Hello guys,

i'm currently living a nightmare.

we were attacked by a ransomware, we have lost as title says the primary DAG member on which databases were active & Witness server,
So quorum is lost, and DAG is technically not functional.

I managed to restore the second member, but here's the state of the databases that are still active on lost server :

Main copy state : Passive Service Down

Second copy state: Passive unknown

Every attempt i do i get the error message of active manager and cluster service is down.

I don't know, is there any hope i could mount the databases on the recoverd server? or it's impossible?

I know it's a disaster, loosing a dag member as well as a witness server. If anyone has ever faced this problem please give me any hint that can help me out.

Thanks a lot

https://preview.redd.it/797ez3o4320e1.png?width=345&format=png&auto=webp&s=acff763ba8822ae12a529a0ebba9acaedc669a72

Is it possible to set the disclaimer so that it is only added during a certain period of time - eg. weekend? We used the Exclaimer on premises for this, but it's too expensive online.

Hola, necesito clientes que quieran enviar dinero a su familia, amigos o compañeros de trabajo, de forma local i internacional y no puedan enviarles el dinero. Para mas información háblenme por mensaje. Trabajo con seguridad y desde la sinceridad y confianza de todo. Trabajo con todo tipo de monedas pero principalmente en €. Adjunto documentación si es necesario.

Hey everyone! So, here’s the situation: I'm in charge of managing our company's Microsoft Exchange server, and I’ve recently been tasked with setting up a reliable backup solution for it. We want to make sure we have a solid backup strategy to avoid any surprises in case of data loss, and we'd like something that allows for both full restores and more granular recovery (like individual emails or mailboxes).

I’ve done some initial research, and there are quite a few options out there like VinChin backup solution. But I’d love to hear from anyone who has hands-on experience with these or other tools.

Hi,

Is it possible to customize Exchange 2019 logs rollover for SMTP/IMAP/POP?

I would like to change it to daily log rotation. However, I don’t see any documentation about this.

Hi, I want to invite all new employee to company wide event that are already scheduled, however I can't see any option to do it unless i use powerautomate, wich seems a bit overkill. Any suggestion?

Hi everyone, i am facing an issue right now regarding to log file is constantly increasing. The organisation set up is DAG with 3 Server. Active Active and Passive. Currently is not replicating to passive due to passive server is relocated. Already removed the DB from passive and ensure the replication is removed from passive. Backup is working everyday. Any idea how to fix this?

Hello all, a client of ours wants to see if we can run Exchange Hybrid 2019 alongside their current Exchange Hybrid 2016. There are no mailboxes (all on Exchange Online); there's only Relay in 2016 (10-20k outbound emails daily).

The plan is to eliminate 2016 and move to 2019, but he wants to know if 2019 can run concurrently with 2016 for a smooth transition. The reason is that 2016 sits at a COLO, and 2019 sits at HQ. It looks like it's possible to add Exchange Hybrid 2019 alongside, but I might be overthinking the setup here.

I'm running the HWC in 2019 and can see both servers EX01 (2016) and EX02 (2019). Should I just choose EX02 for both receive and send connectors? It gives me both Exchange servers as options. I have the SSL Certificate, which has been imported already, so it's all good there. I'm just worried that applying this will make 2019 the primary and break something in 2016. Again, perhaps I'm overthinking it, so I'm wondering if anyone has run this before.

Thanks for all the help, you guys!

Hi Exchange experts,

I had a discussion with my colleagues today regarding SMTP relay servers and SPF checks, and I’d like your input on the matter.

Hypothetical situation:

• MX record points to a Barracuda appliance.
• The Barracuda appliance forwards all incoming e-mails to Exchange (Online).
• SPF is by default enabled on Exchange Server, no exceptions for the appliance.

My understanding is that when Exchange performs an SPF check, it verifies if the last SMTP host is authorized to send on behalf of the sender’s domain. Given that the Barracuda appliance is the last hop before emails reach Exchange, it seems necessary for this appliance to be included in the SPF records of any sender.

This would imply that the SPF check would fail unless the Barracuda appliance is listed in every SPF record of every sending domain name, as it acts as the intermediary, accepting all emails and relaying them to the Exchange server.

Of course, this is impossible to ask for and therefore this situation is by default incompatible in this 'design'. Tuning and or changing Exchange settings may help but I'm here for the basic understanding of SPF and relay servers.

Question: Am I correct in asserting that the last SMTP hop (the Barracuda appliance in this case) must be listed in the SPF record for the SPF check to pass? If so, does this suggest that in such a setup, SPF may not function as effectively as intended?

I appreciate your insights.

I've always done this in the past by grabbing the Stream_Autocomplete file from the old profile and renaming it to match the file created in the new profile.

However this no longer seems to work in the latest Outlook 365 app. It seems autocomplete entries are stored in the user's mailbox in Exchange Online and it puts them back when Outlook connects, overwriting whatever used to be in the local file.

Is there any way around this? The situation is a customer has been migrated to a new 365 tenant, we have access to both tenants still but all the autocomplete entries are tied to the mailboxes in the old tenant.

Edit: I used nk2edit to save the contents of the autocomplete file to the user's Outlook contacts. Thanks to those who suggested it.

I was asked to create a calendar for a large number of users. I created a 365 Group and added all the users to the group. This worked to give them a calendar, but all of the members have write permissions which isn't great. I attempted to change permissions via Powershell, but for some reason the group email address isn't known to Powershell. None of the group emails are.

Running Get-Mailbox on the group email give an error that the object couldn't be found. Running the same command on a user email works fine.

Is there any way to alter permissions on a group calendar?

On Exchange Server 2019, I'm trying to determine what happens when a retention policy is in place that says mail should be retained for x amout of days but the user uses the 'Recover Deleted Items' feature to manually remove or purge deleted items before day x has been reached. Is the mail permanently removed, or is it held until the retention period expires and then removed?

The Microsoft document https://learn.microsoft.com/en-us/exchange/policy-and-compliance/recoverable-items-folder/recoverable-items-folder?view=exchserver-2019 mentions users can permanently delete an item, but also says mail will be held until the retention period expires, so I'm not sure. Searching around shows mixed responses so I thought I'd try here to get something definitive.

Scenario:

• Shared Mailbox: SharedOnprem is hosted on Exchange 2016 (latest level).
• Hybrid Setup: The on-premises Exchange environment includes Exchange 2019 hybrid servers (latest level), which route traffic to Office 365..etc.
• Archive: SharedOnprem has an archive mailbox in Office 365, is properly licensed, and a retention policy successfully moves data to the archive.

User:

• JoeCloud is a licensed Office 365 user with a mailbox in Office 365.
• JoeCloud needs access to both SharedOnprem mailbox and its archive.
• He has full access mailbox rights to SharedOnprem.

Current Behavior:

• JoeCloud can successfully view the SharedOnprem Exchange 2016 mailbox and its Office 365 archive using OWA.
• JoeCloud adds the SharedOnprem mailbox to his Outlook (latest version) profile as a secondary account (by selecting “Add another account”)
  • He can see the primary SharedOnprem mailbox without issues.
  • However, when he attempts to access the "Online Archive - SharedOnprem" in Outlook, he receives the following error: "The set of folders cannot be opened. The attempt to log on to Microsoft Exchange has failed."

This did work up to about 2 months ago. Is anyone running the same scenario with success?

It's been awhile and I am getting mixed answers online. Is it possible to achieve this? I am running on premise Exchange 2016 and want to convert (if possible) an existing Dynamic Distribution Group to a standard Distribution Group.

I also know that even if possible, end users Outlook cache will need to be wiped for this entry.

Does anyone have any advice on how to go about this?

Thanks in advance.

Howdy! Probably something stupid but I can't figure it out. Currently, using my mx record, everyone can send E-Mails to my organization as well as other ExchangeOnline organizations in the name of my domain. I performed following tests from a third party server using telnet:

• send an e-mail through my mx, port 25, unauthenticated to my own organization: E-Mail sent successfully
• send an e-mail through my mx, port 25, unauthenticated to another organization on exchange online: E-Mail sent successfully
• send an e-mail through my mx, port 25, unauthenticated to another organization not on exchange online: Error 550 5.4.1 recipient address rejected
• send an e-mail through my mx, port 25, unauthenticated to an outlook.com address: Error 451 4.4.62 mail sent to the wrong office 365 region

In Exchange Online I have two connectors: From O365 to your organization and vice versa (the default ones when you create a hybrid configuration). That's it, nothing else.

Any idea why? Is this expected behaviour? Hope you can shine some light on this.

Cheers!

Hello

We are currently using Exchange Online with a hybrid connector to 2016 On Prem.

External email is sent from Exchange Online via smart host connectors to Mimecast.

We are seeing issues with receiving Out Of Office messages to mainly webmail domains (Hotmail, Gmail, Yahoo, Sky etc) although this does extend to corporate domains also.

The end user does not receive the OOO and no NDR or context is provided.

Exchange Online message trace as expected shows a drop for the internal OOO and a successful submit for the external OOO

If we create a test connector for *.hotmail.com and send it via MX record then OOO works but this isn't our desired setup as we use Mimecast for message hygiene and address rewrites.

Remote Domain is set as * and external OOO is allowed.

Does anyone have any ideas as between Mimecast & Microsoft they cannot work this out.

Thanks

I know forwarding is a bad thing, but I’ve been requested to do so.

Configured forwarding to an external domain inbox at the mailbox level. This configuration has been working for 2 months. We use messagelabs as our gateway.

In the last week or so forwarding has been failing with 453 and the end result is the email times out.

11/4/2024, 4:18 PM | Defer | Reason: [{LED=453-you are trying to use me [server-7.tower-642.messagelabs 453-.com] as a relay, but I have not been configured to let 453-you [40.95.37.53, mail-co1nam11rlnn2053.outbound.protect 453-ion.outlook.com] do this. Please visit 453-https://knowledge.broadcom.com/external/article?legacyId 453-=TECH246726 for more det. OutboundProxyTargetIP: 67.219.250.217. OutboundProxyTargetHostName: mail642.messagelabs.com

Configuration has not changed on our end since the original config. I’ve been working with our gateway vendor, but they can't find a solution.

Can anyone shed some light on this?

TIA

I mistakenly created a database with these paths:

Name      EdbFilePath                LogFolderPath
----      -----------                -------------
DB03-2019 M:\DB03-2019\DB03-2019.edb L:\DB03-2019

They should be the opposite.

What I would do is to run Move-DatabasePath cmdlet the following way:

Move-DatabasePath -EdbFilePath L:\DB03-2019\DB03-2019.edb -LogFolderPath M:\DB03-2019

Isn't it a problem running this command so that it moves files where there are already other files?

As an alternative, I can add two more virtual disks (N: and O:) and run the same cmdlet accordingly. Next, after checking the mailboxes hosted on that db work properly, I will put offline within Windows the disks hosting L:, M: and then delete the relative virtual disks from vmware.

There would be the migrate mailboxes way as well, but I wanted to avoid creating another DB.

What would you do?

Hello Guys, I'm facing a problem regarding to a room resource on exchange online. I have a room resource set up with 2 users as delegates to accept/decline meeting requests. When a request is sent to them, they "accept" and the delegate accepting is added to the meeting as an optional participant. When I set

-ForwardRequestsToDelegates $false

They won't get added as optional participant, but they won't get a notification for accepting/declining.

Does anybody have the same issues?

Thanks in advance.

I have migrated from Exchange Server 2016 to 2019 and decommissioned Exchange 2016. However, the old server entry still appears under the 'Servers' section in the Exchange Admin Center.

Look for advise on whether this is possible and how it can be configured. Any pointer is much appreciated.

The use case is to allow a group of users (each identified by their individual email address) to send outgoing emails and at the same time hide their addresses. The email will show up as sent from a pre configured address such as customerservice@company.com - this email is configured on MS exchange.

When the recipient replies to this email customerservice@company.com , the reply will be forwarded back to the sender, and sender can then reply to it again establishing an email chain that does not reveal the the initial sender's true email address.

Given the group of users can use whatever email they choose, is it possible to configure MS Exchange in such a way so that it has an inbound email address (e.g., inbound-only@company.com) that's allowlisted for the group of user emails only, and upon receiving and verifying the sender is allowlisted, then sending it out to the true recipients.

Looks like there is an active feedback item for this capability, but so far it's just a bunch of us screaming into the void: https://feedbackportal.microsoft.com/feedback/idea/9a8c913e-76bd-ed11-83ff-002248273995

Anyone know if there is documentation on how this is actually working under the hood? It is/was pretty magical honestly - not just deleting all but the most recent, but also preserving messages with attachments, replies that split the thread, replies to a different set of recipients, etc.

Really seems like this could be done on the back end using graph or even mapi apis. Has anyone looked into this or aware of active projects related to this?

We used to have a hybrid Exchange setup, but have migrated all mailboxes to Exchange Online many, many years ago. We did for a long time have a really old Exchange server still hanging around, but have followed Follow Scenario 2 of How and when to decommission your on-premises Exchange servers in a hybrid deployment in order to decommission that last Exchange server.

Unfortunately, Microsoft Exchange RPC Client Access process has stopped working - just won't start - no error and no logs in C:\Program Files\Microsoft\Exchange Server\V14\Logging\RPC Client Access\ Without that process, Exchange Management PowerShell also does not work and thus I can't run the final step in those instructions, which is running the Remove-HybridConfiguration cmdlet. I don't exactly want to spend hours troubleshooting this RPC process on an ancient server that I just want to delete, but what does Remote-HybridConfiguration do and what are the problems if I don't run it?

I notice that I cannot delete a mailbox in Exchange online when the user is synced from on-prem AD. It produces some out of scope error. I am wondering whether it would have been possible to delete those mailboxes online after running the Remote-HybridConfiguration command?

Any advice on how to more forward? Shall I simply delete that last server and move AD user accounts to a non-Azure-synced OU when I want the corresponding mailbox to be deleted in Exchange Online? Or is there a better way?

Hi all,

As the title says - removing public folder completely from exchange online.

We have a hybrid environment, with a Exchange 2019 CU14 box on prem. Public folders are hosted in EXO only.

Following this article

https://learn.microsoft.com/en-us/exchange/collaboration-exo/public-folders/decommission-public-folders

Get-Mailbox -ResultSize unlimited | where {$_.DefaultPublicFolderMailbox -ne $Null} | Set-Mailbox -DefaultPublicFolderMailbox $Null

returns no mailboxes, however, the following command

Get-Mailbox -ResultSize unlimited | where {$_.DefaultPublicFolderMailbox -ne $Null -OR $_.EffectivePublicFolderMailbox -ne $Null}

returns a large number of mailboxes...

Looking at a mailbox individually with the command

Get-Mailbox -Identity <username> | fl *pub* - returns

IsPublicFolderSystemMailbox : False

IsRootPublicFolderMailbox : False

DefaultPublicFolderMailbox :

EffectivePublicFolderMailbox : <name of one of the PF mailboxes>

but the article, does not specify how to address this. Since "effectviePublicFolderMailbox" is not a property i can set.... and the article does not specify how to address this.

So... anyone here know how to address that ?

Update : Just checked again - and the value of "EffectivePublicFolderMailbox" have cleared for all users. Its approx 4 hours after i ran "Set-OrganizationConfig -PublicFoldersEnabled None" - so by the looks of it, that command takes a while to flow through.... would have been nice if that was in the doco.

Leaving this here anyway in case someone else runs into the same issue.

Hello there. Our client has an Exchange Hybrid 2016 VM at a COLO, and the Exchange server is set up mainly as an SMTP Relay server (10-20k outbound emails a day) with no mailboxes (all on MS365). They are trying to move out of the COLO soon (the lease is up), so we have spun up an Exchange Server 2019 VM at their HQ to replace it. Is this a matter of importing the existing SSL cert on their current Exchange 2016, running EAC/HWC, and then repointing the connectors? I'm just wondering if it's that easy or I'm missing something else and need to check anything further. I appreciate any advice or help. Thanks!

We have MRM policies that will move user's emails to in place archive after a year and work fine but a user's in place archive is getting full and when trying to make a MRM tag to delete old archive emails after 6 months it doesn't seem to be applying. I applied this policy about a week ago and tried forcing the folder assistant, but it still doesn't seem to be shrinking. Does the archive tag not apply to In-Place archive mailboxes? I also tried having the user apply a personal tag to the In-Place archive folder.

They have a 365 Standard license.

Any help would be much appreciated.

Thank you.

So here's the gist of it.

I have exchange server running.. and want to be able to do two things (or possibly one or the other)

1. I have pagegate setup as an internal smtp server, so it will receive messages if you smtp directly to it. What do I have to do in DNS/exchange to have it direct messages to the 'phone#@lcppgate.xxx.com'

Do I just create an MX record on my internal DNS for lcppgate? If I made a sub domain just for the record I'd end up with 'lcppgate.lcpgate.XXX.com so I don't think that'd be right. But I also don't want to chance messing up my internal mail routing..

2. ie if we receive an email from an internal user to 'phone#@Vtext.com' or 'phone#@Tmomail.net' to be directed to our internal 'phone#@lcppgate.xxx.com' The pagegate system doesn't need to know/care about what domain as it is just looking at the phone number.. And last thing I want is regular emails going through the pagegate, only emails that are intended to be texts

Any suggestions/best ways to handle this are appreciated.. At the moment my plan was to get option 1 going, then change internal systems to use that dns. This whole setup is for internal use only, externally the pagegate isn't connected.

Have a 20+ year old environment that was recently converted to hybrid azure, which I have no access to.

There 5 digits worth of SMTP contacts. Not a single one has ever been deleted as there's no process in IT for upkeep/cleanup. The majority of these were created for temp contractors to receive updates but they have never been cleaned up. There's over 600 DLs so there's no realistic way to review them individually in my lifetime.

So what I want to do is get a massive csv for anything that's given X NDRs, and just PowerShell them out of existence in bulk.

Suggestions?

2 months ago our office 365 account was compromised and the hacker set up an exchange connector and started sending spam emails. We were able to rather quickly figure this out and got these turned off and fixed the MFA issue that allowed the hackers in. Since then we have been working with Microsoft support because our users continue to get caught on the restricted entities list and we are unable to send emails internally or externally without them going into spam. Microsoft support has been absolutely TERRIBLE. I dont truly think there is a person there that knows how the systems they created work. But enough of bashing MS because thats another issue. Does any one have any experience with something similar and what can be done so our emails do not get flagged as spam?