success. Take a few days off as soon as possible and treat yourselves and your loved ones to something nice. ... Read more
Most people will know Let's Encrypt as a free and open certification authority. Let's Encrypt uses the ACME (Automatic Certificate Management Environment) protocol to issue valid certificates for all kinds of services and systems with minimal administrative effort. Let's Encrypt is particularly suitable for all systems and services that are publicly accessible, as the issuing process for ... Read more
I am currently receiving a lot of inquiries about Exchange Server and sending emails via IONOS. As of January 15, 2024, IONOS will discontinue the smarthost function for IONOS mailboxes, which in turn means that Exchange servers can no longer use IONOS as a smarthost. Further information from IONOS can be found here: Apparently, there are quite a lot of people who are affected by this ... Read more
Microsoft has announced that Exchange 2019 CU14 will not be released this year. The CU14 has been postponed to January 2024. Just last year, the publication of Exchange CUs was changed so that only 2 CUs were to be published per year. The plan was to publish one CU in March and another in September. How ... Read more
Microsoft has released new security updates for Exchange Server 2016 and 2019. The updates fix the following vulnerabilities, which are all marked as "Important": Click here to download the updates directly: With the November security updates, the "Certificate signing of PowerShell serialization payload" feature is enabled by default. Before installing the November update ... Read more
