IIS Exploit can reboot your Windows Server; install patch KB3042553 ASAP

This week Microsoft release a patch for Windows 7/Windows Server 2008 R2 and up that fixed a critical remote execution bug, see MS15-034 and CVE-2015-1635 for more info. Unfortunately the patch was reversed engineered and now an exploit is available. This was detected and described by ISC SANS. They added Denial of Service (DoS) as possible impact, next to Remote Code Execution. As it turns out, the DoS in question actually causes a Blue Screen of Death (BSoD, also known as bugcheck)

Read more

Issues with Unified Contact Store in combination with Lync on-premises and Exchange Online

I’ve encountered an issue that popped up while I was testing a move from Exchange On-premises to Exchange Online (EXO) while Lync Server 2013 remained on-premises due to Enterprise Voice. Outlook Web Access (OWA) from Exchange Online can be integrated with on-premises Lync, this way OWA users can see presence and have limited IM functionality just like what’s possible if both products are on-premises. For this to work you’ll need Lync Edge servers because OWA EXO will act as an

Read more

Some things to do after leaving Windows Server 2003 (from an Exchange perspective)

Today the Exchange Team blog posted an article about upgrading the Domain Functional (DFL) level of your Active Directory environment away from Windows Server 2003 and the fact that raising the level might have some impact on your Exchange servers (and other applications). It is possible that they might not be able to authenticate. If you do run into issues after raising the DFL, the solution is either restarting the Kerberos Key Distribution Center service on all DC’s or restarting all DC’s

Read more

Do not update your Office Web Apps Server with automatic updates

Although it is not exactly required to deploy with Exchange Server 2013, Office Web Apps Server (OWAS or also referred to as WAC server) provides a more user friendly experience instead of the standard Web Preview. For Lync Server 2013 it’s a requirement if you want to be able to present PowerPoint files in a conference. And well, for SharePoint Server it’s just a given. So, it’s not an uncommon server to encounter when you work with these products. However

Read more

Mail enabled Public Folders on Exchange 2013 CU6 require action for internet mail to be received

So, CU6 is out. It’s easy to overlook the change mentioned within the Exchange 2013 Release Notes. And you might have missed the Exchange Team blog post about all Public Folder changes with CU6. And it might not be relevant for your situation. But I know certain customers rely on mail enabled Public Folders that are able to receive internet mail and are now on Exchange 2013. Sometimes it’s not practical to change those Public Folders to a Shared Mailbox.

Read more

Fixing Office 365 DirSync account matching issues

Recently I had to fix some issues with DirSync. For some reason (there were some cloud users created before DirSync was enabled) there were duplicate users, because DirSync failed to match the already present cloud user and the corresponding AD (Active Directory) user. There were also accounts that failed to sync and thus failed to sync all attributes properly. If there is already a cloud account and there is need for a synced account, you can create an AD account

Read more

Optimizing the Outlook AutoDiscover process by skipping the root domain query

Updated 8/15/2014: see the bottom of this article for additional information on changed AutoDiscover behavior of Outlook 2013. Consider the following scenario: An Active Directory (AD) domain named equal to the SMTP Suffx, so the mailaddress dmstork@contoso.com in the contoso.com AD domain. No on-premises Exchange, this means that there is no Service Connection Point (SCP) in A. Outlook 2013 (or lower versions from Outlook 2007 up). Exchange Online (or any hosted Exchange for that matter). Additional issue: You’ve got an external

Read more

Exchange mail flow not working? Check your (Cisco) firewall!

I’ve come across this issue several times: External mail (or mail between Exchange servers) cannot be delivered, however when you check with telnet the Exchange server(s) are responding. When you check via telnet on the external IP you get something similar: In this case it was a Cisco ASA firewall that had (E)SMTP filtering feature (also called Mailguard) enabled, which is the default setting. Unfortunately, this feature filters very strict and blocks extended commands that are allowed by RFC5321 which

Read more

Office 365 users can’t see free/busy of on-premises users

The past few days I was working on making an on-prem Exchange Server 2013 SP1 environment hybrid with the Office 365 tenant. You would expect that running the Hybrid Configuration Wizard (HCW) would be it, after setting all the requirements as they should. Unfortunately after running the HCW, Office 365 mailboxes couldn’t access free/busy information of on-prem mailboxes. The other way round was functional. Enter troubleshooting mode! I will spare you the whole story and summarize it to the basics.

Read more

Does your Office 365 DNS records check fail?

Recently I was working on building an hybrid Exchange 2013 environment. During the setup for specific mail domains, Office 365 didn’t seem to see the DNS records required. In this case it was the SPF record, that would not be accepted. However the record was made as specified as requested, TTL was an hour and after several hours it still didn’t pass the check. Other records made at the same time, were checked okay. Unfortunately that delayed other required changes…

Read more
1 2