Forum Widgets
Latest Discussions
Cannot connect to an on prem 2019 Exchange mailbox
Hi, I am having all weird issues trying to get my home laptop to configure an Outlook (M365 apps) account to connect to our work on prem Exchange. It times out as if it can't talk to the Exchange server. I created a new computer profile then tried, it actually worked, I could see my mailbox, send and receive email. Later I deleted the profile, tried again in the same local computer profile, it failed with the same behavior as above. When I do an 'nslookup austodiscover.mydomain.com.au' it resolves correctly to WAN IP where our server is located behind. Other people have no issue connecting externally, so there's nothing wrong with the firewall or server communicating with external Outlook clients. My work computer connects fine on the LAN. I brought my home laptop into the LAN, it still doesn't work. DNS issue right? Well, as mentioned, the autodiscover nslookup works and I don't have any other weird DNS related issues. There's just something really flaky going on with my computer.Sky8BlueFeb 11, 2025Copper Contributor38Views0likes4CommentsUser is unable to login to Mailbox
Hello experts, We are in Hybrid environment and one of the user which was recently re-enabled an AD account as the user is returned back to us, is unable to login to mailbox Steps we done Re-enabled the AD account and moved it to syncing OU and added license to enable mailbox I checked the recipient details in both on-prem and online On-prem results RecipientType : MailUser RecipientTypeDetails : RemoteUserMailbox Online results RecipientType : UserMailbox RecipientTypeDetails : UserMailbox What is the part that is missing here.Mani333Feb 10, 2025Copper Contributor113Views0likes9CommentsTwo Exchange servers in one domain
Hello everybody, I want ask you, because I can’t find how “Exchange magic” works. I have two seperate Exchange DAG clusters in one domain, with different DNS records and different Virtual Directories URLs. Servers are on two physically diferent locations, but we create a direct connection between two locations for migration mailboxes in near future. We notice sometimes clients from old enviroment can connect through new enviroment and access to mailboxes on old servers. How is it possible? What communication ongoing between old and new Exchange enviroments? Can somebody explain me specifically? Thank you very much for answer to this mystery.sie65Feb 10, 2025Copper Contributor25Views0likes2CommentsSMTP Issue - Exchange 2019
Hi All, I have an hybrid exchange environment (365 + 2019), and the onprem server is used for smtp relay only. An internal app uses this relay and send email as "email address removed for privacy reasons", and all works well except by an specific message-subject. This application can send all the emails with any subject, but if the subject is "Purchace Order to be approved" the relay fails. Checking logs, I could see that when the message has this mentioned subject then the field "sender-address" is always empty (return-path is ok). And, of course, SPF/DKIM fails and message is quarantined. All other message subjects contain the address in "sender-address". This could be an issue with my application or something related to smtp config? Source for fields analyzing: https://learn.microsoft.com/pt-br/exchange/mail-flow/transport-logs/message-tracking?view=exchserver-2019 Thanks and happy new year to all of you.123Views0likes3CommentsRemoving Exchange on-prem
Hi, We have inherited several sites where hybrid Exchange migrations were executed. Mailboxes have moved to M365 etc, but there is still an on-prem Exchange 2016 Server and ADSync is still in use. We want to get rid of these Exchange Servers as this post hybrid migration setup is a mess (and problematic) to manage. Would much rather be fully M365. But even according to Microsoft, this is not really possible? https://learn.microsoft.com/en-us/exchange/decommission-on-premises-exchange Anyone got guidance on how to safely decommission on prem exchange (and ADSync ultimately)? Thanksdbrenserv2024Feb 10, 2025Copper Contributor27Views0likes2Comments"NeedsApproval"
Hi All, So I have been migrating mailboxes from onprem to O365 in the hybrid config with no issues. Today I have two migration batch jobs that state "NeedsApproval", but everything migrated. Kind of confused as i don't see a way to "approve" the jobs and I don't see any issues. Any ideas?LED04Feb 10, 2025Copper Contributor180KViews1like14CommentsOn premise 2016 to exchange online
Hi all, i have a hosted exchange 2016 with 22 tenanats that I need to migrate. I don't want to install AAD connect or hybrid. Is there a way to do it manually by importing a CSV file? Or do a cutover with selective mailboxes?input04Feb 10, 2025Copper Contributor27Views0likes2CommentsIncorrect processing of messages with multiple DKIM signatures?
Hello, I've been noticing strange behavior on our Exchange online where legitimately spoofed incoming messages that are double signed (Usually one unaligned DKIM signature for the sending infrastructure and one aligned for the RFC5322.From domain) are being falsely rejected by DMARC because exchange is using the unaligned signature for it's DMARC test. This is not limited to a specific From or MailFrom domain, I can find examples of this every day (large tenant, many subcompanies on one environment) and looks to me like a flaw in Exchange's implementation of the DMARC standard... According to the DMARC spec, this shouldn't be a problem: Note that a single email can contain multiple DKIM signatures, and it is considered to be a DMARC "pass" if any DKIM signature is aligned and verifies. (Source: RFC7489, Section 3.1.1) Kind regards, JordyJordy_SwiggersFeb 09, 2025Copper Contributor1.8KViews6likes9CommentsHow to clear the Discovery Holds folder
To find whether this discovery holds folder is completely full, use the below-mentioned command. Step 1: Connect-ExchangeOnline and then, Step 2: Get-MailboxFolderStatistics -Identity user | select name,foldersize Note: This DiscoveryHolds folder is having a limit of 100 GB. If it is full, we will get issues like "Unable to clear deleted items folder", "deleted items are getting auto-restored" etc., One of the reasons for this folder is full: If Organization Hold is turned on(All Exchange mailboxes are selected in Compliance Retention Policy) or the Individual ID is selected on Compliance Retention Policy. Solution: Please try the below-mentioned steps to overcome this issue. Step 1: Exclude the DiscoveryHolds full ID in the Compliance Retention policy or run the below-mentioned commands in PowerShell. Connect-IPPSSession and then, Set-RetentionCompliancePolicy -Identity "Compliance Retention Policy Name" -AddExchangeLocationException user for multiple users, Set-RetentionCompliancePolicy -Identity "Compliance Retention Policy Name" -AddExchangeLocationException user1, user2, user3 Now on PowerShell, Connect-ExchangeOnline and then, Set-Mailbox -Identity user -RetainDeletedItemsFor 0 and then run the below-mentioned command two times. Start-Managedfolderassistant -Identity user Start-Managedfolderassistant -Identity user After 2-3 minutes, run the below-mentioned commands. Get-Mailbox "user" | FL DelayHoldApplied,DelayReleaseHoldApplied If the output is received as true for any above-mentioned holds, then run the below-mentioned commands. Set-Mailbox user -RemoveDelayHoldApplied Set-Mailbox user -RemoveDelayReleaseHoldApplied and then run the below-mentioned command two times. Start-Managedfolderassistant -Identity user Start-Managedfolderassistant -Identity user After 2-3 minutes, this DiscoveryHolds folder will become zero as per the below-mentioned screenshot. This process helped me a lot. If you have any doubts/concerns/suggestions about this post, please comment below. Best Regards, Venkat Kiran Kona.Solved39KViews6likes9CommentsLimit unauthenticated mail
The standard configuration in Exchange is that anyone internally can connect to telnet and send unauthenticated e-mail to anyone inside the organization. We want to limit this so that only those applications that need to send unauthenticated mail are allowed to do this. We have Exchange 2016 hybrid and the mail flow is routed via Exchange online. The local Exchange server is only used for administration and relay. With that setup, can we just remove 'anonymous authentication' from the 'Default Frontend' connector and add a connector with the ip addresses of the applications that will be allowed to send? Or will it break the mail flow? Anyone have any tips on how to achieve this? I could create a connector that contains the IP-ranges of our empoyee networks, but that seems a bit backwards.SolvedGlyFeb 06, 2025Brass Contributor47Views0likes4Comments
Resources
Tags
- exchange online2,433 Topics
- Exchange Server2,222 Topics
- office 3651,193 Topics
- hybrid829 Topics
- 2016728 Topics
- outlook720 Topics
- admin648 Topics
- 2013275 Topics
- 2010159 Topics
- 201972 Topics