Today, I helped a client migrate Exchange from 2010 to 2019. As you know, Exchange 2010 can’t migrate to 2019 directly. You need to migrate Exchange from 2010 to 2016 and then 2019.
When I tried to prepare the AD schema for installing Exchange 2016 CU23, and it happened the error message is below.
“One or more servers in the existing organization are running Exchange 2000 Server or Exchange Server 2003”.
The error is because they were not uninstalled Exchange 2000 or 2003 completed. Let’s fix it.
If you are trying to rebuild the Azure AD Connect server, but you noticed y the Delete user is greyed out and you cannot delete the existing On-Premises Directory Synchronization Service Account from Microsoft 365 admin center.
Microsoft is ending support for the Azure Active Directory Graph API. To allow for continued service, if your application providers migrate all Azure Active Directory Synchronization integrations to the MS Graph API, you need to change your API permissions.
You are required to provide a username and password to authenticate to your Microsoft 365 organization if you add an organization using the basic authentication method.
I won’t recommend adding organization with basic authentication, Microsoft announced that effective October 1, 2022, we will begin disabling Basic authentication for Outlook, EWS, RPS, POP, IMAP, and EAS protocols in Exchange Online. SMTP Auth will also be disabled if it is not being used.
You will use both Veeam Backup account and Azure AD application for authentication if you add an organization using the modern authentication method with legacy protocols allowed. Veeam Backup for Microsoft 365 uses Veeam Backup account and an application to establish a connection to your Microsoft 365 organizations with disabled security defaults and maintain data transfer during backup and restore sessions.
Veeam Backup for Microsoft 365 Modern Authentication and Legacy Protocols Authentication requires that you grant permissions to Azure AD applications to back up and restore data from/to your Microsoft 365 organizations.
You are required to provide a username and password to authenticate to your Microsoft 365 organization if you add an organization using the basic authentication or Modern Authentication and Legacy Protocols method.
I won’t recommend adding organization with basic authentication, Microsoft announced that effective October 1, 2022, they will begin disabling Basic authentication for Outlook, EWS, RPS, POP, IMAP, and EAS protocols in Exchange Online. SMTP Auth will also be disabled if it is not being used.
Cyberattack is one of the fastest growing crimes in the world, we have seen passwords being leaked regularly, local administrator account is like God of machine, it has superpower to do anything for the machine. A lot of IT guys simply use the same password for all local administrator accounts, the attacker easy access to the whole estate if one machine is breached.
Microsoft LAPS is one of solutions to prevent the issues, The “Local Administrator Password Solution” (LAPS) provides management of local account passwords of domain joined computers. Passwords are stored in Active Directory (AD) and protected by ACL, so only eligible users can read it or request its reset. Today, I am going to show you how to deploy it.
If you are trying to promo windows server 2019 as domain controller, it happened “Verification of replica failed. The specified domain {Domain-Name} is still using the File Replication Service (FRS) to replicate the SYSVOL share. FRS is depreciated.” Error, this is because Windows Server version 1709 (or after version) can no longer be added as an Active Directory domain controller (DC) to an existing domain that is still using File Replication Service (FRS) for replication of the SYSVOL share.
If you tried to restore VMs (or physical machines) and it shows the trust relationship between this workstation and the primary domain failed, I won’t recommend using rejoin domain to solve issues, because it will happen unexpected issues after disjoin and rejoin domain.
Today, I am going to show you how to fix it without disjoin and rejoin domain.
If your organization currently has subscriptions to Office 365 Enterprise E3 or E5, the default mailbox storage limit is supported 100GB. You can check it from the account information of outlook.
Unfortunately, there are many people noticed the default size is still showing 50GB, today, I am going to show you how to increase it to 100GB.
Today, I deploy a new domain controller server at Azure after site to site VPN built. Verify the replication status looks fine, but when I check the SYSVOL and LOGON shares folders status, I noticed there is no any shared folder at the new domain controller server.
Today, I am going to show you how to step by step transfer FSMO roles to new domain controller server, and transfer time server role from the old domain controller to new domain controller.
