Originally I tried to use the New-MailboxRestoreRequest powershell cmdlets but it was bugging out on me… not surprising since the both inactive and new mailboxes shared many of the same details. Turns out I needed to use the ExchangeGUID (Step 10)

I could check restore status using the following lines:

$requests = Get-MailboxRestoreRequest | select targetmailbox, RequestGuid

ForEach($request in $requests){Get-MailboxRestoreRequestStatistics -Identity $Request.RequestGuid}

Re-provisioning mailboxes that didn’t want to exist ‘couldn’t be found’

Additionally Admin Console would say something like “This user’s on-premises mailbox hasn’t been migrated to ?Exchange Online?. The ?Exchange Online? mailbox will be available after the migration is completed”

To fix this; I needed to clear the msExchMailboxGUID attribute and set msExchRemoteRecipientType to 1. Turns out mailboxes that were migrated from on-prem will carry a flag and GUID for their historical on-prem junk which can prevent a mailbox from provisioning in EXO. Normally not a problem but in this case it was!

• No Comments

Add Management Scopes to only allow access to those types of Mailboxes

New-ManagementScope -Name "Shared Mailbox Management" -RecipientRestrictionFilter {RecipientTypeDetails -eq "SharedMailbox"}
New-ManagementScope -Name "Room Mailbox Management" -RecipientRestrictionFilter {RecipientTypeDetails -eq "RoomMailbox"}

Add Role groups for those ManagementScopes

New-RoleGroup -Name "Shared Mailbox Admins" -Roles "Mail Recipients" -CustomRecipientWriteScope "Shared Mailbox Management"
New-RoleGroup -Name "Room Mailbox Admins" -Roles "Mail Recipients" -CustomRecipientWriteScope "Room Mailbox Management"

Add the Users to the Roles in 365 

Add-RoleGroupMember "Shared Mailbox Admins" -Member Test.User
Add-RoleGroupMember "Room Mailbox Admins" -Member Test.User

After this , the user can then go to Exchange admin center (microsoft.com) and login , they will see a list of users , but they will only be able to change delegation for SharedMailbox and Rooms

• No Comments

Users can’t send email ( Stay in outbox ) 

On Send and Recieve , Email error “Not Implemented”

New Profile – 0x80040154

Cannot change profile settings , freezes when I click Email acconts

Looks like you need to search the current user registry for OLMAPI32.DLL

e.g. HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{ED475410-B0D6-11D2-8C3B-00104B2A6676}\InprocServer32

C:\\Program Files\\Microsoft Office 15\\Root\\Office15\\OLMAPI32.DLL

and replace with 

C:\\Program Files (x86)\\Microsoft Office\\root\\Office16\\OLMAPI32.DLL

• No Comments

Recently has a user on a terminal server trying to change their login and licenses account to active Office 365. The user logged into Office , but Office came up with “couldn’t verify account”

• No Comments

We were trying to allow access to activate Office 365 from a closed bubble , deployed the Application Whitelists per below

Upon Office activation we were still getting the below :

Looking at the block in the end I had to whitelist the FQDN 

fs-wildcard.microsoft.com.edgekey.net

And the following App

The servers were using Protected View for IE and that as a default browser so I also had to add https://login.microsoftonline.com/ to Trusted sites

• No Comments

Recently a user tried to send an email from 365 to 365 user  ( external not internet ) and got the following bounce back  

Generating server: SYYP282MB0848.AUSP282.PROD.OUTLOOK.COM

Remote Server returned ‘450 4.5.0 Unable to proxy recipient (6a40c324-f14c-4772-8173-153f28bd5a97,c668bfef-4e9a-4374-9709-f7cc3ab2e31e)’

A look at the headers showed it never left 365! The email was resent and did not bounce back , there must of been an internal 365 issue

• No Comments

Receiving an email into 365 in a hybrid setup shows the following error

Make sure if you are in Hybrid you add the External IP of your onprem Exchange server during migration to the SPF Record , as this is used by the connector 

• No Comments

Recently cut over a domain from an old 365 tenant to a new one, upon trying to add the email account to outlook was visit with the error

The old account had been enrolled in Intune here

Removing the old account here , I tried to enroll the new account however I got an enrollment message pop up , this something happens due to old enrollment data getting stuck

Delete ( or clear as much as you can from the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Enrollments ) then try again

What fixed it

• Sign out of the Account in Office
• De-Register the Machine from AAD (Settings -> Work and School Accounts)
• Delete all of the AAD certificates in the User’s Personal Certificate Store
• Reboot

Note if you try and sign in to Office at this point, you will get a modern auth prompt but never get asked for a password

• Re-Register the Machine with AAD
• Re-License Office
• Outlook and Autodiscover tests will now work

• No Comments

Create new Inbound Connector

Add domain of the client you would like to lock down

Tick this

Add Outbound TLS Connector

• No Comments

Add the from field here

and here

365 Settings

• No Comments