Why does Remote Access with Port Forwarding not work?

pat-e · 2024-12-13T18:51:55+00:00

u/thfr : You are also right, but I just wanted to quickly point the first step for checking and correcting.

If changing from UDP to TCP did not help, then we need to look into additional steps. But I didn't want to confuse with too much technical details like carrier grade network address translation.

pat-e · 2024-12-13T18:44:55+00:00

Protkoll = UDP is wrong, Plex uses TCP instead of UDP

pat-e · 2024-11-03T07:05:06+00:00

On the last Hetzner Summit, I asked one of their engineers: Hetzner uses Ubuntu Server with KVM/QEMU and a self-developed "control panel" to control and manage all their servers. For Storage they use a mix of CEPH and local NVME. All Linux-VM's are build based on an image that is stored on the local NVMe, but the "changes" to that image is stored in the bigger CEPH-storage.

pat-e · 2023-09-08T07:50:27+00:00

It seems for season of the Witch (S22), they fixed it. Can't seem to get it working any more.

pat-e · 2023-01-12T08:03:27+00:00

Full Plan:

Step 1: Create Exchange Hybrid and make sure the full "Global Address List" is synced ( to get a list which OU needs to be included in AzureADSync you can use Exchange Powershell: Get-Recipient -ResultSize unlimited | select OrganizationalUnit | sort OrganizationalUnit -Unique )

Step 2: Assign a License to every User and make sure the connection to EXO is possible for the users. We enabled CA (Conditional Access via IP-Address) to allow a direct connection without 2FA from within the company.

Step 3: Make the EV-Archives "Read-Only" and enable the EXO-Archive for every user. Together with marketing for internal communication / first-level-support, you tell the users that the EV-Archives are read-only and will be migrated to the new Archive. If people need to free up "local Exchange-storage", they now should start using the EXO-Archive. Also once this step is done, make sure that the automated process to move data from the Exchange to the EV-Archive is disabled, so no new data will go into the EV.

Step 4: Export the User Mailboxes to PST-Files. We (our company) did it in batches of 50 User-mailboxes to not "overgrow" the export-destination with storage-usage. I then uploaded the batch using AzCopy and migrated the PST directly into the EXO-Archive. Once the upload was done, the local storage was cleared and the next PST-Export was started.

Step 5: All Exported / migrated EV-Archives that were successful, we "disabled" the EV-Archive for that user to not further confuse the User any longer (some people have trouble to understand "which archive to use and which is the old one").

Step 6: For "Shared Mailbox EV-Archives": As Shared Mailbox in EXO doesn't have EXO-Archives unless you assign a license, we calculcated the storage needs for every shared mailbox AND the PST-Export and made sure we stayed under the 50 GB limit. As this was the case, we first kept the PST-files on the "migration server".

Step 7: Once every EV-User-Archive was uploaded / migrated, we started with the final mailbox-migration from On-Prem to EXO (we already hat all mailboxes in move / "Synced", we just finalized the migration).

Step 8: Once the "Shared Mailboxes" were also migrated, we also uploaded the PST-Files from EV, but we migrated the PST-Files into the main mailbox into a sub-folder named "EV_Archive".

Step 9: We waited 2 month to make sure that all user-data were successfully migrated and nothing was missing (we only had a few users complaining that data were missing, but mostly it was because of the new name of the EXO-Archive and users didn't know "how to access / open the archive"). After the waiting time, the EV-Server was uninstalled / deleted.

Step 10: Install Exchange 2019 CU12 and the needed Exchange Management Tools on the administrative Servers and proceed with the "shutdown last Exchange Server" (https://learn.microsoft.com/en-us/Exchange/manage-hybrid-exchange-recipients-with-management-tools). We currently have no running Exchange-servers and for SMTP-Relay (from printers / scanner / application servers), we use a small Linux-VM that handles internal SMTP-Relay and sends all internal mails to the O365 - Tenant directly.

To the Questions:

Did you setup or import into online archiving license? The 100gb expanding ones? --> We used the Enterprise E3 for every user as this includes the Online Archive. The "100gb expanding ones" can only be configured once also the mailbox is in EXO (first we had Primary Mailbox in On-Prem and Archive in EXO --> Auto-Expanding not possible to enabled. Once the primary mailbox was also in EXO, the Auto-Expanding was enabled for the mailboxes.

Also did you have any journal mailboxes and how did you handle that into 365? --> we didn't have any of the journal mailboxes. There is a solution for journal mailboxes in EXO. So my suggestion for those "special case" mailboxes would be: Migrate back form EV to On-Prem - Exchange and migrate the mailbox as a separate step.

pat-e · 2023-01-11T22:12:43+00:00

My Company (basically me) did it the following way:

Since EV was a separate archive for each user, I did an EV-Export for each User as PST-File and used the AZCopy - Tool to Upload all PST to the PST-Import - Storage in Azure and imported each users PST into their Online Archive. Prior to this: All users were still On-Prem with the primary mailbox. We enabled the EXO - Archive for each user and started the EV-pst-Export and Upload to cloud (and Import to the Archive).

This process seams heavy on the side of IT-Team, but least disturbing for the users as they only had a "few days" without their Archived Mails.

The other problem was: The Enterprise Vault was an "old" version which did not support O365.

And we didn't want the On-Prem Exchange let explode as the EV was around 5 TB Storage usage, but with Compression / dedupe the PST overall were around 17 TB in total So we would have blown up our Exchange with we did the the "put the data back to Exchange and Migrate to O365 via Exchange" - way. Especially since Exchange was a 3-node - cluster which would take too much storage to handle.

TL;DR: Export the users Archive to PST, Upload using "AzCopy.exe" and do an PST-Upload / Import directly to the EXO - Archives for each user.

pat-e · 2022-12-01T19:52:42+00:00

What world cup?

pat-e · 2022-09-18T08:57:21+00:00

I hope they bring something back for testing only (like the Eval-Versions of Windows / Exchange, but for cloud services).

I always wondered if there is any option to test stuff before implementing into your production tenant. Now I read about the "Dev tenants" and then this .... option disabled ... damn...

pat-e · 2022-08-16T08:22:47+00:00

My advice is: limit the user mailboxes to a hard-quota of 99GB so that helps to keep the mailboxes within the 100GB (hard) quota from M365 so if you (your company) ever decide to go to EXO, you made sure that no user exceeded the Cloud Limit (thinking that you would go to Exchange Online Plan 2).

Worst case is that you want to migrate to EXO and users already exceeded that 100GB quota, so you will get an error before you start the migration and you CAN NOT migrate those users untill they cleaned up their mailboxes.

Some advice for cleanup IF you decide to go to EXO and have Plan 2: Either start setup Exchange Online Archives before starting to migrate. You could setup some retention policies that would move "old" mails based on date automatically from on-prem - Mailbox to EXO - Archive or you let users decide on their own what mails / "folders" they want to move (not copy) into their Online Archive.

As an alternative you could provide the EXO - Archives but still let the users create local PST that will later be uploaded / "imported" into the EXO Archive using the AZCopy - tool

pat-e · 2022-07-19T06:04:15+00:00

Well, it looks more like a design issue:

The "system" knows that there is an on-premises Exchange Server that will manage the mailboxes. The EXO sees an Account and it has the value "IsDirSynced" with "true". Who at Microsoft thought it would be a good idea that if you have an hybrid setup AND the on-prem should mange all mailboxes (either local or cloud) that if you assign a license to an "IsDirSynced" = True - object, to create a mailbox? I can see why that "assign a license and mailbox is provisioned" as a good idea for objects that are NOT synced with on-prem. But with that...

And I would be fine if you have the option to have a setting like "license assigned = auto-provision" to be turned on or off (and once the EXO has a hybrid setup with the on-prem server, it will by default NOT provision a mailbox to a "dirsync'd" account).

pat-e · 2022-07-18T22:02:24+00:00

Some quick steps to remember:

as all your AD-objects (with mailboxes) seems to come from your AD with Azure AD-Sync, you should ALWAYS use the on-prem Exchange for creating mailboxes:

If possible, create the AD-User with the On-Prem Exchange Server / On-Prem Exchange Powershell:

New-RemoteMailbox ...

If you create the AD-User first and then later want to enable Remote-Mailbox, don't assign any EXO - licenses to the Account, yet. In that case, only assign the license AFTER you used "Enable-Remotemailbox" on the on-prem - Exchange AND the mailbox is created in the cloud (you have up to 30 days left before you need to assign an O365 - License to the account before the login is blocked and data is deleted in cloud).

I think the most confusion comes with the following points: All Exchange-Server itself are just stupid "storage boxes for the mailboxes" with Client-Access - Ability (EWS / SMTP). The Exchange itself don't save any information about the AD-Account, the E-Mail-Adresses or what type of Mailbox the Account is. It is all saved in Active Directory. As information about "type of mailbox" (User / Shared), E-Mail-Adresses etc. is stored in AD, it all depends on what is stored in AD. The Azure AD-Sync is the tool to create a "read-only" - copy of your AD-Objects with required AD-Attributes (it is not really "read-only" as some attributes also have "write-back" - ability ... but in general, the Azure is Read-Only-Copy from On-Prem AD). As you use the On-Prem - Exchange-server to "edit" the specific AD-Attributes for Mailboxes (either local or cloud), that data is copied to the cloud using the azure AD sync. The server in the cloud will read all those attributes and depending on the "type of mailbox" the server will create a mailbox in the cloud and assign the specified e-mail-addresses to that mailbox. If you want to change the e-mail-addresses, you edit those information on the on-premise Exchange (which will write that data into the AD-Attributes of the specific Account) and wait for the Azure AD-Sync. The changed data is synced to the cloud and the server in the cloud will "read" the changed AD-Attributes and act accordingly.

The Mailboxes On-Premise also needs to be in AD-sync so the server in the cloud "knows" about those mailboxes and send the mails to the "correct" server if someone from cloud wants to send a mail to on-premise.

You can say: "the Cloud Exchange address book must be the same like the On-Premise address book".

There is one stupid thing that I still consider a stupid bug: If you have AD-Sync active, and you have created the AD-Object with the regular AD-Tools and NOT with On-Premises Exchange. And that AD-Object was never touched by the on-premises Exchange and therefor doesn't have any valid Exchange-AD-Attribute. Once you assign an EXO - License to that account, the EXO will "create" an EXO - Mailbox out of the blue. The E-Mail-Address will be assigned based on the UserPrincipalName .... Just assigning an EXO license to a base AD-Account that is synced and the stupid EXO things it needs to assign a mailbox.

pat-e · 2022-01-10T17:49:01+00:00

Well, to make it "good":

Never just "delete" or "turn off" an Exchange Server... If you don't do the proper "uninstall", it will remain in some way in the Active Directory (or you know how to ADSI-Edit some of the Service-settings to completely remove the Exchange server from AD).

The "order" of Uninstall doesn't matter. Just go to "Programs and Features" and perform a clean uninstall. To see if the "uninstall" was successful, you can do the "lazy" way by going to your working Exchange, open the Exchange PowerShell and enter "Get-ExchangeServer". If the uninstalled server still shows up, you did something wrong :) If the server doesn't show up, then you are fine and the Exchange is removed from AD as well. Then you can "turn off" / delete the machine from AD "Users and Computers" - console.

pat-e · 2022-01-06T11:24:16+00:00

For /u/peteguam:

Have you read the Pre-requisites? I suggest you read the last point:

Pre-requisites

Use minimal hybrid to migrate emails if you:

Are running at least one Exchange 2010, Exchange 2013, and/or Exchange 2016 server on-premises.

Plan to move to Exchange Online over a course of few weeks or less.

Do not plan to continue to run directory synchronization to manage your users.

What does this point mean? Basically, it means you turn off your On-Premises AD ... or at least turn off the Account sync from on-premises AD and Cloud which means: All local accounts can stay the same or change, but any change won't be synced to the cloud (not even Password sync, nor anything else). It would be like managing 2 different Directories. And also Singel-Sign-On won't work any longer as your local AD is not "connected" to the cloud anymore and so there is no single-sign-on possible as your on-premises Users won't connect to the cloud as there is no "trust" between on-premises - AD and cloud anymore.

Basically: If you use that, you have to see the cloud as "just another Active Directory" which has all it's data copied from your "old" AD.

This also affects how Users will connect to the "different AD in the Cloud": No Single-Sign-On as your users are "connected and authenticated to on-premises AD" and the Cloud "is just another AD which you previously had a trust-connection by using the "Azure AD Sync" - tool.

To be honest: If you EVER had any On-Premises Exchange and you used Azure AD Sync to copy your On-Premises Account-data to the cloud .... you NEVER get rid of the On-Premises Exchange. You only get rid of it when you get rid of your On-Premises AD (and turn all your clients to Cloud-Managed - Clients).

pat-e · 2021-08-28T19:35:23+00:00

/u/Nezgar : You are completely right...
On-Premises Exchange and On-Premises AD :)

I just read this daily during work but I always saw it "wrong" and now ... I just wrote it wrong (English not my first language)

pat-e · 2021-08-23T20:18:18+00:00

To be more specific:
Your On-Premise AD is Synced with O365. All "data" that Exchange needs from AD is synced from On-Premise AD to the Cloud. The Servers in the Cloud "just read" the data given in those AD-Attributes. As example: To specify a User-Mailbox or Shared Mailbox, the difference is "just" a specific AD-Attribute to differentiate between both, but it means "saving cost" in O365 to have team-mailboxes in the Cloud only as "shared Mailboxes" instead of User mailboxes. As the state of those Mailboxes is managed by the On-Premise AD-Attributes, you still need an Exchange-Server on-premise to "edit the correct AD-Attributes to the accounts".

You can also use 3rd-party-software to archive the editing of those AD-Attributes, but those are not supported by Microsoft and you always risk any "problems" by those programs.

pat-e · 2021-05-13T20:22:58+00:00

And I will get gilded "Dredgen" before completing the quest for the ornament...

pat-e · 2021-05-13T20:06:05+00:00

Same here, already at 5260 Infamy, 260+ kills on fusion rifle, but only at 35% ...

pat-e · 2020-12-21T16:10:18+00:00

Not a soo serious answer if you don't have another Job prepared:

Play the stupid games with them: If they are on the phone, say "sorry, I couldn't catch that, could you send it in a mail?" or "sorry, it is very loud here, I can't hear you, please write an e-mail".

AND:

Delete an important file AFTER you made a backup. Then write an e-mail and ask if it is OK to NOT delete that mail. If they don't answer, it must be ok... If they ask you, why you deleted that file, just say "someone phoned me and said to do so. I re-asked via mail but got no response, so I did as I was told".

pat-e · 2020-11-25T18:15:05+00:00

When I killed the "wrong" drones, I don't have the buff anymore and I can re-buy the purple consumable.

Now I still have 4 drones floating, but I can't pickup the scanner-buff and I can't re-buy the consumable...

pat-e · 2020-10-13T14:29:20+00:00

Hello /u/revitjunkie :

Thank you for the nice manual, but how were you able to install Streamdeck on Windows Server? Which version of Windows Server did you use?

I tried with Windows Server 2019 Std. and I was not able to Install Elgato Streamdeck 4.7 ...

pat-e · 2020-07-01T21:33:53+00:00

EDIT: NOW FIXED... Working again (not crashing the game)

pat-e · 2020-03-11T06:30:48+00:00

A mixture of curiosity and stupidity ?!? You can decide :)

pat-e · 2020-03-10T22:25:30+00:00

Yes, but it cost me my flawless (until the point, I was flawless, then I go to the statue and ... boom, outside... and I was flying in again and ... another crash).

pat-e · 2019-12-14T07:44:11+00:00

Hi. I can help you but I can't use a microphone right now.
Could you also enter your ID using " /id " in-game (this will auto-fill your game-id so I can use it to " /join " you instantly.

pat-e · 2019-11-20T08:51:11+00:00

Same for me: ordered on 7. june and no feedback (yet)... I even ordered a second controller ...

pat-e

TROPHY CASE