Sunday, March 23, 2014

Renewing an Exchange Certificate - Self signed / StartTLS or Transport (Exchange 2007 / 2010 / 2013)

source: http://forums.msexchange.org/Renewing_self-signed_SMTP_certificate/m_1800558152/tm.htm

Bharat's article is what I've used numerous times.

Just do a Get-exchangeCertificate | FL

Then with what youve provided you just highlight the SMTP cert
Thumbprint : 15405C99D3837CFF0DD2EA0213DAD6A241B

and then type out

Get-ExchangeCertificate -thumbprint “15405C99D3837CFF0DD2EA0213DAD6A241B” | New-ExchangeCertificate

then just bounce the microsoft exchange transport service.

source: http://forums.msexchange.org/Renewing_self-signed_SMTP_certificate/m_1800558152/tm.htm
Posted by at No comments:

Tuesday, March 18, 2014

Check Exchange Server Patch Level

Source: http://serverfault.com/questions/448827/how-do-i-determine-the-sp-and-rollup-version-of-an-exchange-installation




Slow method

Open "Programs and Features", select view updates, and search for the relevant Exchange 2010 patch.

Fast method

Run this command in Powershell

 gcm exsetup | %{$_.fileversioninfo}
 
Then use this URL to decipher the version number:

http://social.technet.microsoft.com/wiki/contents/articles/240.exchange-server-and-update-rollups-build-numbers-en-us.aspx




Source: http://serverfault.com/questions/448827/how-do-i-determine-the-sp-and-rollup-version-of-an-exchange-installation
Posted by at No comments:

Tuesday, March 11, 2014

Exchange 2013 (version 15) Viewing and setting Message Size Limits


http://technet.microsoft.com/en-us/library/jj150562%28v=exchg.150%29.aspx

Posted by at No comments:

Tuesday, March 4, 2014

How enable/disable FIPS cryptography in WIndows - all version



source: http://stackoverflow.com/questions/4886368/how-to-enable-fips-on-windows-7


In WIndows 8, open up a command prompt wondoe and kick off gpedit.msc and go from there...

First, be aware of what actually happens when you enforce FIPS140-2 complient encryption within Windows. Details are at http://technet.microsoft.com/en-us/library/cc750357.aspx. However, the main 'gotcha' (old SSL website's don't work in IE anymore) is detailed in the article linked below.
The official instructions to enable FIPS 140-2 complience are at http://support.microsoft.com/kb/811833, but can be summarised as follows:
  1. Using an account that has administrative credentials, log on to the computer.
  2. Click Start, click Run, type gpedit.msc, and then press ENTER.
  3. In the Local Group Policy Editor, under the Computer Configuration node, double-click Windows Settings, and then double-click Security Settings.
  4. Under the Security Settings node, double-click Local Policies, and then click Security Options.
  5. In the details pane, double-click System cryptography: Use FIPS-compliant algorithms for encryption, hashing, and signing.
  6. In the System cryptography: Use FIPS-compliant algorithms for encryption, hashing, and signing dialog box, click Enabled, and then click OK to close the dialog box.
  7. Close the Local Group Policy Editor.
If you wish to do this manually, you can also simply change the registry key HKLM\System\CurrentControlSet\Control\Lsa\FIPSAlgorithmPolicy\Enabled to 1
Finally, to repeat, it is very important that you read through the documentation before you enable this - it changes cryptography system wide, including how the file system (both EFS and Bitlocker) and network (IE, Remote Desktop and the main cryptographic libraries) are allowed to encrypt, as well as if you allowed to recover lost encryption keys.

source: http://stackoverflow.com/questions/4886368/how-to-enable-fips-on-windows-7
Posted by at 12 comments:
Subscribe to: Posts (Atom)