exchange online
3075 TopicsCan we hide default address lists in Outlook Address Book and show only custom ones?
There are existing Custom Address Lists. When users use the MS Outlook App (Office 2019) and open the Address Book, is it possible to hide the other address lists (including domain-sg-GAL, Global Address List, and domain-sg-Rooms), and only display the Custom Address Lists (domain-HK-AL and domain-sg-AL) — the ones shown in green in the photo?68Views0likes1CommentCross Tenant Migration licensing
Hello, I'm planning a native cross-tenant migration for several shared mailboxes that have archives enabled. I’m looking to confirm if it is necessary to temporarily convert these to user mailboxes in the source to ensure the archive data migrates successfully. Also, what specific licenses should I assign to the target objects specifically, do I need to provide an Exchange Online Plan 2 plus the Cross-Tenant User Data Migration add-on for each shared mailbox? If anyone has handled archived shared mailboxes recently, I’d appreciate a quick confirmation on the cleanest licensing and conversion steps. Thank you in advance ! :)125Views0likes1CommentHow to Check Distribution Lists for Activity Over the Last 90 Days
The new Get-MessageTraceV2 cmdlet can fetch 90 days of message trace data, which means that we can check for inactive distribution lists using data for the last 90 days instead of being constrained to the last 10 days. This is done by running fetches for nine batches of traffic, each covering ten days. Distribution lists are still important to Exchange Online and Microsoft 365, and it’s good to know which distribution lists are in active use (and how much traffic they get) and which are not. All done with PowerShell. https://office365itpros.com/2026/07/09/inactive-distribution-list-2026/20Views0likes0CommentsUnexpected Microsoft Defender for Office 365 License Requirement for Shared Mailboxes
A question about shared mailboxes brought up the topic of licensing requirements when a tenant has Microsoft Defender for Office 365 (MDO). The news is not good. Once MDO is active, every shared mailbox needs an MDO license, and every user mailbox must also be licensed for MDO (those with E5 licenses are covered). At $5 per month, those MDO licenses can ramp up to a considerable cost. Ouch! https://office365itpros.com/2025/08/11/microsoft-defender-for-office-365/676Views0likes1CommentOffboarding mailboxes fails with “PropTagToPropertyDefinitionConversionException.”
Hybrid M365 setup, just recently upgraded the on-prem server from Exchange 2019 to Exchange SE. After doing so, migrations from Exchange Online back to Exchange On-prem fail at 10% with the error “PropTagToPropertyDefinitionConversionException.” I opened a case with M365 exchange support, and after some time, they came back to tell me that the Exchange Online portion of the process is not at fault, and that I have to engage the on-premise support team (this seems a little nuts to me, as its all connected and all supported, but I've been in this business for 30 years now, and it's not the first time I've seen buck-passing), and/or ask this community for help. Hence, this post. That error appears exactly two places on the internet, as far as I can tell: a blog (in German) from an Exchange expert doing cross-tenant migrations, and a page at https://west.jcteams.info/bhit11/docs/EX1232513.html that seems to describe my exact issue. Neither had useful suggestions - mostly, they say this: Set-MoveRequest -Identity "<UserPrincipalName>" -SkipMoving FolderRestrictions Resume-MoveRequest -Identity "<UserPrincipalName>" That didn't actually work, but when I tried the same parameters with Set-MigrationBatch, they worked as long as I ignored the message "The SkipMoving parameter is deprecated. Use the MoveOptions parameter instead. If you have any scripts that use the SkipMoving parameter, update them to use the MoveOptions parameter." So what was a simple process is now a more cumbersome workaround. Does anyone have an idea on how to troubleshoot "PropTagToPropertyDefinitionConversionException?"550Views0likes1CommentImpact of Reduced DigiCert SSL Certificate Validity on Exchange Hybrid Environment
DigiCert is reducing certificate validity periods because of new industry requirements approved by the CA/Browser Forum. This is not a DigiCert-only decision all public Certificate Authorities must follow these limits. DigiCert is making this change to align with the CA/Browser Forum’s Ballot SC081v3: Introduce Schedule of Reducing Validity and Data Reuse Periods. This ballot sets a timeline for all Certificate Authorities (CAs) to reduce TLS certificate validity from 398 days to 200 days in 2026, 100 days in 2027, and 47 days in 2029. Impact on Microsoft Exchange Hybrid For environments like Hybrid (Exchange Server SE Hybrid with Edge servers): You'll need to renew your public SSL certificate more frequently. Manual renewal processes will become increasingly difficult. Consider implementing certificate lifecycle automation where supported. Existing certificates remain valid until they expire; the new limits apply to newly issued or renewed certificates. In Hybrid environment (Exchange Server SE, Exchange Hybrid, multiple Mailbox servers, Edge servers, and DigiCert public SSL certificates): No need to rerun the Hybrid Configuration Wizard (HCW) solely because you renewed the SSL certificate, provided the renewed certificate uses the same subject name/SANs and is assigned to the required Exchange services. The primary impact is operational: you'll need a robust and preferably automated certificate renewal and deployment process across your Mailbox servers, Edge servers, and any load balancers to keep pace with the shorter certificate validity periods.51Views0likes1CommentDKIM CnameMissing for alderohotel.it stuck for 6 days - backend cache reset needed
DKIM for custom domain alderohotel.it has been stuck in CnameMissing status for 6 days despite correct CNAME records. Tenant: alderotech (Microsoft 365) CNAME records published on Aruba DNS: - selector1._domainkey.alderohotel.it → selector1-alderohotel-it._domainkey.alderotech.w-v1.dkim.mail.microsoft.com - selector2._domainkey.alderohotel.it → selector2-alderohotel-it._domainkey.alderotech.w-v1.dkim.mail.microsoft.com Verified via PowerShell Resolve-DnsName: records resolve correctly. Get-DkimSigningConfig -Identity alderohotel.it returns Status: CnameMissing. Set-DkimSigningConfig -Enabled $true fails with CNAME validation error. Microsoft support diagnostic tool also shows CnameMissing. Requesting manual backend cache reset for DKIM signing config on alderohotel.it.39Views0likes1Comment