As part of developing your Windows Workstation Security Baseline GPO, there are several large organizations that have spent time and money determining what’s “secure”: Windows 10 (v1607) & Windows Server 2016 security configuration baseline settings: https://blogs.technet.microsoft.com/secguide/2016/10/17/security-baseline-for-windows-10-v1607-anniversary-edition-and-windows-server-2016/ If you already have a GPO configuring workstation security, you can compare what you have to the SCM generated “Security Compliance” GPO using Microsoft’s Policy Analyzer.
Beyond the standard “Windows security things”, there are legacy and often unused components that linger and are carried forward from earlier Windows versions that are often no longer needed, but kept for compatibility reasons.
Error validating exchange logon credentials exchange best practices analyzer
Paul is a co-author of Office 365 for IT Pros and several other books, and is also a Pluralsight author.
Securing workstations against modern threats is challenging.
Before an Outlook client can connect to Outlook Anywhere it needs to be configured with the correct settings.
In Outlook 2010 open the Account Settings for the Outlook profile that is configured.
Previously this was known as RPC-over-HTTPS but was renamed to Outlook Anywhere in Exchange 20.
By wrapping normal Outlook RPC requests in HTTPS the connections are able to traverse firewalls over the common SSL/HTTPS port without requiring the RPC ports to be opened.
Or if you have deployed a CAS array you will need to repeat this process on all members of the array.
The external host name you choose should ideally be one that is already included in the Exchange certificate configured on the Client Access server.
Enter the External Host Name that was configured for Outlook Anywhere earlier on the Client Access server, and then configure the Proxy Authentication Settings to match the client authentication method chosen on the server.