EWS Free Area

June 10, 2026

🔐Exchange and Active Directory permissions: when security hardening conflicts with product architecture

Many Exchange-related Active Directory permissions look excessive from a traditional AD security perspective. As a result, security audits often recommend restricting or removing them. However, Exchange deeply depends on Active Directory permissions as part of its supported architecture. In this post, we discuss why permissions such as Reset Password, Change Password, SACL-related rights, and other…

Exchange Server
May 30, 2026

⚠️ Exchange DAG, dynamic quorum and an unexpected datacenter failover behavior

A missing File Share Witness, dynamic quorum vote recalculation, and a real-world datacenter isolation scenario led to unexpected Exchange DAG behavior during a failover event. In this post, we analyze how dynamic quorum adjusted node votes, why the “wrong” datacenter retained quorum, why previous DR tests did not reveal the issue, and how hidden quorum…

Exchange Server
May 19, 2026

📦 Exchange troubleshooting and log collection: why time matters

Exchange troubleshooting often begins too late — after important logs have already been overwritten. In this post, we discuss the Microsoft ExchangeLogCollector script, why rapid diagnostic collection matters, and how preserving the right data early can dramatically improve the chances of successful Root Cause analysis.

Exchange Server
May 12, 2026

⚠️ Exchange DAG with an even number of nodes and no File Share Witness: a hidden risk

A healthy-looking DAG does not always mean a healthy quorum configuration. In this post, we discuss why an Exchange DAG with an even number of nodes still requires a properly configured File Share Witness, how dynamic quorum can hide the problem for a long time, and why missing witness resources may only become visible during…

Exchange Server
March 2, 2026

🛡 Antivirus on Exchange Servers: When “Configured According to Best Practices” Still Isn’t Enough

Antivirus software is mandatory on Exchange servers, but misconfiguration goes far beyond missing folder exclusions. This article explains how antivirus process-level integration can silently affect IIS and Exchange services, why issues may look unrelated to antivirus at first glance, and how Microsoft-provided diagnostic scripts help identify configuration problems.

Exchange Server

Available categories:

Exchange Server

🔐Exchange and Active Directory permissions: when security hardening conflicts with product architecture

⚠️ Exchange DAG, dynamic quorum and an unexpected datacenter failover behavior

📦 Exchange troubleshooting and log collection: why time matters

⚠️ Exchange DAG with an even number of nodes and no File Share Witness: a hidden risk

🛡 Antivirus on Exchange Servers: When “Configured According to Best Practices” Still Isn’t Enough