Hybrid
813 TopicsExchange Online Mailbox Retention
To utilize EXO for SEC Regulation and Purview eDiscovery. I think we need to have some kind of 7 years retention. What is the best way to accomplish this? MRM, Compliance Policy, Preservation lock, some kind hold policy, litigation hold ? So deleted items are not deleted and Primary mailbox will expand to Archive up to 1.5 TB. EX: under Data lifecycle management, create a 7 years retention policy for EXO, and other services. Would this be sufficient? For mailbox reaching 1.5TB with retention in place, how would I move mailbox data to secondary mailbox and allow users to access both. If a leaver mailbox is delete after 30 days, will the retention keep the data for purview searches?31Views0likes2CommentsPublic Folder Migration Failed
We have a problem migrating public folders from an Exchange 2019 OnPremise to an Exchange Online. We followed the Microsoft guide: Batch migrate Exchange Server public folders to Microsoft 365 or Office 365 | Microsoft Learn We get to step 7. When completing the PublicFolderMigration job, the status changes to “Completing” and then to “Failed”. The error message in the EXO Shell is: Status: Failed Message: Error calling “net.tcp://be1p281mb2001.deup281.prod.outlook.com:9821/Microsoft.Exchange.MailboxReplicationService BE1P281MB2001.DEUP281.PROD.OUTLOOK.COM (15.20.8207.17 ServerCaps:FFFFFFFF, ProxyCaps:1FFFFFFFFFFFFFFFC7DD2DFDBF5FFFFFCB07EFFF, MailboxCaps:, legacyCaps:FFFFFFFF)”. Error details: The communication object System.ServiceModel.Channels.ServiceChannel cannot be used for communication because it is in a Faulted state. --> The communication object System.ServiceModel.Channels.ServiceChannel cannot be used for communication because it is in a Faulted state. Does anyone have an idea what this error means? We have already removed and restarted the entire migration, but the same error occurs again.36Views0likes2CommentsHybrid Centralized Transport sending emails to EXO
I've discovered that Microsoft hosted tenants emails we receive is going directly to our EXO tenant and using the Hybrid Outbound connector going directly to on-prem Exchange by passing our on-prem Email Gateway fitlers. Also saw some quarantined emails in the EXO from EXO Antimalware scanning. With Hybrid Centralized Transport, I need all mail flow to work just like before the Hybrid configuration based on our MX records. None Microsoft tenants email goes directly to our on-prem Email Gateway for processing before delivered to Exchange on-prem. How do I change this behavior for Microsoft hosted tenants? I do not want email processed by EXO at all. I need all emails go through our on-prem Email Gateway for processing published with our MX records. This is currently bypassing our on-prem anti-virus, anti-spam among other safety features and using EXO's feature.Solved45Views0likes2CommentsPopDeepTestProbe Issue
I've recently built two Exchange 2019 servers in a DAG to replace our 2016 servers which are in their own unique DAG. They are not yet active but are ready with the exception of an Exchange HealthSet failing on one of the servers. Running Get-ServerHealth -Identity 'Server' -HealthSet 'POP.Protocol' shows the PopDeepTestMonitor is Unhealthy. Running Invoke-MonitoringProbe -Identity:"POP.Protocol\PopDeepTestProbe" -Server:Server | fl returns "WARNING: No mailboxes were found to use in the DeepTest probe." I've tried rebooting the server multiple times along with recreating the Exchange monitoring mailboxes multiple times. Nothing has solved this issue. Does anyone have ideas?12Views0likes1CommentHybrid Server Removal post CU12
Has anyone else successfully removed their last hybrid server using the process described here https://learn.microsoft.com/en-us/exchange/manage-hybrid-exchange-recipients-with-management-tools We’ve done this, seems to have worked, but now have a problem with loading the Exchange 2019 CU12 (or above) Management Tools on other admin machines so can’t access the PowerShell commands needed to run the remote recipient command set. We followed that article (and the steps it referred to in the one it links to) and all went as expected. After running the AD Clean Up script the machine we’d installed the Exchange 2019 Management Tools on errored when loading Exchange PowerShell with “AutoDiscoverAndConnect:No Exchange servers are available in any Active Directorey sites. You can’t connect to remote PowerShell on a computer that only has the Management role installed”. We CAN get round it on that machine by running WINDOWS PowerShell and from within that loading the Exchange snap-in with “Add-PSSnapin Microsoft.Exchange.Management.PowerShell.SnapIn” and then from there we can manage remote recipients as expected. However when we go to install the Exchange Management Tools on another machine Exchange setup states it needs to run ADPrep. We haven’t done that yet as it seems that we’d be reversing what the cleanup script is supposed to do, but we’re not sure if that means something is wrong or whether we have missed a step somewhere – the whole point of the exercise is to be able to remove the last hybrid server and just use PowerShell to manage the appropriate AD attributes for remote mailboxes/DLs etc., However we’re stuck at the moment with one server where we can do this (as described above) running but which is currently a single point of failure.52Views0likes4CommentsDisabling Outlook "Reactions" for a group of users
I've been asked for a solution to disable "Reactions" in Outlook for specific group of users, so looking to find out if there's any new information. There are multiple articles from roughly a year ago about creating a transport rule to add a specific message header - but not much else. Does anyone have any new information or references regarding disabling Outlook 'Reactions' for either specific group(s) of users; or even tenant-wide?78Views0likes3CommentsLast Exchange Server Shutdown. Exchange Management Shell attempts to connect to old Server
We have migrated all mailboxes to Exchange Online and felt we were in a position to shutdown the last on-prem 2016 Exchange Server. We followed the instructions in the following article to shutdown the last Exchange Server and manage recipients using the Exchange 2019 Management tools. https://learn.microsoft.com/en-us/exchange/manage-hybrid-exchange-recipients-with-management-tools When we open the Exchange Management Shell on the server running the new management tools it attempts to connect to the old Exchange Server. What do we need to do so the Exchange Management Tools stops connecting to the old exchange?68Views0likes0CommentsBad actors impersonating Microsoft Billing using rogue on-prem. Exchange > M365 tenants
Everyone should be aware and watch out for these very believable spoofs coming from microsoft-noreply_at_microsoft.com. If you have Threat Explorer (Defender Portal > Email & Collaboration > Explorer) or Advanced Hunting (EmailEvents table) available, you can find these messages by looking for these criteria: - Sender From Address:microsoft-noreply_at_microsoft.com (note the@ / _at_ swap) - Sender MailFrom Domain: Not equal to Microsoft.com (will be <something>.onmicrosoft.com) If you're getting these, you'll notice the MailFrom domain is an ever-changing long list of rogue tenants (e.g., <rogueTenant123>.onmicrosoft.com). The MailFrom address will be starting with "bounces+srs", like this "bounces+srs=<12345567890abcxyz>@<rogueTenant123>.onmicrosoft.com", letting us see that these bad actors are using an on-premises Exchange server, SMTP receive Connector and then a Send Connector up to and out via EXO/EOP. These things pass SPF, DKIM, and DMARC and so only get detected via General/Advanced filter and/or Fingerprint Matching (which only means loose match, there's no specific fingerprint/ID involved). The subject seems to always be "Your Microsoft order on September 23, 2024", and will be for the current date. Some people have raised this on Reddit, for example:email address removed for privacy reasons - Suspicious email : r/DefenderATP (reddit.com) I've been working with MS Support to try and get this addressed. We're seeing a lot of these, and so far it's be many many different rogue tenants, so it seems like the bad actors are working overtime and successfully standing up tenant after tenant to get these things out successfully.1.1KViews0likes1CommentExchange server transport logs reading tool
Hi Exchange Brain Trust, I need to get rid of any inactive IP addresses out of my SMTP receive connectors in Exchange 2019 server (Hybrid environment). Is there a free tool to monitor/study transport logs which provides a good UI as opposed to notepad readings? Appreciate any suggestions. Thank you!109Views0likes1CommentDocument Mailbox permissions
We are preparing to start a Microsoft Exchange hybrid migration. I am looking for a tool that documents mailbox/resources permissions. I know I can use the get-mailboxpermissions, but that does not show permissions assigned by a user to another user. Anyone have any suggestions?92Views0likes1Comment