We just did a migration for a customer and all their user mailboxes are in 365 now. Hybrid is still set up, and they have a couple shared mailboxes and public folders that need to be moved yet. The PFs are small, with largest being 200mb. Is my best bet to manually export pst and import and then assign permissions for all these?
Hey all - has anyone change source of authority for distribution lists to be cloud managed in production? Curious how it’s going and if you are finding any issues yet. Beyond the fact there’s no write back to on premises.
So, a client wanted to clean up their aad hybrid disabled users.
Re-configured sync, they were specifically told that they need to prep their work items and they have 60 days.
Lo and behold 60 days pass and disabled user that was moved from hybrid mailbox is actually important without us being notified.
EXO deletes the mailbox, still exists on prem as o365/remote mailbox.
We also have the Veeam backup of the shared mailbox i think.
What would be correct way to recover this in functionality?
Hi I'm working as a sharepoint admin for the past 1.5 years in India and I'm looking for a field with good opportunities in the future despite the ai wave. Im confused whether should I learn powerplatform with Copilot studio or M365 administration with more depth in learning all tech stacks like IAM(Entra) , exchange, intune and purview. Can someone pls help to clear my confusion in choosing the right path 🙏.
Greetings, one and all. First time long time.
Running Exchange SE.
So I've been running PurpleKnight scans in an effort to tune up our AD domain. I've noticed that some findings involve Exchange objects. For example, PK checks accounts for "PasswordNeverExpires" set to true, and all of the Health Mailboxes have this set.
My question is thus: Is this a safe thing to ignore? My gut says this is fine, as Exchange handles these accounts.
Also, if anyone else has been using PurpleKnight with Exchange and has any pointers or tips, that'd be greatly appreciated!
Long shot here, but is anyone else currently experiencing issues with migration batches in O365?
I queued several batches a few hours ago, and they’re still stuck in a “Queued” status. I checked migration health, and everything came back clean. I recreated the endpoint and reattempted the migration, same result.
I’ve restarted the MRS and replication services on Exchange and tested again with no change. I also rebooted the Exchange database servers, but the issue persists. I’ve reported it to Microsoft, and they are still “investigating.”
All certificates and OAuth configurations from on-prem appear to be valid.
Any ideas? Is anyone else running into this?
We’re out of Compliance and thanks to Broadcom we’re lifting to a cloud provider. I can use the Exchange SE ISO in place and then use a migration tool to migrate to the cloud after figuring out a plan on how to do that safely for Exchange, or I can build new servers in the cloud. My coworker thinks we can’t build new, she says it’ll be too much/ high risk low reward, and that we should just in place upgrade and migrate with our tool. Note: Our tool is literally a block level copy type of tool with a lot of fancy checks where during failover it’ll reboot the destination device and we’ll have to cut network to the old subnet and bring the new subnet up live. I think if I build new we could just shut off the old ones and replace the IPs or something. Maybe she was right…
Edit: We’re on CU 14 currently. CU 15 is there but vendor stated CU 14 was a perfectly fine avenue to get to SE with
Our IMSVA is being retired by Trend Micro. Looking for a replacement that is able to perform SMTP routing internally as well an externally. It doesn’t need to perform any spam or antivirus. Also assigning DKIM. Thanks!
we're currently having an issue renewing oauth certs using the hcw, cannot resolve mshybridservice.trafficmanager.net to an ip address. seems to have been not working for well over 24 hours.
have a ticket in with microsoft but just wondering if anyone else is experiencing this as well?
When trying to create a migration batch via EAC, at the select a migration endpoint step, nothing is appearing in the dropdowns even though we have existing endpoints and can also find them via powershell.
I raised a ticket with M$ but they've advised this is a known UI limitation of EAC and to get around this by creating a new endpoint each time or create migration batches via powershell.
It used to work perfectly fine just a month or two ago, admittedly we haven't been using it as much as we've automated our mailbox migrations but using the new-moverequest command instead.
Was just curious if anyone else is having the same issue.
I’d there any reason this should not work, or is there something else better?
# 1. Get all servers with the Transport role across the entire organization
$AllServers = Get-TransportService
# 2. Loop through each server and pull logs for the last 7 days
$FullLogs = foreach ($Server in $AllServers) {
Get-MessageTrackingLog -Server $Server.Name -EventId RECEIVE -Source SMTP -Start (Get-Date).AddDays(-7) -ResultSize Unlimited
}
# 3. Deduplicate by MessageId and get the final count
($FullLogs | Select-Object MessageId -Unique).Count
Hi all,
I'm running Exchange Server Subscription Edition (SE) with the latest CU and SU applied. I've noticed that CVE-2023-21529 (Exchange Server RCE via deserialization, CVSS 8.8) was added to CISA's KEV catalog yesterday (April 13, 2026), indicating active exploitation in the wild.
The official affected version list only mentions Exchange 2013 CU23, 2016 CU23, and 2019 CU11/CU12 — nothing about Exchange SE.
My understanding is that since Exchange SE RTM is code-equivalent to Exchange 2019 CU15, and the fix for CVE-2023-21529 was already included in CU13+ (KB5023038, Feb 2023), Exchange SE with latest patches applied should be unaffected.
Can anyone confirm this? Is Exchange SE with current CU/SU fully protected against CVE-2023-21529, or is there anything else I should be checking given the new CISA KEV listing?
Hey,
I'm investigating CVE-2025-58107 in our on-premises Exchange 2019 hybrid environment. According to the NVD entry, EAS configurations may transmit sensitive data from Samsung devices in cleartext — including username, email address, device ID, bearer token, and base64-encoded password.
A few things I'm trying to figure out:
Running Exchange SE in a hybrid config. No official MSRC advisory linked to this CVE yet as far as I can tell. Wondering what steps others are taking in the meantime.
Thanks