Recent Discussions
Exchange SE product key Clarity
Hi All, After installing the Exchange SE server, the following parameters appeared when I ran the command. Can we leave these statuses as they are until Microsoft provides the new CU and product key ? Please confirm Get-ExchangeServer -Identity newse | fl fqdn,product*,*edition* Fqdn : NewSE.test.local ProductID : Edition : StandardEvaluation IsExchangeTrialEdition : True IsExpiredExchangeTrialEdition : FalseFederation Trust Gateway broken - OrgCertificate cannot be uploaded
Hey guys, last week we have done Windows Server updates and this broke some stuff. Some certificates have been unbound and so on. Until then the full classic hybrid worked quite good in our Exchange Server 2016 CU23 environment. We are just in the process of upgrading/migrating. But after this point of time the On-Premises users stopped being able to see the calendars of the cloud users, other way around still worked. So we started trying to fix the hybrid deployment with several runs of the HCW (which is always fine) and rebuilding the organizational relationship and the trust federation gateway. This was quite exhausting, as we updated a bunch of domains in global DNS several times. Currently, neither direction is functioning. Now it looks like the Federation Trust Gateway is in an inconsistent state. When I try... Set-FederationTrust -Identity "Microsoft Federation Gateway" -PublishFederationCertificate then I get the message, that the rollover certificate (OrgNextPrivCertificate) is not set and that I only can publish, when this is done. When I try to define a rollover certificate, then I get the message, that the rollover certificate cannot be set until the OrgCertificate has been published. So, we have a chicken-and-egg situation here. Thanks for any help.
Update Dynamic Distribution List
we are a hybrid environment, running exchange 2019 and have a few DDLs which have been around from previous exchange versions. One of the DDLs i need to modify is the below. Its hard to read and i am trying to work out where i add the extra fields i want to include. I am looking to add another custom attribute and possibly include members of a security group. Is there anyway to make this easier to read so i know where to add things? Any other tips? ((((((((((((((((((((((((((Company -eq 'Contoso') -and (CustomAttribute4 -eq 'City'))) -and (((((CustomAttribute7 -eq 'Group') -or (CustomAttribute7 -eq 'Contractor'))) -or (CustomAttribute7 -eq 'Permanent'))))) -and (((RecipientType -eq 'UserMailbox') -or (((RecipientType -eq 'MailUser') -and (CustomAttribute12 -ne 'Excluded'))))))) -and (-not(Name -like 'SystemMailbox{*')))) -and (-not(Name -like 'CAS_{*')))) -and (-not(RecipientTypeDetailsValue -eq 'MailboxPlan')))) -and (-not(RecipientTypeDetailsValue -eq 'DiscoveryMailbox')))) -and (-not(RecipientTypeDetailsValue -eq 'PublicFolderMailbox')))) -and (-not(RecipientTypeDetailsValue -eq 'ArbitrationMailbox')))) -and (-not(RecipientTypeDetailsValue -eq 'AuditLogMailbox')))) -and (-not(RecipientTypeDetailsValue -eq 'AuxAuditLogMailbox')))) -and (-not(RecipientTypeDetailsValue -eq 'SupervisoryReviewPolicyMailbox')))) -and (-not(Name -like 'SystemMailbox{*')) -and (-not(Name -like 'CAS_{*')) -and (-not(RecipientTypeDetailsValue -eq 'MailboxPlan')) -and (-not(RecipientTypeDetailsValue -eq 'DiscoveryMailbox')) -and (-not(RecipientTypeDetailsValue -eq 'PublicFolderMailbox')) -and (-not(RecipientTypeDetailsValue -eq 'ArbitrationMailbox')) -and (-not(RecipientTypeDetailsValue -eq 'AuditLogMailbox')) -and (-not(RecipientTypeDetailsValue -eq 'AuxAuditLogMailbox')) -and (-not(RecipientTypeDetailsValue -eq 'SupervisoryReviewPolicyMailbox')))
M365 Exchange - delete Calendar entries
Maybe a simple question, but struggle to find a way to do it I have a 365 admin account for our m365 tenent and running exchange online. A user has left and people struggle to cancel some meetings the person who has left has invited for. I hoped that I just could run some powershell script that silently would cancel all meetings that person has made. But struggle to find a way Anyone has some input on how to do this ? - and as mention I have exchange admin rights.
Exchange 2019 AvailableNewMailboxSpace
Hello! Colleagues, have you encountered a situation where Exchange 2019 does not provide accurate information about the amount of free space in databases (AvailableNewMailboxSpace) via EMS? Using this command: Get-MailboxDatabase -Status | Sort-Object Name | Select-Object Name,@{Name=‘DB Size (GB)’; Expression={[math]::Round($_.DatabaseSize.ToGb(),2)}},@{Name=‘Free Space (GB)’;Expression={[math]::Round($_.AvailableNewMailboxSpace.ToGb(),2)}} | Format-Table -AutoSize Exchange 2016 displays the information correctly, but 2019 does not display it correctly in gigabytes or the numbers are unclear. Do you know of another way? Thank you!
Exchange 2016 with Hybrid Configuration
We have Exchange Server 2016 configured in a hybrid environment. We encountered an error when one of our administrators attempted to install a cumulative update that was the same version as the one already installed. After that, we were unable to access OWA, ECP, or the Exchange Management Shell. Exchange Server 2016 CU23 (2022H1) 15.1.2507.6
Stop ASP.NET SMTP Emails from Appearing in Office 365 Sent Items Without Affecting Manual Sends
We are sending Emails to our clients through an ASP.NET application using the SMTP protocol and using an O365 Account (email address removed for privacy reasons). The problem is that every time a mail (reset password, otp, campaigns, etc) is sent from asp.net application, a copy of that mail is created in the "Sent Items" of the Support mailbox. This is not needed and it is quickly filling our Support mailbox. How to stop this? Is there any setting in the Exchange Server? Please note that the Support mailbox is also used by our company support representative to send resolutions to customers using O365 Outlook Web Access. The mails send by the representative are very much needed in the sent items. It's only the ASP.NET-sent mails that we want to prevent in the "Sent Items".
What to do? SE or Decommission
I’ll start by outlining our current environment for context: Two standalone Exchange Server 2016 VMs. Primarily used for recipient management in a hybrid setup. Also functions as an anonymous relay for two LOB applications — one of which requires the mail service to reside on the same network as the application (as per vendor requirement). We have not opted for Extended Support (ESU) and installed the latest available Security Update last week. Management has been presented with the following options to move forward: 1) Perform a legacy upgrade — build two new servers and migrate from Exchange 2016 to Subscription Edition (SE). 2) Migrate LOB applications to another SMTP service — this would allow continued use of Exchange Management Shell for recipient management (by setting up a new server, preparing the schema for SE, and following Microsoft’s decommissioning process). 3) Migrate both LOB applications to another SMTP service and management to alternative platforms such as Easy365 or ManageEngine, removing the dependency on Exchange entirely. This post is mainly to gather some insights and general discussion around the best path forward. From a risk management perspective, since we’re effectively sitting on a time bomb without further Microsoft updates, I’m leaning toward option 2, especially given that all mailboxes have long been migrated to Exchange Online. What should I be watching out for with this approach? It seems many have taken a similar path — I’d appreciate hearing about any challenges or pitfalls you encountered and how you mitigated them during implementation.Finding Unused Proxy Addresses for Exchange Online Mail-Enabled Objects
A request came in about how to find unused proxy addresses for Exchange Online mail-enabled objects. There's no out-of-the-box report available for proxy address usage, but we can solve the problem by using a PowerShell script to download historical message trace data to check every proxy address for all mailboxes against. The question then is what to do with the unused proxy addresses? https://practical365.com/find-unused-proxy-addresses/Exchnage 2019 on prem EMS not working. Recreating Exchange Virtual Directories failed
I have two exchange 2019 on prem in DAG. Recently EMS (Exchange management shell) on both servers stop working and I tried to delete and recreate on MAIL2 but unsuccessful. Basically it return error that The AD configuration for virtual directory 'Powershell' already exists I tried to delete first with Remove-PowerShellVirtualDirectory I tried clean up IIS and AD but still getting this error, even that in ADSI edit I delete all powershell objects for MAIL2 Exchange Health Checker: beside that server is in maintenance mode, nothing interesting. just the last line: Default Web Site/PowerShell has authentication set, which is unsupported. Error form PowerShell: New-PowershellVirtualDirectory : The AD configuration for virtual directory 'Powershell' already exists in 'CN=Powershell (Exchange Back End),CN=HTTP,CN=Protocols,CN=MAIL2,CN=Servers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=Company Organization,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=rcompany,DC=local', please remove this AD configuration manually. Parameter name: VirtualDirectoryName At line:1 char:1 New-PowershellVirtualDirectory -Name "Powershell" -Role "Mailbox" -Re ... CategoryInfo : InvalidArgument: (MAIL2\Powershell (Exchange Back End):ADObjectId) [New-PowerShellVirtualDirectory], ArgumentException FullyQualifiedErrorId : [Server=MAIL2,RequestId=2bb82483-c56a-4e4f-8d08-c81691b34bd1,TimeStamp=11/4/2025 2:31:50 PM] [FailureCategory=Cmdlet-ArgumentException] B318F342,Microsoft.Exchange.Management.SystemConfiguratExchange Server 2019 to Subscription Edition (SE) Licensing and Migration Guidance
1. Current Infrastructure Setup Component Detail Notes Product Microsoft Exchange Server 2019 Enterprise Edition Servers 3 Virtual Servers (VMware) Configured in a Database Availability Group (DAG) Version Cumulative Update (CU) 15 Licenses Server License and 1100 CALs (Standard/Enterprise) Purchased in 2019 without Software Assurance (SA). 2. Core Licensing and Compliance Queries We require definitive guidance on the following compliance and purchase requirements: Software Assurance (SA) Requirement: Is Software Assurance mandatory for our existing Exchange Server 2019 setup for ongoing compliance and full support? Please advise on the status of our current setup without SA. Standalone SA Purchase: As our Exchange Server licenses/CALs were purchased in 2019 without SA, is it possible for us to purchase standalone Software Assurance for our existing Exchange Server 2019 licenses now, or must we purchase a completely new license with SA? Client Access License (CAL) Migration: Will our existing Exchange Server 2019 Standard/Enterprise CALs be compatible and automatically migrate to the Subscription Edition (SE) requirement, or must we purchase new CALs specifically for Exchange Server SE? Please clarify if the old CALs will become obsolete. 3. Recommended Migration Path (Budgeting Focus) Based on the licensing realities, we need advice on the most financially responsible path to move to Exchange Server SE. Please guide us on which of the following scenarios is recommended: Option A: Purchase Software Assurance for our existing Exchange Server 2019 infrastructure, and then migrate to SE, utilizing the same 2019 CALs (if permissible). Option B: Forego purchasing SA for the 2019 environment and directly purchase new Exchange Server Subscription Edition (SE) licenses and corresponding new CALs (if necessary). We look forward to your detailed guidance to ensure full compliance and a smooth transition to Exchange Server SE. Thank you, Narayan Das Senior System Administratornew Exchange Installation Autodiscover
Hi I have had a lab environment and suspended this to get experience with a new setup. Old setup had a ADFS server in place. New lab setup is based on Windows Server 2025, 1 DC, 1 Exchange server SE. Installation is ok. Client is a Windows 11 machine with Outlook 2019. DC is synching to EntraID. All based on German language. GPO for autodiscover is set. As well the DNS records. Post installation is the part where I am have an issue at. At least in the part of the autodiscover. Adding the primary mail address is always leading in pointing to the company authentification page adfs.xy.com which was in the old lab in place. I cant see any DNS entry neither on my external DNS provider nor internal (brand new setup) and have no clou where to search further. Wensearch did also not lead me to any solution. And a workaround to disable autodiscover is not my goal. Therefore I am happy to get any idea where to look at to get read of the adfs link. Appreciate your support. THY mame
Help~After installing Exchange 2019, mail is stuck in Draft in OWA
Hi all I dont undertand this symptom. Now I installed one new DC, one new Exchange 2019(CU13) in active directory domain. and I just set recieve connector(check anonymous user in Default Exchange) and created send connector and I sent mail to my own mailbox(administrator), and I also sent mail to other mailboxes, but I only have stuck Draft folder in OWA. before install Exchange 2019 CU13, I installed Exchange 2029 CU15 but it was same symptom so after removing Exchange 2019 CU15, I reinstalled Exchange CU 13. but it was same. DC and Exchange OS are Windows Server 2022 Standard on Dell H/W. ipv4 192.168.10.202 subnet 255.255.255.0 GW 192.168.10.1 Dns1 192.168.10.201(DC) It's the same as the link below, but there's nothing solved. T.T https://www.reddit.com/r/exchangeserver/comments/1daxga2/exchange_server_2019_emails_get_stuck_in_drafts/#:~:text=Here's%20some%20information%20about%20emails%20getting%20stuck,lots%20of%20space%20may%20not%20always%20work. If anyone knows how to solve this problem, please help meUse PowerShell to Analyze Junk Email and Intercept Traffic from Spammy Domains
Despite the best efforts of anti-spam solutions, some unwanted messages usually get through to user inboxes. This article explains how to analyze messages that end up in Junk Email and use the results to create a transport rule to block future traffic from the spammy domains. https://practical365.com/analyze-junk-email-block-spammy-domains/Exchange synch/profile issue
Dear community, I need help to solve a problem. 1.) I'm using Outlook classic 2016 2.) I need two mail accounts in outlook a.) my gmail account - all good with that one b.) my AWS Workmail account 3.) all used to work fine till I had another problem with teams integration into my calendar which I tried to fix without success. After a while I thought, that when I setup outlook from scratch that this could solve the problem - but it got worse. 4.) when I started the newly installed outlook, I can load my gmail account, and when I add my AWS Workmail account, I get the message that the account was successfully added and need to restart Outlook. 5.) After the restart I get the two messages: - The name cannot be matched to a name in the address list. - Cannot start Microsoft Outlook. Cannot open the Outlook window. The set of folders cannot be opened. An unexpected error has occurred. 6.) so the AWS Workmail is not loaded. I also tried to add the account manually in all different ways but without success. The integration of the AWS mail account on my Android Outlook works perfectly fine. I dont know where the problem is and tried to get answers from AI and Microsoft Support without success. Anyone has an idea? Many thanks, Rob
Problem with Teams and Exchange Integration
Hi everyone, My goal is to integrate Exchange Server (Exchange 2016 CU23) with Teams so that the Teams calendar can be used. I have set up Hybrid Configuration (Classic Full Hybrid) and completed the setup without any errors. I have also checked Entourage, and it shows that Exchange has been registered, but the Teams calendar is still not working. Check items: 1. Get-AuthServer 2. Get-IntraOrganizationConnector → Confirm the "Enabled" status. 3. Get-PartnerApplication → Confirm it's enabled. 4. External resolution of the Autodiscover and EWS virtual directories 5. Run Teams Exchange Integration → The only thing that works is "Verifying if the user's mailbox is discoverable by the Teams service," and everything else is fine.The user's mailbox is not discoverable by the Teams service. Please ask your administrators to verify the user has a mailbox and to confirm the connectivity between Teams and Exchange. Does anyone have any other ideas or suggestions to help me? Thanks!Policy for limiting external domains and allowing particular external receivers
Hi community, According to the guide https://learn.microsoft.com/en-us/defender-office-365/outbound-spam-policies-external-email-forwarding i have created the following rule for our test domain: Rule description Apply this rule if 'X-MS-Exchange-Inbox-Rules-Loop' header matches the following patterns: '.' Do the following Set audit severity level to 'Medium' and reject the message and include the explanation 'Delivery not authorized, message refused' with the status code: '5.7.1' Except if recipients's address domain portion belongs to any of these domains: 'xyz.com' Rule Idea is to block all external mail forwardings except the ones directed to the domain xyz.com. ______________________________________________ Another rule testing i performed: Apply this rule if Is sent to 'Outside the organization' and sender's address domain portion belongs to any of these domains: 'localdomain.com' Do the following Set audit severity level to 'Medium' and reject the message and include the explanation 'external forwarding is not allowed' with the status code: '5.7.1' Except if recipients's address domain portion belongs to any of these domains: 'xyz.com'. Unfortunately this is not working and if i create mailbox-based rules that forward to mails lets say to gmail and to xyz.com both , the mails get dropped with explanation: Reason: [{LED=250 2.1.5 RESOLVER.MSGTYPE.AF; handled AutoForward addressed to external recipient};{MSG=};{FQDN=};{IP=};{LRT=}] For both cases i made sure the auto forwarding is enabled under "anti spam" rules in the security admin center. I receive in the mail flow logs messaged dropped for a mail located in xyz.com and in gmail.com. The forwarding configured in outlook on a mail from localdomain.com is intended to auto forward messages to a mail address in gmail.com and in xyz.com, where they mails should arrive. I am wondering what would be the correct policy in order to being able to except particular ext domain/ext mailbox. Another approach i found is to disable the auto fwd globally and to enable it for particular users only, but unfortunately can not be limited to whom the mailbox can forward and this is not useful solution for us. Regards Sofia
Recent Blogs
- We are announcing the Public Preview of the Exchange Online Admin API.Nov 17, 2025
- We are not releasing any Exchange Server Security Updates for November 2025Nov 11, 2025
