Try our new Certificate Revocation List Check Tool
CRLcheck.exe is a tool developed to verify digital signatures of executable files. It collects files from known paths on your client, checks their signature, and checks Certificate Revocation Lists (CRL) and OCSP download. This helps avoid delays in launching files.

Category: Exchange 2016

Microsoft Exchange Server SE (Subscription Edition) ab Herbst 2025

  Exchange SE (Subscription Edition), Exchange 2019 Nachfolger mit in-place Upgrade |   Microsoft hat gerade Release-Informationen und eine Zeitlinie für die Einführung der neuen Exchange SE (Subscription Edition) veröffentlicht. Kunden können weiterhin rein On-Premises oder im Hybridmodus arbeiten, wie es ihren Bedürfnissen entspricht. Neu wird die Exchange SE jedoch ausschliesslich im Abonnementmodell erhältlich sein. […]

Powershell to show and log SMTP Port 25, 465, 2525 after decomission old Exchange Server

Powershell to show and log SMTP Port 25, 465, 2525 after Decomission old Exchange Server   When decommissioning an Exchange Server, it’s common to install SMTP/IIS to capture and redirect the failing SMTP sender traffic, allowing us to monitor if there’s still traffic coming to the old Exchange. Below is a PowerShell script that you […]

CRLcheck.exe Certificate Revocation List Check Tool to verify all CRL and OCSP on Windows client

CRLcheck.exe Certificate Revocation List Check Tool to automatic verify CRL and OCSP internet reachability of all your EXE files that your client runs.     Over the past 20 years, I have personally witnessed how Certificate Revocation on Windows systems is often underestimated, even within large enterprises. This issue significantly affects both client and server […]

Enable Extended Protection for OS 2016 and Exchange 2016 (on-premises, no hybrid, no DAG) sample all steps explained

  Here you will find all steps to protect from CVE-2024-21410 Exchange Leak. This sample handels and standlaone Exchange 2016 running on Server 2016. The customer has no DAG (Cluster), He is NOT in Hybrid Mode Classic or Modern (He has no CLOUD connection), all latest 02/2024 Windows Updates are installed, the latest CU for […]

Exchange CVE-2024-21410 2016 2019 Extended Protection Kemp-F5 and Modern Hybrid Mode problem

Exchange CVE-2024-21410 2013/2016/2019 Extended Protection Kemp-F5 and Modern Hybrid Mode problem Primary target which is part of the attack: Make sure you ROLLOUT the Outlook.exe 02/2024 Patch. That is the most important thing. Esp. On Home Office/Remote Office which may have SMB/445 to WAN open and for VPN users NO traffic to/via VPN-2-HQ policy (Which […]


List or change Inboxrules employee have > Automatic E-Mail forwards to private or external E-Mail systems. Problem: In Exchange, users are able to forward E-Mail themself to an external private account. This is a problem because of compliance and if you don’t have a DLP (Data Lost Prevention). There are ways to prevent this (With […]

M365/Azure, Full Hybrid Mode, M365 user unable to see free/Busy Room/meeting or book on-premise

This post was published to at 15:06:54 22.06.2023 M365/Azure, Full Hybrid Mode, M365 user unable to see free/Busy Room/meeting or book on-premise     Account   Category    Exchange 2016 ; Exchange 2019 ; M365,AZURE,INTUNE ; Microsoft Exchange   PROBLEM: The test.M365 (cloud) users are unable to access free/busy info from the on-premise room mailbox and […]

M365/Exchange Hybrid OAuth Testing command, OAuth-Cert out-of-sync 4001, IIS VDIR OAuth wrong Resolve and find OAuth problem in Exchange Hybrid Setup Environment Short Understanding OAuth: OAuth (Open Authorization) is an industry-standard protocol that enables secure authorization for third-party applications without the need to disclose user credentials. It allows users to grant limited access to their resources on one site to another site, without sharing their credentials. […]

M365 | on-premise, Outlook.exe DEBUG logging for troubleshooting complete guide

Enhancing Outlook Debug Logging for Troubleshooting Mike Butsch, What we want to do and why Outlook debug logging is a valuable tool for diagnosing and resolving issues within Microsoft Outlook. By enabling advanced logging, you gain deeper insights into the application’s behavior, allowing for more effective troubleshooting. In this blog post, we will explore […]

Active Directory accounts with ADMINSholder/adminCount flag | No syncback from Azure, ms-ds-consistencyGuid

english, Management summary To gain a better understanding of the ADMINSholder/adminCount attribute, we recommend referring to the provided blog posts, which shed light on the impact of this flag, particularly regarding ActiveSync and GPO. This attribute poses a challenge in the synchronization process of the Synchronization Service Manager (Microsoft Azure AD Connect Synchronization Services) as […]

Exchange Office M365 customers will have to upgrade their Office 2016/2019 by October 2023

How we found this info beside Technet: Error: Outlook 2016 verlangt neues Update (Aktuell: 16.0.4266.1001 / Erforderlich: 16.0.4600.1000) There is a link in the warning which leads to the rather delicate info abour EOL of Office 2016/2019 with M365. Fact: If you don’t want to update your Office 2016/2019, keep your Exchange on-premise DAG with […]

M365, Exchange Online Remote Powershell blocked by T1056 Mitre Trellix

Trellix ENS 10.X, T1056 – Key capture using PowerShell detected, Host intrusion buffer overflow ExP:Illegal API Use Blocked an attempt to exploit C:\WINDOWS\SYSTEM32\WINDOWSPOWERSHELL\V1.0\POWERSHELL.EXE, which targeted the GetAsyncKeyState API. For efficient M365 and Exchange Online management, there are various methods available. While utilizing the PowerShell button within the Admin Portal is one option, it requires an Azure […]

CVE-2023-23397, Outlook.exe Exploit, PidLIDReminder custom Sound ab SMB für Termin Reminder

CVE-2023-23397 Was ausgenutz wird: Anstatt Standard Microsoft Outlook Sound kann man für ein meeting reminder einen Custom Sound angeben. Dieser kann auf einem Share liegen. Da liegt der Hund begraben. CVE-2023-23397 ist ein Outlook-Bug. Wenn Sie eine eingehende E-Mail für einen Termin mit einer benutzerdefinierten Erinnerung (Ton, Attribut PidLIDReminder) senden, wird Outlook.exe (2012/2016) versuchen, […]

M365/Hybrid Exchange Setup: Steps to verify on-premise, Prepare for Directory Synchronization (IDFIX, UPN, Proxyaddress)

TIP: Cleanup everything LOCAL before you even think of moving anything to M365 or Azure or even starting the Connector PRO TIP: Full manual list of Objects/attribute to check on your local ADS in this blog. This blog entry is mainly about those two steps of the MS Technet: Directory Clean-up Tasks Directory object […]