Forum Widgets
Latest Discussions
Microsoft Exchange refers to an older certificate that no longer exists, ID 12023.
We have one Microsoft Exchange 2013 server. The Windows Application log periodically displays the ID 12023 entry, which states that Microsoft Exchange could not load the certificate with the thumbprint 3E8XXXXXXXXXXXXXXXXXXXXXXXXXXXX from the local computer's personal certificate store. This certificate was deleted because it expired, and a new self-signed Auth certificate was created. Now, when running the Get-AuthConfig | Format-List CurrentCertificateThumbprint, PreviousCertificateThumbprint, NextCertificateThumbprint command, only the current certificate is displayed. The Microsoft Exchange 2013 server is running. The question is, what should I do to remove the ID 12023 entry from the Windows Application log?
TEST-OAuthConnectivity | The remote server returned an error: (403) Forbidden
Hello Exchange Tech Community, I have setup a lab environment of Exchange Server 2016 in Hybrid Configuration. I can successfully onboard and offboard mailboxes. OnPrem Exchange Server is I have a Microsoft 365 Business Basic subscription for Exchange Online. Entra ID Sync is working seamlessly. Email flow between OnPrem and EXO and vice versa work perfectly. When I am testing OAuth functionality from OnPrem to EXO, I am getting this error highlighted in yellow Do I need assign any role to synchronized user in Entra ID ? Currently, they are just MEU in EXO. When OAuth is test from EXO to OnPrem, I am getting this error Please advise.
Exchange 2019 SMTP random delays of 1 minute when sending email
Hello, We recently moved from a 3 server Exchange 2016 DAG to a single Exchange 2019 server. We are in a hybrid set up, all mailboxes in Exchange Online, mainly using the on-prem Exchange Server for SMTP and user management. When we had the DAG, we also had a load balancer in the setup. We've since taken that out and changed all DNS to point to the IP of the new 2019 Exchange Server. Everything seems to be running fine except we have a lot of on-prem apps and printers that use SMTP to send email. We are facing an issue where most emails have a delay of 1 minute and a few seconds, which causes the page where a user submits the email to wait for a response and just sits there for that minute. In some instances, our SQL jobs see this as a failure and retry, but then we get duplicate emails for those task notifications. Sometimes it is working fine, I can send 10 emails from a printer in a row with no delay then the 11th has the delay. I've worked with Microsoft to check settings and logs and they are indicating it is related to a networking problem but the delay is on the server itself when I analyze the message header of a delayed message as seen in the image (blacked out hostname of Exchange server). Next step in the message analyzer is from our public IP to Exchange Online which has no delays. Any guidance would be appreciated.EWS Autodiscover Process in Hybrid with "internal" Exchange Servers
Hi everyone, i really need help about the EWS Autodiscover process in a specific hybrid Environment. Customer is starting to use Exchange Online. For Full Hybrid configuration there is a seperate new Exchange SE with a valid certificate, NAT for IP Ranges from M365 and public available URLs for Autodiscover,EWS,... There are internal Exchange Servers which are used only for internal access. Those are the servers with all mailboxes. All URLs are configured for internal use (mail.contoso.internal) Migration is working, access to own calender is working, mailfllow is working. But there are problems to access other users calender. If a user which is migrated to Exchange Online (or via Teams) try to access another calender which is onPrem, there is no access. So i tried to use connectivity analyzer for teams integration to find out whats the problem. Result: Autodiscover resolves, connects to Hybrid and gets EWS URL as answer. But it gets the internal EWS URL from the internal Exchange Servers, not from the public available URLs which are configured at the hybrid server. I visualised the two scenarios. Number1: Thats how i thought it would work Autodiscover to autodiscover.contoso.com Hybrid answers with EWS URL: hybrid.contoso.com Connect from EXO to hybrid EWS URL Proxy to Internal Exchange Number2 : Thats what really happens Autodiscover to autodiscover.contoso.com Hybrid relays request to internal Exchange (Mailbox Server) Server answers with internal EWS URL: mail.contoso.internal Connect from EXO to internal EWS URL (which is obviously not working) So as you can see, the autodiscover process asks the internal Exchange for its EWS URLs and not as i expected the hybrid server's URLs. I always thought, the hybrid server works as a sort of proxy for every external connection from EXO. But it seems that the hybrid just relays the autodiscover request to the server which holds the mailbox. And this servers in this scenario cannot change their EWS URLs to a public resolvable FQDN. So my question is: Is this correct? Does the process always works like this or did i do anything wrong in the configuration? I hope you understand my explanation. Thanks in advance!!!
Exchange Online Mailbox cannot see Unsynchronized On-Premises mailbox Free/Busy info and vice versa
Hello Everyone! I originally posted an issue on Microsoft Learn https://learn.microsoft.com/en-us/answers/questions/5651848/free-busy-not-viewable-from-on-premises-mailbox-to?comment=answer-12418292&page=1#comment-2404594 regarding Free/Busy issues with our On Premises Exchange Server which is running the latest version of Exchange SE and Exchange Online which is on our Microsoft 365 Tenant. At first, it would fail the Test-OAuthConnectivity, but that now seems to be fixed with renewing the OAuth Certificate and in addition, enabling the Dedicated Exchange Hybrid App as per https://learn.microsoft.com/en-us/exchange/hybrid-deployment/deploy-dedicated-hybrid-app . On initial deployment, we could not see Free/Busy between EXO and On-Prem Exchange but after 2 hours, it started working but only between On-Premises Synchronized to Microsoft 365 Mailboxes and EXO Mailboxes Our final problem is the viewing of Free/Busy information of On-Premises 'NON-Synchronized to Microsoft 365' mailboxes and EXO Mailboxes. Running the Free/Busy Troubleshooter on ExRCA just gives me a warning during the Determining where the target mailbox is hosted. Also using 'Test-OAuthConnectivity -Service EWS -TargetUri https://outlook.office365.com/EWS/Exchange.asmx -Mailbox<onpremnonsynchedmailbox>@domain.com -verbose | fl ' on our On-Prem EMS leads to the following error System.Net.WebException: The remote server returned an error: (500) Internal Server Error. at System.Net.HttpWebRequest.GetResponse() at Microsoft.Exchange.Monitoring.TestOAuthConnectivityHelper.SendExchangeOAuthRequest(ADUser user, String orgDomain, Uri targetUri, String& diagnosticMessage, Boolean appOnly, Boolean useCachedToken, Boolean reloadConfig) ResultType : Error Identity : Microsoft.Exchange.Security.OAuth.ValidationResultNodeId IsValid : True ObjectState : New Please advise on how we can fix this error.Removing Retention Holds from Exchange Mailboxes
A new Exchange Online feature allows administrators to remove multiple types of holds from mailboxes (usually inactive mailboxes). It’s a great way to release holds that might be keeping inactive mailboxes lingering in a tenant. The feature doesn’t remove holds used to retain items required for eDiscovery or other compliance purposes. Even so, this is definitely a feature that needs to be carefully tested. https://office365itpros.com/2025/12/18/remove-retention-holds/Older Versions of Exchange ActiveSync Clients Get the Bullet
Exchange Online will require email clients to use Exchange ActiveSync (EAS) V16.1 to connect from March 1, 2026. Email clients that use older versions of EAS won’t be able to synchronize with Exchange Online to upload outbound messages or download messages, attachments, and calendar items. There should be relatively few clients using an old version of EAS, but it’s wise to check. https://office365itpros.com/2025/12/16/exchange-activesync-161/
o365 public folder migration
Hi All, I have began a migration from on-prem exchange 2010 to o365 using minimal hybrid method I need to consider how i'm going to migrate public folders. I refer to two MS docs links below The first article suggests this method should be used when using a cutover or staged method https://docs.microsoft.com/en-us/exchange/collaboration-exo/public-folders/batch-migration-of-legacy-public-folders The second article references a hybrid setup but fails to mention if this includes the minimal hybrid option https://docs.microsoft.com/en-us/exchange/collaboration-exo/public-folders/set-up-legacy-hybrid-public-folders Can anyone clarify? Kind regards
