tag:blogger.com,1999:blog-27208976626439250392024-03-13T16:22:20.872+01:00Technical Exchange bLogExchanging technical experienceDušan Soraviahttp://www.blogger.com/profile/17419525126463711051noreply@blogger.comBlogger88125tag:blogger.com,1999:blog-2720897662643925039.post-14268582206459105302024-02-26T13:41:00.001+01:002024-02-26T13:41:38.643+01:00Batch Add Microsoft Exchange 2019 exclusions to Windows Defender on Windows 2019/2022When you install Microsoft Exchange 2019 on Windows 2019 or 2022 server it is suggested to add some exclusions to Windows Defender. Since the list is quite large, use PowerShell to add exclusions. Exclusion list can be found at Running Windows antivirus software on Exchange servers | Microsoft LearnSECURITY PRECAUTION - Don't just blindly copy below commands and exclusions but Dušan Soraviahttp://www.blogger.com/profile/17419525126463711051noreply@blogger.comtag:blogger.com,1999:blog-2720897662643925039.post-63483291869919886662023-09-29T09:40:00.001+02:002023-09-29T09:40:50.183+02:00Apple iPhone Text responses go to wrong country codeA user wrote:Recently I went to Portugal and when I was there I bought a sim card and put it in my iPhone 11 Pro, with my primary e-sim still in it.When I got home to Australia, I deactivated the Portugal sim-card, deleted it and took the sim card out. Now when someone call me I respond with text, my iPhone changes the calling numbers country code to +31.I had the same problem. Despite turning "Dušan Soraviahttp://www.blogger.com/profile/17419525126463711051noreply@blogger.com0tag:blogger.com,1999:blog-2720897662643925039.post-61483682686976938172023-08-04T09:55:00.004+02:002023-08-04T09:56:23.522+02:00Reason: [{LED=250 2.1.5 RESOLVER.GRP.Expanded; distribution list expanded};{MSG=};{FQDN=};{IP=};{LRT=}] If you got this error checking the mail flow for a distribution group, it means the distribution group is closed and only internal senders can send e-mail to this group. When outside user sends e-mail to this group you get Reason: [{LED=250 2.1.5 RESOLVER.GRP.Expanded; distribution list expanded};{MSG=};{FQDN=};{IP=};{LRT=}]Set Delivery for this group to internal and external users andDušan Soraviahttp://www.blogger.com/profile/17419525126463711051noreply@blogger.comtag:blogger.com,1999:blog-2720897662643925039.post-39886671838294859432023-05-12T11:59:00.002+02:002023-05-12T12:04:47.713+02:00Check if you have users with both mailboxes on-prem and onlineAn Exchange Online license was applied to the user before the Exchange GUID got synchronized from on-premises Active Directory. For synchronized accounts, having the Exchange GUID synchronized from on-premises is used to tell Exchange Online that the mailbox hasn’t been migrated yet, and is what allows customers to pre-license accounts prior to migration. From: My user has a mailbox Dušan Soraviahttp://www.blogger.com/profile/17419525126463711051noreply@blogger.com0tag:blogger.com,1999:blog-2720897662643925039.post-1841411921688689462022-11-17T13:39:00.002+01:002022-11-17T13:39:22.969+01:00An untrusted certification authority was detected while processing the domain controller certificate used for authentication additional information be available in the system event log . Please contact your administrator. I was trying to log in with Smart card (Yubico in my case) but server could not log me in and returned the error:An untrusted certification authority was detected while processing the domain controller certificate used for authentication additional information be available in the system event log. Please contact your administrator.Checked the certificate store and required certificates wereDušan Soraviahttp://www.blogger.com/profile/17419525126463711051noreply@blogger.comtag:blogger.com,1999:blog-2720897662643925039.post-84865431563448313372021-12-29T11:25:00.003+01:002021-12-29T11:28:44.126+01:00Microsoft Azure Backup Server SMTP settings If you are using Microsoft's Azure Backup server to backup your Exchange you might want to use notifications if anything goes wrong with it. In the Options window when you enter credentials for the sending account it keeps failing to send test E-mail saying wrong username and password (error 2013). The problem is that this account needs to have local admin rights on the Azure backup Dušan Soraviahttp://www.blogger.com/profile/17419525126463711051noreply@blogger.comtag:blogger.com,1999:blog-2720897662643925039.post-39300986587712951982021-01-20T13:22:00.001+01:002021-01-20T13:22:15.101+01:00Free/Busy missing - Cloud to On-PremisesWe had a problem where M365 users could not retreive Free/Busy information from on-premise Exchange server. Hybrid setup was run and everything was working fine except this.After research I found out that TargetSharingEpr is the way to look at. There are many sites out there that are pointing to the same setting but only Set-OrganizationRelationship is used to change the value. The problem Dušan Soraviahttp://www.blogger.com/profile/17419525126463711051noreply@blogger.com0tag:blogger.com,1999:blog-2720897662643925039.post-58058166975862477942020-03-26T13:38:00.001+01:002020-03-26T13:40:31.536+01:00Microsoft Teams not showing Calendar if user has on-prem mailbox and no Exchange Online license
If you have a problem with Microsoft Teams not showing Calendar for users that have on-prem mailbox then you missed some of the steps in making a hybrid. To be honest, sometimes it is not very easy and clear what exactly you have to do.
In my setup I am running Exchange 2019 on Windows 2019 server.
1. First step is to run Microsoft Office Hybrid Configuration Wizard
This step is Dušan Soraviahttp://www.blogger.com/profile/17419525126463711051noreply@blogger.com0tag:blogger.com,1999:blog-2720897662643925039.post-57724258762868578112020-02-25T14:22:00.001+01:002020-02-26T12:33:31.013+01:00Netscaler vs Exchange 2019 "time out during ssl handshake stageIf you are using Citrix Netscaler as load balancer in front of Exchange 2019 server you must know this:
Microsoft Exchange 2019 is secured by default and allows only TLS 1.2. Therefore default schannel settings are as follows (using IISCrypto tool from Nartac Software):
While Citrix Netscaler offers following Cipher Suites:
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA
Dušan Soraviahttp://www.blogger.com/profile/17419525126463711051noreply@blogger.com1tag:blogger.com,1999:blog-2720897662643925039.post-25535052461185708442019-04-02T13:44:00.002+02:002019-04-02T13:44:48.932+02:00Add DNS record to enable DKIM in O365
When you try to enable DKIM in O365 you get yellow warrning line saying you need to provide two DNS records.
What you need to do is copy those two names from that yellow line and create CNAME record in external DNS:
Hostname:selector1._domainkey (THIS IS ALWAYS THE SAME FOR EVERY TENANT)
Points
to address or value: **selector1-**._domainkey.YourTenantName.onmicrosoft.com (You paste first Dušan Soraviahttp://www.blogger.com/profile/17419525126463711051noreply@blogger.comtag:blogger.com,1999:blog-2720897662643925039.post-11276958570553834782019-04-02T13:26:00.003+02:002019-04-02T13:27:42.873+02:00Cannot synhronize user with AD Connect to O365
If an AD user has "User must change password on next logon" marked, it will not get synced to the cloud. Remove the tick and then start sync process.
Dušan Soraviahttp://www.blogger.com/profile/17419525126463711051noreply@blogger.comtag:blogger.com,1999:blog-2720897662643925039.post-17976489595384557562017-05-18T15:54:00.002+02:002017-05-18T15:55:41.720+02:00Exchange Admin Center language
Depending on your computer language settings, Exchange Admin Center can take those and open in a language you actually don't want to use.
You'll Google that this can be changed if administrator/ admin user has mailbox by openening OWA settings and changing Regional parameters.
But usually Admin user does not have mailbox or you don't want her/him to have it. You will search again and find that Dušan Soraviahttp://www.blogger.com/profile/17419525126463711051noreply@blogger.com0tag:blogger.com,1999:blog-2720897662643925039.post-76019653621495473682017-05-18T09:08:00.001+02:002017-05-18T09:09:37.768+02:00ERR_SPDY_INADEQUATE_TRANSPORT_SECURITY in Chrome on Windows Server 2016 / Exchange 2016
You installed Exchange 2016 on top of Windows 2016 and when you try to access ECP or OWA with newest Google Chrome you get an error ERR_SPDY_INADEQUATE_TRANSPORT_SECURITY.
All works well in Internet Explorer. The reason behind this are obsolete (security) protocols used by default. One option is to change settings in Windows registry, but my suggestion is to download a free copy of Dušan Soraviahttp://www.blogger.com/profile/17419525126463711051noreply@blogger.com0tag:blogger.com,1999:blog-2720897662643925039.post-47017835831354843492017-03-03T13:12:00.002+01:002024-02-26T14:03:39.254+01:00Batch Add Microsoft Exchange 2016 exclusions to Windows Defender on Windows 2016UPDATED for Exchange 2019!!!Batch Add Microsoft Exchange 2019 exclusions to Windows Defender on Windows 2019/2022 (exchangelog.info)
When you install Microsoft Exchange 2016 on Windows 2016 server it is suggested to add some exclusions to Windows Defender. Since the list is quite large, use PowerShell to add exclusions. Exclusion list can be found at https://technet.microsoft.com/en-us/library/Dušan Soraviahttp://www.blogger.com/profile/17419525126463711051noreply@blogger.com0tag:blogger.com,1999:blog-2720897662643925039.post-24344207965323188522017-02-01T12:41:00.000+01:002017-02-01T12:43:59.299+01:00Exchange Edge server Filter Agent "precedence"
You might find the attachments are being stripped from some email entering your organization despite recipient and sender domain have been added to the "whitelist" in Sender ID Agent.
Agents on Exchange Edge server are as follows:
Each of the agents has its own priority, meaning which of the agent will be first, second, third,... in line to filter. Filters take precedence over another just Dušan Soraviahttp://www.blogger.com/profile/17419525126463711051noreply@blogger.com0tag:blogger.com,1999:blog-2720897662643925039.post-8124151194952450012017-01-24T11:46:00.002+01:002017-01-24T11:48:30.912+01:00How to Remove an IP Address from a Blacklist SpamCannibal
Go to http://spamcannibal.org/cannibal.cgi
In the right side menu click Lookup IP
Enter mail server IP address into the field and click Lookup IP
Check why you got listed in the first place
If your mail server is missing PTR (reverse DNS) record, add it
If other problem resolve it first
If the problem is resolved go again to http://spamcannibal.org/cannibal.cgi
Click Contact in the Dušan Soraviahttp://www.blogger.com/profile/17419525126463711051noreply@blogger.com1tag:blogger.com,1999:blog-2720897662643925039.post-38729088494635343522017-01-20T10:35:00.003+01:002017-01-20T10:43:58.852+01:00Exchange queue 451 4.4.0 Primary target IP address responded with: "235 00000...
You might find messages staying in queue on your email server (mixed environment 2007/2010 Exchange) and Error showing:
451 4.4.0 Primary target IP address responded with: "23500000870YIIGUAYJKoZIhvcSAQICAQBuggY/Dušan Soraviahttp://www.blogger.com/profile/17419525126463711051noreply@blogger.com0tag:blogger.com,1999:blog-2720897662643925039.post-59017945554384856982016-11-30T12:22:00.001+01:002016-11-30T12:22:46.759+01:00NDR for non-existent domain (5.4.4)
By default, NDR (5.4.4) of an email sent to a user with non-existent domain is sent to postmaster's mailbox. If you want your users to get NDR when they send email to a wrong email address (domain in this case), you need to remove 5.4.4 code from Transport Configuration.
In Exchange 2010:
go to Organization > Hub transport > Global settings > Transport settings
remove code 5.4.4 Dušan Soraviahttp://www.blogger.com/profile/17419525126463711051noreply@blogger.com0tag:blogger.com,1999:blog-2720897662643925039.post-83072118474563739482016-11-02T15:00:00.000+01:002016-11-02T15:02:30.120+01:00Install Docker on Microsoft Windows 2016
Microsoft Windows 2016 supports Docker engine, running containers natively on Windows. To install Docker on Windows server you need to run:
Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force
Install-Module -Name DockerMsftProvider -Force
Install-Package -Name docker -ProviderName DockerMsftProvider -Force
Restart-Computer -Force
After that run:
# Open firewall port 2375
Dušan Soraviahttp://www.blogger.com/profile/17419525126463711051noreply@blogger.com0tag:blogger.com,1999:blog-2720897662643925039.post-70867299335118386412016-10-26T20:43:00.002+02:002016-10-27T12:51:56.739+02:00MacOS Sierra Time Machine - Preparing backup... forever to Synology
I am using Synology NAS to backup my Mac using Time Machine. After upgrade to MacOS Sierra (10.12.1) Time Machine backup sort of backed up my Mac. By sort of I mean it was showing Preparing backup... forever but if I entered Time Machine backup all backups even new ones were there.
To resolve the issue with "Preparing backup...":
Time Machine disk selection
I removed backup disk in Dušan Soraviahttp://www.blogger.com/profile/17419525126463711051noreply@blogger.com2tag:blogger.com,1999:blog-2720897662643925039.post-33424952739538085682016-10-12T11:35:00.002+02:002016-11-07T16:02:56.536+01:00Your password couldn't be changed in OWA 2013
Your users might get an error while changing their password through Outlook WebApp (Exchange 2013) stating:
Your password couldn't be changed. Make sure the old password you typed is correct and that the new password meets the minimmum security requirements.
On the other hand password change through Windows in Site 2 is successful. Password Group Policy is OK and it is working in Dušan Soraviahttp://www.blogger.com/profile/17419525126463711051noreply@blogger.com0tag:blogger.com,1999:blog-2720897662643925039.post-797545345070279102016-10-05T09:38:00.003+02:002016-10-05T10:04:24.433+02:00The Windows component Server-Gui-Mgmt-Infra isn't installed on this computer and needs to be installed before Exchange setup
You get this error "The Windows component Server-Gui-Mgmt-Infra isn't installed on this computer and needs to be installed before Exchange setup" when you try to install Exchange 2016 on Windows 2016 server. Exchange 2016 pre CU3 does not support Windows 2016, therefore you need to download Exchange 2016 CU3, which is in fact full copy of Exchange 2016 server in order to install it on Windows Dušan Soraviahttp://www.blogger.com/profile/17419525126463711051noreply@blogger.comtag:blogger.com,1999:blog-2720897662643925039.post-69122792340389587832016-04-21T22:59:00.001+02:002016-04-21T23:00:15.915+02:00Installing Android Remix OS in Virtualbox
If you want to install Android Remix OS into virtual environment follow this steps:
Download Remix OS for PC from http://www.jide.com/remixos-for-pc
Extract the zip file
Open Virtualbox
Name the virtual machine and choose Linux 32 or 64-bit and select at least 1024 RAM (see photo 1)
Create 8 GB or more disk (photo 2)
When machine is created go to Settings and choose Storage from the Dušan Soraviahttp://www.blogger.com/profile/17419525126463711051noreply@blogger.comtag:blogger.com,1999:blog-2720897662643925039.post-22844991231230635082016-04-09T18:51:00.001+02:002016-10-28T12:29:01.037+02:00Flying in the Clouds
© Unknown
I’ve been seeing the above
picture lately (not mine © is unknown). Many people shared it and whenever I
saw it I was surprised how naïve it looked in a way. Why? Because of uncertainty.
Moving your IT away from the
company’s premises is double edged sword. As from the above picture, cloud
computing indeed saves you lots of ongoing costs but let’s take a dive into
what Dušan Soraviahttp://www.blogger.com/profile/17419525126463711051noreply@blogger.com0tag:blogger.com,1999:blog-2720897662643925039.post-76443592271930494532016-02-15T17:38:00.000+01:002016-02-15T17:38:03.037+01:00Restore Time Machine backup from Synology
If you find yourself in a situation where you need to restore your Mac from a Synology NAS, you will find out pretty soon after you enter the recovery mode, that backup disk is not visible in recovery window. Steps need to be executed in order Recovery process to find NAS.
Best practise is to name Time Machine shared folder on Synology without spaces. Second, if you are using a password withDušan Soraviahttp://www.blogger.com/profile/17419525126463711051noreply@blogger.com