Posts filed under ‘Exchange and O365’
Cannot open mailbox features in ECP
Sometimes you may receive the below error , when you try to access the Mailbox features for a Mailbox via ECP.
In this situation the Exchange server version is 2016 and it happened only on a single mailbox.
After several hours of troubleshooting we came to know that , this could happen if the mailbox is in quarantined state. During this problem user will not be able to access his mailbox neither by Outlook nor any clients)
(You could refer https://www.nucleustechnologies.com/blog/how-to-fix-exchange-mailbox-quarantine-issue/ to have an idea about possible causes for a mailbox to go in to quarantined mode).
To confirm this we ran the below command via the Exchange Powershell
Get-Mailboxstatistics -identity “Test User” | fl Isquarantined
The output was True , now we could confirm his mailbox is in quarantined state.
To disable the quarantine state we ran the below command:
Disable-MailboxQuarantine “Test User”
But , for us unfortunately , the user mailbox goes again to quarantine mode after few minutes. Thus we tried to repair the mailbox using the below command.:
New-MailboxRepairRequest -Mailbox test@test.local -CorruptionType ProvisionedFolder,SearchFolder,AggregateCounts,Folderview
In our situation even the repair was not solving the issue and we had to recreate the mailbox. The reason , I shared the above steps as it could help somebody , without the need for recreating the mailbox.
Good Luck.
How to create an O365 Mailbox when there is no On-Prem Exchange Servers.
In some cases the IT department decomission the On-Prem Exchange Server after migrating the mailboxes to O365. (For detailed steps for uninstallation of Exchange Please refer my previous article : https://vands.pro/2018/11/06/how-to-decomission-on-prem-exchange-server-after-migrating-the-mailboxes-to-o365/.
OK, Coming back to mailbox creation ; All these steps need to be done in the ADUC
+ Create an AD User.
+ Type the email address in the email field.
+ Go to the Account Tab and select the correct domain name.
+ In the Attributes Editor modify the two parameter’s as below
proxyAddresses: SMTP: myemail@email.com
targetAddress: SMTP: myemail@companyname.onmicrosoft.com
+ Either perform a manual sync or wait for the next schedule.
+ After the Sync is completed you will be able to see the user in O365 Portal and need to assign the Exchange License to complete
the mailbox creation.
Credits: https://c7solutions.com/2014/07/creating-mailboxes-in-office-365-when-using-dirsync
How to Decomission On-Prem Exchange Server after migrating the Mailboxes to O365
Few weeks ago, we had project to migrate the Exchange 2010 Mailboxes to O365. After the migration completed we had to remove the On-Prem Exchange Servers(Even though it is not a supported scenario from Microsoft , still you could do this.) This will lead you to to adopt non standard methods when creating new mailboxes(Refer my post https://vands.pro/2018/11/06/how-to-create-an-o365-mailbox-when-there-is-no-on-prem-exchange-servers/ for detailed steps). Also if you still needed an Exchange Server in your premises to avoid complication you could contact MS O365 Support to obtain a free Exchange Hybrid License and install an Exchange Server.
Coming back to the original goal of this article you need to follow the below steps if you have decided to remove the Exchange Servers; Also note that uninstallation of Exchange will not impact the O365 mailboxes in any manner.
+ By this time you should have changed the MX and related DNS records on
the on-prem DNS and Public DNS Servers.
+ Set the AD Internal URL to null
Get-ClientAccessServer | Set-ClientAccessServer
-AutoDiscoverServiceInternalUri $Null
+ Then disable the AD Sync(Temporarily)
Set-MsolDirSyncEnabled -EnableDirSync $false
(Get-MsolCompanyInformation).DirectorySynchronizationEnabled – To
view the current status.
+ Open Exchange Shell in one of the Exchange Server(uninstallation should
be started in the order of MBOX,CAS,HUB & Edge)
+ Remove default Public folders
Get-PublicFolder “\” -Recurse -ResultSize:Unlimited |
Remove-PublicFolder -Recurse -ErrorAction:SilentlyContinue
+ Remove system Public folders
Get-PublicFolder “\Non_Ipm_Subtree” -Recurse -ResultSize:Unlimited |
Remove-PublicFolder -Recurse -ErrorAction:SilentlyContinue
+ Remove Offline Address Book
Get-OfflineAddressBook | Remove-OfflineAddressBook
+ Remove send connectors
Get-SendConnector | Remove-SendConnector
+ Remove Public Folder Database
Get-PublicFolderDatabase | Remove-PublicFolderDatabase
+ + Remove Arbitration Mailbox
Get-Mailbox -Arbitration | Disable-Mailbox -Arbitration -DisableLastArbitrationMailboxAllowed
+ Disable / Delete All non migrated Mailboxes
Get-Mailbox | Disable-Mailbox
+ Open CMD as Administrator and Go to the bin folder in the Exchange Installation Folder in your C: drive(Depend on your environment)
setup.com /m:unistall.
+ Once all the Exchange Roles are uninstalled disjoin the servers from the AD.
+ Re-run the AD Sync Tool and remove the Tick on Exchange Hybrid Configuration.
+ Re-enable the AD Sync
Set-MsolDirSyncEnabled -EnableDirSync $false
Credits: https://www.itpromentor.com/remove-hybrid-keep-sync/
Good Luck Guys.
Azure AD Password Sync Error with Event ID 611
Recently we faced an issue with the Password Sync from our On-Prem AD server . The strange issue was when we create/delete an AD object the synchronization completes successfully except for the Password changes. In the event viewer on the AAD connect server we could see event ID 611.
Password synchronization failed for domain: test.com
Details:
System.DirectoryServices.Protocols.LdapException: The operation was aborted because the client side timeout limit was exceeded.
If you are facing the same issue , you need to modify the registy entry on the AAD connect server as below;
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Ldap
Modify the parameter LdapClientIntegrity to 0.
But I am still not sure , is it a Bug or not, If I come across any information about the cause of the error , I will update this post accordingly.
Good Luck.
How to login to Exchange Online Powershell
In most of the cases you may need to login O365 via PowerShell to manage the environments , Then you could use the below cmdlets to initiate the sessions.
+ Set-ExecutionPolicy RemoteSigned
+ $UserCredential = Get-Credential
+ $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection
+ Import-PSSession $Session -DisableNameChecking
+ Remove-PSSession $Session ( Need to run this to avoid the waiting time as Microsoft has a limit on the session)
That’s it now , you could start using the Powershell cmd’s. Please refer the below MS KB Article for the explanation of these commands, and prerequisites.
https://docs.microsoft.com/en-us/powershell/exchange/exchange-online/connect-to-exchange-online-powershell/connect-to-exchange-online-powershell?view=exchange-ps
In some cases when you try to run Import-Module MSOnline you will be see an error message no cmdlets found. In order to solve this issue you need to install Windows Management Framework 5.1. Once you install this update need to restart the computer. Thereafter you could use the below commands to Manage your environment.
+ $UserCredential = Get-Credential
+ Import-Module MSOnline
+ Connect-MsolService -Credential $UserCredential
+To Disable the Sync
Set-MsolDirSyncEnabled -EnableDirSync $false
+To view the Current status
(Get-MsolCompanyInformation).DirectorySynchronizationEnabled
+ To force a manual Sync after a Change in On-Prem Object.
Import-Module ADSync
Get-ADSyncScheduler
Start-ADSyncCycle -PolicyType Delta
How to descommission the On-Prem Exchange server after the successful migration to O365.
When you performed a cutover or Hybrid migration to O365 , You need to uninstall the On-Prem Exchange Server. Even though MS recommends to keep at least one Exchange On-Prem Server(Does not require any license and special license available for this use cases), Some environments require them to be uninstall in that case we could follow the below steps.(Please note I have not included any screenshots because if you are reading this article you should have well familiarized with O365 Admin / EAC consoles.
- Change the DNS records internally & externally to point it to O365.
- Open EAC on Office365
- Click on Mailflow -> Open Connectors
- Disable or Delete the 2 Connectors ( Both Inbound & Outbound)
- Click on Organization and remove the O365 to Onpremises …config.
- Stop the AD Sync (Set-MsolDirSyncEnabled –EnableDirSync $false)
- Remove all the unwanted or non migrated mailboxes from the On-Prem Server
- Remove the Public Folders
- Remove / Disable Arbitration Mailbox ( Get-Mailbox –Arbitration )
- Optional(Remove OAB)
- Uninstall Exchange
- Re-enable ADSync (Set-MsolDirSyncEnabled –EnableDirSync $true)
