Exchange – Update to fix escalation privilege vulnerability



Due to the vulnerability that allows privilege escalation I wrote about in this post, Microsoft has released a cumulative update for all supported versions of Exchange Server (Exchange 2010, 2013, 2016 and 2019).

Read more

EXCHANGE   Exchange – New vulnerability that allows privilege escalation



A new vulnerability that affects Exchange on-premise servers has been discovered recently (https://dirkjanm.io/abusing-exchange-one-api-call-away-from-domain-admin/). By making use of the high privileges Exchange servers have by default, the attacker would be able to escalate from any user with a mailbox to Domain Admin access.

According to Dirk-jan Mollema (see upper link), the vulnerability has been tested against …

  • Exchange 2013
Read more

Checkpoint   Checkpoint – VSX Virtual Memory full – Enable 64 bit



Symptoms

I manage a 2 node VSX clusterXL environment that hosts 3 firewalls (virtual systems).
Some days ago I came across a problem in which one of them started  (or maybe more time ago but not aware) to experience bad performance, outages, timeouts…

Trying to make a failover and move the VS to the other node fixed the problem until … Read more

Home Server icon   Home Server (4) – Install SSD to HP Microserver Gen8



Although it is not essential I strongly encourage you to install an SSD disk to your HP Microserver Gen8 to host the system you want to run. I will use it for a VMWare ESX and the virtual machines that will create in it. As I said in the previous post, since the prices are more than affordable, the price/performance … Read more

Icinga icon   Icinga – Monitor SSL certificate expiration date



A common task among system administrators is the renewal of SSL certificates. It is important to keep track of expiration dates so that it is not too late for us to renew it.

You can simply create an excel or some other type of record of the certificate dates, but you have to remember to check it from time … Read more

EXCHANGE   Exchange – Message queue file mail.que large size



Symptom: Large mail.que file size

Last week my Icinga started alerting about low free space in my Exchange server disk.
After using a software to scan for file sizes I realized there was a too big mail.que file.
Exchange - Message queue file mail.que large size

This is the file in which exchange manages its queues before finally delivering emails. It is usually located in <Exchange_Installation_Path>/TransportRoles/data/Queue

Solution:

Read more

EXCHANGE   Exchange – Cannot remove exchange certificate



Some days ago I tried to cleanup old certificates from my Exchange servers, but I received the following error:

Exchange - Cannot remove exchange certificate

[PS] C:\> Remove-ExchangeCertificate -Thumbprint D09EDD6D5F18C175254AB97046AAAAAAAAAAAAA

Confirm
Are you sure you want to perform this action?
Remove certificate with thumbprint DD09EDD6D5F18C175254AB97046AAAAAAAAAAAAA from the computer's certificate store?
[Y] Yes  [A] Yes to All  [N] No  [L] No to All  [?] Help (default is 
Read more

Home Server icon   Home Server (3) – First steps configuring HP Microserver Gen8



Third post of the Home Server series in which I explain how I built my own server.
Visit the first post for details about the objectives of the project.

Maybe you have decided to have your own server and already you are owner of any model as HP Microserver Gen8. Surely there are many more to be done, but theseRead more