Exchange | Microsoft Community Hub

Forum Widgets

Latest Discussions

Applying On-Prem EAP with New-Remote Mailbox
BACKGROUND: my org is in a hybrid AD/Exchange environment, and will remain so for some time. All mailboxes, other than a very small number with on-prem dependencies, were migrated to M365 a few years ago; we will continue to have 1-2 Exchange Servers on-premises for both management and some legacy on-prem processes. All user accounts are created on-premises, and synchronized to M365 through Entra Connect Sync. Our on-prem EAP has the exact address syntaxes that we need [applies to "Users with Exchange mailboxes" + "Resource mailboxes" + "Mail-enabled groups"]. I haven't found a clear answer to the question: with an Exchange 2019 (and soon SE) server on-premises - with users initially created on-premises - is there a way to provision new EXO mailboxes [using the 'new-remotemailbox' cmdlet], such that the on-prem EAP applies during creation? I've been working with these two references, but so far haven't found a way to make the "new-remotemailbox..." cmdlet work to (a) create a new account on-premises and (b) ultimately have an EXO mailbox provisioned with the on-prem EAP addresses in place: On provisioning mailboxes in Exchange Online when in Hybrid | Microsoft Community Hub https://learn.microsoft.com/en-us/powershell/module/exchangepowershell/new-remotemailbox?view=exchange-ps Any thoughts or suggestions would be welcomed! (OR - perhaps it just can't be done?)
SW-SoCo2
Brass Contributor
Sep 04, 2025
2016
admin
exchange online
Exchange Server
hybrid
19Views
0likes
0Comments
How to perform Windows Update for Exchange 2016 DAG Cluster
Hello, I need to install windows server security update on Exchange 2016 DAG which require reboot the server. I will install the updates on the first server Tuesday, and the seconde server on Wednesday. I'm wondering if installing patches on separated days may impact Exchange services, also i need to know the steps to follow before restart each server after installing the patch.
MasPAN74
Brass Contributor
Sep 03, 2025
2016
24Views
0likes
1Comment
Use PowerShell to Send Messages from Shared Mailboxes, Groups, and Distribution Lists
Everyone probably knows how to use Exchange's Send As and Send on Behalf of permissions to send email from user mailboxes. Here we venture into the same task, but for Microsoft 365 Groups, shared mailboxes, distribution lists, and mail-enabled security groups. Once your permissions are aligned, everything is pretty simple. https://practical365.com/sendas-send-on-behalf-of-mail-objects/
TonyRedmond
MVP
Sep 03, 2025
distribution lists
exchange online
Group Mailboxes
SendAs
26Views
0likes
0Comments
Authentication issues after upgrading to 2019/CU15
After upgrading to Exchange Server 2019 CU15, we started having many authentication issues. They appear in many forms. Executing a get powershell command on any virtual directory will fail for the remote system (I currently have 2 servers configured). It will log in the event viewer a DCOM 10028 error: DCOM was unable to communicate with the computer (other system FQDN name) using any of the configured protocols; requested by PID 570 (c:\windows\system32\inetsrv\w3wp.exe), while activating CLSID {2B72133B-3F5B-4602-8952-803546CE3344}. It is intermittent in nature. At first, I thought executing the Reset-ComputerMachinePassword would solve the issue, but it does not always work. We have one Windows 2025 DC in our infrastructure as we have seen some domain trust issues that have been a result of the 2025 DC. Microsoft recommends running this for those client systems. But those systems usually had an event logged in the DC indicating the need for resetting this password. This is not appearing for the Exchange servers. When the get command fails, other issues such as Outlook clients not authenticating occur as well. The Outlook clients continuously prompt for credentials without accepting them, even though correct values have been entered. However, when the get command succeeds, so does Outlook. Anyone experiencing this as well?
simdoc
Copper Contributor
Sep 03, 2025
Exchange Server
outlook
2.4KViews
0likes
5Comments
Request for Official Cleanup Script to Retire Exchange 2016 After Migrating to Exchange SE
Subject: Request for Official Cleanup Script to Retire Exchange 2016 After Migrating to Exchange SE Hi Exchange Team, I've successfully migrated mail flow and management to Exchange Server Subscription Edition (SE) and am now preparing to retire our legacy Exchange 2016 server (EXCHANGE2016). I’ve followed the documented steps from the Decommissioning Exchange Server 2016 blog post, but I recall that a script—Cleanup-ExchangeLegacyServer.ps1—was referenced or released separately to automate the final cleanup. I’m unable to locate the actual script and would appreciate guidance on where to find it. Here’s a summary of what I’ve completed so far: Steps Completed Mail Flow Migration Reconfigured send connectors: Set-SendConnector "Outbound to Office 365" -SourceTransportServers @("EXCHANGESE") Verified SmartHost routing and TLS settings. Receive Connector Cleanup Disabled all receive connectors on EXCHANGE2016: Get-ReceiveConnector -Server EXCHANGE2016 | Disable-ReceiveConnector Mailbox Migration Moved all user, arbitration, audit log, and monitoring mailboxes: Get-Mailbox -Server EXCHANGE2016 Get-Mailbox -Server EXCHANGE2016 -Arbitration Get-Mailbox -Server EXCHANGE2016 -AuditLog Get-Mailbox -Server EXCHANGE2016 -Monitoring Queue Validation Confirmed no active queues on EXCHANGE2016. Connector Scope Audit Verified EXCHANGE2016 is no longer listed in any send connector: Get-SendConnector | Where-Object {$_.SourceTransportServers -contains "EXCHANGE2016"} Remaining Question Should I now: Run an official cleanup script (e.g., Cleanup-ExchangeLegacyServer.ps1) to safely remove EXCHANGE2016’s configuration objects while keeping Exchange SE intact? Or simply uninstall Exchange 2016 from EXCHANGE2016 and decommission the server manually? I want to ensure I follow Microsoft’s best practices and avoid breaking hybrid management or leaving orphaned AD objects. If the script is available, could you please share the official download link and any updated guidance? Thanks in advance for your help! —Michael
Solved
mrlovett
Copper Contributor
Sep 02, 2025
2016
Exchange Server
hybrid
49Views
0likes
2Comments
SMIME not working in OWA
Help needed for S/MIME setup on M365 with Exchange Online and Windows/macOS What was done: Installed the .pfx key on Windows and macOS locally with the password Deployed the root and intermediate certificate via Intune on the Windows and macOS devices Exported the root and intermediate certificate via certmgr.msc and uploaded the .sst via Connect-ExchangeOnline Set-SmimeConfig -SMIMECertificateIssuingCA ([IO.File]::ReadAllBytes('C:\Temp\certificate_CA.sst')) Published the public S/MIME signature via “Publish to GAL” in classic Outlook manually for each user (Windows users). Current Status: Working Sending Encrypted email from a signed Reply (Old/classic Outlook) Sending Encrypted email from new email (Old Outlook) (Works after publishing in GAL/saving the Signature to contact for External) Sending Encrypted email from new email (Outlook for Mac) to windows user who published their certificate via GAL NOT working Sending Encrypted email from new email (New Outlook [Windows]) – Error message: Certificate is not trusted by this organization Sending Encrypted email from new email (OWA on Edge [Windows]) – Error message: Certificate is not trusted by this organization Sending Encrypted email from new email (Old Outlook Windows) to mac users, since certificate was not published
JChristiansen
Copper Contributor
Sep 02, 2025
admin
exchange online
outlook
51Views
0likes
2Comments
RBAC role to allow you to see in Exchange admin portal messagetrace
I’m trying to build management role, that will allow Admin to access and run messagetrace https://admin.exchange.microsoft.com/#/messagetrace I already add Message Tracking role Assignment, but messagetrace is not available in GUI. I saw recommendation for View-Only Recipients , which has Default recipient scope None and Default configuration None. I believe the role is not correct one.
Mali_Stane
Copper Contributor
Sep 02, 2025
admin
exchange online
74Views
0likes
4Comments
Unable to Add Exchange 2019 Email Account (Ionos) to Outlook (New) on Windows 11
Hello everyone, unfortunately, I am unable to add my Ionos (Exchange 2019) email account to the Outlook Windows app. On Windows 10, it was still possible to manually configure an Outlook account, which worked fine. However, on Windows 11, this option is no longer available, and I can’t revert to the previous version of Outlook either. When I try to add the account by selecting Microsoft 365 - Office 365, Exchange and entering my email address, I always get the error message: We couldn't find a work or school account with that email address. I have already contacted Ionos, but they couldn’t solve the issue either. They mentioned that Microsoft doesn’t allow setting up an Exchange account this way, even though the option is listed in the selection menu. Does anyone know how to fix that? Thank you very much!
VN_94
Copper Contributor
Sep 01, 2025
Exchange Server
office 365
outlook
455Views
2likes
2Comments
Mystery Emails for Meeting
Hello I have this weird issue that I have been tracking down. A user's mailbox sends emails out every night as reminders to an appointment that they setup. The email goes to all participants in the meeting, regardless of whether they accepted or not. I used message trace to track the source IP and it trusted, none network within my management, which wouldn't have devices unaccounted for. I am not concerned that it is malicious or an account takeover situation, since there isn't any content added to the meeting. It is the same email every morning this week. Is there a cause for this? Are there any options in Exchange or outlook that this could be attributed to? For example one that would effectively say "keep reminding participants of this"? A few other details, which may or may not be relevant: On at least one occasion, I verified that their computer was turned off. So, it is either their iPad or there iPhone, but I am not sure if that is relevant. I have this posted to an apple forum as well. Of the 6 participants that the message goes to (according to exchange message trace) only 1 actually says that it shows up in his mailbox. Which makes me think that the other mailboxes are simply processing the redundant meeting message and there is something special about this one. But, I don't want to focus on that because it is too dependent on user input. It's really a question of why the messages are being sent in the first place. Thanks! This is a weekly recurring meeting and these mystery emails are going out daily.
Solved
dirtadmin
Copper Contributor
Aug 29, 2025
exchange online
office 365
outlook
38Views
0likes
1Comment
Exchange EWS API Error
After migrating from 2016 to 2019 and SE, I was trying to move my script to the new server but came up with many issues. I was using this yesterday and it was working and today it's not. Seems random and no idea why it's happening that Exchange2016 disappears from the selection. $Service = New-Object Microsoft.Exchange.WebServices.Data.ExchangeService( [Microsoft.Exchange.WebServices.Data.ExchangeVersion]::Exchange2016 ) The property 'Exchange2016' cannot be found on this object. Verify that the property exists. At line:1 char:1 + $Service = New-Object Microsoft.Exchange.WebServices.Data.ExchangeSer ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : NotSpecified: (:) [], PropertyNotFoundException + FullyQualifiedErrorId : PropertyNotFoundStrict If I run the following, Exchange2016 is no longer in the list (it was when I tried yesterday). This seems random, [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 Set-StrictMode -Version Latest Add-PSSnapin Microsoft.Exchange.Management.PowerShell.SnapIn Add-Type -Path 'C:\Setup\ExchangeEWS\Microsoft.Exchange.WebServices.dll' # Get the type information for the ExchangeVersion enumeration $type = [Microsoft.Exchange.WebServices.Data.ExchangeVersion] # Get all declared fields $fields = $type.GetFields('DeclaredOnly, Public, Static') # Iterate over each field and display its name and value foreach ($field in $fields) { Write-Output "$($field.Name) = $($field.GetValue($null))" } Output: Exchange2007_SP1 = Exchange2007_SP1 Exchange2010 = Exchange2010 Exchange2010_SP1 = Exchange2010_SP1 Exchange2010_SP2 = Exchange2010_SP2 Exchange2013 = Exchange2013 Exchange2013_SP1 = Exchange2013_SP1 And if I run in Powershell ISE, I see more error (same script in regular powershell works). Exception calling "FindItems" with "2" argument(s): "The request failed. The underlying connection was closed: An unexpected error occurred on a send." At line:87 char:5 + $Items = $Service.FindItems( 'Inbox', ( New-Object Microsoft.Exch ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : NotSpecified: (:) [], MethodInvocationException + FullyQualifiedErrorId : ServiceRequestException
jt8585
Copper Contributor
Aug 29, 2025
Exchange Server
38Views
0likes
0Comments

Resources

Tags

exchange online2,540 Topics
Exchange Server2,308 Topics
office 3651,240 Topics
hybrid882 Topics
outlook763 Topics
2016747 Topics
admin675 Topics
2013279 Topics
2010159 Topics
201980 Topics