{"id":5004,"date":"2021-03-11T21:22:04","date_gmt":"2021-03-11T21:22:04","guid":{"rendered":"https:\/\/pariswells.com\/blog\/?p=5004"},"modified":"2021-03-11T21:23:06","modified_gmt":"2021-03-11T21:23:06","slug":"hybrid-setup-365-with-the-following-error-message-421-4-4-2-connection-dropped-due-to-socketerror","status":"publish","type":"post","link":"https:\/\/pariswells.com\/blog\/research\/hybrid-setup-365-with-the-following-error-message-421-4-4-2-connection-dropped-due-to-socketerror","title":{"rendered":"Hybrid Setup : 365 with the following error message \u201c421 4.4 2 connection dropped due to socketerror\u201d"},"content":{"rendered":"<p>Mailboxes in 365 were not receiving email , this was caused by the recent Exchange 2010 security patches being installed &#8211; Update Rollup 32 for Exchange Server 2010 Service Pack 3 (KB5000978)<\/p><p>&nbsp;<\/p><ol><li>Get Exchange to the Latest CU<\/li><li><p><strong>Windows Server 2008 SP2<\/strong><\/p><p>Ensure the latest Windows updates are applied, this must include:<\/p><ul><li><a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4019276\/update-to-add-support-for-tls-1-1-and-tls-1-2-in-windows\" target=\"_blank\" rel=\"noopener\">KB4019276<\/a>\u00a0to add TLS 1.2 capability as a default secure protocol for SChannel.<\/li><li><a href=\"https:\/\/support.microsoft.com\/en-us\/help\/3161949\/ms16-077-description-of-the-security-update-for-wpad-june-14--2016\" target=\"_blank\" rel=\"noopener\">KB3161949<\/a>\u00a0for the current version of WinHTTP.<\/li><\/ul><p>Install\u00a0<a href=\"https:\/\/support.microsoft.com\/en-us\/help\/3154517\/support-for-tls-system-default-versions-included-in-the--net-framework\" target=\"_blank\" rel=\"noopener\">3154517<\/a>\u00a0for .NET Framework 3.5.1.<\/p><h4>Windows Server 2008 R2 SP1<\/h4><p>Ensure the latest Windows updates are applied, this must include:<\/p><ul><li><a href=\"https:\/\/support.microsoft.com\/en-us\/help\/3161949\/ms16-077-description-of-the-security-update-for-wpad-june-14--2016\" target=\"_blank\" rel=\"noopener\">KB3161949<\/a>\u00a0for the current version of WinHTTP.<\/li><li><a href=\"https:\/\/support.microsoft.com\/en-us\/help\/3080079\/update-to-add-rds-support-for-tls-1-1-and-tls-1-2-in-windows-7-or-wind\" target=\"_blank\" rel=\"noopener\">KB3080079<\/a>\u00a0to add TLS 1.2 capability to RDS (optional).<\/li><\/ul><p>Install\u00a0<a href=\"https:\/\/support.microsoft.com\/en-us\/help\/3154517\/support-for-tls-system-default-versions-included-in-the--net-framework\" target=\"_blank\" rel=\"noopener\">3154517<\/a>\u00a0for .NET Framework 3.5.1.<\/p><h4>Windows Server 2012<\/h4><p>Ensure the latest Windows updates are applied, this must include:<\/p><ul><li><a href=\"https:\/\/support.microsoft.com\/en-us\/help\/3161949\/ms16-077-description-of-the-security-update-for-wpad-june-14--2016\" target=\"_blank\" rel=\"noopener\">KB3161949<\/a>\u00a0for the current version of WinHTTP.<\/li><\/ul><p>Install\u00a0<a href=\"https:\/\/support.microsoft.com\/en-us\/help\/3154517\/support-for-tls-system-default-versions-included-in-the--net-framework\" target=\"_blank\" rel=\"noopener\">3154517<\/a>\u00a0for .NET Framework 3.5.1.<\/p><\/li><\/ol><h3><strong>3)<\/strong><\/h3><p>When the above steps have been completed, registry settings need to be added to Enable TLS 1.2 for SChannel, and Enable TLS 1.2 for .NET 3.5.<\/p><p><strong>TLS 1.2 for SChannel<\/strong><\/p><p>Import the following:<\/p><pre>Windows Registry Editor Version 5.00\r\n[HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\TLS 1.2]\r\n[HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\TLS 1.2\\Client]\r\n\"DisabledByDefault\"=dword:00000000\r\n\"Enabled\"=dword:00000001\r\n[HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\TLS 1.2\\Server]\r\n\"DisabledByDefault\"=dword:00000000\r\n\"Enabled\"=dword:00000001<\/pre><p><strong>.NET 3.5<\/strong><\/p><p>Import the following:<\/p><pre>Windows Registry Editor Version 5.00\r\n[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\.NETFramework\\v2.0.50727]\r\n\"SystemDefaultTlsVersions\"=dword:00000001\r\n[HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Microsoft\\.NETFramework\\v2.0.50727]\r\n\"SystemDefaultTlsVersions\"=dword:00000001<\/pre>","protected":false},"excerpt":{"rendered":"<p>Mailboxes in 365 were not receiving email , this was caused by the recent Exchange 2010 security patches being installed &#8211; Update Rollup 32 for Exchange Server [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-5004","post","type-post","status-publish","format-standard","hentry","category-research"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/posts\/5004","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/comments?post=5004"}],"version-history":[{"count":2,"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/posts\/5004\/revisions"}],"predecessor-version":[{"id":5006,"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/posts\/5004\/revisions\/5006"}],"wp:attachment":[{"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/media?parent=5004"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/categories?post=5004"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/tags?post=5004"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}