Configuring Sync and Writeback Permissions in Active Directory for Azure Active Directory Sync

[Last updated 11th November 2019 – added support for Exchange Server automapping support, which was announced during Microsoft Ignite 2019 and will be supported in the first half of calendar year 2020. This is supported by adding writeback for msExchDelegateListBL and msExchDelegateListLink attributes. The below Exchange Hybrid writeback script has been updated to support these… Continue reading Configuring Sync and Writeback Permissions in Active Directory for Azure Active Directory Sync

SSL and Exchange Server

In October 2014 or thereabouts it became known that the SSL protocol (specifically SSL v3) was broken and decryption of the encrypted data was possible. This blog post sets out the steps to protect your Exchange Server organization regardless of whether you have one server or many, or whether or not you use a load… Continue reading SSL and Exchange Server

Creating Mailboxes in Office 365 When Using DirSync

This blog post describes the process to create a new user in Active Directory on-premises when email is held in Office 365 and DirSync is in use. With DirSync in use the editable copy of the user object is on-premises and most attributes cannot be modified in the cloud. Creating the User Open Active Directory… Continue reading Creating Mailboxes in Office 365 When Using DirSync

Intermittent Error 8004789A with AD FS and WAP 3.0 (Windows Server 2012 R2)

This error appears when you attempt to authenticate with Office 365 using AD FS 3.0 – but only sometimes, and often it was working fine and then it starts! I’ve found this error is due to two things, though there are other reasons. The full list of issues is at http://blogs.technet.com/b/applicationproxyblog/archive/2014/05/28/understanding-and-fixing-proxy-trust-ctl-issues-with-ad-fs-2012-r2-and-web-application-proxy.aspx. I found that this… Continue reading Intermittent Error 8004789A with AD FS and WAP 3.0 (Windows Server 2012 R2)

Changing AD FS 3.0 Certificates

I am quite adept at configuring certificates and changing them around, but this one took me completely by surprise as it has a bunch of oddities to consider. First the errors: Web Application Proxy (WAP) reported 0x80075213. In the event log the following: The federation server proxy could not establish a trust with the Federation… Continue reading Changing AD FS 3.0 Certificates