Microsoft Exchange and Active Directory Blog
In January, I published the first public version of the Exchange Autodiscover Whitepaper. So far the PDF has more than 5000 downloads, now there is an updated version. The PDF now comprises 64 pages on Exchange Autodiscover, including sample configurations (6 pages more). A revision was necessary, as I had previously only dealt with the topic of split DNS in conjunction with Autodiscover ... Read more
OPNSense is a fork of the well-known open source firewall PFSense, I personally like OPNSense better, the GUI is tidier, there is a REST api and the most important plug-ins are also available. As there is a plugin for HAProxy and also for Let's Encrypt for OPNSense, I have started testing this combination in conjunction with Exchange 2016. OPNSense ... Read more
Foreword This article is not meant to be completely serious. However, in my opinion, there are a few inconsistencies with the Windows Update. Creators Update for Windows Server 2016? Nils already published it on Twitter on March 15, Windows Update also offers the Creators Update on a Windows 2016 server: I found this funny and ... Read more
With Windows Server 2016, a new Privileged Access Management feature was introduced, which allows users to be added to a group for a certain period of time only and automatically removed again after this time has expired. This feature is useful if a user is only to be given administrative rights (e.g. Domain Admin) for a certain period of time. A ... Read more
The Chrome browser reports the following error for websites running on an IIS server on Windows Server 2016: ERR_SPDY_INADEQUATE_TRANSPORT_SECURITY In this case, Chrome does not allow the error to be ignored. The problem also occurs with Exchange 2016 servers installed on Windows Server 2016. The problem lies in old cipher suites and ... Read more
Part 1 has already covered the preparations for Let's Encrypt certificates and Exchange 2010. This article therefore builds directly on Part 1. In part 1, the Exchange organization was adapted accordingly, so part 2 continues directly with the configuration of the public DNS. I forgot to mention that the ... Read more
Certificates from Let's Encrypt are becoming increasingly popular, which is hardly surprising as the certificates are free and there are simple clients to obtain the certificates. Let's Encrypt certificates are only valid for 3 months, but the available clients take care of renewing the certificates. Exchange 2016 can even be managed with a small PowerShell ... Read more
If anyone is running an Exchange 2016 server with the Edge Transport role on Windows Server 2016, you should read the post from the Exchange Team Blog, it says: Today we are announcing an update to our support policy for Windows Server 2016 and Exchange Server 2016. At this time we do not recommend customers install ... Read more
I have now received several emails with questions about the Exchange 2016 update process. There are also always various questions in the comments to articles that refer to updates. So here is a short how-to on how to install Exchange updates. What is a Cumulative Update for Exchange? Updates for Exchange are called ... Read more
I stumbled across an interesting workaround for Sophos UTM and Let's Encrypt certificates today: https://github.com/rklomp/sophos-utm-letsencrypt René has taken the trouble to create a script that can automatically renew Let's Encrypt certificates on Sophos UTM. The implementation is relatively simple and worked right away in my test environment. Since the ... Read more
