Republic Day: 100th Anniversary of The Republic of Türkiye

Yusuf Ustundag Leave a comment

The Turkish Republic is celebrating its Centennial anniversary today (29 October).

Republic Day in Turkey, also known as Cumhuriyet Bayramı, is celebrated on October 29th each year to commemorate the proclamation of The Republic of Turkey. The 100th anniversary of the Republic of Turkey was celebrated on October 29, 2023, marking a significant milestone in Turkish history.

On October 29, 1923, Mustafa Kemal Atatürk, the founder of modern Turkey, officially declared the establishment of The Republic of Turkey, ending the Ottoman Empire’s rule and transforming Turkey into a modern, secular, and democratic nation. This momentous event marked the beginning of a new era for the country and its people.

Republic Day is celebrated with various events and activities across Turkey. These celebrations typically include parades, fireworks, concerts, and other public gatherings. People often adorn their homes and public buildings with the Turkish flag, and the national anthem is sung with great pride.

The 100th anniversary of the Republic of Turkey is an especially significant occasion, and it is likely to be marked with even more grandiose celebrations and festivities, reflecting the importance of this historical milestone in the country’s journey towards modernization and democracy.

When Mustafa Kemal Atatürk proclaimed the Republic of Turkey on October 29, 1923, he made a famous speech to the Turkish Grand National Assembly. In his speech, he expressed his vision for the new Turkish state and emphasized the principles that would guide its transformation. Here is an excerpt from Atatürk's speech on that historic day:

"Turkish people, your existence, your future, your honor and your happiness are in the faith, the determination and the fervor of manhood that are characteristic of you. From the day I took the leadership of the war of salvation until today, the strength of this faith, determination and fervor has never abandoned me, and I have been helped by it. I am grateful to you all for this great service you have done, which I could never repay.
The Republic of Turkey shall be a state of justice, a state where the rule of law, the principle of the equality of citizens before the law, and the principle of the protection of human rights shall be established in accordance with the concepts and understanding of contemporary civilization and law, and which serves its people in accordance with these principles.
A citizen of the Turkish Republic, whatever his religion or race may be, whatever his beliefs or inclinations may be, is a person who has full citizenship rights and responsibilities."

In this speech, Atatürk emphasized the principles of democracy, secularism, and the equality of all citizens, regardless of their religion or ethnicity. He laid the foundation for a modern, secular, and democratic republic, which has since been enshrined in the Turkish Constitution. Atatürk's vision and leadership played a crucial role in shaping modern Turkey.

 

"How happy is the one who says I am a Turk"

Atatürk used this phrase to emphasize the importance of national identity and unity, encouraging citizens to take pride in their Turkish heritage and culture. It signifies a sense of belonging and commitment to the Turkish nation. The motto highlights the idea that being a part of the Turkish nation is a source of happiness and pride.

 

"Peace at home Peace in the World"

This motto reflects Atatürk’s foreign policy principles and his belief that establishing and maintaining peace within a nation is crucial for promoting peace on a global scale.
Atatürk believed that a strong, stable, and united nation at home would contribute to greater harmony and cooperation with other nations in the world. This principle underscores the idea that a nation’s internal stability and peace are closely linked to its ability to maintain peaceful relations with other countries.
The motto “Peace at home, peace in the world” is a call for nations to prioritize diplomacy, cooperation, and peaceful solutions to conflicts rather than resorting to violence or war. It conveys the importance of avoiding external conflicts and focusing on domestic prosperity and harmony as a means to promote global peace and stability. This principle remains an important part of Turkey’s foreign policy and diplomatic efforts.

 

 

 

"How happy is the one who says I am a Turk"

Netlogon Protocol Changes – News !

Yusuf Ustundag 3 Comments

As you know, Microsoft Netlogon protocol change process was activated with the November 8, 2022 updates (KB5021130 – CVE-2022-38023 ).

In previous announcements, “Enforcement by Default” would be activated with the April 11, 2023 updates, but it was postponed with new announcement which is 13 June, 2023.

 

By the way after the Windows updates that are dated on or after November 8, 2022 Windows updates are installed, you can add the “RequireSeal” key below.

Registry Key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters

Value: RequireSeal

Data Type: REG_DWORD

Data:  0 – Disabled

 1 – Compatibility mode. Windows domain controllers will require that Netlogon clients use RPC Seal if they are running Windows, or if they are acting as either domain controllers or Trust accounts.

2 – Enforcement mode. All clients are required to use RPC Seal, unless they are added to the “Domain Controller: Allow vulnerable Netlogon secure channel connections” group policy object (GPO).

If you have more than one Domain Controller in your environment, you can distribute the registry key with the group policy method.

Or you can choose to use Powershell :

New-ItemProperty -Path "HKLM:\System\CurrentControlSet\Services\Netlogon\Parameters" -Name RequireSeal -Value DATA -PropertyType DWORD –Force

 

Note: Events 5838,5839 and 5840,5841 can be checked in the System Event Log on DCs with November 2022 updates installed to detect applications that may have problems.

 

 

Have a nice day!

How to Upgrade Failover Cluster Functional Level

Yusuf Ustundag 3 Comments

When you add new nodes with a higher operating system to your Windows Failover cluster environment, you will receive warnings about "Functional Level" mismatch in your failover cluster logs.

The main reason for these warnings is that the operating systems and functional levels of the clusters connected to the nodes in your environment are different from each other.

You can follow the steps below to change the functional level compatibility;

  • To view the Failover Cluster Functional Level version
    Get-Cluster | select ClusterFunctionalLevel
  • To upgrade the Failover Cluster Functional Level version
    Update-ClusterFunctionalLevel
  • To view the upgrade process of the Failover Cluster Functional Level version
    Get-Cluster | select ClusterFunctionalLevel
  • In Windows Server 2019 the Clustering team introduced a new PowerShell cmdlet to check how many nodes of the cluster are running on which level
    "Get-ClusterNodeSupportedVersion" helps you to identify the Cluster Functional Level and the Cluster Upgrade Version.

The table below shows the values and each corresponding functional level:

 

For more detailed information;

Have a nice day!

How to Fix Failed While Applying Switch Port Settings ‘Ethernet Switch Port VLAN Settings’

Yusuf Ustundag 4 Comments

If you get the following error when you want to make a VLAN change on your virtual server that you use on Hyperv;

"Error applying Network Adapter changes"
"The operation failed. Failed while applying switch port settings 'Ethernet Switch Port VLAN Settings' on switch 'Vs': One or more arguments are invalid (0x80070057)."

The root cause of this problem is the network mode you use on your virtual server, for example F5 virtual server appliance.
Let’s continue with the example there are more than one ethernet card over the F5 virtual server appliance, some of which are trunk and some are access mode.

You will get an error when you make the VLAN change on the Trunk mode card from the Hyper V Failover Cluster gui.

To fix this problem, you can follow the steps below;

  • First of all, we view the cards and their modes on the virtual server.
    Get-VMNetworkAdapterVlan -VMName servername
  • The tag is removed the network card with trunk mode.
    Set-VMNetworkAdapterVlan -VMName servername -VMNetworkAdapterName NIC3 -untagged
  • We define access mode and VLAN ID.
    Set-VMNetworkAdapterVlan -VMName servername -VMNetworkAdapterName NIC3 -Access -VlanId 715
  • To view the change made.
    Get-VMNetworkAdapterVlan -VMName servername

Have a nice day!

 

March 2023 Exchange Server Security Updates

Yusuf Ustundag 2 Comments

Microsoft Exchange Servers security updates have been released for March 2023.

These updates are available for the following specific versions of Exchange Server:

Exchange Server 2013 CU23 SU21 (Microsoft Exchange Server 2013 will reach its end of support on April 11, 2023)
Exchange Server 2016 CU23 SU7
Exchange Server 2019 CU11 SU11 & CU12 SU7

The recommendation is to install these updates immediately to protect your environment.
In the scenario where you do a Cumulative Update(CU), you need to make security updates. Otherwise, remember that you have to do the Cumulative Update(CU) first and then the Security Update(SU).

Inventory your Exchange Servers to determine which updates –> “Exchange Server Health Checker
Choose your current CU and your target CU to get directions –>  “Exchange Update Wizard
If you encounter errors during or after installation of Exchange Server –> “Exchange Setup Assist

Note: Don't double-click the 'MSP file' to run it. Run Command Prompt (not Powershell) as an Administrator.

Issues resolved with this update:

  • EWS web application pool stops after the February 2023 Security Update is installed .
    ⇒If you have applied a workaround for this issue, you should roll it back after the March security update.
  • Exchange Server 2016 or 2019 who have non-default applications installed through ECP add-ins, the ECP add-ins page might be broken after the February 2023 Security Update is installed
    ⇒The issue is expected to be resolved with the March security update.
  • The Get-App and GetAppManifests applications fail and return an exception, “MSExchangeServicesAppPool” application pool to repeat in the same order after the February 2023 Security Update is installed .
    ⇒The issue has been resolved with the March security update.
  • Exchange Toolbox and Queue Viewer fails after Certificate Signing of PowerShell Serialization Payload is enabled after the Janurary 2023 or the February 2023 Security Update is installed.
    ⇒The issue has been resolved with the March security update for servers running the Mailbox Role, but this issue persists on other servers with management console installed.

Have a nice day!

February 2023 Exchange Server Security Updates

Yusuf Ustundag 4 Comments

Microsoft Exchange Servers security updates have been released for February 2023.

These updates are available for the following specific versions of Exchange Server:

Exchange Server 2013 CU23 SU20 (Microsoft Exchange Server 2013 will reach its end of support on April 11, 2023)
Exchange Server 2016 CU23 SU6
Exchange Server 2019 CU11 SU10 & CU12 SU6

The recommendation is to install these updates immediately to protect your environment.
In the scenario where you do a Cumulative Update(CU), you need to make security updates. Otherwise, remember that you have to do the Cumulative Update(CU) first and then the Security Update(SU).

Inventory your Exchange Servers to determine which updates –> “Exchange Server Health Checker
Choose your current CU and your target CU to get directions –>  “Exchange Update Wizard
If you encounter errors during or after installation of Exchange Server –> “Exchange Setup Assist

 

Note: Don't double-click the 'MSP file' to run it. Run Command Prompt (not Powershell) as an Administrator.

 

Have a nice day!

How to Fix TLS “SchUseStrongCryptoValue: Null

Yusuf Ustundag 2 Comments

If you are getting “StrongCrypto” error as below after configuring TLS on your Microsoft Exchange Servers;

v4.0.30319 SchUseStrongCryptoValue: NULL --- Error: Value should be defined in registry for consistent results.
v4.0.30319 WowSchUseStrongCryptoValue: NULL --- Error: Value should be defined in registry for consistent results.

The values you need to define for “StrongCrypto” are as follows:

Set “Strong Cryptography” on 32-bit .Net Framework

Set-ItemProperty -Path 'HKLM:\SOFTWARE\Microsoft\.NetFramework\v4.0.30319' -Name 'SchUseStrongCrypto' -Value '1' -Type DWord

 

Set “Strong Cryptography” on 64-bit .Net Framework

Set-ItemProperty -Path 'HKLM:\SOFTWARE\Wow6432Node\Microsoft\.NetFramework\v4.0.30319' -Name 'SchUseStrongCrypto' -Value '1' -Type DWord

 

Have a nice day!

Exchange Server 2013 End of Support Coming Soon – News !

Yusuf Ustundag 6 Comments

Microsoft Exchange Server 2013 will reach its end of support on April 11, 2023.

This means that Microsoft will no longer provide security updates, technical assistance, or online technical content updates for the product. It is highly recommended that organizations using Exchange Server 2013 upgrade to a newer version of Exchange.

After that date, Microsoft will no longer provide:

  • Security fixes for vulnerabilities that are discovered and that may make the server vulnerable to security breaches
  • Bug fixes for issues that are discovered and that may impact the stability and usability of the server
  • Technical support for problems that may occur
  • Time zone updates
  • Even if the product continues to work after this date, It’s recommended to start “Exchange Server 2013” to “Exchange Online” or “Exchange Server 2019” migration as soon as possible.

 

 

Have a nice day!

 

January 2023 Exchange Server Security Updates

Yusuf Ustundag 4 Comments

Microsoft Exchange Servers security updates have been released for January 2023.

These updates are available for the following specific versions of Exchange Server:

Exchange Server 2013 CU23 SU19
Exchange Server 2016 CU23 SU5
Exchange Server 2019 CU11 SU9 & CU12 SU5

The recommendation is to install these updates immediately to protect your environment.
In the scenario where you do a Cumulative Update(CU), you need to make security updates. Otherwise, remember that you have to do the Cumulative Update(CU) first and then the Security Update(SU).

Inventory your Exchange Servers to determine which updates –> “Exchange Server Health Checker
Choose your current CU and your target CU to get directions –>  “Exchange Update Wizard
If you encounter errors during or after installation of Exchange Server –> “Exchange Setup Assist

Recommended Action :

  • Enable certificate signing of Powershell serialization payload
  • To defend Exchange Servers against attacks on serialized data, added certificate-based signing of PowerShell serialization payloads.
  • If you have a server running Microsoft Exchange Server 2013 in your environment, we recommend that you don’t turn on serialization payload signing for now.
  • In the first stage of rollout, this new feature must be manually enabled by an Exchange Server admin due to feature dependencies.
  • You can use to validate/create the required auth certificate

 

Note: Don't double-click the 'MSP file' to run it. Run Command Prompt (not Powershell) as an Administrator.

 

Have a nice day!

About Domain Controller November 2022 Patch LSASS Memory Leak

Yusuf Ustundag 1 Comment

As you know, Microsoft had released a possible memory leak in the “Local Security Authority Subsystem Service (LSASS.exe)” in various Windows Server versions as of November 2022 and confirming the memory leak in “Local Security Authority Subsystem Service (LSASS.exe)“.

 

The update information is as follows;

  • Windows Server 2019: Update KB5019966
  • Windows Server 2016: Update KB5019964
  • Windows Server 2012 R2: Update KB5020023, Update KB5020010
  • Windows Server 2012: Update KB5020009, Update KB5020003
  • Windows Server 2008 R2 SP1: Update KB5020000, Update KB5020013
  • Windows Server 2008 SP2: OOB-Update KB5021657

The problem can be mitigated with a workaround but issue was resolved in KB5021235.

If you used the above workaround, please see KB5020805:
How to manage Kerberos protocol changes related to CVE-2022-37967 for further information on how to configure KrbtgtFullPacSignature.

Possible memory leak in Local Security Authority Subsystem Service (LSASS.exe) for Windows Server 2016

Possible memory leak in Local Security Authority Subsystem Service (LSASS.exe) for Windows Server 2019

 

Have a nice day!