Monthly Archives: January 2019

Mac, Microsoft, Office 365, Office365

Microsoft Office 365 is available in Mac App Store now

Leave a comment

Last year Microsoft has promised that it’ll bring Microsoft office 365 on the Mac App Store and today is the day.

The statement by MS reads:

“We are excited to welcome Microsoft Office 365 to the all new Mac App Store in macOS Mojave. Apple and Microsoft have worked together to bring great Office productivity to Mac users from the very beginning. Now, with Office 365 on the Mac App Store, it’s easier than ever to get the latest and best version of Office 365 for Mac, iPad, and iPhone.”
—Phil Schiller, Apple’s senior vice president of Worldwide Marketing

  • Image result for office 365 apps mac

Office 365 apps are already available for Mac however, placing these app in Mac App Store gives the Mac users the capability to manage apps updates, control their installation and much more.

The Office 365 apps were supposed to be released last year but due to delay for unknown reasons they have postponed it to 2019.

Image of a MacBook open displaying Dark Mode in PowerPoint.

Download Office 365 from the Mac App Store.*

Browsers, DNS, encryption, Security

DOT/H Google Launches Secure DNS but not supported by Chrome yet

Leave a comment

You might have heard that very recently Google has launched their DNS over TLS which is based on their Google Public DNS service the most commonly used DNS recursive resolver worldwide.

In a statement Google published the following article

https://security.googleblog.com/2019/01/google-public-dns-now-supports-dns-over.html

 

Google Public DNS is the world’s largest public Domain Name Service (DNS) recursive resolver, allowing anyone to convert Internet domain names like www.example.com into Internet addresses needed by an email application or web browser. Just as your search queries can expose sensitive information, the domains you lookup via DNS can also be sensitive. Starting today, users can secure queries between their devices and Google Public DNS with DNS-over-TLS, preserving their privacy and integrity.

 

(DOH) Support for Google Chrome

Although the service is now available however, you still can’t use it on your Windows 10 OS since Microsoft didn’t add the support yet. Linux OS like Ubuntu supports DOT.

 

Alternative Browsers with DOH support

Firefox’s Nightly browser which is dedicated to power users or developers already have the support for DNS over HTTPS (DOH) and upon testing it I could clearly see no indication of any plain text in my wireshark traffic for the websites that I have visited.

I used Godaddy.com as an example to see if whether Wireshark would show the requested website in the DNS filtered traffic. Using Firefox Nightly, didn’t show any DNS result in Wireshark.

image

 

Checking result with Chrome

visiting Godaddy.com on Chrome gave a different result. Here everything is clear text. Although I am using Simple DNScrypt app but still exposes the DNS traffic.

image

 

Even if I changed the DNS settings on my NIC to 1.1.1.1 (cloudflare’s DOT) it would still show the result on Wireshark.

 

image

 

On November 3rd 2018, Chromium released the following article stating:

 

Add DoH UI setting. This CL adds a UI setting allowing users to enable DNS over HTTPS (DoH). Users may select a DoH server from a dropdown menu of preapproved options or enter a DoH server of their choosing. Bug: 878582 Test: out/Default/chrome –enable-features=”SecureDnsSetting” Cq-Include-Trybots: luci.chromium.try:linux_mojo Change-Id: I1138c3b8e77aea10a0d4e8a542b889a285a1a492

 

How to secure your Windows 10 ? 

Lots of tools out there that support Dns over TLS, one of them is dns simple DNSCrypt which uses the protocol dnscrypt. The application can be used temporarily or as a service. 

Windows 10 

I have installed the tool on my Windows 10 as a service and ran a test to see if resolving Google or any other domain would come as clear text but result was negative. 

The app uses various range of DNS recursive resolver services like Google, Cloudflare, Freesta… etc 

To Encrypt your DNS traffic, use Simple DNSCrypt

MasterCard, Microsoft, Privacy, Security

No More Privacy, Says Microsoft and MasterCard

Leave a comment





MONITORING SOCIETY. Mobile Bank ID and Swish were just the beginning. Now, Mastercard and Microsoft are to produce digital identities for everyone. Your identity should be known no matter what you do. The system will also simplify for increased invasion of racial strangers to the West.

Microsoft Logo

Last Month, Mastercard and Microsoft announced in a joint communication that they intend to produce new digital identity documents for all people, who will work in all contexts.

All choices and social actions performed in agreements with authorities and companies must be linked through this new digital identity document that will always prove your identity and your actions.

The new identity document should “simplify” our interactions, no matter what we do. It should also be used to verify Facebook users and the like.

“To vote, drive, search for jobs, rent a home, get married and board an aircraft: All such acts mean you have to prove your identity. Together with Microsoft, we work to create a universally valid digital identity document, ”writes Mastercard in his communication.


image

Mastercard explains the companies’ new projects as follows:

Verifying their identity on the Internet is still dependent on physical or digital evidence handled by a central player, whether it be a passport number, accounting address, driver’s license, user identities or other things.

This dependency puts a heavy burden on individuals who must be able to remember hundreds of passwords for different identities, and they must perform increasingly complex actions to prove their identity and manage their data.

Mastercard and Microsoft aim to provide people with a safe and fast way to verify their identity to anyone, whenever they want.

The answer to these challenges is a service that lets users enter, control and share their identity data in their own ways – on devices they use every day. This is Mastercard’s intention, in close collaboration with players such as Microsoft.

– Today’s digital identity landscape is a jungle, inconsistent; and what works in one country often does not work in another. We have the opportunity to establish a system that puts people first and gives them control over their identity data and where they are used, ”says Ajay Bhalla , head of cyber and information solutions at Mastercard.

“By working with Microsoft, we are one step closer to the realization of a globally interoperable digital identity service,” continues Bhalla.

The new digital identities will create opportunities for new and improved user experiences for people who interact with businesses, service entities and virtual networks, such as:

  • Financial Services : Enhance and speed up identification processes to open new bank accounts, create loans, or make payments.
  • Kommers : Enable a more individualized and effective shopping experience both on the Internet and in business, regardless of the form of payment, portable device or service provider.
  • Contact with authorities : Simplification of communication with authorities and services, such as declaring income, ordering pass documents, voting or ensuring that your contributions are paid.
  • Digital Services : Streamlined and simpler ways to use email, social media, music and movie streaming services and car pools.

A new way of managing one of the cornerstones of life
– The digital identity is a cornerstone of how people live, work and entertain themselves every day, says Joy Chik , Microsoft’s vice president of identities.

– We believe that individuals should have control over their digital identity and data, and we are enthusiastic about working with Mastercard to give life to new decentralized innovations, says Chik.

This digital solution will also solve many common challenges:

  • Identity conclusion : Over one billion people, the majority of them women, children and refugees, do not have official identity. A digital identity can improve their access to health, money and social services.
  • Identity Verification : A single, reusable digital identity can help people interact with a vendor, bank, authority, and impersonal other digital service broker with greater integrity, lower cost, and less friction.
  • Fraud Prevention : A single digital identity can reduce the number of payment fraud and various forms of identity theft.

Displeased individuals can be immediately blocked all over the world
With integrated systems, it is easy to lock identities for all or selected forms of transactions. An identity that is used for a purpose that displeases some of the more influential operators, can with some keystrokes be prevented from, for example, taking bank loans, opening a bank account, starting a car or flying aircraft. This may apply, for example, to “suspected Muslim terrorists”.

A nationalist who is opposed to the globalized world can with the coming system be prevented from voting in elections so that “undemocratic parties” cannot flare up, and so on.

This is nothing that is written in the communiqué, but it is technically easy to manage the identity in this way. The purpose of the new digital identities is that all people’s identity should be transparent and undoubtedly identifiable. All their doings and songs should always be obvious and easy to trace and “manage”.

Logical development
Mastercard has previously had global payment solution projects that will facilitate migration across the world. Financial man George Soros , together with Mastercard and the UN, have various migration projects where “refugees” get access to bank accounts and payment solutions in order to more easily infiltrate the West.

At the same time, the UN’s new global migration agreement – which among other things Norway and the Swedish transitional government that governs overtime intends to write on December 10 – aims, among other things, to reduce transaction costs for “refugees” who want to move financial resources from their new contributing industrialized host countries, to the countries from which they have fled.

With Mastercards, Microsoft’s and the UN’s new global ventures, the “friction” will thus decrease between what the racially invasive invaders and the asylum seekers want from the West, and the fulfillment of these desires.









Exchange 2013, Exchange 2016, Exchange 2019, Microsoft, Security

Microsoft Exchange 2013–2016-2019 Security Vulnerability (URGENT)

Leave a comment





CVE-2019-0586 | Microsoft Exchange Memory Corruption Vulnerability

image

Yesterday Microsoft has published an KB article about a security threat to Exchange 2013-2016 and 2019.

The article mentions CU10-CU11 for Exchange 2016, CU21 for Exchange 2013 and RTM version of Exchange 2019 as well.

I spoke to Microsoft of whether this issue affects earlier CU versions for Exchange and they confirmed it

 

image

Vulnerability details:

A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the System user. An attacker could then install programs; view, change, or delete data; or create new accounts.

Exploitation of the vulnerability requires that a specially crafted email be sent to a vulnerable Exchange server.

The security update addresses the vulnerability by correcting how Microsoft Exchange handles objects in memory.

 

Download link:

https://support.microsoft.com/en-us/help/4471389/description-of-the-security-update-for-microsoft-exchange-server-2019

 









FreePBX, Lync, PBX, Skype for Business 2015

Lync 2013 to Skype for Business in-place upgrade with Monitoring database

Leave a comment





This article guides you through the steps of doing an in-place upgrade from Lync 2013 to Skype for business. I am copying the article as is from my lab with all the errors that I have been through to give you a real experience feed back of what is this like.

You might get issues that you have never expected, but resolving them is not that hard and if you have any issues please don’t hesitate to leave a comment and I will get back to help you.

Prerequisites

Extensible Chat Communication Over SIP protocol (XCCOS)

From <https://technet.microsoft.com/en-us/library/dn951390.aspx>

References:

https://technet.microsoft.com/en-us/library/dn951371.aspx?f=255&MSPPError=-2147217396

https://technet.microsoft.com/en-us/library/dn933900.aspx

Lync CU 5

https://www.microsoft.com/en-us/download/details.aspx?id=36820

Kb2533623 Windows Server 2008 R2

http://support.microsoft.com/kb/2533623

Kb2858668 Windows Server 2012

http://support.microsoft.com/kb/2858668

KB2982006 Windows Server 2012 R2

https://onedrive.live.com/redir?resid=82488EABA4ACDB15!38654&authkey=!AE9IJKbMPtkge8U&ithint=file%2cexe

SQL 2012 SP2 for Express version

https://www.microsoft.com/en-us/download/details.aspx?id=43351

clip_image001

First Issue:

Upon running the setup I have got the following error:

Prerequisite not satisfied: Internet Information Services (IIS) must be installed before attempting to install this product.

Prerequisite not satisfied: The following Internet Information Services (IIS) role services must be installed before attempting to install this product: Static Content, Default Document, HTTP Errors, ASP.NET, .NET Extensibility, Internet Server API (ISAPI) Extensions, ISAPI Filters, HTTP Logging, Logging Tools, Tracing, Client Certificate Mapping Authentication, Windows Authentication, Request Filtering, Static Content Compression, Dynamic Content Compression, IIS Management Console, IIS Management Scripts and Tools

Prerequisite not satisfied: Before you install Skype for Business Server 2015, you must install an update for Windows Server 2012 R2. For details about the update, see Microsoft Knowledge Base article 2982006, “IIS crashes occasionally when a request is sent to a default document in Windows 8.1 or Windows Server 2012 R2” at http://go.microsoft.com/fwlink/?LinkId=519376

Prerequisite not satisfied: Before you install Skype for Business Server 2015, you must install Microsoft ASP.NET 4.5 by using the Add Roles and Features Wizard in Windows Server 2012 Server Manager. Install the ASP.NET 4.5 role service of the Web Server (IIS) role.

Prerequisite not satisfied: Before you install Skype for Business Server 2015, you must install Microsoft Windows Communication Foundation Activation by using the Add Roles and Features Wizard in Windows Server 2012 Server Manager. Install WCF Services and HTTP Activation, which are included with the Microsoft .NET Framework 4.5 feature.

http://go.microsoft.com/fwlink/?LinkId=519376

Powershell

$PSVersionTable

clip_image002

I will re-run prerequisites to make sure that all are satisfied before running setup again.

STEP 1 : Installing Prerequisites

Add-WindowsFeature NET-Framework-Core, RSAT-ADDS, Windows-Identity-Foundation, Web-Server, Web-Static-Content, Web-Default-Doc, Web-Http-Errors, Web-Dir-Browsing, Web-Asp-Net, Web-Net-Ext, Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Http-Logging, Web-Log-Libraries, Web-Request-Monitor, Web-Http-Tracing, Web-Basic-Auth, Web-Windows-Auth, Web-Client-Auth, Web-Filtering, Web-Stat-Compression, Web-Dyn-Compression, NET-WCF-HTTP-Activation45, Web-Asp-Net45, Web-Mgmt-Tools, Web-Scripting-Tools, Web-Mgmt-Compat, Server-Media-Foundation, BITS, Desktop-Experience, Telnet-Client

https://docs.microsoft.com/en-us/skypeforbusiness/plan-your-deployment/requirements-for-your-environment/server-requirements

Updated aug-2018

clip_image003

clip_image004

STEP 2: Installing CU5

Download and install CU5

https://www.microsoft.com/en-us/download/details.aspx?id=36820

clip_image005

clip_image006

After the restart we will apply the update of the databases which in my case is going to be the FQDN of the FE server since it’s standard version and not Backend server.

Install-CsDatabase -ConfiguredDatabases -SqlServerFqdn lyncfe01.adeo.local -Verbose

clip_image007

clip_image007[1]

Time to upgrade the Archiving/Monitoring databases.

To upgrade we’ll use the same command except change the FQDN of the SQL server to the SQL server where Monitoring and Archiving databases are at.

Install-CsDatabase -ConfiguredDatabases -SqlServerFqdn sql01.adeo.local -Verbose

clip_image008

clip_image009

clip_image010

Applying CMS upgrade

clip_image011

Install-CsDatabase -CentralmanagementDatabase -SqlServerFqdn Lyncfe01.adeo.local -SqlInstanceName rtc -verbose

clip_image012

clip_image013

Then run enable-cstopology

Last thing in the CU5 update is

%ProgramFiles%\Microsoft Lync Server 2013\Deployment\Bootstrapper.exe

clip_image014

clip_image015

https://support.microsoft.com/en-us/kb/2809243

Step 3 : Installing Windows OS hotfix.

KB2982006 Windows Server 2012 R2

Since the FE is on Windows Server 2012 R2 then we’ll need to download this link

https://onedrive.live.com/redir?resid=82488EABA4ACDB15!38654&authkey=!AE9IJKbMPtkge8U&ithint=file%2cexe

RESTART is Required

clip_image016

STEP 4 : Install SQL Service Pack 2 (Express) for your Lync Front end Standard Edition

First Download SQL Express SP2 setup

clip_image017

You can patch the server by opening a Lync Management Shell window and entering the following commands:


Stop-CsWindowsService

.\SQLEXPR_x64_ENU.exe /ACTION=Patch /allinstances /IAcceptSQLServerLicenseTerms

clip_image018

clip_image019

clip_image020

clip_image021

clip_image022

clip_image023

clip_image024

clip_image025

Step 5: SQL Server (Standard or Enterprise) for (Monitoring, Archiving)

https://support.microsoft.com/en-us/kb/321185

clip_image026

My SQL Server version is SP1 so I don’t need to upgrade it to SP2

clip_image027

Step 6- In-place Upgrade for Skype For Business

In order to do the in-place upgrade, we’ll need to use a machine that doesn’t have Lync 2013 to install the new Topology builder and do the upgrade process

On a different Machine that’s joined to the same domain, I will run the prerequisites script and restart the machine. then I’ll load the Skype for business ISO and install

clip_image028

D:\Setup\amd64\Setup.exe

clip_image029

clip_image030

clip_image031

clip_image032

We’ll now press on Installing Administrative tools

clip_image033

clip_image034

clip_image035

Now in order to continue we’ll have to open the topology builder in order to upgrade our Lync 2013 topology

I’ll open the topology builder and save the topology file somewhere

clip_image036

Once the topology is open, I’ll navigate to the Standard FE Servers and right click on my main server to upgrade

clip_image037

clip_image038

I’ll click on Upgrade to Skype for Business Server 2015…

clip_image039

As soon as you press Yes, the Frontend server that you selected will be moved under the Skype For Business Server 2015 tab as you can see below.

clip_image040

Since I have two FE servers (FE and SBS) I will be upgrading them both but not in the same time not not fall into any errors, so I will publish the topology and see what happens.

clip_image041

clip_image042

We’ll check what do we need to do now in order to upgrade the servers, here is what we’ll do.

Import existing normalization rules from the previous Skype for Business Server deployment. If you want to keep your existing normalization rules you will need to import them using the Import-CsCompanyPhoneNormalizationRules cmdlet. If you have separate normalization rules for each pool then you will need to run the command for each set.

To perform an in-place upgrade of your Skype for Business Server, you’ll need to do the following, in order:

(1) Stop the Skype for Business services on all of the servers that you are upgrading;

(2) Run Skype for Business Server setup (Setup.exe) on all of the servers you are upgrading;

(3) Start the Skype for Business services on all of the servers you upgraded. To start the services in a Front End pool, connect to one of the servers in the pool and run the Start-CsPool cmdlet. All the servers in the pool should be running Skype for Business Server before you use the Start-CsPool cmdlet. To start the services in all other pools (e.g. Edge pool, Mediation pool), run the Start-CsWindowsService cmdlet on every server in the pool;

Server FQDN: lyncfe01.adeo.local, Pool FQDN: lyncfe01.adeo.local

On Lync FE 01 I’ll stop all the services using Stop-cswindowsservice

clip_image043

Now on the same server I’ll load the Skype4B ISO and start the setup

D:\Setup\amd64\Setup.exe

clip_image029[1]

clip_image030[1]

clip_image031[1]

Started at 1:40pm

clip_image044

clip_image045

clip_image046

clip_image047

clip_image048

clip_image049

NOTE:

The required time for the upgrade process is estimated around 75-90 Minutes for each FE Server.

clip_image050

clip_image051

Starting ‘Verifying upgrade readiness…’

‘Verifying upgrade readiness…’ completed successfully

Starting ‘Installing missing prerequisites…’

‘Installing missing prerequisites…’ completed successfully

Starting ‘Uninstalling roles…’

‘Uninstalling roles…’ completed successfully

Starting ‘Detaching database…’

‘Detaching database…’ completed successfully

Starting ‘Uninstalling local management services…’

‘Uninstalling local management services…’ completed successfully

Starting ‘Installing and configuring core components…’

‘Installing and configuring core components…’ completed successfully

Starting ‘Installing administrative tools…’

‘Installing administrative tools…’ completed successfully

Starting ‘Installing local management services…’

‘Installing local management services…’ completed successfully

Starting ‘Attaching database…’

‘Attaching database…’ completed successfully

Starting ‘Upgrading database…’

‘Upgrading database…’ completed successfully

Starting ‘Enabling replica…’

‘Enabling replica…’ completed successfully

Starting ‘Installing roles…’

‘Installing roles…’ completed successfully

Starting ‘Verifying installation…’

‘Verifying installation…’ completed successfully

clip_image052

Upgrade the SBS (Survivable Branch Server) in the pool to Skype4B

clip_image053

clip_image054

Publish the topology

clip_image055

I’ll stop the service before I start the upgrade process.

clip_image056

I’ll load the ISO on the second server and start the upgrade.

D:\Setup\amd64\Setup.exe

clip_image029[2]

clip_image030[2]

clip_image031[2]

clip_image057

Apparently I forgot to update Lync to the latest CU

clip_image058

clip_image059

clip_image060

clip_image061









Email, Exchange 2019, Exchange Migration, Microsoft

Install Exchange 2019 Core using PowerShell

Leave a comment





You probably already know that Exchange 2019 RTM has been released and even CU1 is about to come too.

But what’s interesting about 2019 is that it has a lot of new features, some that lot of people wanted to have in legacy versions especially for security, performance, resiliency and scalability.

image

As per Microsoft Security has been improved to suit the needs of corporations removing all vulnerable ciphers and follow best practices.

Security: Exchange Server 2019 requires Windows Server 2019. In fact, we recommend installing Exchange Server 2019 onto Windows Server 2019 Server Core. Exchange Server 2019 installed on Windows Server 2019 Core provides the most secure platform for Exchange. You also have the option of installing Exchange 2019 onto Windows Server 2019 with Desktop Experience, but we have worked hard to make sure running Exchange on Server Core is the best choice for our code.

We’re aware all media for Windows Server 2019 and Windows Server, version 1809 has been temporarily removed and Microsoft will provide an update when refreshed media is available. Exchange Server 2019 will be fully compatible with version 1809, and the refreshed version.

We also built Exchange Server 2019 to only use TLS 1.2 out of the box, and to remove legacy ciphers and hashing algorithms. To understand how this affects coexistence with earlier versions, please reference our previous series of postson TLS.

Regarding Performance, Microsoft has released the following statement:

Performance: We’ve done significant work to allow Exchange Server to take advantage of larger core and memory packed systems available in market today. With our improvements, Exchange Server can use up to 48 processor cores and 256GB of RAM.

We’ve re-engineered search using Bing technology to make it even faster and provide better results, and in doing so have made database failovers much faster, and administration easier.

We’re adding dual storage read/write capabilities to Exchange Server 2019 using Solid State Drive (SSD) technology to provide a super-fast cache of key data for improving end user experience. We also talked about this in our Email Search in a Flash! Accelerating Exchange 2019 with SSDs session at Ignite.

We also changed the way database caching works to allocate more memory to active database copies, again improving the end user experience. You can learn more about Dynamic Database Cache from Welcome to Exchange Server 2019!video and slides.

The improvements we have made to Exchange Server 2019 will enable you to scale to a larger number of users per server than ever before, use much larger disks, and see the latency of many client operations being cut in half.

Installation:

Installing Exchange 2019 on Core is something that’s been recently supported, along with other features like in-place upgrade from Exchange 2016 to Exchange 2019.

In this guide we’ll go through the process of installing Exchange 2019 using PowerShell starting from naming the server, joining it to the domain and installing prerequisites of Exchange 2019.

Configuring Static IP address:

In order to give a static IP address to the machine from Windows Core we’ll be using the following script:

Assuming you have subnet 192.168.18.0 with mask /24 and gateway 192.168.18.1. we will use the below script to provide the machine with an IP.

$wmi = Get-WmiObject win32_networkadapterconfiguration -filter “ipenabled = ‘true'”

$wmi.EnableStatic(“192.168.18.69”, “255.255.255.0”)

$wmi.SetGateways(“192.168.18.1”, 1)

$wmi.SetDNSServerSearchOrder(“192.168.18.150”)

 

clip_image001

Join Domain

Exchange must be part of the domain which you’re using in your lab / Production environment. next we’ll be joining this machine to our domain using the following script:

First we’ll change the hostname, restart and then join the domain

clip_image001[4]

Change Computer name:

Rename-Computer -NewName “Exch2019” -DomainCredential WIN-EPM2CRB5MN9\administrator –Restart

clip_image001[6]

Join the domain

add-computer –domainname cloud-tech.net -Credential cloud-tech\administrator -restart –force

clip_image001[9]

After restarting

clip_image001[11]

Configuring Drives:

Since I am doing a lab test only, I will use the default C drive to install Exchange, but if you’d want to configure a second Drive please let me know and I will add that part as well.

clip_image001[13]

Diskpart

List volume

clip_image002

clip_image003

 

Installing Prerequisites – Exchange 2019 on Windows 2019 Core

Prerequisites

​EX2019 will require 2012R2 AD FFL​

Check out your windows Version first for compatibility

[System.Environment]::OSVersion.Version

clip_image001[15]

clip_image002[4]

 

 

 

 

 

GUI Version of Windows 2019

Install-WindowsFeature NET-Framework-45-Features, RPC-over-HTTP-proxy, RSAT-Clustering, RSAT-Clustering-CmdInterface, RSAT-Clustering-Mgmt, RSAT-Clustering-PowerShell, Web-Mgmt-Console, WAS-Process-Model, Web-Asp-Net45, Web-Basic-Auth, Web-Client-Auth, Web-Digest-Auth, Web-Dir-Browsing, Web-Dyn-Compression, Web-Http-Errors, Web-Http-Logging, Web-Http-Redirect, Web-Http-Tracing, Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Lgcy-Mgmt-Console, Web-Metabase, Web-Mgmt-Console, Web-Mgmt-Service, Web-Net-Ext45, Web-Request-Monitor, Web-Server, Web-Stat-Compression, Web-Static-Content, Web-Windows-Auth, Web-WMI, Windows-Identity-Foundation, RSAT-ADDS

 

 

Windows 2019 Core

Install-WindowsFeature RPC-over-HTTP-proxy, RSAT-Clustering, RSAT-Clustering-CmdInterface, RSAT-Clustering-PowerShell, WAS-Process-Model, Web-Asp-Net45, Web-Basic-Auth, Web-Client-Auth, Web-Digest-Auth, Web-Dir-Browsing, Web-Dyn-Compression, Web-Http-Errors, Web-Http-Logging, Web-Http-Redirect, Web-Http-Tracing, Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Metabase, Web-Mgmt-Service, Web-Net-Ext45, Web-Request-Monitor, Web-Server, Web-Stat-Compression, Web-Static-Content, Web-Windows-Auth, Web-WMI, RSAT-ADDS, Server-Media-Foundation

clip_image003[4]

clip_image004

After installing prerequisites, Installing UCMA

For UCMA on Windows Core you need to get a certain UCMA customized in order to work with Windows 2019 core.

http://tapfiles.azureedge.net/private/UCMA.zip?sv=2014-02-14&ss=2018-03-14T21%3A59%3A22Z&se=2019-01-01T22%3A58%3A56Z&sp=r&sr=b&sig=tgpQ84Wp3j%2FZmEOgPcdjcXgULLXMRX%2BDmCjoSbKOZbM%3D

After Extracting and copying the file to the C root drive

The setup file is called Ironmansetup.exe

clip_image005

clip_image006

clip_image007

clip_image008

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

After the Installation of UCMA, there will be another requirement,

Visual C++ Redistributable Packages for Visual Studio 2013

https://www.microsoft.com/en-us/download/details.aspx?id=40784

clip_image009

clip_image010

.\setup.exe /InstallWindowsComponents /CustomerFeedbackEnabled:False /LogFolderPath:C:\Logs\db4 /DbFilePath:C:\Mailbox\Database01\Database01.edb /MdbName:Database01 /DisableAMFiltering /IAcceptExchangeServerLicenseTerms /roles:mb,mt

 

clip_image011

 

clip_image015

clip_image016

clip_image017

clip_image018

clip_image019

 

 

Setting URLS

clip_image001[17]

I will be upgrading this with the latest Windows 2019 releases since this installation was done with Microsoft Windows 2019 Preview edition

For any consultation requirements please contact me admin@moh10ly.website or info@moh10ly.com

Thank you