Exchange SE product key Clarity
Hi All, After installing the Exchange SE server, the following parameters appeared when I ran the command. Can we leave these statuses as they are until Microsoft provides the new CU and product key ? Please confirm Get-ExchangeServer -Identity newse | fl fqdn,product*,*edition* Fqdn : NewSE.test.local ProductID : Edition : StandardEvaluation IsExchangeTrialEdition : True IsExpiredExchangeTrialEdition : FalseFederation Trust Gateway broken - OrgCertificate cannot be uploaded
Hey guys, last week we have done Windows Server updates and this broke some stuff. Some certificates have been unbound and so on. Until then the full classic hybrid worked quite good in our Exchange Server 2016 CU23 environment. We are just in the process of upgrading/migrating. But after this point of time the On-Premises users stopped being able to see the calendars of the cloud users, other way around still worked. So we started trying to fix the hybrid deployment with several runs of the HCW (which is always fine) and rebuilding the organizational relationship and the trust federation gateway. This was quite exhausting, as we updated a bunch of domains in global DNS several times. Currently, neither direction is functioning. Now it looks like the Federation Trust Gateway is in an inconsistent state. When I try... Set-FederationTrust -Identity "Microsoft Federation Gateway" -PublishFederationCertificate then I get the message, that the rollover certificate (OrgNextPrivCertificate) is not set and that I only can publish, when this is done. When I try to define a rollover certificate, then I get the message, that the rollover certificate cannot be set until the OrgCertificate has been published. So, we have a chicken-and-egg situation here. Thanks for any help.How to Find Active EWS-Based Apps in a Microsoft 365 Tenant
Microsoft will retire Exchange Web Services (EWS) from Exchange Online on October 1, 2026. A new usage report helps tenants understand what apps use EWS. Many of the apps are likely to be first-party (Microsoft) apps, but some might be third-party apps developed externally or internally. Those apps need to be retired or upgraded to use Graph APIs. Time is slipping away to do the work. https://office365itpros.com/2025/04/29/exchange-web-services-apps/
Update Dynamic Distribution List
we are a hybrid environment, running exchange 2019 and have a few DDLs which have been around from previous exchange versions. One of the DDLs i need to modify is the below. Its hard to read and i am trying to work out where i add the extra fields i want to include. I am looking to add another custom attribute and possibly include members of a security group. Is there anyway to make this easier to read so i know where to add things? Any other tips? ((((((((((((((((((((((((((Company -eq 'Contoso') -and (CustomAttribute4 -eq 'City'))) -and (((((CustomAttribute7 -eq 'Group') -or (CustomAttribute7 -eq 'Contractor'))) -or (CustomAttribute7 -eq 'Permanent'))))) -and (((RecipientType -eq 'UserMailbox') -or (((RecipientType -eq 'MailUser') -and (CustomAttribute12 -ne 'Excluded'))))))) -and (-not(Name -like 'SystemMailbox{*')))) -and (-not(Name -like 'CAS_{*')))) -and (-not(RecipientTypeDetailsValue -eq 'MailboxPlan')))) -and (-not(RecipientTypeDetailsValue -eq 'DiscoveryMailbox')))) -and (-not(RecipientTypeDetailsValue -eq 'PublicFolderMailbox')))) -and (-not(RecipientTypeDetailsValue -eq 'ArbitrationMailbox')))) -and (-not(RecipientTypeDetailsValue -eq 'AuditLogMailbox')))) -and (-not(RecipientTypeDetailsValue -eq 'AuxAuditLogMailbox')))) -and (-not(RecipientTypeDetailsValue -eq 'SupervisoryReviewPolicyMailbox')))) -and (-not(Name -like 'SystemMailbox{*')) -and (-not(Name -like 'CAS_{*')) -and (-not(RecipientTypeDetailsValue -eq 'MailboxPlan')) -and (-not(RecipientTypeDetailsValue -eq 'DiscoveryMailbox')) -and (-not(RecipientTypeDetailsValue -eq 'PublicFolderMailbox')) -and (-not(RecipientTypeDetailsValue -eq 'ArbitrationMailbox')) -and (-not(RecipientTypeDetailsValue -eq 'AuditLogMailbox')) -and (-not(RecipientTypeDetailsValue -eq 'AuxAuditLogMailbox')) -and (-not(RecipientTypeDetailsValue -eq 'SupervisoryReviewPolicyMailbox')))
new Exchange Installation Autodiscover
Hi I have had a lab environment and suspended this to get experience with a new setup. Old setup had a ADFS server in place. New lab setup is based on Windows Server 2025, 1 DC, 1 Exchange server SE. Installation is ok. Client is a Windows 11 machine with Outlook 2019. DC is synching to EntraID. All based on German language. GPO for autodiscover is set. As well the DNS records. Post installation is the part where I am have an issue at. At least in the part of the autodiscover. Adding the primary mail address is always leading in pointing to the company authentification page adfs.xy.com which was in the old lab in place. I cant see any DNS entry neither on my external DNS provider nor internal (brand new setup) and have no clou where to search further. Wensearch did also not lead me to any solution. And a workaround to disable autodiscover is not my goal. Therefore I am happy to get any idea where to look at to get read of the adfs link. Appreciate your support. THY mame
Exchange 2019 AvailableNewMailboxSpace
Hello! Colleagues, have you encountered a situation where Exchange 2019 does not provide accurate information about the amount of free space in databases (AvailableNewMailboxSpace) via EMS? Using this command: Get-MailboxDatabase -Status | Sort-Object Name | Select-Object Name,@{Name=‘DB Size (GB)’; Expression={[math]::Round($_.DatabaseSize.ToGb(),2)}},@{Name=‘Free Space (GB)’;Expression={[math]::Round($_.AvailableNewMailboxSpace.ToGb(),2)}} | Format-Table -AutoSize Exchange 2016 displays the information correctly, but 2019 does not display it correctly in gigabytes or the numbers are unclear. Do you know of another way? Thank you!Which ExchangeServerApp is the right one? How to tell?
From running HCW multiple times w/ various exceptions, we have a number of separate ExchangeServerApp instances in Entra. How can I definitively tell which one (or more) is the correct instance? I can't find any of the UUIDs in the Entra entries anywhere in the Exchange Server configuration. I can't run the ConfigureHybridExchangeApplication script because (from the error it gives) it doesn't handle the multiple app identifiers. I submitted feedback but haven't heard back from the CSS-Exchange people. Any guidance appreciated.Exchange Server 2019 to Subscription Edition (SE) Licensing and Migration Guidance
1. Current Infrastructure Setup Component Detail Notes Product Microsoft Exchange Server 2019 Enterprise Edition Servers 3 Virtual Servers (VMware) Configured in a Database Availability Group (DAG) Version Cumulative Update (CU) 15 Licenses Server License and 1100 CALs (Standard/Enterprise) Purchased in 2019 without Software Assurance (SA). 2. Core Licensing and Compliance Queries We require definitive guidance on the following compliance and purchase requirements: Software Assurance (SA) Requirement: Is Software Assurance mandatory for our existing Exchange Server 2019 setup for ongoing compliance and full support? Please advise on the status of our current setup without SA. Standalone SA Purchase: As our Exchange Server licenses/CALs were purchased in 2019 without SA, is it possible for us to purchase standalone Software Assurance for our existing Exchange Server 2019 licenses now, or must we purchase a completely new license with SA? Client Access License (CAL) Migration: Will our existing Exchange Server 2019 Standard/Enterprise CALs be compatible and automatically migrate to the Subscription Edition (SE) requirement, or must we purchase new CALs specifically for Exchange Server SE? Please clarify if the old CALs will become obsolete. 3. Recommended Migration Path (Budgeting Focus) Based on the licensing realities, we need advice on the most financially responsible path to move to Exchange Server SE. Please guide us on which of the following scenarios is recommended: Option A: Purchase Software Assurance for our existing Exchange Server 2019 infrastructure, and then migrate to SE, utilizing the same 2019 CALs (if permissible). Option B: Forego purchasing SA for the 2019 environment and directly purchase new Exchange Server Subscription Edition (SE) licenses and corresponding new CALs (if necessary). We look forward to your detailed guidance to ensure full compliance and a smooth transition to Exchange Server SE. Thank you, Narayan Das Senior System Administrator
What to do? SE or Decommission
I’ll start by outlining our current environment for context: Two standalone Exchange Server 2016 VMs. Primarily used for recipient management in a hybrid setup. Also functions as an anonymous relay for two LOB applications — one of which requires the mail service to reside on the same network as the application (as per vendor requirement). We have not opted for Extended Support (ESU) and installed the latest available Security Update last week. Management has been presented with the following options to move forward: 1) Perform a legacy upgrade — build two new servers and migrate from Exchange 2016 to Subscription Edition (SE). 2) Migrate LOB applications to another SMTP service — this would allow continued use of Exchange Management Shell for recipient management (by setting up a new server, preparing the schema for SE, and following Microsoft’s decommissioning process). 3) Migrate both LOB applications to another SMTP service and management to alternative platforms such as Easy365 or ManageEngine, removing the dependency on Exchange entirely. This post is mainly to gather some insights and general discussion around the best path forward. From a risk management perspective, since we’re effectively sitting on a time bomb without further Microsoft updates, I’m leaning toward option 2, especially given that all mailboxes have long been migrated to Exchange Online. What should I be watching out for with this approach? It seems many have taken a similar path — I’d appreciate hearing about any challenges or pitfalls you encountered and how you mitigated them during implementation.
