Exchange 2013 pre-authentication & Reverse Proxy Options

Similar Messages

• Exchange 2013 using ARR reverse proxy OWA options won't open

  Hi,
  I've been using the exchange team's blog post (http://blogs.technet.com/b/exchange/archive/2013/08/05/part-3-reverse-proxy-for-exchange-server-2013-using-iis-arr.aspx)
  as a guidelin on configuring my ARR deployment in my lab.
  Everything was working perfectly right until i got the last part of the blog on restricting the pattern matches.
  The rewrite rules all work fine and everything is working as expected with the excpetion of the fact that i cannot access the options in OWA. ECP itself works great if i access it via the
  https://ecp.domain.com/ecp url, but as soon as i use the https//mail.domain.com/ecp it just wont display anything.
  Looking at the failed request logs it just shows that it executes a 302 rewrite to ecp.domain.com, which is what i would expect it to base done rewrite rule matching
  https://mail.domain.com/ecp to the ecp.domain.com server farm.
  If i look at the iis logs it looks like it's getting into some sort of loop (the section below is about a 10% of a single attempt to access the options pages:
  2014-06-28 12:25:38 xxx.xxx.xx.xxx GET /ecp/ rfr=owa&X-ARR-CACHE-HIT=0&X-ARR-LOG-ID=6983c585-b0ea-4fd0-9bb1-fc747ee8e992 443 - xxx.xxx.xx.xxx Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+6.2;+WOW64;+Trident/6.0;+.NET4.0E;+.NET4.0C)
  - 302 0 0 15
  2014-06-28 12:25:38 xxx.xxx.xx.xxx GET /ecp rfr=owa/&X-ARR-CACHE-HIT=0&X-ARR-LOG-ID=d32a3a4f-d8a6-4712-91d4-56360be33793 443 - xxx.xxx.xx.xxx Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+6.2;+WOW64;+Trident/6.0;+.NET4.0E;+.NET4.0C)
  - 302 0 0 0
  2014-06-28 12:25:38 xxx.xxx.xx.xxx GET /ecp rfr=owa//&X-ARR-CACHE-HIT=0&X-ARR-LOG-ID=14797897-f1ad-454a-b73c-fde041a43d2b 443 - xxx.xxx.xx.xxx Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+6.2;+WOW64;+Trident/6.0;+.NET4.0E;+.NET4.0C)
  - 302 0 0 0
  Did anyone ever run into something like this? Or have an idea where i may have made a mistake? I've tried everything i could think of.
  The rewrite rules i have in place are basically exactly the same as the exchange team's blog but just in case i overlooked somehthing, please se the image below.
  thanks in advance for your time

  Hello,
  I wanted to see if anyone has any suggestions on reverse proxy options that can do pre-authentication like TMG use to do? I am currently trying to deploy out a new Excahnge 2013 setup in coexistence with an existing Exchange 2010 environment
  which will then be migrated over. And one of the requirements is to block certain users from accessing webmail externally while still allowing others to access webmail. That is currently achieved by using a TMG server but that is going to be decommissioned
  along with Exchange 2010.
  I have been searching online but so far I have not found anything that seemed to meet this requirement. I have seen that IIS Web Application Proxy tied in with AD FS would do the job. But there is some issue there with Excahnge 2010 still being active that
  won't allow it to work. Some suggestions I have seen online involved changing permissions on the IIS directory or modifying web config files but those options didn't seem like they provided a consistent result.
  So I am looking for some sort of option that is either inexpensive or some means of leveraging existing Microsoft technologies to achieve my goal any suggestions would be helpful.
  Nicholas,
  How about IIS ARR?
  http://blogs.technet.com/b/exchange/archive/2013/07/19/reverse-proxy-for-exchange-server-2013-using-iis-arr-part-1.aspx
  http://blogs.technet.com/b/exchange/archive/2013/08/02/part-2-reverse-proxy-for-exchange-server-2013-using-iis-arr.aspx
  Twitter!: Please Note: My Posts are provided “AS IS” without warranty of any kind, either expressed or implied.

• Lync 2013 edge-no reverse proxy question

  I deployed lync 2013 edge server and no reverse proxy yet.I am trying to connect from my windows 7 machine with no luck and I can see a top reset on the firewall,my question is is reverse proxy required for the normal client to connect and do basic IM?
  Plz confirm.thx

  *****Update**********
  now when i am trying to test connevity using microsoft connecvitry analyer i am getting error realted to the external certifictare stating that " certificate couldn't be validated because SSL negotiation
  wasn't successful. This could have occurred as a result of a network error or because of a problem with the certificate installation." with UC troubleshotter i am getting the same.any idea?
  PS certificate is from Digi
  cert and i have checked the installation with thier tool and all was green
  regards
  The certificate couldn't be validated because SSL negotiation wasn't successful. This could have occurred as a result of a network error or because of a problem with the certificate installation.
  The certificate couldn't be validated because SSL negotiation wasn't successful. This could have occurred as a result of a network error or because of a problem with the certificate installation.
  The certificate couldn't be validated because SSL negotiation wasn't successful. This could have occurred as a result of a network error or because of a problem with the certificate installation.
  The certificate couldn't be validated because SSL negotiation wasn't successful. This could have occurred as a result of a network error or because of a problem with the certificate installation.
  The certificate couldn't be validated because SSL negotiation wasn't successful. This could have occurred as a result of a network error or because of a problem with the certificate installation.
  The certificate couldn't be validated because SSL negotiation wasn't successful. This could have occurred as a result of a network error or because of a problem with the certificate installation.
  The certificate couldn't be validated because SSL negotiation wasn't successful. This could have occurred as a result of a network error or because of a problem with the certificate installation.
  The certificate couldn't be validated because SSL negotiation wasn't successful. This could have occurred as a result of a network error or because of a problem with
  the certificate installation.

• Exchange 2013 - RCA reports RPC Proxy can't be pinged (404)

  Hi, I've searched extensively and spent hours trying to fix my problem and nothing in the forums has addressed yet. 
  I have a new exchange server 2013 SP1 and Outlook 2013 clients can't connect. Outlook states Exchange Server is Unavailable. 
  This led me to Microsoft RCA. RCA reported that the RPC Proxy can't be pinged with a 404 error. But I CAN visit the server RCA references a step or two above and am treated to a white page, no 404. (
  https://xch.domain.com/rpc/rpcproxy.dll?xch.domain.com:6002 )
  I have set ExternalAuthenticatoin to Negotiate and internal to NTLM, I have set outlookProvider to 
  [PS] C:\Windows\system32>Get-Outlookprovider
  Name                          Server                        CertPrincipalName             TTL
  EXCH                                                        msstd:*.domain.com       1
  EXPR                                                        msstd:*.domain.com       1
  WEB                                                                          
              1
  The SSL Certificate is a trusted one, the External URL is set properly in the server settings via ECP as well.
  Any ideas would be greatly appreciated. I'm tired and incapable of listing all of the steps I've tried, but if you know of any tips for troubleshooting and fixing RPC Ping issues, I would love to hear them. 
  Thanks!

  Hi,
  How about OWA, does it works well?
  1. If OWA doesn't work, please check wether the Outlook Anywhere has been enabled.
  It seems you have configured Outlook Anywhere as below. If not, please change the configuration.
  Does the whole error message like this:
  Attempting to ping RPC proxy mail.contoso.co.nz.
  RPC Proxy can't be pinged.
  Additional Details
  A Web exception occurred because an HTTP 404 - NotFound response was received from Unknown.
  Please make sure the configuration as below:
  Set-OutlookAnywhere
  ExternalClientAuthenticationMethod : Negotiate
  InternalClientAuthenticationMethod : NTLM
  IISAuthenticationMethods : {basic, ntlm, negotiate}
  Set-OutlookProvider
  Name                       Server                      CertPrincipalName            TTL
  EXCH                                                       
  msstd:*.contoso.co.nz     1
  EXPR                                                       
  msstd:*.contoso.co.nz      1
  WEB                                                                                                1
  More details in the following link:
  Exchange 2013 Outlook Anywhere (RPC) Settings
  http://infused.co.nz/2013/05/13/exchange-2013-outlook-anywhere-rpc-settings/
  Disclaimer:
  Microsoft is providing this information as a convenience to you. The sites are not controlled by Microsoft. Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there. Please make sure
  that you completely understand the risk before retrieving any suggestions from the above link.
  2. If the method 1 doesn't help, please collect some related error message in App Log without sensitive information for the further troubleshooting.
  3. If OWA works well, just Outlook doesn't work, I suggest try to run 'Test-OutlookConnectivity' command in EMS to verify the connectivity between Exchange server and Outlook client. Please paste the details without sensitive information if there is any
  abnormal.
  4. Please also run 'Test E-mail AutoConfiguration' on Outlook to verify whether there is anything abnormal.
  Thanks
  Mavis
  If you have feedback for TechNet Subscriber Support, contact
  [email protected]
  Mavis Huang
  TechNet Community Support

• Exchange 2013 new batch migration missing option

  I installed exchange 2013 for a client about a month ago.
  Everything went well and they are using the New exchange .
  When using the new migration batch option I discovered I had an 3 option on the " start the batch" screen.
  The option was to " Start the batch automatically after time: " and it let me choose a time to start it.
  This option work great for those boxes I need to move at night.
  I am in the process of doing the same thing for a different client and the above option is missing.
  Does anyone know why I do not have this option. I have done the install the same as the first one.
  Installed using CU5. and all install options and config in the same.
  I look forward to your input

  Hi,
  What’s your Exchange version?
  I tested in my lab, Exchange 2013 CU1, there is no the “Start the batch automatically after time:” option to choose.
  Best regards,
  Belinda Ma
  TechNet Community Support

• Lync 2013 Edge and Reverse proxy on same server with SNI

  Hello
  I cannot find information if it is possible to create a single Lync 2013 Edge server with a Reverse proxy on the same server?
  Would it not be possible to share port 443 with SNI support? That way we could use only one public IP?
  Thanks!

  Sorry, it doesn't work.  Remember that 443 isn't HTTPS for the Edge.  If you went with the single IP model for the edge, 443 would be used for the A/V role which would be STUN/TURN. 
  The edge will always want to listen on 443, it just doesn't work to collocate a reverse proxy.
  Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question please click "Mark As Answer".
  SWC Unified Communications
  This forum post is based upon my personal experience and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.

• Reverse proxy OPTIONS request

  Hi all,
  After recommendation, I am using the reverse proxy in Sun Web Server 7.0 to send requests to my web application in Tomcat. In my Tomcat web.xml, I have configured all requests (no extension or path) to be handled by a dispatcher servlet. I have a session filter which needs the HTTP host to setup the session correctly. This works fine but every so often I get a null pointer exception. On closer inspection, I can see this in the error log:
  [28/Sep/2009:22:26:31] info ( 2308): trying to OPTIONS http://localhost:90, check-http-server reports: HTTP7750: server localhost:90 online
  Is this the reverse proxy? Can I get round this somehow without changes to my application?
  Thanks,
  Surjit

  I'd fix the Servlet filter. It sounds broken. I think I may have to do something in the servlet filter like ignore requests with OPTIONS methods. I'll try to give a bit more explanation; we are supporting multiple countries so we have the following domains:
  http://uk.mysite.com/
  http://fr.mysite.com/
  http://de.mysite.com/
  etc.
  These domains all point to the same webserver and java requests are reverse proxied to the same Tomcat web application as we have a single codebase that serves all countries. The web application session filter will use the country code from the server host (e.g. xx.mysite.com) to setup the session so we can show the correct language to the user.
  The reverse proxy setup has been setup like this in obj.conf:
  <Object name="reverse-proxy-/">
  Route fn="set-origin-server" server="localhost:90"
  </Object>I use localhost as I don't need to specify any country specific domain here. This works fine but the reverse proxy health check will send localhost as the server host to the tomcat instance. The session filter tries to map localhost in our country lookup mapping which doesnt exist and then throws a null pointer exception.
  That said, I get the impression you want to send
  requests to a single Tomcat instance on the local host. No, this is just for development purposes. In production we will use the reverse proxy to load balance over 4 JBoss servers so we will need the set origin SAF.
  Thanks,
  Surjit

• Exchange 2013 // Error 500 when login OWA through ARR2.5 or other reverse proxy solution

  We install a new Exchange 2013 server with CU2 in our Exchange organization with a single Exchange 2007 server. We use a reverse proxy solution for publishing Outlook WebApp and sync. Internal Outlook WebApp works fine, but when we login from internet,
  we get the error:
  ":-( Something went wrong"
  In the address bar, we see the following URL:
  https://webmail.company.com/owa/auth/errorfe.aspx?httpCode=500
  When we try to login on https://webmail.company.com/ecp, it works fine. But OWA fails.
  Login on legacy mailboxes works fine. When we login on the new Outlook WebApp URL, we automatically forwarded to the legacy URL.
  We try the following reverse proxy solutions:
  Citrix Secure Gateway 3.3 on a Windows 2008 server
  ISS ARR on a Windows 2012 server (http://blogs.technet.com/b/exchange/archive/2013/07/19/reverse-proxy-for-exchange-server-2013-using-iis-arr-part-1.aspx)
  Is there anyone that knows how I can troubleshoot this problem?

  Hi
  Mostly looks like this is host (A) issue.You can check the below things
  Just check of the mail host (A) record is created on internal DNS server and ensure its pointed to new Exchange 2013 server.
  If the mail host (A) record is pointing to old exchange 2007 server just modify it and make it to point to new Exchange 2013 server
  Check the DWS directory in edit binding if loopback 127.0.0.1 is added if not add them
   Please mark as helpful if you find my contribution useful or as an answer if it does answer your question.That will encourage me - and others - to take time out to help you.
  Regards,
  Sathish

• Exchange 2010 OWA usage in Exchange 2013

  Hi,
  I have Exchange 2010 with Sp3 Currently running in environment, Now we have plan to Migrate it to Exchange 2013.... Total number of mailbox is around 26000.
  Before Migration we want below things to keep in mind...
  1. We want to Use existing exchange 2010 OWA url ( mail.abc.com ), How to accompolish this as it will take couple of months to migrate all mailbox ?
  2. Can i use my Existing Exchange certificate to get the above goal done ?
  3. What will be the steps and pre-requsite to achieve the Goal ?
  An Early reply would be appreciated !! 
  Amit

  Hi Amit 
  First Change SCP of Exchange 2010 CAS VIP to Exchange 2013 CAS VIP.
  Configure external  DNS records accordingly.DNS entries should be pointed to Exchange 2013 CAS from Exchange 2010 CAS.
  Ensure that you are having a seperate name for CAS array from external ews url
  Outlook Anywhere should be enabled and Url should be external URL which points to Exchange 2013.
  Authentication for OUtlook Anywhere should be - NTLM
  for OWA exchange 2010 - FBA and windows 
  Point your new CAS server to the firewall or TMG . Now from exchange 2013 all request will be proxied to 2010 users 
  You cannot use the same certificate . YOu need to add seperate entries as the host name for new servers will vary
  Apply a new certificate with all the required site names included in Exchange 2013 CAS.
  Whats more you can refer my blog as well 
  http://exchangequery.com/2014/05/02/things-to-consider-before-configuring-autodiscover-in-exchange-20102013-coexistence-scenarios/
  Cheers :)
  Remember to mark as helpful if you find my contribution useful or as an answer if it does answer your question.That will encourage me - and others - to take time out to help you Check out my latest blog posts on http://exchangequery.com

• Exchange 2013 cros site blank page OWA/ECP

  Hello,
  I have an issue with a fresh installation of Exchange 2013 SP1.
  The are two AD site in different cities, connected by WAN link (site-to site VPN organized by Cisco ASA).
  I installed two Exchange servers in Site A (MBX1 and MBX2, both with MBX+CAS roles), and one Exchange server MBX3 in Site B (also both with MBX+CAS roles).
  Each Exchange hosts its own mailbox database (DB1, DB2, DB3 respectively), there are no DAG.
  Users spread over all databases. For example, user1 has mailbox in DB1, user2 - in DB2, user3 in DB3.
  When user1 opens OWA/ECP on CAS server MBX1 or MBX2, he successfully get into his mailbox.
  But, if user1 opens OWA/ECP on CAS server MBX3, he get blank page (no error at all).
  And vise versa:
  When user3 opens OWA/ECP on CAS server MBX3, he successfully get into his mailbox.
  But, if user3 opens OWA/ECP on CAS server MBX1 or MBX2, he get blank page (no error at all).
  I know, that Exchange 2013 is able to proxy request cross site.
  Where are no custom redirects set on IIS.
  Also I check IIS (Back End Site) for right certificate.
  There are no error in Windows Event log and IIS event Log.
  All ports are allowed between sites.
  Everything looks good.
  What I did wrong? May be I need to enable cross-site OWA proxy in Exchange somewhere?
  Or it is a CISCO ASA misconfiguration?
  Any help would be appreciated!
  Thank You!
  Pavel

  Hi,
  Firstly, I’d like to confirm if all your Exchange server are internet facing servers.
  We can try to clear the Forms based authentication on the non-internet facing server.
  And here is a similar thread you can refer to:
  http://social.technet.microsoft.com/Forums/exchange/en-US/85983a21-3922-46f4-b64a-d53c0a2271a7/issues-with-crosssite-cas-redirect-of-owa-users?forum=exchange2010
  Thanks,
  If you have feedback for TechNet Subscriber Support, contact
  [email protected]
  Angela Shi
  TechNet Community Support

• Help with Apache Reverse Proxy configuration with SAP Portal and SAP Webgui

  Dear Experts,
  I have an issue configuring Apache to work with SAP Portal and ERP webgui. Accessing Portal through Reverse Proxy is working fine. But the problem arises when we try to open an iView ERP webgui transaction page from Portal with the Reverse Proxy. Have anyone implemented similar requirements and could advice on the configuration required on the Apache side? Thank you

  hi,
  pls check the below links for reference:
  https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/docs/library/uuid/24396589-0a01-0010-3c8c-ab2e3acf6fe2
  searchsap.techtarget.com/searchSAP/downloads/chapter-december.pdf
  1)Learn to implement the reverse proxy filter and portal gateway in SAP Enterprise Portal 6.0 on Web Application Server 6.40.
  https:/.../irj/sdn/nw-portalandcollaboration?rid=/webcontent/uuid/006efe7b-1b73-2910-c4ae-f45aa408da5b
  .2 )Configuring the Portal for Your Reverse Proxy Filter Solution . ... This document describes the reverse proxy filter mechanism in SAP Enterprise ...
  https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/32ad9b90-0201-0010-3c8a-c900cd685f8f
  3)have full reverse proxy functionality. Possibly. filter. requests. Internet ... Reverse proxy (optionally with authentication etc.) ...
  https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/docs/library/uuid/c066c390-0201-0010-3cba-cd42dfbcc8be
  Note:please reward points if solution found helpfull
  Regards
  Chandrakanth.k

• SSL for Exchange 2013 with ARR

  Hi,
  Need advice on the number of SSL i would need to purchase.
  I know that I require to have a SSL with example: mail.domain.com & autodiscover.domain.com
  How about the ARR server that I will be setting up. Refer to http://social.technet.microsoft.com/Forums/exchange/en-US/fe8d1aae-a3c9-432a-a139-7b770cb07576/new-exchange-2013-setup-vmware?forum=exchangesvrdeploy
  do i need to have a SSL cert for the ARR server?
  Thanks in advance!

  Hi,
  Just like all above saying, we do not need to generate a new certificate for IIS ARR server. We can configure
  all protocols (OWA, ECP, EWS etc) published with the mail.domain.com
  namespace.
  When install IIS, we can export the Exchange certificate (from a CAS) and import the certificate to the local machine certificate store on the IIS Reverse Proxy, together with any required root or intermediate certificates. For more information
  about it, here is a detailed article we can refer to:
  Reverse Proxy for Exchange Server 2013 using IIS ARR
  http://blogs.technet.com/b/exchange/archive/2013/07/19/reverse-proxy-for-exchange-server-2013-using-iis-arr-part-1.aspx
  Thanks,
  Winnie Liang
  TechNet Community Support

• Certificate and Reverse Proxy

  Hi everyone,
  I'm trying to configure a Push Mail solution with my Iphone 2 (2.1) in my company.
  The goal is to access my Exchange server through a reverse proxy with a certificate for authentication.
  FIRST TEST:
  - Set up configuration on the Iphone to connect a public IP adress as Exchange Server.
  - On the reverse proxy, this IP is forwarded to the Exchange Front-End server.
  - On the reverse proxy, NO certificate configured for authentication -> It's working fine ! I can see my e-mails&calendar on my Iphone !
  Bad solution for security reasons...
  SECOND TEST:
  - Activate certificate on the reverse proxy.
  - Install the certificate on the Iphone with Web Configuration utility: The certificate is shown in the General Tab on the Iphone.
  - Trying to connect, ERROR... I can see in the event log of my reverse proxy that no valid certificate from my Iphone were submitted.
  Any idea why the Iphone doesn't send the certificate to allow authentication on my reverse proxy ?
  Thank you,
  Stan

  Kristoffer,
  The answer will depend on how you have NGINX configured from a reverse proxy standpoint.  The certificate will need to match the hostname entered on the client in this case sapmobile.customer.com.   Since the traffic from the client will never get directly to the SMP 3 server the certificate should be installed on the NGINX installation as this is where the Agentry client will connect to and receive the certificate to validate against the hostname entered.
  NGINX will need to also be configured to validate the connection between itself and SMP 3.0 or to ignore the certificate if it doesn't trust it.
  The certificate on the SMP 3 server should be able to stay as the internal machine name assuming NGINX is acting as a true proxy and not just passing traffic through to the SMP 3 server.
  Unfortunately I am unable to open the link you included on SDN to review what it says.
  --Bill

• Double prompts for Exchange 2013 migrated users: "The microsoft exchange administrator has made a change that requires you to restart outlook"

  I have Exchange 2010 SP3 in my environment and am migrating to Exchange 2013. Whenever a mailbox is migrated, the Outlook 2013 client will prompt the user with a "the exchange administrator has made a change that requires you to restart
  Outlook". When the user does so, he or she is prompted again. After he or she closes and reopens Outlook for the second time, the issue is gone permanently.
  I've seen a number of other posts about repeated prompts like this but I haven't yet found one or someone gets exactly 2 prompts for each client and no more.
  A couple of pieces of information that may be relevant:
  1. On exchange 2013, the authentication method for the internal host name is NTLM
  2. I have not yet migrated public folders from Exchange 2010. I plan to do that after the mailbox migration is complete.
  Thanks in advance for your help.

  Hi,
  From your description, after mailboxes are moved from Exchange 2010 to Exchange 2013, users receive the following prompt when opening Outlook.
  The Microsoft Exchange Administrator has made a change that requires you quit and restart Outlook.
  In order to solve this issue, you need to apply the Outlook update that is described in KB 2863911.
  For your reference:
  Outlook 2013 cannot connect after an Exchange Server 2010 mailbox is moved to Exchange Server 2013
  https://support.microsoft.com/kb/2934750?wa=wsignin1.0
  Hope this can be helpful to you.
  Best regards,
  If you have feedback for TechNet Subscriber Support, contact
  [email protected]
  Amy Wang
  TechNet Community Support

• Outlook 2010 behaves strange with exchange 2013

  Hello,
  I imported a san certificate with a domain name for local use. This is exchange.xxxx.xx . This is also a A-record pointing to the same ip of the actual server.
  The name of the exchange server itself is mail01.xxxx.xx .
  My laptop is not a part of the domain. When i want to add my mailbox i use exchange.xxxx.xx for the server. My username can't be resolved. When i use the name of the server mail01.xxxx.xx then it works.
  I tested this with outlook 2013 and exchange.xxxx.xx could resolve my mailbox.
  So for outlook 2010 i need to use the name of the server where exchange 2013 is installed.
  For outlook 2013 i can use the alias exchange.xxxx.xx.
  Anyone has any idea ? It's not blocking. We haven't started the migration yet :p

  Hi,
  Based on my knowledge, in Exchange 2013 environment, the server name option is filled with the new type"mailbox GUID+@+ the domain portion of the user's primary SMTP address" when we configure the Exchange account in Outlook client.
  In your case, I recommned you add the following record in the host file of the computer which installs the Outlook 2010: the host name Exchange.domain.com points to your server IP address .
  Thanks,
  If you have feedback for TechNet Subscriber Support, contact
  [email protected]
  Angela Shi
  TechNet Community Support
  Thx for your feedback. I will check this out.