Microsoft Exchange and Active Directory Blog
A reader asked for an article on how brute force attacks on Exchange servers can be prevented. Since Exchange servers in smaller environments are often directly accessible on the Internet (e.g. via port forward) and can also be identified very quickly thanks to autodiscover, Exchange servers are very suitable for brute force attacks. In a brute force attack ... Read more
A reader of this page asked whether it is possible for certain users to create and manage contacts for the organization. A separate RBAC (Role Based Access Control) role can be used for this with little effort. A corresponding role, which can only create and edit contacts in a specific organizational unit, can be created with little effort. ... Read more
Microsoft has released new security updates for Exchange Server 2013, 2016 and 2019. The updates can be downloaded here: Exchange Server 2013 CU23 Exchange Server 2016 CU21 and CU22 Exchange Server 2019 CU10 and CU11 The updates close the vulnerability CVE-2022-23277, which is classified as Critical, and the vulnerability CVE-2022-24463, which is classified as Important. As Exchange Server currently likes to ... Read more
The last Exchange 2019 Hybrid articles were about migrating Exchange on-prem mailboxes to Microsoft 365. This last article is about ending the hybrid mode and uninstalling the last on-prem Exchange server. Once all mailboxes have been migrated to Microsoft 365 and the synchronization of the local Active Directory accounts ... Read more
If you are already using Kemp Loadbalancer with Edge Security Pack (ESP) and Okta, you may find this article interesting. Multi-factor authentication (MFA) for OWA can be implemented using Kemp ESP and Okta. Unfortunately, only the MFA for OWA can be implemented in this way, other protocols such as MAPIoverHTTPs for Outlook or ActiveSync work ... Read more
Microsoft has released new security updates for Exchange Server 2013, 2016 and 2019. The security update is intended to fix the following three vulnerabilities CVE-2022-21969 (Important) CVE-2022-21855 (Important) CVE-2022-21846 (Critical) The three vulnerabilities mentioned are errors that allow remote code execution. The updates should therefore be installed as soon as possible, even if no exploitation is currently ... Read more
At the turn of the year, there is a problem with mail delivery on Exchange servers. Mails get stuck in the queue with the following message: "The message was put on hold by the categorization agent" Mails are neither sent nor received. This problem has been occurring on all Exchange 2016 / 2019 servers since 01.01.2022 and is caused by the transport agent "Malware Agent" ... Read more
The Exchange 2019 hybrid environment has already been set up in Part 4. I actually wanted to go into the migration batches in more detail in this article, but decided against it. The migration batches and their options are usually only relevant in larger environments. In smaller environments, the migration batches can be conveniently set up via the Exchange Online Admin Center ... Read more
Exchange Server leaves old data or versions of the OWA and ECP directories on the file system after almost every update. In particular, the directory "C:\Program Files\Microsoft\Exchange Server\V15\ClientAccess\Owa\prem" takes up a lot of space on the file system after a long runtime and correspondingly many updates. Here is an example of an Exchange Server that has been running for a while: Old file versions ... Read more
The fourth part of this article series deals with the necessary adjustments to the DNS and the first tests. In part 3, the Exchange Hybrid configuration was completed to such an extent that only a small amount of configuration is now required. Essentially, once the SPF entry has been adjusted, the tests can begin. Adjust DNS settings (SPF) So that ... Read more
