Exchange 2013
Exchange 2019:- Brute forcing OWA to gain access to user accounts
We all know that end users hate complex passwords and having to change passwords often leads them to use the same password but add a number or character at the end of it. Password complexity is just one of the problems. The next problem is information disclosure such...
Exchange 2013/2016/2019:- How NMAP reveals Exchange Server information.
Over the past few years, Microsoft Exchange Server has come under heavy attack and with each new Cumulative Update (CU) and Security Update (SU), CVE's are addressed and closed. The problem comes in when organisations do not patch servers (as mentioned in a few of my...
Exchange 2013 – EOS, Time is running out, upgrade your systems
This is a reminder that Exchange 2013 support ends on April 11 2023. Make sure you start preparing for deployment of new Exchange 2019 Servers, Virtual or Physical or transition to the cloud. It is vitally important to stay ahead with patches etc. to keep your systems...
Exchange 2013/2016/2019:- Are you over exposing your server to the internet?
If you are new to Exchange, let me bring you up to speed with how attacks have increased since 2020 and Exchange servers that are published to the internet are vulnerable if not locked down. Back in the day, Admins would not patch anything because "it worked" and why...
Exchange 2016/2019 :- Apply the October 2022 Security update
The October 2022 security updates for the different Exchange versions are out and it is advisable to update your servers. In my lab, I am running different versions of Exchange servers but I updated my 2019 Exchange servers today. I added a few screenshots to show you...
Exchange 2013/2016 – Updated support for Active Directory environments
At the MEC event that recently took place, it was announced that you can now introduce Windows Server 2022 domain controllers if you are using the latest Cumulative Updates for Exchange 2013 and Exchange 2016. Below is a snippet from the supportability matrix on the...
Exchange 2013/2016/2019:- Health Checker a must have for Exchange Admins
In March 2020 when we had many Exchange servers world wide attacked, the Team at Microsoft put together a nice PowerShell script that provides plenty of output but the most important part is it gives you an overview of CVE vulnerabilities on the Exchange Server. The...
Add extra security to stop email spam by implementing DKIM
In some of my articles, I have made mention of implementing SPF, DMARC and DKIM records for your Exchange environment but many ask the question on how do you setup DKIM for Exchange 2016 or Exchange 2019? (Applies to 2013 as well). There are a couple of steps involved...
Exchange 2016:- X-OWA-Error Microsoft.Exchange.Data.Storage.AccountDisabledException
Provisioning accounts in Active Directory and Exchange is not a new task for Admins. However when you provision something and it does not want to work is where the troubleshooting starts. You may have come across an error like the following: The error itself is a bit...
Exchange 2016:- Symantec IPS issues
Symantec on a Windows Server just like ESET works great. When you throw Exchange 2016 or Exchange 2019 into the mix, things get more complicated with both products. If you are not aware, when you are running an anti-virus product, you need to add the exclusions for...