Exchange 2016 / 2013 Default Receive Connector Settings
May27

Exchange 2016 / 2013 Default Receive Connector Settings

KB ID 0001314 Dtd 27/05/17 Problem Out of the box, Exchange 2016 (&2013) has five receive connectors. Three for the frontend transport service and two for the mailbox transport service. Front End Transport Service: Does not alter, inspect, or queue mail. It is the first port of call for ALL mail coming into (and out of) the Exchange organisation. This service creates THREE receive connectors All are bound to 0.0.0.0 0.0.0.0, and...

Read More
Cisco – Joining Layer 2 Networks Over Layer 3 Networks
May22

Cisco – Joining Layer 2 Networks Over Layer 3 Networks

KB ID 0001313 Dtd 22/05/17 Problem It's a common problem, you want to connect one site to another and still have them on the same layer 2 network. As you can see above both the routers at the bottom are in the 172.16.1.0/24 network, let's assume they are clients in the same layer 2 network how would you connect them? Solution Option 1: xconnect over L2TP All the 'heavy lifting' is done on the SiteA and SiteB routers. We will start...

Read More
Microsoft PKI Planning and Deploying Certificate Services Part 3
May15

Microsoft PKI Planning and Deploying Certificate Services Part 3

KB ID 0001312 Dtd 15/05/17 Problem Following on from Part Two, now we have an offline Root CA, and a CRL server, our next step is defined by our PKI design, are we three tier, or two tier? (Look in Part One for a definition). Solution As previously mentioned, Microsoft just treats Intermediate CAs and Issuing CA's as the same thing (SubCAs). So the next step is identical for either. But I would suggest one difference, If I was...

Read More
WannaCry – Protect Yourself
May15

WannaCry – Protect Yourself

KB ID 0001311 Dtd 15/05/17 Problem Last Friday, the IT world was hit by another attack, WannaCry is a Ransomware infection, that exploits a hole in the windows SMB Protocol. This hole was patched back in March, (Security update MS17-010) so if your, (windows update supported systems) have updates enabled, you will probably already be protected. Why were big organisations like the NHS hit? Primarily because they have systems that are...

Read More
Microsoft PKI Planning and Deploying Certificate Services Part 2
May14

Microsoft PKI Planning and Deploying Certificate Services Part 2

KB ID 0001310 Dtd 14/05/17 Problem In Part One we deployed our offline Root CA Server, now we are going to deploy a ‘Certificate Revocation Location’ server. Solution Before you start: Create a DNS record for ‘pki‘ that points to the IP address, that you will have the CRL web server hosted on. I’m installing my CRL server on a separate web server because thats good practice. Starting with a domain joined...

Read More