Recent Discussions
Discontinuation of support for Session Border Controllers in Exchange Online Unified Messaging
In July 2018, we will no longer support the use of Session Border Controllers (SBC) to connect 3 rd Party PBX systems to Exchange Online Unified Messaging (UM). We're making this change to provide a higher quality of service for voicemail, using Exchange standard and Skype for Business protocols. Customers considering a new deployment of this scenario should be aware that they will have a little less than a year to complete one of the migrations below. Customers with existing deployments remain fully supported until July 2018, including moving voicemail-enabled mailboxes from Exchange on-premises and voicemail-enabling new mailboxes. The following configurations are not affected by this change: Skype for Business Server (on-premises) connected to Exchange Online UM 3 rd party voicemail solutions that deposit voicemail messages into Exchange Online mailboxes through APIs, rather than an SBC connection All forms of Exchange Server UM (on-premises) There are several alternative solutions for impacted customers, one or more of which must be implemented prior to July 2018. Option #1: Complete migration from 3 rd party on-premises PBX to Office 365 Cloud PBX. Option #2: Complete migration from 3 rd party on-premises PBX to Skype for Business Server Enterprise Voice on-premises. Option #3: For customers with a mixed deployment of 3 rd party PBX and Skype for Business, connect the PBX to Skype for Business Server using a connector from a Microsoft partner, and continue using Exchange Online UM through that connector. For example, TE-SYSTEMS anynode UM connector can be used for that purpose. Option #4: For customers with no Skype for Business Server deployment or for whom the solutions above are not appropriate, implement a 3rd party voicemail system. Although only a small number of customers are affected by this change, we know that planning for changes to voice platforms requires time to evaluate options, and to implement the selected option. We encourage you to start this process soon. For more information, please visit the following pages: Exchange Online Unified Messaging Exchange Online UM support for 3 rd party PBX via SBC Cloud PBX Skype for Business Server Enterprise Voice Note: this post is also on the Exchange Team (EHLO) blog.
Exchange Server error in '/owa' application
ASSERT: HMACProvider.GetCertificates:protectionCertificates.Length<1 Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code. Exception Details: Microsoft.Exchange.Diagnostics.ExAssertException: ASSERT: HMACProvider.GetCertificates:protectionCertificates.Length<1 Source Error: An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below. Stack Trace: [ExAssertException: ASSERT: HMACProvider.GetCertificates:protectionCertificates.Length<1] Microsoft.Exchange.Diagnostics.ExAssert.AssertInternal(String formatString, Object[] parameters) +241 Microsoft.Exchange.Clients.Common.HmacProvider.GetCertificates() +478 Microsoft.Exchange.Clients.Common.HmacProvider.GetHmacProvider() +143 Microsoft.Exchange.Clients.Common.HmacProvider.ComputeHmac(Byte[][] messageArrays) +16 Microsoft.Exchange.HttpProxy.FbaModule.SetCadataCookies(HttpApplication httpApplication) +826 Microsoft.Exchange.HttpProxy.FbaFormPostProxyRequestHandler.HandleFbaFormPost(BackEndServer backEndServer) +2776 Microsoft.Exchange.HttpProxy.FbaFormPostProxyRequestHandler.ShouldContinueProxy() +20 Microsoft.Exchange.HttpProxy.ProxyRequestHandler.BeginProxyRequestOrRecalculate() +229 Microsoft.Exchange.HttpProxy.ProxyRequestHandler.InternalOnCalculateTargetBackEndCompleted(TargetCalculationCallbackBeacon beacon) +1379 Microsoft.Exchange.HttpProxy.<>c__DisplayClass3f.<OnCalculateTargetBackEndCompleted>b__3e() +311 Microsoft.Exchange.Common.IL.ILUtil.DoTryFilterCatch(TryDelegate tryDelegate, FilterDelegate filterDelegate, CatchDelegate catchDelegate) +35 Microsoft.Exchange.HttpProxy.Diagnostics.SendWatsonReportOnUnhandledException(MethodDelegate methodDelegate, LastChanceExceptionHandler exceptionHandler) +121 Microsoft.Exchange.HttpProxy.ProxyRequestHandler.CallThreadEntranceMethod(MethodDelegate method) +69 [AggregateException: One or more errors occurred.] Microsoft.Exchange.HttpProxy.ProxyRequestHandler.EndProcessRequest(IAsyncResult result) +416 System.Web.CallHandlerExecutionStep.InvokeEndHandler(IAsyncResult ar) +231 System.Web.CallHandlerExecutionStep.OnAsyncHandlerCompletion(IAsyncResult ar) +172Error when trying to modify or create Exchange Online connectors
Hi All, Getting this error when trying to update an existing EXO transport connector or creating a new. Sounds like backend and License SKU specific to me. Anyone else experiencing the same? Error executing request. For this service offering, you can’t create or update inbound connectors in your organization I've tried the following with no success. 1. Change existing connetcor/Create a new using PowerShell - Same error returned 2. Use different Admin accounts with GA role assigned 3. Use different browsersOutlook - Certificate has been revoked
Hi all, not sure if anyone has experienced it, but we are getting tthis error multiple times a day when using outlook. It says : Outlook.office365.com Information you Exchange with this site cannot be viewed or changed by others. However, there is a problem with the sites security certificate. The security certificate for this site has been revoked, This site should not be trusted, If we dont click OK, outlook cannot send or receive emails. Sometime this window is hidden behind and therefor are not aware of it during the day. if we click view certificate, it looks legit and everything seems to be ok. If enter OWA, we get same certificate(according to thumbprint), but there is no warning or error, We have created a case with Exchange online team, but they say there are no error from their side and its internal network issue. We have cleared certificate revoke list from our DNS servers without any help. Any ideas on how to troubleshoot this further? We use Outlook 2016 with latest updates and have all mailboxes in Exchange online. I only have my archive mailbox attached to my outlook, Thanks!Can't make a goup calendar readonly anymore with Powershell
Hi, We have some groups where regular group members are not allowed to make changes to the group calendar. I was able achieve this with Powershell as described in this post: https://answers.microsoft.com/en-us/msoffice/forum/all/calendar-permissions-in-an-office-365-group/b5f7cacc-bc11-4b8c-adf1-e94f11616ae2#:~:text=Below%20are%20the%20steps%3A%201%201.%20Connect%20to,command%20to%20check%20the%20CalendarMemberReadOnly%20in%20this%20group. More info about the Set-UnifiedGroup command is found here: https://learn.microsoft.com/en-us/powershell/module/exchange/set-unifiedgroup?view=exchange-ps All of a sudden I now am only able to read the settings and can't change them anymore. So this still works: Get-UnifiedGroup -Identity "MYGROUP" -IncludeAllProperties | Format-List *Calendar* But this gives an error: Set-UnifiedGroup "MYGROUP" -CalendarMemberReadOnly The error is: Write-ErrorMessage : Object reference not set to an instance of an object. The strange thing about this, is that I am able to change other attributes, like: Set-UnifiedGroup -Identity "MYGROUP" -AccessType Private I use an account with Global Admin rights to execute the commands and we have an educational tenant. What is going wrong here?Exchange Hybrid Deployment single forest multiple email domains
Hi all, I have a question. I have 22 email domains on prems. ( Three EXC 2016). Points to a third-party mail scan. One primary domain and two upn Sufix added to local AD. My all users are synchronized to office 365 based on UPN. The upn Sufix based users mailboxes are online. While primary domain based mailboxes are onpremises with 17 email domains being the alias and email addresses. I enabled the hybrid component in sync server. Now when I add my email domains in office 365 and verify them, they become Authoritative and break the mailflow. I need to run hcw so I'm also verifying my email domains. Should I verify them and set them internal relay before running hcw or is there anything else I am missing? Thanks Far.Aggregate availability from multiple calendars
I prefer to keep personal appointments on one calendar (on Outlook.com) and work appointments on my work calendar (O365 Exchange), but Exchange only seems to use my work calendar to show my availability to other people in my organization. I'd like to have a way to aggregate my availability from multiple calendar sources, the way that you can overlay multiple calendars in Outlook. It's not really a matter of me seeing all my appointments, because I can easily see everything in a consolidated view in Outlook on my desktop or mobile; it's more about letting others in my organization know when I'm free to meet. I know there is (used to be?) a "free/busy server" option in Outlook client, but I feel like this should be something that can be set on my Exchange profile, so that it doesn't matter what client I'm using. Aside from that kind of option, I guess I'd guess I might be OK with a solution that duplicates anything added to my personal calendar as a block on my work calendar or vice versa, even if it's an IFTTT-type thing. I saw a similar post that mentions some 3rd-party tools from CodeTwo and Connecting Software, but given this is just a preference of mine, I'm probably not going to spend a lot on a workaround. TLDR: Is there a better approach to showing consolidated availability than manually duplicating my appointments between calendars? Thanks!No longer able to see users Inbox rules through EAC Online?
Hi, I must have missed an announcement but just doing some routine maintenance and I see that the "View another mailbox" in EAC has changed considerably. The most noticeable change is that you can no longer see the users Inbox rules. The old days: And now you get this: Usually the first thing to do if an email account is compromised is checking here to see if there have been any rules setup to spoof emails etc. With this functionality removed this does take a very useful tool from our tool box. Has anyone else seen this change? more so does anyone know if there is another way to get inbox rule information for a user? Cheers Rob
decommision resource forest and install Exchange 2016 in account domain with existing hybrid
Following situation at a customer: - Account and Resource forest - Office 365 tenant - Azure AD Connect machine running in Account forest, syncing both directories - ADFS in Account forest - Exchange 2010 in Resource forest with Hybrid setup What we want: - decommision resource forest/domain and Exhange 2010 - install Exchange 2016 in account forest - make 2016 the hybrid I was wondering which steps we had to take. We are now already migrating user to Exchange Online. For a new user we create a user with Linked Mailbox in Resource domain. We ADMT it to the Account forest, we trigger ADSync. A mailuser is made in Office 365 and we iniate a mailbox move. Then in the resource forest we have a Mail Contact in Ex2010 and a disabled account in AD. 1- How can we get rid off these migrated users? 2- When can we install 2016 in the account forest, can it do any harm when we install it next to Ex 2010 which is in the other forest(ofcourse we have a trust) 3- How to move on from here? Thanks for your support! (sorry, I also posted this by accident in the Office 365 community. I realized later it should be here?)Why is "Focused Inbox" suddenly disappeared?
Hello, Until the end of 2016 our tenant had "Focused Inbox" activated. But since a couple of days, we're missing the separation of "Important" and "Other". When we can see all our messages in our Inbox-folder in Outlook 2016, we don't see these messages in OWA. What has changed?Exchange Hybrid Configuration Wizard - Error 1603 - Connector registration failed
Did any of you encounter this error while installing hcw on an exchange server? Here is the event viewer error details: Connector registration failed: Make sure you are a Global Administrator of your Active Directory to register the Connector. Error: '"The registration request was denied. "'
Shared Mailbox can have a password and login enabled without license
I'm very much aware of the license requirements for Shared Mailboxes in Exchange Online and for all Shared Mailboxes we always give licensed users access to them. If we need to login to the actual shared mailbox, we assigned them a license. This could be necessary if you also have some 3rd party application that actually need to login to the mailbox and fetch e-mail for some reason. I have recently realized that you CAN actually set a password to a Shared Mailbox. Just go to admin.microsoft.com > Users > Active Users > select the Shared Mailbox > Reset password. After this, you can login with the username/password. Of course, if you access it via portal.office.com you won't see Outlook but if you go directly to outlook.office365.com you will get access to the mailbox. Anyone know anything more about this feature? Limitations? I'm not looking to break the licensing terms, all our physical users for all our customers have their own personal accounts but there are scenarios where you have a 3rd party application accessing the mailbox for some reason.
The sudden removal of public folder access in outlook on the web
Last week access to public folders was removed from outlook on the web with no announcement, does anyone know why? and why was the message centre not used to communicate this change ? Now you get a banner saying "switch to outlook desktop to view public folders"Outlook <-> Exchange Protocols
During Ignite I saw a presentation that suggested Outlook was moving to a new communication protocol "Hx" from the current REST API method (Mobile) and MAPI/HTTP (Desktop) I was surprised to hear that migration was going to begin at the end of this year. Does anyone know where to find more information about this new protocol? Like what builds of Outlook are needed, how to tell when you are using it etc. Some of the benefits like improved sync are appealing (assuming it works).internal anonymous mailbox mails received with external warning banner
anonymous mailbox use to automate mail generation and it's identified as external mail from Exchange Transport rule internal domain emails and it's received with external warning banner it's there any solution to resolve the issue or remedial process Thank you
Focused Inbox not working
Finally got Focused Inbox to appear in my Windows Outlook 2016 client yesterday, after finally enabling Modern Authentication in our Exchange Online tenant. It had been present and working in my Mac Outlook 2016 client, as well as in both OWA and iOS Outlook clients, just missing from the Windows Outlook 2016 client. However, it seems to have stopped working, in all clients! So, two things have occurred recently, which may have affected this functionality. (1) A few days ago, I uninstalled and reinstalled the Office 2016 suite on my Macbook, and installed the latest version from our Office 2016 tenant (E3 corporate license). I only mention this because I saw someone else report a similar problem that started after installing or upgrading his Mac client. (2) I enabled Modern Authentication in our Exchange Online tenant yesterday. I don't believe this to be the culprit because Focused Inbox is confirmed working for at least one of my co-workers, so the problem seems to be limited to my mailbox. I've reviewed both the tenant and mailbox settings, and both show Focused Inbox as enabled. Where else can I check, or how else can I troubleshoot this issue? I'm really bummed because Clutter was so useful, and now everything is going to my inbox. I've been using "Move to Other" all day, but so far it's not getting the hint. :) Any ideas? Thanks!
Recent Blogs
- A reminder that on September 16 2025, we will enforce the first temporary block of shared security principal use for our hybrid customers.Sep 12, 2025
