Exchange 2016 Error assigning TlsCertificateName to Receive Connector - azure-active-directory

I have spent 10+ hours working with Microsoft's support to configure a hybrid setup between our On-Premises Exchange 2016 Server and Azure AD environments and are currently stuck on an error (see below) when trying to assign the TlsCertificateName value to the On-Premises Receive Connector.
These commands create a variable $TLSCertName that include the certificate issuer and subject values:
$TLSCert = Get-ExchangeCertificate -Thumbprint <Thumbprint>
$TLSCertName = "<I>$($TLSCert.Issuer)<S>$($TLSCert.Subject)"
Set-ReceiveConnector "<Receive Connector Name" -TlsCertificateName $TLSCertName
The error displayed when trying to execute this command is:
Cannot process argument transformation on parameter 'TlsCertificateName'. Cannot convert value "<TLSCertName>" to type "Microsoft.Exchange.Data.SmtpX509Identifier". Error:
""<TLSCertName>" isn't a valid Certificate Identifier."
+ CategoryInfo : InvalidData: (:) [Set-ReceiveConnector], ParameterBindin...mationException
+ FullyQualifiedErrorId : ParameterArgumentTransformationError,Set-ReceiveConnector
+ PSComputerName : <Server's FQDN>
Microsoft believes the problem is caused by some of the values in the certificate subject that contain quotes, i.e. OU="Hosted by CONTOSO, Inc.", O="CONTOSO, Inc.", thus causing the command to truncate the contents of the TLSCertName variable.
I have tried manually entering the argument instead of using the variable (with and without quotes), using single quotes, escaping the quotes (`"), but nothing has worked.
Has anyone come across this issue? I have tried researching online but haven't been able to find a solution.
Any help will be greatly appreciated!

So, after a few hours venturing on my own instead of working with Microsoft support I finally figured out the reason for the error by complete coincidence + guess work.
While reviewing values for the certificate's subject in EAC, I noticed when I clicked on the subject field a message popped up saying:
"In the subject of the certificate, the important value is the common
name (CN), which indicates the host that the certificate can be used
for."
The SSL certificate I'm using is a Multi-domain certificate, and since the common name can only contain up to one entry, the certificate uses a field called Subject Alternate Name (SAN) which allows multiple names to be included. Therefor there is no CN field available in the subject.
Exchange does not read/use the SAN field and wasn't accepting the command because of the missing CN (wish this was documented somewhere and their support knew it as well).
The solution was to use the contents of the TLSCertName variable in the command, and manually add the CN value to the subject section, as in:
<S>CN=contoso.com, OU=Multi-Domain SSL, OU="Hosted by CONTOSO, INC.", O="CONTOSO, Inc."...
Keep in mind the CN must exist in the SAN per standard mandates. You can read more information about this in https://support.dnsimple.com/articles/what-is-common-name/
Hope this helps someone looking for an answer for the same problem.
Now off to solve the issue that depended on this!

For anyone else finding this and having trouble with the guidance at https://social.technet.microsoft.com/wiki/contents/articles/54393.exchange-2019-set-tls-certificate-name-on-your-receive-connector.aspx, I solved the same problem by using these slightly modified commands:
$cert = Get-ExchangeCertificate -Thumbprint <THUMBPRINT>
$tlscertificatename = "<I>$($cert.Issuer)<S>$($cert.Subject)"
Set-ReceiveConnector "EX2019\Client Frontend EX2019" -TlsCertificateName $tlscertificatename
My change from the TechNet post is the addition of <I> and <S> in the 2nd line.

Related

SageMaker ValidationException : Value '[]' at 'subnetIds' failed to satisfy constraint

1 validation error detected
Value '[]' at 'subnetIds' failed to satisfy constraint: Member must have length greater than or equal to 1
I want to make Sagemaker studio Domain in Ohio region, but I got ↑ error.
I also confirmed that vpc existed (no default) and one subnet existed.
How can I fix the error? Please share your knowledge.
On the setup SageMaker Domain screen, if you've been trying with the "Quick Setup" instead try using the "Standard Setup". That got me past this issue.

"?" character in MSSQL DB getting replaced with (capital A with grave accennt) when displayed by ASP script

I'm attempting to provide support for a legacy ASP/MSSQL web application - I wasn't involved in the development of the software (the company that built it no longer exists) & I'm not the admin of the server where it's hosted, I just manage the hosting for the owners of the site via a reseller account. I'm also not an ASP developer (more a PHP guy), and am not that familiar with it beyond the basics - updating DB connection strings after server migrations, etc.
The issue is that the site in question stores the content of individuals pages in an MSSQL database, and much of the content includes links. Almost all of the internal links on the site are format like "main.asp?123" (with "123" being the ID of a database row). The problem is, starting sometime in the last 8 months or so*, something caused the links in the DB content to show up as "main.aspÀ123" instead - in other words, the "?" character is being replaced by the "À" character (capital A with grave accent). Which, of course, breaks all of those links. Note that Stackoverflow won't allow me to include that character in the post title, because it seems to think that it indicates I'm posting in Spanish...?
(*unfortunately I don't know the timing beyond that, the site owners didn't know when the issue started occurring, so all I have to go by is an archive.org snapshot from last October, where it was working)
I attempted to manually change the "?" character in one of the relevant DB records to "?" (the HTML entity for the question mark), but that didn't make any difference. I also checked the character encoding of the HTML code used to display the content, but that doesn't seem to be the cause either - the same ASP files contain hard-coded links to some of the same pages (formatted exactly the same way), and those work correctly: the "?" doesn't get replaced.
I've also connected to the database directly with the MSSQL Management Studio Express application, but couldn't find any charset/character encoding options for either the database or the table.
And I've tried contacting the hosting provider, but they (M247 UK, in case anyone is curious) have been laughably unhelpful. The responses from them have been along the lines of "durrrrrr, we checked a totally different link that wasn't actually the one that you clearly described AND highlighted in a screenshot, and it works when we check the wrong link, so the problem must be resolved, right?" Suffice it to say, I wouldn't recommend them - used to be a customer of RedFox hosting, and the quality of customer has dropped off substantially since M247 bought them.
Any suggestions? If this were PHP/MySQL, I'd probably start by creating a small test script that did nothing but fetch one of the relevant records and display it's contents, to narrow down the issue - but I'm not familiar enough with ASP to do that here, at least not without a fair amount of googl'ing (and most of the info I can find is specific to ASP.net instead).
Edit: the thread suggested as a solution appears to be for character encoding issues when writing to MSSQL, not reading from it - and I've tried the solutions suggested in that thread, none make any difference.
Looks like you're converting from UNICODE to ASCII somewhere along the line...
Have a look at this to get a quick demo of what happens. In particular, pay attention to the ascii derived from inr, versus the ascii derived from unicode...
SELECT
t.n,
ascii_char = CHAR(t.n),
unicode_char = NCHAR(t.n),
unicode_to_ascii = CONVERT(varchar(10), NCHAR(t.n))
FROM (
SELECT TOP (1024)
n = ROW_NUMBER() OVER (ORDER BY ao.object_id)
FROM
sys.all_objects ao
) t
WHERE 1 = 1
--AND CONVERT(varchar(10), NCHAR(t.n)) ='À'
;
I found a workaround that appears to do the trick: I was previously trying to replace the ? in the code with &#63 (took out the ; so that it will show the code rather than the output), which didn't work. BUT it seems to work if I use &quest instead.
One thing to note, it seemed that I was originally incorrect in thinking that the issue was only affecting content being read/displayed from the MSSQL DB. Rather, it looks like the same problem was also occurring with static content being "echo'd" by code in the ASP scripts (I'm more of a PHP guy, not sure the correct term is for ASP's equivalent to echo is). Though the links that were hardcoded as static (rather HTML being dynamically output by ASP) were unaffected. Though chancing the ? to &quest worked for those ones too (hardest part was tracking down the file I needed to edit).

Replace is not working for weird character

I use UPDATE a SET GR_P = REPLACE(GR_P,'','') FROM mytable a to replace things.
But replace function is not working for below charter:
In Query analyzer it works but when I used SSIS Execute SQL task or OLEDB Source then it is giving me error:
No Connection manager is specified.
In Toad against Oracle (since that's one of your tags), I issued this (pressing ALT-12 to get the female symbol) and got 191 as a result. note selecting it back using CHR(191) shows an upside-down question mark though.
select ascii('♀') from dual;
Given that, this worked but it's Oracle syntax, your mileage may vary.
UPDATE mytable SET GR_P = REPLACE(GR_P, CHR(191));
Note if it does not work, that symbol could be for another control character. You may need to use a regular expression to eliminate all characters not in a-zA-Z0-9, etc. I suspect you'll need to update your tags to get a more accurate answer.
Maybe this info will help anyway. Please post back what you find out.

Oracle create db link using a proxy schema

So I want to create a database link in oracle, my username is jefferson and I want to connect trough opms so I was told to do this.
create database link tmpp connect to jefferson[opms] identified by nothing using $something ;
For some reason when I try to use [] syntax it just tells me indentified is missing. Why is this not working, I was told to do it this way but I can't find any help in the official documentation for [] usage or the correct syntax.
You can create a fixed-user database link like this, but you need to enclose the entire proxy user identifier in double-quotes; and because it's now a quoted identifier the case has to match the DBA_USERS username, which is uppercase by default:
create database link tmpp connect to "JEFFERSON[OPMS]" identified by nothing using ... ;
As noted in MOS document 1477939.1 you can't create a connected-user database link (which you aren't trying to do); and the 30-character limit on identifiers applies, so the total length of both usernames plus the square brackets has to be 30 characters or less (which is also fine in your example).
However, as discussed in this related question, this functionality is currently broken in 11.2.0.4 and above because of bug 19191702.

MATLab - Database Handle is Empty

I have the following problem. At work we have personal computers running windows7 with MATLab (including the database toolbox), Oracle and so on. I got a new process I should take care about which involves a MATLab script which connects to the oracle database. The scripts works fine on any computer of the department except of mine. Sadly the IT told me that every PC is configured the same and I have to find the misstake for my one.
So i started "debugging" by checking the connection struct MATLab creates when it connects via
conn = database(instance,username,password)
It appears that the content of the structure is equal to every one else, except that the handle is empty:
val =
Instance: '***'
UserName: '*'
Driver: []
URL: []
Constructor: [1x1 com.mathworks.toolbox.database.databaseConnect]
Message: [1x128 char]
Handle: 0
TimeOut: 0
AutoCommit: 'off'
Type: 'Database Object'
on all other systems the handle is set to:
sun.jdbc.odbc.JdbcOdbcConnection
So my question is: Do I have to configure MATLab or is the driver for the JDBC/ODBC is missing? I already checked systems preferences/adminstration/ODBC sources but it seems to by the same as everywhere else.
Do someone might know how I can track down the source of this issue? Any help or hint is highly apprechiated.
Thanks and best regards
stephan
after some research here is the way one can figure it out. It is actually very easy, but I did not try the obvious...
first, if the
connection = database(...)
can not be created, type
connection.message
in the MATLab console. This message will give you additional feedback on the error. In my case the DNS entries for the oracle Databases where empty. After adding them through system preferences it worked as expected.

Resources