Office 365 Mailbox Migration Planning Script

Every user mailbox in Exchange Online requires an Office 365 license to be assigned to the user.  Often when migrating from Exchange On-premises, there are more user mailboxes than actual users, and more importantly, more user mailboxes than Office 365 licenses.  In this scenario, a number of options can be considered including: read more

Troubleshooting the Office 365 Hybrid Configuration Wizard

In this blog post I want to share some tips for identifying issues when running the Office 365 Hybrid Configuration Wizard (HCW), available here .


  1. Where to find the Hybrid Configuration Wizard logs
  2. How to identify network related issues

In my experience, network relates issues are the most common cause of HCW failures, and that is where this blog post will focus.   Most corporate networks have firewall and / or proxy restrictions in place.  There are very specific network requirements for connectivity to Office 365 as detailed here . read more

Outlook client can’t connect to Exchange 2016 – continually prompts for login credentials


I came across this issue while working on an Exchange Hybrid deployment.  During the testing phase, I successfully migrated mailboxes from Exchange 2010 to Exchange Online.  However, when I migrated a mailbox from Exchange 2010 to Exchange 2016, my Outlook client could not connect to its mailbox and would continually prompt for login credentials read more

Unable to run Office 365 / Exchange Hybrid Wizard – “Content was blocked because it was not signed by a valid security certificate”

Unable to run Office 365 / Exchange Hybrid Wizard – “Content was blocked because it was not signed by a valid security certificate”


From the Exchange Admin Center you run the Hybrid configuration setup


You are prompted to login to Office 365


You enter your credentials


And then receive this message / warning


You are unable to complete the Hybrid configuration


You can resolve this issue by installing the certificate as follows: read more

Error creating a public folder migration batch when the “Folder to Mailbox Map” CSV file has more than 1000 rows

Problem Description

Trying to migrate public folders from Exchange 2007 to 2013 using the batch migration process detailed here

On step 5, when running the New-Migration cmdlet to create the migration batch as follows

New-MigrationBatch -Name PFMigration -SourcePublicFolderDatabase (Get-PublicFolderDatabase -Server SERVER01) -CSVData (Get-Content Public_Folder_to_mailbox_map.csv -Encoding Byte) -NotificationEmails -BadItemLimit $BadItemLimitCount    read more

Exchange Active Sync not working for some users due to Kerberos Token Bloat


  • You have deployed Exchange or are in the middle of a migration from an older version.
  • You discover that Active Sync is not working for some users, but it’s working fine for other users
    • In my case I was migrating from Exchange 2007 to Exchange 2013.

    Other Symptoms

    • HTTP Proxy Log contains the following error
      • WebExceptionStatus=ProtocolError;ResponseStatusCode=400;WebException=System.Net.WebException: The remote server returned an error: (400) Bad Request.


      The problem in my case was a Kerberos Token Bloat cause by the affected users being a member of a larger number of Active Directory Groups (in my case 150)

      As per this Technet article:

      “This issue may occur when the user is a member of many Active Directory user groups. When a user is a member of a large number of active directory groups the Kerberos authentication token for the user increases in size. The HTTP request that the user sends to the IIS server contains the Kerberos token in the WWW-Authenticate header, and the header size increases as the number of groups goes up.  If the HTTP header or packet size increases past the limits configured in IIS, IIS may reject the request and send this error as the response.” read more

Microsoft Exchange DAG database copy queue length 9223372036854773269


As part of testing a new Exchange 2013 DAG before going into production, I was simulating different scenarios including server failure.  One of the 3 servers in the DAG was powered off.  Active databases failed over automatically to the other servers, and the databases mounted automatically. read more

How to fix “Error” when removing the default Microsoft Exchange database


  • You have deployed Exchange 2013
  • You want to remove the default database, but you are getting the following error


  • You have followed all the instructions to identify and migrate any mailboxes that may be residing in the default database e.g.
    • Get-Mailbox –Database “Mailbox Database 1246106742”
    • Get-Mailbox –Database “Mailbox Database 1246106742” –Archive
    • Get-Mailbox –Database “Mailbox Database 1246106742” –Arbitration
    • Get-Mailbox –Database “Mailbox Database 1246106742” –PublicFolder
    You have even tried
    • Get-Mailbox | where ArchiveDatabase –eq “Mailbox Database 1246106742”
    Still no mailboxes to be found in the database



    If your Exchange server is in a child domain, some mailboxes (e.g. arbitration / discovery) will appear missing.  You need to run the following command to find these mailboxes

    Set-ADServerSettings –ViewEntireForest:$true


    Then you will see the mailboxes which need to be moved before deleting the database.  Move the mailboxes using the new-moverequest as follows: read more

MSExchange DAG Replication Bandwidth Script

I’m in the process of planning a migration from Exchange 2007 to 2013 for one of my multinational customers.  The solution will include multiple DAG’s split across datacentres in EMEA and North America.

A key component of the planning is estimating the bandwidth requirements between datacentres.  And to do this, I needed to collect the log file usage from the current Exchange 2007 environment. read more