Categories
activesync autodiscover autodiscover v2 certificates exchange exchange online Exchange Server hybrid hybrid modern auth

Outlook AutoDetect And Broken AutoDiscover

Those in the Exchange Server space for a number of years know all about AutoDiscover and the many ways it can be configured and misconfigured – if even configured at all. Often misconfiguration is to do with certificates or it is not configured at all because it involves certificates and I thought I was aware […]

Categories
certificates exchange online Exchange Server Kemp SSL

Test Connectivity Website and TLS 1.2

An excellent resource for Microsoft Exchange Server and Exchange Online administrators and consultants is the Remote Test Connectivity website at http://exrca.com or https://testconnectivity.microsoft.com/. Here I am going to document an error that indicated that the Exchange Server (in this case) was not working, but we could see that the phone was connecting fine to the […]

Categories
aadrm Azure Information Protection certificates exchange exchange online IRM Office Office 365 rms SSL

Azure Information Protection and SSL Inspection

I came across this issue the other day, so thought I would add it to my blog. We were trying to get Azure Information Protection operating in a client, and all we could see when checking the download of the templates in File > Info inside an Office application was the following: The sequence of […]

Categories
2008 R2 2012 R2 2013 certificates exchange https IAmMEC JetNexus load balancer Load Master loadbalancer mobile phones SSL TLS windows server xp

SSL and Exchange Server

In October 2014 or thereabouts it became known that the SSL protocol (specifically SSL v3) was broken and decryption of the encrypted data was possible. This blog post sets out the steps to protect your Exchange Server organization regardless of whether you have one server or many, or whether or not you use a load […]

Categories
certificates cloud EOP exchange exchange online Exchange Online Protection GeoDNS hybrid IAmMEC journaling mcm mcsm MVP Office 365 smarthost smtp starttls TechEd TLS transport

Speaking at TechEd Europe 2014

I’m please to announce that Microsoft have asked me to speak on “Everything You Need To Know About SMTP Transport for Office 365” at TechEd Europe 2014 in Barcelona. Its going to be a busy few weeks as I go from there to the MVP Summit in Redmond, WA straight from that event. My session […]

Categories
2012 2012 R2 ADFS ADFS 3.0 certificates IAmMEC Office 365 WAP Web Application Proxy

Changing AD FS 3.0 Certificates

I am quite adept at configuring certificates and changing them around, but this one took me completely by surprise as it has a bunch of oddities to consider. First the errors: Web Application Proxy (WAP) reported 0x80075213. In the event log the following: The federation server proxy could not establish a trust with the Federation […]

Categories
aadrm active directory certificates cloud compliance dirsync exchange exchange online https hybrid journal journaling mcm mcsm microsoft Office 365 Outlook pki policy rms smarthost transport unified messaging voicemail

The New Rights Management Service

This blog is the start of a series of articles I will write over the next few months on how to ensure that your data is encrypted and secured to only the people you want to access it, and only for the level of rights you want to give them. The technology that we will […]

Categories
2007 2010 2013 certificates cloud exchange firewall smarthost smtp transport

Domain Secure and Edge Servers

I was asked a question recently on the Microsoft Certified Master course for Exchange 2010 and was told that the answer was not clearly written up on the internet. So I thought I would write this blog post. The question was based on the idea that Domain Secure worked from a Hub Transport server in […]

Categories
2007 2008 R2 2010 active directory certificates exchange exchange online microsoft networking Office 365 organization relationships owa rms server administrator

Installing and Configuring AD RMS and Exchange Server

Earlier this week at the Microsoft Exchange Conference (MEC 2012) I led a session titled Configuring Rights Management Server for Office 365 and Exchange On-Premises [E14.314]. This blog shows three videos covering installation, configuration and integration of RMS with Exchange 2010 and Office 365. For Exchange 2013, the steps are mostly identical. Installing AD RMS […]

Categories
2010 ADFS ADFS 2.0 certificates exchange exchange online federation Office 365 organization relationships owa powershell

OWA and Moving Mailboxes to Office 365

Lets imagine a scenario where you are using an on-premises Exchange Server and users’ use Outlook Web App, and then you move some mailboxes to the Office 365 cloud with Hybrid Coexistence enabled. The user might not know their mailbox has been moved and so yesterday they went to https://mail.company.com/owa, but today they need to visit […]

Categories
2010 2013 64 bit active directory ADFS ADFS 2.0 certificates exchange exchange online https isa mcm microsoft Office 365 pki tmg

Publishing ADFS Through ISA or TMG Server

To enable single sign-on in Office 365 and a variety of other applications you need to provide a federated authentication system. Microsoft’s free server software for this is currently Active Directory Federation Server 2.0 (ADFS), which is downloaded from Microsoft’s website. ADFS is installed on a server within your organisation, and a trust (utilising trusted […]

Categories
2007 2010 2013 ADFS ADFS 2.0 certificates exchange exchange online https hybrid IAmMEC ISA Server 2006 mcm Office 365 SSL tmg

Changing ADFS 2.0 Endpoint URL for Office 365

If you are configuring single sign-on for Office 365 then you will need a server running Active Directory Federation Services 2.0 (ADFS 2.0). When you install this you are asked for a URL that acts as an endpoint for the ADFS service, which if you are publishing that endpoint through a firewall such as TMG […]

Categories
certificates exchange hosting https iis networking SSL

GoDaddy SSL Certificate Approval with TXT Records

I had a bit of an issue with Go Daddy yesterday in that they took 5 days to approve a Subject Alternative Name change to a certificate, and as the usual route of adding a file to a website was unavailable to me I decided to prove ownership of the domain by the addition of […]

Categories
2008 certificates Terminal Services

Enterprise Certificate Services and Terminal Services Gateway – Certificate Issuing for Internet Usage

To issue a certificate for the Windows 2008 Terminal Services gateway using your own intalled Enterprise Certificate Authority, out of the box you need to create a certificate request file, request the certificate from the Enterprise CA, install the issued certificate and map the certificate to the TS Gateway. This can help you if you […]

Categories
certificates https iis ISA Server 2004 ISA Server 2006 SSL Windows Server 2003

Error Code: 500 Internal Server Error. The network logon failed. (1790)

This is an error visible in the web browser when connecting to a HTTPS web site behind an ISA Server. The problem is that the firewall access rule for this web site in ISA Server is forwarding the requests to an internal server on a port that it is not listening on. For example you […]

Categories
2007 certificates exchange iis microsoft pkcs powershell web

Creating Subject Alternative Name Certificates with Microsoft Certificate Server

A new feature in digital certificates is the Subject Alternative Name property. This allows you to have a certificate for more than one URI (i.e. www.c7solutions.com and www.c7solutions.co.uk) in the same certificate. It also means that in web servers such as IIS you can bind this certificate to the site and use up only one […]