IMCEAEX non-delivery report

When migrating from on-prem Exchange to Office 365, it's best to treat it like any other cross-forest move and populate each object's LegacyExchangeDN value as an X500 address, otherwise you'll get NDR errors replying to old messages or calendar entries once mailboxes start moving. When receiving IMCEAEX NDRs, you can use the contents of the…



When dealing with attributes synced to O365 via FIM \ DirSync \ AAD Sync, you will frequently encounter the msExchRemoteRecipient type attribute, previously empty in on-prem Exchange (only msExchRecipientTypeDetails and msExchRecipientDisplayType had values) the msExchRemoteRecipientType will have the following values depending on the object type and how the mailbox and archive were enabled \ moved…


What is this …. (FYDIBOHF23SPDLT)

You may notice that the Legacy Exchange DN value in onprem AD typically contains something like : ou=External (FYDIBOHF23SPDLT)/cn=Recipients Just in case you were curious, the FYDIBOHF23SPDLT value is a constant, it’s basically the phrase EXCHANGE12ROCKS…  the letters are all alpha-shifted one character. It’s changed for each version of Exchange over the years.


Provisioning Remote Object Types in Exchange Online

Many times, once a customer has migrated from Exchange on-premises to Exchange Online, they want to completely decommission ALL on-premises Exchange servers.  The issue this presents is that on-prem AD is authoritative for all objects, and then synced to Azure using AAD Sync. There are 2 options – You can maintain a single Exchange server…


Migrating OnPrem DLs to Cloud DLs

If you find that you need to migrate an onprem DL into a cloud DL, you can use the script below…. <# .SYNOPSIS        This command converts a Federated DL to a Cloud-only DL   .DESCRIPTION     This command accepts the DISPLAY NAME of a on-prem DL that has been synchronized to Azure and appears…


AD Attributes that are changed when a mailbox moves to Office 365

There’s not a lot of great documentation available on what values change when an on-prem mailbox moves to the cloud.   The full list is below, but it’s important to note the following values since they are most often missed \ overlooked.   msExchRemoteRecipientType, previously null, will be set to 4   msExchRecipientTypeDetails gets changed from…



I sometimes find that the validation error detail in the portal is less than helpful, and getting the verbiage from powershell can be a bit tricky, so I wrote the following Powershell function that will output all the Azure objects with a more human-readable version of the validation errors for each account…   function Get-MSOLUserWithValidationError…


Get-O365user.ps1 = MSOLuser and EXOUser and EXOMailUser or EXOUserMailbox attributes combined!

Have you ever been troubleshooting Exchange Online (EXO) and MSOnline (Azure) objects and wished there was a way to aggregate all the data together into a single object that you could manipulate either via script or pipeline, output via FT, manipulate or otherwise report on?   The following script will accept either UPN or ObjectID, locate…



Object Type RecipientTypeDetails (Decimal Value) User Mailbox 1 Linked Mailbox 2 Shared Mailbox 4 Legacy Mailbox 8 Room Mailbox 16 Equipment Mailbox 32 Mail Contact 64 Mail-enabled User 128 Mail-enabled Universal Distribution Group 256 Mail-enabled non-Universal Distribution Group 512 Mail-enabled Universal Security Group 1024 Dynamic Distribution Group 2048 Mail-enabled Public Folder 4096 System Attendant Mailbox…


Ugly GALsync

I often ( frequently, not someone who has lost his parents* ) find that while I am testing FIM joins and attribute flows, I would like to maintain contact objects in forest B for the users I am creating if forest A, or vice versa. Rather than setup FIM to do classic GALsync, since I…