Try our new Certificate Revocation List Check Tool
CRLcheck.exe is a tool developed to verify digital signatures of executable files. It collects files from known paths on your client, checks their signature, and checks Certificate Revocation Lists (CRL) and OCSP download. This helps avoid delays in launching files.

Category: Exchange 2019

M365, Exchange Online Remote Powershell blocked by T1056 Mitre Trellix

Trellix ENS 10.X, T1056 – Key capture using PowerShell detected, Host intrusion buffer overflow ExP:Illegal API Use Blocked an attempt to exploit C:\WINDOWS\SYSTEM32\WINDOWSPOWERSHELL\V1.0\POWERSHELL.EXE, which targeted the GetAsyncKeyState API. For efficient M365 and Exchange Online management, there are various methods available. While utilizing the PowerShell button within the Admin Portal is one option, it requires an Azure […]

CVE-2023-23397, Outlook.exe Exploit, PidLIDReminder custom Sound ab SMB für Termin Reminder

CVE-2023-23397 Was ausgenutz wird: Anstatt Standard Microsoft Outlook Sound kann man für ein meeting reminder einen Custom Sound angeben. Dieser kann auf einem Share liegen. Da liegt der Hund begraben. https://learn.microsoft.com/de-de/office/client-developer/outlook/mapi/pidlidreminderoverride-canonical-property https://www.forbes.com/sites/daveywinder/2023/03/15/microsoft-outlook-warning-critical-new-email-exploit-triggers-automatically-update-now/?sh=47f058ce6e5e CVE-2023-23397 ist ein Outlook-Bug. Wenn Sie eine eingehende E-Mail für einen Termin mit einer benutzerdefinierten Erinnerung (Ton, Attribut PidLIDReminder) senden, wird Outlook.exe (2012/2016) versuchen, […]

M365/Hybrid Exchange Setup: Steps to verify on-premise, Prepare for Directory Synchronization (IDFIX, UPN, Proxyaddress)

TIP: Cleanup everything LOCAL before you even think of moving anything to M365 or Azure or even starting the Connector PRO TIP: Full manual list of Objects/attribute to check on your local ADS in this blog. This blog entry is mainly about those two steps of the MS Technet: https://learn.microsoft.com/en-us/microsoft-365/enterprise/prepare-for-directory-synchronization?view=o365-worldwide Directory Clean-up Tasks Directory object […]

Exchange: Error when you want to change a Receive Connector TLS with a Cert with no Common Name

On an Exchange 2016/2019/M365/Azure you want to change the TLS Certificate of your Receive Connector. Your SAN (Subject Alternate Name) or Wildcard Certificate has no Common Name [CN] (Empty). When you try to assign the cert the regular way you get an error. Nothing wrong with the Cert company just the other side (Requester/Converter) as […]

Exchange 2016 CU20 Schema Update setup.exe /preparead fail because of case sensitivity of OWA APP Policy

ISO/PATCH: ExchangeServer2016-x64-cu20 Cumulative Update 20 for Exchange Server 2016 (microsoft.com)  Problem: Exchange 2016 CU20 Setup.exe /preparead (Version 15.1.2242.4 Fails) on Server 2016 (1607) Step Configuring Microsoft Exchange Server Organization Preparation results FAILED Exchange 2016 CU 20 need and fails to update Active Directory Schema to newer Version (setup.exe /prepareschema works setup.exe /Preparead fails) if you […]

Exchange 2010 – 2016 Migration remove of old MDB fails (Mailboxexports)

  Error: This mailbox database is associated with one or more active MailboxExport requests Source: This means you have current/Pending/stalled as sample PST Exports running (Maybe very old). Solution: You will have to remove those you are able to remove the emtpy old Exchange MDB. Get-MailboxExportRequest (ExchangePowerShell) | Microsoft Docs     Microsoft Exchange Error […]

WINMAIL.DAT (Exchange 2007-2016-M365) Outlook – DEUTSCH

WINMAIL.DAT Transport Neutral Encapsulation Format oder TNEF ist ein proprietäres E-Mail-Anhangsformat, das von Microsoft Outlook und Microsoft Exchange Server verwendet wird. Eine Datei mit TNEF-Codierung wird in der Regel als winmail.dat oder win.dat bezeichnet und hat einen MIME-Typ von Application/MS-TNEF. Der offizielle (IANA) Medientyp ist jedoch application/vnd.ms-tnef. Wie oder wann passiert das? Wenn ein Absender […]

Exchange 2013/2016 and 2010 Proxy back (400) Bad Request, ADS-user in too many ADS-groups member

Exchange 2010/2013/2016 Migration, problem after DNS-pointing to 2016 structure with some users Outlook.exe When you thought Kerberos Bloating is way back 2012 it returns. And after some research it is still all over the place. It does affect on premise Solutions as well as cloud solution like ADFS, AZURE etc. Error: This error (HTTP 400 […]

How to turn off Autodiscover Warning in Outlook 2010, 2013, 2016, 2019

How to turn off Autodiscover Warning in Outlook 2010/2013/2016/2019 (Exchange 2010/2013/2016) Warnung: Das Konto wurde fuer die Einstellung auf die Website umgeleitet https://support.microsoft.com/en-us/help/2480582/how-to-suppress-the-autodiscover-redirect-warning-in-outlook A little bit more explained than in the Microsoft KB and with a check THAT if you ONLY set the Registry key if the OFFICE Version is installed. During Migrations you could […]

Defrag Exchange on-premises Database with ESEUTIL

http://technet.microsoft.com/en-us/library/aa998863(v=exchg.80).aspx If you are at the end of Migration. Check there are no user active on the DB:  Show all mailboxes on Database “mb3” Get-Mailbox -Database “mb3” | select Displayname, Alias, Database, OrganizationalUnit | ft -wrap –auto  Also check this KB for hidden accounts and dead accounts : https://www.butsch.ch/post/Exchange-20072010-Delete-default-Mailbox-Database-remove-last-MailboxSG.aspx Get the Path of the DB: How […]

Turn of Autodiscover warning box agree Outlook.exe with GPO

How to turn off Autodiscover Warning in Outlook 2010/2013/2016/2019 Warnung: Das Konto wurde fuer die Einstellung auf die Website umgeleitet https://support.microsoft.com/en-us/help/2480582/how-to-suppress-the-autodiscover-redirect-warning-in-outlook A little bit more explained than in the Microsoft KB and with a check THAT if you ONLY set the Registry key if the OFFICE Version is installed. During Migrations you could otherwise run […]

Exchange: Server 2008 SMTP/IIS does not write Logfiles

On old Exchange machines we migrated we often (After Exchange is de-installed) install the SMTP Server. So we can re-route E-Mail from devices which have not been migrated and log that info. You have a Server 2008 64BOIT RTM and the separate installed SMTP-Service in IIS 6.0 Manager does not write Logfiles. You set the […]

Exchange 2010, Activesync Partnership Fails when user moved to new OU in ADS

Error: Error message when you try to perform a remote wipe operation for a device in Exchange Server 2010: “The ActiveSyncDevice identity cannot be found” This is generated do a bug as we see it. The user with an ACTIVE Activesync Partnership HAS been moved to another OU in Active Directory. This seems logical since […]