Recent Discussions
Checking the Effectiveness of a Transport Rule to Block Spammy Email
Some weeks ago, I wrote about using a transport rule to suppress spammy email by sending the messages to the quarantine. But what’s the best way to check the rule’s effect? One method is to use the transport rule report PowerShell cmdlet to check for the actions you expect the rule to perform. Once information is found, it’s a matter of slicing and dicing the data. https://office365itpros.com/2025/11/26/transport-rule-effectiveness/Could any one explain Exchange Server SE Licensing Model?
I have the following M365 licenses in my education tenant: Microsoft 365 A5 without Audio Conferencing (Student Use Benefit) As per my understanding, each user requires an A3/A5 license to access their mailbox on an Exchange Server (Exchange SE). Since A3/A5 licenses already include Exchange Online, do we still need to assign these licenses to each on-premises user, or is this only for compliance purposes? For example, if we have 100 on-premises users, must all 100 users be assigned A3/A5 licenses in Microsoft 365? Reference articles are below. Microsoft Product Terms Please correct me if I am wrong.
OL client in-app link for getting OL for iOS or Android not working
Hello! Redirected to this forum from here: https://learn.microsoft.com/en-us/answers/questions/5617563/ol-desktop-link-broken-file-get-ol-app-for-ios-and See error description and attempt to solve it by following the link. For some reason, Windows clients in our organization can not follow the Outlook desktop client in-app link for getting Outlook for iOS or Android. (hybrid, no mailboxes in MS-cloud, only on prem) The link for getting the Outlook app for iOS and Android under File when logged into Outlook app does not seem to work. Clicking on it seems to send user to the URL: go.microsoft.com/fwlink/?LinkId=2112779 but quickly redirects and ends up with https://w2.outlook.com/l/mobile?WT.mc_id=Backstage**Win32**All**Hyperlink** https://learn-attachment.microsoft.com/api/attachments/cb7d456f-ac6e-4566-a4ef-ffa912500423?platform=QnAhttps://learn-attachment.microsoft.com/api/attachments/cb7d456f-ac6e-4566-a4ef-ffa912500423?platform=QnA We haven't been able to figure out why, but since the same two different accounts mentioned in the thread above works on a private device on a private home network, is seems like something in our environment is the cause.
Exchange SE product key Clarity
Hi All, After installing the Exchange SE server, the following parameters appeared when I ran the command. Can we leave these statuses as they are until Microsoft provides the new CU and product key ? Please confirm Get-ExchangeServer -Identity newse | fl fqdn,product*,*edition* Fqdn : NewSE.test.local ProductID : Edition : StandardEvaluation IsExchangeTrialEdition : True IsExpiredExchangeTrialEdition : FalseFederation Trust Gateway broken - OrgCertificate cannot be uploaded
Hey guys, last week we have done Windows Server updates and this broke some stuff. Some certificates have been unbound and so on. Until then the full classic hybrid worked quite good in our Exchange Server 2016 CU23 environment. We are just in the process of upgrading/migrating. But after this point of time the On-Premises users stopped being able to see the calendars of the cloud users, other way around still worked. So we started trying to fix the hybrid deployment with several runs of the HCW (which is always fine) and rebuilding the organizational relationship and the trust federation gateway. This was quite exhausting, as we updated a bunch of domains in global DNS several times. Currently, neither direction is functioning. Now it looks like the Federation Trust Gateway is in an inconsistent state. When I try... Set-FederationTrust -Identity "Microsoft Federation Gateway" -PublishFederationCertificate then I get the message, that the rollover certificate (OrgNextPrivCertificate) is not set and that I only can publish, when this is done. When I try to define a rollover certificate, then I get the message, that the rollover certificate cannot be set until the OrgCertificate has been published. So, we have a chicken-and-egg situation here. Thanks for any help.
Update Dynamic Distribution List
we are a hybrid environment, running exchange 2019 and have a few DDLs which have been around from previous exchange versions. One of the DDLs i need to modify is the below. Its hard to read and i am trying to work out where i add the extra fields i want to include. I am looking to add another custom attribute and possibly include members of a security group. Is there anyway to make this easier to read so i know where to add things? Any other tips? ((((((((((((((((((((((((((Company -eq 'Contoso') -and (CustomAttribute4 -eq 'City'))) -and (((((CustomAttribute7 -eq 'Group') -or (CustomAttribute7 -eq 'Contractor'))) -or (CustomAttribute7 -eq 'Permanent'))))) -and (((RecipientType -eq 'UserMailbox') -or (((RecipientType -eq 'MailUser') -and (CustomAttribute12 -ne 'Excluded'))))))) -and (-not(Name -like 'SystemMailbox{*')))) -and (-not(Name -like 'CAS_{*')))) -and (-not(RecipientTypeDetailsValue -eq 'MailboxPlan')))) -and (-not(RecipientTypeDetailsValue -eq 'DiscoveryMailbox')))) -and (-not(RecipientTypeDetailsValue -eq 'PublicFolderMailbox')))) -and (-not(RecipientTypeDetailsValue -eq 'ArbitrationMailbox')))) -and (-not(RecipientTypeDetailsValue -eq 'AuditLogMailbox')))) -and (-not(RecipientTypeDetailsValue -eq 'AuxAuditLogMailbox')))) -and (-not(RecipientTypeDetailsValue -eq 'SupervisoryReviewPolicyMailbox')))) -and (-not(Name -like 'SystemMailbox{*')) -and (-not(Name -like 'CAS_{*')) -and (-not(RecipientTypeDetailsValue -eq 'MailboxPlan')) -and (-not(RecipientTypeDetailsValue -eq 'DiscoveryMailbox')) -and (-not(RecipientTypeDetailsValue -eq 'PublicFolderMailbox')) -and (-not(RecipientTypeDetailsValue -eq 'ArbitrationMailbox')) -and (-not(RecipientTypeDetailsValue -eq 'AuditLogMailbox')) -and (-not(RecipientTypeDetailsValue -eq 'AuxAuditLogMailbox')) -and (-not(RecipientTypeDetailsValue -eq 'SupervisoryReviewPolicyMailbox')))
M365 Exchange - delete Calendar entries
Maybe a simple question, but struggle to find a way to do it I have a 365 admin account for our m365 tenent and running exchange online. A user has left and people struggle to cancel some meetings the person who has left has invited for. I hoped that I just could run some powershell script that silently would cancel all meetings that person has made. But struggle to find a way Anyone has some input on how to do this ? - and as mention I have exchange admin rights.
Exchange 2019 AvailableNewMailboxSpace
Hello! Colleagues, have you encountered a situation where Exchange 2019 does not provide accurate information about the amount of free space in databases (AvailableNewMailboxSpace) via EMS? Using this command: Get-MailboxDatabase -Status | Sort-Object Name | Select-Object Name,@{Name=‘DB Size (GB)’; Expression={[math]::Round($_.DatabaseSize.ToGb(),2)}},@{Name=‘Free Space (GB)’;Expression={[math]::Round($_.AvailableNewMailboxSpace.ToGb(),2)}} | Format-Table -AutoSize Exchange 2016 displays the information correctly, but 2019 does not display it correctly in gigabytes or the numbers are unclear. Do you know of another way? Thank you!
Exchange 2016 with Hybrid Configuration
We have Exchange Server 2016 configured in a hybrid environment. We encountered an error when one of our administrators attempted to install a cumulative update that was the same version as the one already installed. After that, we were unable to access OWA, ECP, or the Exchange Management Shell. Exchange Server 2016 CU23 (2022H1) 15.1.2507.6
Stop ASP.NET SMTP Emails from Appearing in Office 365 Sent Items Without Affecting Manual Sends
We are sending Emails to our clients through an ASP.NET application using the SMTP protocol and using an O365 Account (email address removed for privacy reasons). The problem is that every time a mail (reset password, otp, campaigns, etc) is sent from asp.net application, a copy of that mail is created in the "Sent Items" of the Support mailbox. This is not needed and it is quickly filling our Support mailbox. How to stop this? Is there any setting in the Exchange Server? Please note that the Support mailbox is also used by our company support representative to send resolutions to customers using O365 Outlook Web Access. The mails send by the representative are very much needed in the sent items. It's only the ASP.NET-sent mails that we want to prevent in the "Sent Items".
What to do? SE or Decommission
I’ll start by outlining our current environment for context: Two standalone Exchange Server 2016 VMs. Primarily used for recipient management in a hybrid setup. Also functions as an anonymous relay for two LOB applications — one of which requires the mail service to reside on the same network as the application (as per vendor requirement). We have not opted for Extended Support (ESU) and installed the latest available Security Update last week. Management has been presented with the following options to move forward: 1) Perform a legacy upgrade — build two new servers and migrate from Exchange 2016 to Subscription Edition (SE). 2) Migrate LOB applications to another SMTP service — this would allow continued use of Exchange Management Shell for recipient management (by setting up a new server, preparing the schema for SE, and following Microsoft’s decommissioning process). 3) Migrate both LOB applications to another SMTP service and management to alternative platforms such as Easy365 or ManageEngine, removing the dependency on Exchange entirely. This post is mainly to gather some insights and general discussion around the best path forward. From a risk management perspective, since we’re effectively sitting on a time bomb without further Microsoft updates, I’m leaning toward option 2, especially given that all mailboxes have long been migrated to Exchange Online. What should I be watching out for with this approach? It seems many have taken a similar path — I’d appreciate hearing about any challenges or pitfalls you encountered and how you mitigated them during implementation.Finding Unused Proxy Addresses for Exchange Online Mail-Enabled Objects
A request came in about how to find unused proxy addresses for Exchange Online mail-enabled objects. There's no out-of-the-box report available for proxy address usage, but we can solve the problem by using a PowerShell script to download historical message trace data to check every proxy address for all mailboxes against. The question then is what to do with the unused proxy addresses? https://practical365.com/find-unused-proxy-addresses/Exchnage 2019 on prem EMS not working. Recreating Exchange Virtual Directories failed
I have two exchange 2019 on prem in DAG. Recently EMS (Exchange management shell) on both servers stop working and I tried to delete and recreate on MAIL2 but unsuccessful. Basically it return error that The AD configuration for virtual directory 'Powershell' already exists I tried to delete first with Remove-PowerShellVirtualDirectory I tried clean up IIS and AD but still getting this error, even that in ADSI edit I delete all powershell objects for MAIL2 Exchange Health Checker: beside that server is in maintenance mode, nothing interesting. just the last line: Default Web Site/PowerShell has authentication set, which is unsupported. Error form PowerShell: New-PowershellVirtualDirectory : The AD configuration for virtual directory 'Powershell' already exists in 'CN=Powershell (Exchange Back End),CN=HTTP,CN=Protocols,CN=MAIL2,CN=Servers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=Company Organization,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=rcompany,DC=local', please remove this AD configuration manually. Parameter name: VirtualDirectoryName At line:1 char:1 New-PowershellVirtualDirectory -Name "Powershell" -Role "Mailbox" -Re ... CategoryInfo : InvalidArgument: (MAIL2\Powershell (Exchange Back End):ADObjectId) [New-PowerShellVirtualDirectory], ArgumentException FullyQualifiedErrorId : [Server=MAIL2,RequestId=2bb82483-c56a-4e4f-8d08-c81691b34bd1,TimeStamp=11/4/2025 2:31:50 PM] [FailureCategory=Cmdlet-ArgumentException] B318F342,Microsoft.Exchange.Management.SystemConfiguratExchange Server 2019 to Subscription Edition (SE) Licensing and Migration Guidance
1. Current Infrastructure Setup Component Detail Notes Product Microsoft Exchange Server 2019 Enterprise Edition Servers 3 Virtual Servers (VMware) Configured in a Database Availability Group (DAG) Version Cumulative Update (CU) 15 Licenses Server License and 1100 CALs (Standard/Enterprise) Purchased in 2019 without Software Assurance (SA). 2. Core Licensing and Compliance Queries We require definitive guidance on the following compliance and purchase requirements: Software Assurance (SA) Requirement: Is Software Assurance mandatory for our existing Exchange Server 2019 setup for ongoing compliance and full support? Please advise on the status of our current setup without SA. Standalone SA Purchase: As our Exchange Server licenses/CALs were purchased in 2019 without SA, is it possible for us to purchase standalone Software Assurance for our existing Exchange Server 2019 licenses now, or must we purchase a completely new license with SA? Client Access License (CAL) Migration: Will our existing Exchange Server 2019 Standard/Enterprise CALs be compatible and automatically migrate to the Subscription Edition (SE) requirement, or must we purchase new CALs specifically for Exchange Server SE? Please clarify if the old CALs will become obsolete. 3. Recommended Migration Path (Budgeting Focus) Based on the licensing realities, we need advice on the most financially responsible path to move to Exchange Server SE. Please guide us on which of the following scenarios is recommended: Option A: Purchase Software Assurance for our existing Exchange Server 2019 infrastructure, and then migrate to SE, utilizing the same 2019 CALs (if permissible). Option B: Forego purchasing SA for the 2019 environment and directly purchase new Exchange Server Subscription Edition (SE) licenses and corresponding new CALs (if necessary). We look forward to your detailed guidance to ensure full compliance and a smooth transition to Exchange Server SE. Thank you, Narayan Das Senior System AdministratorHelp~After installing Exchange 2019, mail is stuck in Draft in OWA
Hi all I dont undertand this symptom. Now I installed one new DC, one new Exchange 2019(CU13) in active directory domain. and I just set recieve connector(check anonymous user in Default Exchange) and created send connector and I sent mail to my own mailbox(administrator), and I also sent mail to other mailboxes, but I only have stuck Draft folder in OWA. before install Exchange 2019 CU13, I installed Exchange 2029 CU15 but it was same symptom so after removing Exchange 2019 CU15, I reinstalled Exchange CU 13. but it was same. DC and Exchange OS are Windows Server 2022 Standard on Dell H/W. ipv4 192.168.10.202 subnet 255.255.255.0 GW 192.168.10.1 Dns1 192.168.10.201(DC) It's the same as the link below, but there's nothing solved. T.T https://www.reddit.com/r/exchangeserver/comments/1daxga2/exchange_server_2019_emails_get_stuck_in_drafts/#:~:text=Here's%20some%20information%20about%20emails%20getting%20stuck,lots%20of%20space%20may%20not%20always%20work. If anyone knows how to solve this problem, please help meUse PowerShell to Analyze Junk Email and Intercept Traffic from Spammy Domains
Despite the best efforts of anti-spam solutions, some unwanted messages usually get through to user inboxes. This article explains how to analyze messages that end up in Junk Email and use the results to create a transport rule to block future traffic from the spammy domains. https://practical365.com/analyze-junk-email-block-spammy-domains/
Recent Blogs
- We are announcing the Public Preview of the Exchange Online Admin API.Nov 17, 2025
- We are not releasing any Exchange Server Security Updates for November 2025Nov 11, 2025
