-
🛡️Default FrontEnd Connector in Exchange: Open Door or Necessary Entry Point?
Did you know that your Exchange server might be allowing anyone to send anonymous emails to internal users by default? In this post, I explore the security implications of the Default FrontEnd receive connector, why it matters in hybrid environments, and how attackers might exploit it. Based on findings from real Risk Assessment Programs, I…
-
📅Cross-Forest Free/Busy with Meeting Rooms: Making It Work in Exchange
Free/Busy lookups between forests are tricky enough — and meeting rooms make them even more so. In this post, I walk through a scenario where calendar sharing works fine for users, but room mailboxes stay silent. If you’re dealing with a cross-forest Exchange setup and struggling with room availability, this guide will help pinpoint where…
-
🌐Federation Trust in Exchange: When Trust Breaks Down
Federation Trust is the backbone of cross-organization sharing in Exchange – but what if it breaks? In this post, I cover a real-world case where the trust silently failed, impacting Free/Busy lookups and external sharing.
-
🧩Recreating Exchange Virtual Directories: When Reset is the Fix
Virtual directories in Exchange can get messy – corrupted configs, wrong URLs, failed authentication… In this post, I show how and when recreating them solves persistent issues with Outlook, OWA, ECP, and more. Whether you’re troubleshooting client access or just want a clean slate, here’s a practical guide to doing it safely.
-
🧮Mastering LogParser for Exchange and IIS: Powerful Queries Made Simple
Exchange and and it’s logs hold the answers – if you know how to ask the right questions. In this post, I walk through using LogParser, a free and powerful tool, to extract, filter, and visualize key data from your environment. Whether you’re troubleshooting mail flow, performance, or security issues, LogParser turns raw logs into…
-
🔄Migrating Exchange Online Mailboxes Without a Cross-Tenant License
Microsoft officially requires a cross-tenant migration license to move mailboxes between tenants – but there are cases where it’s not strictly needed. In this post, I share a real-world scenario of cross-tenant Exchange Online migration without purchasing the license. Learn what’s possible, what risks are involved, and how to stay compliant (or at least well-informed).
-
🔗Free/Busy Across Forests: Setting It Up with Federation in Exchange
Need to make calendar sharing work between Exchange forests? Federation Trust is your key. In this post, I walk through configuring Free/Busy lookups using Federation – what you need, where it can break, and how to make sure users see each other’s availability across organizational boundaries. A practical setup guide based on real experience.
-
🔐Multi-Factor Authentication in Exchange Server: What’s Really Possible
You know MFA is a must-have for cloud security — but what about Exchange Server on-premises? In this post, I explore how multi-factor authentication can be implemented in Exchange, what Microsoft officially supports.
-
🕵️♂️Debugging Exchange with Fiddler: Extended Protection in Action
Extended Protection adds an important layer of security to Exchange – but it can also complicate things. In this post, I demonstrate how to use Fiddler to trace authentication behavior, troubleshoot issues, and better understand how Extended Protection works under the hood. A hands-on look into diagnostics with real examples.
-
👀Unexpected Mailbox Access in Exchange: When Users See Too Much
What if your users suddenly start seeing other people’s mailboxes – without being granted access? In this post, I dive into a case of unexpected mailbox access in Exchange Server, explain what might cause it, and share how to trace and prevent such incidents. Spoiler: sometimes it’s not what the permissions say – it’s what…
EWS Free Area 