@dbeato More on the Exchange 2013/2016 and 2019 troubleshooting. Exchange 2013 is what I have narrowed down to the issue with OWA and ECP with error 500 and the fix as above works. However the Exchange 2016 CU21 and Exchange 2019 CU10 have an issue with Security Clients with AMSI as below https://borncity.com/win/2021/07/13/exchange-2016-2019-outlook-probleme-durch-amsi-integration/
https://www.frankysweb.de/exchange-2016-2019-amsi-integration-sorgt-fuer-probleme-mit-outlook/
Disabling AMSI on the server with the WEb.config file hasn't fixed it yet, in our case we had to disable AMSI on the server and clients for now.

@Dashrender said in Managing Distribution Groups in an Exchange Hybrid Environment:

@EddieJennings said in Managing Distribution Groups in an Exchange Hybrid Environment:

I ought to have clarified. DUO MFA comes into play with Outlook for our mailboxes that are in Exchange Online. On-prem mailboxes (the few we have left aren't subject to DUO).

Are those that are left on prem - are they actual users? If so, I'm curious why they can't be migrated?

Eventually all users will be migrated, so, yes, we still have real users on-prem.

This is outside the scope of the original question / scenario, but I've learned a good bit during this process with much of that learning validating a few things I already knew, such as the value of taking the necessary time to plan, and prep the environment for migration (removing unnecessary objects, etc.).

Final verdict, it completed and showed clean shutdown.

I deleted all the log files at this point and the database mounted.

Email flow resumed around 4pm with no lost email as the spam filter kicked delayed messages in response to inbound email.

@manxam said in Exchange 2013 not sending email to Junk Folder:

Wonder if this is a legacy setting brought forward from SBS 2008.. Regardless, changing it to 4 like you did should likely fix your issue going forward.

Possibly. Time will tell if mail start going to Junk or not.

@davide-bonavita said in Moving from O365 E3 to Business Premium:

It looks like you don't need to uninstall and reinstall Office

Correct

Does the message trace in Exchange tell you anything? I know that when I had on-prem exchange and barracuda, I had weird issues where the attachment size restrictions being smaller/more restrictive on the Exchange server exhibited this behavior. The barracuda delivered, but Exchange rejected due to policy.

@dbeato said in Skype for Business Autodiscovery Failing:

@wirestyle22 said in Skype for Business Autodiscovery Failing:

The Lync/Skype for Business clients don't use Service Connection Point (SCP) to determine the autodiscover URL. Instead, they rely on DNS records. They base this action on the user’s domain suffix of the WindowsEmailAddress or Mail attribute in Active Directory

I assume you have seen this already
https://support.microsoft.com/en-us/help/3120929/lync-skype-for-business-client-can-t-connect-with-exchange-in-office-3
Although it is for Office 365, those same DNS should be internal on your Exchange configured properly.

Yeah I saw that

@wirestyle22 said in Deleting A single e-mail from all e-mail accounts in Exchange 2013 via EMC:

@dbeato said in Deleting A single e-mail from all e-mail accounts in Exchange 2013 via EMC:

'Subject:"Random characters* other stuff"'

so this?

'Subject:"*other stuff"'

Correct. DO a search first and see the results and then proceed to deletion.

These are the kind of things you think someone would catch.

Not like it's some random 3rd party app on some 3rd party OS on some 3rd party host.

@momurda FYI I would have selected your post as the answer, but the NodeBB plugin doesn't let you do that.

At least you found a (somewhat) viable workaround.

@travisdh1 Sometimes you never know!

@dustinb3403 said in Exchange migrations, scenarios to hope you're never in.:

User abuse is the only bug we can't fix with technology.

Good to know eseutil was able to correct the issue.

Even that was just very weird. The status had stopped updating and processes associated with it quit doing anything for around 20 minutes. We were both wondering what was going on when I was like "I'm going to ctrl+c it." So the cancel current command actually kicked off a whole bunch of activity that went quite quickly compared to what it had been running at before and actually repaired the DB. We were both more than a little confused over that one.

@stacksofplates said in OWA is vulnerable to Phishing:

@scottalanmiller said in OWA is vulnerable to Phishing:

@aidan_walsh said in OWA is vulnerable to Phishing:

@Breffni-Potter said in OWA is vulnerable to Phishing:

Ummm....as an attacker, why can't I just have a next page fake confirmation which forgets the profile photo (easy to overlook in a hurry) and get the password for google anyway?

Same again for the banking website.

Thats exactly what happens. You'd be surprised at what passes for phishing attacks, and how many people fall for them. I've seen ones that have asked people "for security purpose" to enter all 50 4-digit code card entries, something a bank would obviously never do.

And yet...

Partially that's because real banks have done that traditionally.

Like AMEX. I needed a password reset and they asked all of the info on my card, other than my name and expiration.

Yeah, it definitely still happens. And I've had huge security gaps that I've told a bank was not secure and they didn't care. I said... I literally have no means to tell if you are really my bank or not and they are just like "so, we don't care."