Forum Widgets
Latest Discussions
Cannot connect to an on prem 2019 Exchange mailbox
Hi, I am having all weird issues trying to get my home laptop to configure an Outlook (M365 apps) account to connect to our work on prem Exchange. It times out as if it can't talk to the Exchange server. I created a new computer profile then tried, it actually worked, I could see my mailbox, send and receive email. Later I deleted the profile, tried again in the same local computer profile, it failed with the same behavior as above. When I do an 'nslookup austodiscover.mydomain.com.au' it resolves correctly to WAN IP where our server is located behind. Other people have no issue connecting externally, so there's nothing wrong with the firewall or server communicating with external Outlook clients. My work computer connects fine on the LAN. I brought my home laptop into the LAN, it still doesn't work. DNS issue right? Well, as mentioned, the autodiscover nslookup works and I don't have any other weird DNS related issues. There's just something really flaky going on with my computer.Sky8BlueFeb 09, 2025Occasional Reader17Views0likes1CommentUser is unable to login to Mailbox
Hello experts, We are in Hybrid environment and one of the user which was recently re-enabled an AD account as the user is returned back to us, is unable to login to mailbox Steps we done Re-enabled the AD account and moved it to syncing OU and added license to enable mailbox I checked the recipient details in both on-prem and online On-prem results RecipientType : MailUser RecipientTypeDetails : RemoteUserMailbox Online results RecipientType : UserMailbox RecipientTypeDetails : UserMailbox What is the part that is missing here.Mani333Feb 08, 2025Copper Contributor94Views0likes6CommentsRemoving Exchange on-prem
Hi, We have inherited several sites where hybrid Exchange migrations were executed. Mailboxes have moved to M365 etc, but there is still an on-prem Exchange 2016 Server and ADSync is still in use. We want to get rid of these Exchange Servers as this post hybrid migration setup is a mess (and problematic) to manage. Would much rather be fully M365. But even according to Microsoft, this is not really possible? https://learn.microsoft.com/en-us/exchange/decommission-on-premises-exchange Anyone got guidance on how to safely decommission on prem exchange (and ADSync ultimately)? Thanksdbrenserv2024Feb 08, 2025Copper Contributor12Views0likes1CommentTwo Exchange servers in one domain
Hello everybody, I want ask you, because I can’t find how “Exchange magic” works. I have two seperate Exchange DAG clusters in one domain, with different DNS records and different Virtual Directories URLs. Servers are on two physically diferent locations, but we create a direct connection between two locations for migration mailboxes in near future. We notice sometimes clients from old enviroment can connect through new enviroment and access to mailboxes on old servers. How is it possible? What communication ongoing between old and new Exchange enviroments? Can somebody explain me specifically? Thank you very much for answer to this mystery.sie65Feb 08, 2025Occasional Reader13Views0likes1CommentIncorrect processing of messages with multiple DKIM signatures?
Hello, I've been noticing strange behavior on our Exchange online where legitimately spoofed incoming messages that are double signed (Usually one unaligned DKIM signature for the sending infrastructure and one aligned for the RFC5322.From domain) are being falsely rejected by DMARC because exchange is using the unaligned signature for it's DMARC test. This is not limited to a specific From or MailFrom domain, I can find examples of this every day (large tenant, many subcompanies on one environment) and looks to me like a flaw in Exchange's implementation of the DMARC standard... According to the DMARC spec, this shouldn't be a problem: Note that a single email can contain multiple DKIM signatures, and it is considered to be a DMARC "pass" if any DKIM signature is aligned and verifies. (Source: RFC7489, Section 3.1.1) Kind regards, JordyJordy_SwiggersFeb 08, 2025Copper Contributor1.8KViews6likes8CommentsHow to clear the Discovery Holds folder
To find whether this discovery holds folder is completely full, use the below-mentioned command. Step 1: Connect-ExchangeOnline and then, Step 2: Get-MailboxFolderStatistics -Identity user | select name,foldersize Note: This DiscoveryHolds folder is having a limit of 100 GB. If it is full, we will get issues like "Unable to clear deleted items folder", "deleted items are getting auto-restored" etc., One of the reasons for this folder is full: If Organization Hold is turned on(All Exchange mailboxes are selected in Compliance Retention Policy) or the Individual ID is selected on Compliance Retention Policy. Solution: Please try the below-mentioned steps to overcome this issue. Step 1: Exclude the DiscoveryHolds full ID in the Compliance Retention policy or run the below-mentioned commands in PowerShell. Connect-IPPSSession and then, Set-RetentionCompliancePolicy -Identity "Compliance Retention Policy Name" -AddExchangeLocationException user for multiple users, Set-RetentionCompliancePolicy -Identity "Compliance Retention Policy Name" -AddExchangeLocationException user1, user2, user3 Now on PowerShell, Connect-ExchangeOnline and then, Set-Mailbox -Identity user -RetainDeletedItemsFor 0 and then run the below-mentioned command two times. Start-Managedfolderassistant -Identity user Start-Managedfolderassistant -Identity user After 2-3 minutes, run the below-mentioned commands. Get-Mailbox "user" | FL DelayHoldApplied,DelayReleaseHoldApplied If the output is received as true for any above-mentioned holds, then run the below-mentioned commands. Set-Mailbox user -RemoveDelayHoldApplied Set-Mailbox user -RemoveDelayReleaseHoldApplied and then run the below-mentioned command two times. Start-Managedfolderassistant -Identity user Start-Managedfolderassistant -Identity user After 2-3 minutes, this DiscoveryHolds folder will become zero as per the below-mentioned screenshot. This process helped me a lot. If you have any doubts/concerns/suggestions about this post, please comment below. Best Regards, Venkat Kiran Kona.Solved39KViews6likes9CommentsLimit unauthenticated mail
The standard configuration in Exchange is that anyone internally can connect to telnet and send unauthenticated e-mail to anyone inside the organization. We want to limit this so that only those applications that need to send unauthenticated mail are allowed to do this. We have Exchange 2016 hybrid and the mail flow is routed via Exchange online. The local Exchange server is only used for administration and relay. With that setup, can we just remove 'anonymous authentication' from the 'Default Frontend' connector and add a connector with the ip addresses of the applications that will be allowed to send? Or will it break the mail flow? Anyone have any tips on how to achieve this? I could create a connector that contains the IP-ranges of our empoyee networks, but that seems a bit backwards.SolvedGlyFeb 06, 2025Brass Contributor43Views0likes4CommentsFew questions about Exchange Online PowerShell module
Hey all, Got few questions regarding Exchange Online PowerShell module. It all started with me trying to run Get-mailbox <mailbox> -MessageCopyForSendOnBehalfEnabled $True The problem is I've configured FIDO2 key for my admin account yesterday and was very astonished I was not able to connect with error: "You are required to sign-in with your passkey to access this resource, but this app doesn't support it..." The app name in the error is "Microsoft Exchange REST API Based Powershell". My question is as I've dag a little bit in the Internet - is it even possible to log in to Exchange PowerShell using FIDO key? Second is question is, is there a way to set up this setting using graph API module? I was searching but was not able to find. And final question, my colleague told me that Exchange Online PS module is going to be decom this year - does anyone has any news on this? Might be too much questions in one post however all are connected and I felt it would be ok to put all this in one place. Appreciate your help on this, Pawel JaroszPawel JaroszFeb 05, 2025Copper Contributor27Views0likes1CommentHow do you make a Shared Mailbox the default Send From account? (New Outlook)
I'm using Outlook for Windows version 1.2025.109.100 (on behalf of another user). I'm reading some suggestions online that say you need to add the account to Outlook first before making it the default Send From. I'm also looking at the Help section in Outlook that directs you to change this in the Compose and Reply settings. However, it's not possible to sign into a mailbox that isn't a user. I thought you used to be able to 'sign into' a shared mailbox using your own account but that is not the case now (perhaps it never was?). What it seems like is that we instead need to convert "Accounting" to a User account, give it a license, then sign into it in Outlook. That's not a Shared Mailbox - that's a user mailbox. I don't want to create a point of weakness for a potential cyber-attack (which we've had several). I can't really set up MFA for this account that no one can maintain. And I really don't want to have to spend money on a license to do something just because one piece of software is incompatible. Having to repeatedly instruct people and then repeatedly remind them to change their FROM account is just bonkers. On Outlook for Mac, as long as you're in the Shared Mailbox, the default FROM is that mailbox. (but, don't get me started on how much better the Mac version of Outlook is than the Windows version - see: All Accounts)Anthony-123Feb 05, 2025Iron Contributor184Views0likes2Comments
Resources
Tags
- exchange online2,432 Topics
- Exchange Server2,221 Topics
- office 3651,192 Topics
- hybrid829 Topics
- 2016727 Topics
- outlook720 Topics
- admin648 Topics
- 2013275 Topics
- 2010159 Topics
- 201972 Topics