ERR_SPDY_INADEQUATE_ TRANSPORT_SECURITY

I installed Exchange 2016 in a test environment and used a SSL cert from namecheap.com for securing OWA. Upon loading OWA in Firefox I got the following error:

ERR_SPDY_INADEQUATE_TRANSPORT_SECURITY

Firefox will throw this error when its using an inferior encryption protocol such as SSL 3.0, TLS 1.0, TLS 1.1

I wanted to force the server and clients to use TLS 1.2 for best security. The following article below from Exchange Team Blog goes into more detail and the required changes to get it working. I did have to reboot the Exchange server after making the registry changes, an IIS reset was not enough.

https://support.microsoft.com/en-us/kb/245030

Exchange TLS & SSL Best Practices

HP finally admits Firmware Update in Intelligent Provisioning is broke

I have been working with HP servers for 10+ years.  The hardware is generally good, however with anything HP, their website, software, and support is terrible.

I have a few new DL380p Gen8’s i am re-provisioning and booted into Intelligent Provisioning and wanted to update all the firmware.  Now I am aware of HP SPP, but why have Intelligent Provisioning if i have to download a 6GB SPP ISO, copy it to DVD, and go through that entire process.

So I opened a ticket with HP, they said it wasnt a problem, 3 weeks later they emailed me asking if there was anything else and if i could close it.  Well i responded, and at the bottom it gave me several other emails that i decided to CC on the email.

Well someone from HP actually called, and i spoke with them several times on the phone, after frustratingly explaining many times the issue, and asking if they are actually trying this on their servers, and them not understanding how their own products work, they went and spoke with another team.  Finally after 5+ attempts they finally emailed me the following:

“Yes, you are correct. When we click on the Firmware update button, it tries to connect “ftp.hp.com“(No information about the Port number being used here).
Now the concern is that the FTP location(Which is like a Repository of all the files) is no longer available after the HP separation. 
The concerned Team is working on it, however we don’t have an ETA for the same. The only workaround is to use SPP as in an iso or FTP to update files accordingly. “

I replied back:

“OK, please let me know when the Firmware Update button in Intelligent Provisioning is working again

I would send out an email to your customers as well that you are aware of the issue and working on fixing it, since this probably affects everyone with an HP Gen8 or Gen9, customers would appreciate that info as they are often frustrated with HP things not working correctly, especially your website.”

New users not showing up in OAB but show in GAL in OWA

Event ID 9320
OALGen could not generate full details for some entries in the offline address list for address

Get-OfflineAddressBook – Identity “Default OAB” | fl
GUID: 2e91c924-5590-4013-94a2-0dc08fe9285e

I checked the OAB folder on the Generation Server, and the 2 distribution servers, and noticed one of the distribution servers had files that were not modified with todays date, but the generation server did, as did one of the distribution servers.  So it appears to be a replication issue.

D:\Program Files\Microsoft\Exchange Server\ClientAccess\OAB\2e91c924-5590-4013-94a2-0dc08fe9285e

Our 2 HUB servers are set as the OAB Distribution points, but is showing files last modified 10/11/2016 while the other is today, 10/12/2016.  So there seems to be a replication issue between them.

I ran Update-FileDistrubtionService – Identity EXCH01 -Type OAB
This ran about 15 minutes and didn’t finish

On the server without the updated OAB lzx files I restarted the Microsoft Exchange File Distribution service

The lzx files last modified date then updated to today’s date.

From my Outlook i downloaded a new copy of the OAB from Send/Receive and tested by creating a new email and confirming the user missing was now available