Windows way to Digital Learning……

Archive for the ‘Microsoft Exchange Server’ Category

How to Disable SSL 2.0 and SSL 3.0 on Exchange 2013 running on a Windows 2012

How to Disable SSL 2.0 and SSL 3.0 on Exchange 2013 running on a Windows 2012

Resolution:

Open the registry and edit the values. If you don’t find the entries create the entries.

 

To disable SSL 2.0

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Client]
"DisabledByDefault"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Server]
"Enabled"=dword:00000000

To disable SSL 3.0

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Client]
"DisabledByDefault"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Server]
"Enabled"=dword:00000000

 

To disable Ciphers:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 128/128]
"Enabled"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 40/128]
"Enabled"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 56/128]
"Enabled"=dword:00000000

Alternate way to do this save above registry information keys as .reg files then execute on the system.

You can also download from here.

Before executing take the complete registry backup.  You need to restart the server.

Using the http://ssllabs.com/ web site to perform a test against you site. You should see overall Rating A.

 

Exchange 2013 SP1 Architecture Poster

Exchange 2013 SP1 Architecture Poster

Ex2013SP1Architecture

Zoom the poster on Zoomit by Rhoderick Milne.

You can also directly download the Exchange 2013 SP1 poster from the Microsoft Download Center.

Could not Complete the Operation when forwarding email

Could not complete the operation. One or more parameter values are not valid.

InvalidParameter

Error resolution for the above problem.

1. When forwarding the message in To, Cc or Bcc address list automatically appears when you type the single letter, simply hover the mouse over it and press DEL key. This will remove it from the cache.

2. To clear out all of your cache in a single shot.

Open Outlook 2010, select the Options from File menu then click on Mail and scroll to search for Empty Auto-Complete List  button and click.

Invalid para

Exchange Server 2013 Architecture Poster PDF Download

Exchange Server 2013 Architecture Poster PDF Download

6518.ExchangePoster_Final

Downloadable PDF version of the Exchange Server 2013 Architecture Poster.

This poster highlights the significantly updated and modernized architecture in Exchange 2013, and highlights the new technologies in Exchange 2013, such as Managed Availability, the new storage and high availability features, and integration with SharePoint and Lync.  In addition, it illustrates the new transport architecture in Exchange 2013.

We welcome your feedback on the poster.  If you have any, please feel free to send it to eapf@microsoft.com.

Scott Schnoll

All other Microsoft Posters you can download here.

Service ‘MSExchange Transport’ failed to reach status ‘Running’

Service ‘MSExchange Transport’ failed to reach status ‘Running’ on this server.

While installing Exchange Server 2010 SP2 on Windows 2008 R2  in a LAB environment got the error during installing the HUB Transport role.

Ex2010 sp2 error

Resolution:

  1. Open ADUC (Active Directory Users and Computers)
  2. Navigate to the Built-in Container, select the Administrators group, goto the properties
  3. Click members tab to check  “Exchange Trusted Subsystem” is added, if not, add it.
  4. Check whether IPv6 is ennable in NIC properties, also disable IPv6 through registry editor.
  5. Open the registry editor using regedit.exe
  6. Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters
  7. In the details pane, click New, and then click DWORD (32-bit) Value.
  8. Type DisabledComponents, and then press ENTER.
  9. Double-click DisabledComponents, and then type ffffffff in Hexadecimal or 4294967295 in Decimal.
  10. Reboot the server, rerun the Exchange setup.

A New Exchange Has Arrived

ImageImage

Resources for IT Pros

Exchange Server 2013 for IT Pros  
Exchange 2013 System Requirements  
Exchange Server 2013 Documentation  
Licensing change FAQ  

Administration

Exchange Administration Center  

 

Install / Configuration

Installing Exchange 2013 Preview  

 

Resources for Developers

Exchange 2013 – Resources for Developers

 

Technet Forums

Exchange Server 2013 Preview

There was an error opening the windows firewall with Advanced Security snap-in. Error Code: 0x6D9

Troubleshooting Windows Firewall Service (MPSSVC).

Resolution:

In Windows Vista and later, the firewall service is “Windows Firewall” (MPSSVC); it combines both Firewall and IPsec functionality.

The first thing to check is that the Base Filtering engine (BFE) is running. There are a number of services dependent on the BFE service (including the Windows Firewall) that may also fail to start:

  • IPsec Policy Agent (PolicyAgent)
  • Windows Firewall
  • IKE and AuthIP IPsec Keying Modules
  • Internet Connection Sharing (ICS)
  • Routing and Remote Access

In my experience most of the issues starting these services are related to permissions.

Typical errors seen in relation to starting this service are:

  • Event ID: 7024 – The Windows Firewall service terminated with service-specific error 5 (0x5)
  • Windows could not start the Base Filtering Engine service on Local Computer. Error 5: Access is denied.
  • Windows could not start the IPsec Policy Agent service on Local Computer. Error 1068: The dependency service or group failed to start.
  • Windows could not start the Network Location Awareness on Local Computer. For more information, review the System Event Log. If this is a non-Microsoft service, contact the service vendor, and refer to service-specific error code -1073741288.
  • The Windows Firewall service terminated with service-specific error 87 (0x57)
  • Error 0x80004015: The class is configured to run as a security id different from the caller.
  • The Windows Firewall service terminated with service-specific error 6801 (0x1A91).
  • “net start mpssvc” in cmd.exe returns the system error 1297.

What to look for (specific details will be shared in a future blog post):

  • Verify Log On permissions
  • Verify registry permissions
  • Verify privilege permissions
  • Verify Service Dependencies
  • Reset the default security permissions
  • Verify that the TxR folder exists : %systemroot%\system32\config\TxR
  • Verify the following registry keys by comparing them to a default Windows installation:
    • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BFE
    • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MpsSvc
    • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ShareAccess

Windows OneCare

Lastly, I am including information about one issue that may be seen with the Windows OneCare Firewall Service. The following messages may be seen:

The Windows OneCare Firewall Service Could not Start

Urgent – Turn on Firewall

You will see this error in the Windows OneCare interface, with a red status action item asking you to enable the firewall. The action listed does not enable the firewall, however.

This issue is also very specific because the firewall settings in Windows OneCare are grayed out and cannot be modified.

To resolve this issue:

Use the steps below to ensure that the PATH environment variable contains the following path:

%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\WBEM

  1. Click Start / Control Panel and open the System Icon.
  2. In System, click the Advanced tab and then Environment Variables.
  3. Ensure that in the lower box “System variables” that PATH exists. If Path does not exist click NEW and type in PATH as the variable name and enter the above path in the variable value.
  4. If PATH already exists, highlight it and click Edit.
  5. Under variable name, click at the end of the line to append the above mentioned path to the end of the current path. NOTE: BE SURE TO SEPERATE THE OLD PATH AND THE NEW PATH WITH A SEMI-COLON ( ; ).
  6. Click OK to close the windows and restart the computer.

If this does not resolve the issue, try the following step:

  1. Click Start / Run and type Regsvr32 %SystemRoot%\System32\wbem\wmidcprv.dll and click OK.
  2. Restart the computer and test the firewall again.

If this does not resolve the issue, or if the problem does not match the description, please follow the steps in KB article 910659.

Article taken from technet blogs.

http://blogs.technet.com/b/networking/archive/2011/06/08/the-windows-firewall-service-fails-to-start-introduction.aspx

Tag Cloud