March 2023 Exchange Server Security Updates

Microsoft Exchange Servers security updates have been released for March 2023.

These updates are available for the following specific versions of Exchange Server:

Exchange Server 2013 CU23 SU21 (Microsoft Exchange Server 2013 will reach its end of support on April 11, 2023)
Exchange Server 2016 CU23 SU7
Exchange Server 2019 CU11 SU11 & CU12 SU7

The recommendation is to install these updates immediately to protect your environment.
In the scenario where you do a Cumulative Update(CU), you need to make security updates. Otherwise, remember that you have to do the Cumulative Update(CU) first and then the Security Update(SU).

Inventory your Exchange Servers to determine which updates –> “Exchange Server Health Checker
Choose your current CU and your target CU to get directions –>  “Exchange Update Wizard
If you encounter errors during or after installation of Exchange Server –> “Exchange Setup Assist

Note: Don't double-click the 'MSP file' to run it. Run Command Prompt (not Powershell) as an Administrator.

Issues resolved with this update:

  • EWS web application pool stops after the February 2023 Security Update is installed .
    ⇒If you have applied a workaround for this issue, you should roll it back after the March security update.
  • Exchange Server 2016 or 2019 who have non-default applications installed through ECP add-ins, the ECP add-ins page might be broken after the February 2023 Security Update is installed
    ⇒The issue is expected to be resolved with the March security update.
  • The Get-App and GetAppManifests applications fail and return an exception, “MSExchangeServicesAppPool” application pool to repeat in the same order after the February 2023 Security Update is installed .
    ⇒The issue has been resolved with the March security update.
  • Exchange Toolbox and Queue Viewer fails after Certificate Signing of PowerShell Serialization Payload is enabled after the Janurary 2023 or the February 2023 Security Update is installed.
    ⇒The issue has been resolved with the March security update for servers running the Mailbox Role, but this issue persists on other servers with management console installed.

Have a nice day!

February 2023 Exchange Server Security Updates

Microsoft Exchange Servers security updates have been released for February 2023.

These updates are available for the following specific versions of Exchange Server:

Exchange Server 2013 CU23 SU20 (Microsoft Exchange Server 2013 will reach its end of support on April 11, 2023)
Exchange Server 2016 CU23 SU6
Exchange Server 2019 CU11 SU10 & CU12 SU6

The recommendation is to install these updates immediately to protect your environment.
In the scenario where you do a Cumulative Update(CU), you need to make security updates. Otherwise, remember that you have to do the Cumulative Update(CU) first and then the Security Update(SU).

Inventory your Exchange Servers to determine which updates –> “Exchange Server Health Checker
Choose your current CU and your target CU to get directions –>  “Exchange Update Wizard
If you encounter errors during or after installation of Exchange Server –> “Exchange Setup Assist

 

Note: Don't double-click the 'MSP file' to run it. Run Command Prompt (not Powershell) as an Administrator.

 

Have a nice day!

Exchange Recipient Type Values

I don’t know where and when this information will be useful to you, but I needed these values in a few problems I had, maybe you will need them one day.

There are three critical recipient values used by Exchange Server;

  • msExchRecipientDisplayType
  • msExchRecipientTypeDetails
  • msExchRemoteRecipientType

There is the only supported way to change these values is using the Exchange Admin Center or using the Exchange Management Shell.

msExchRecipientDisplayType Value (Decimal)
MailboxUser 0
DistributionGroup 1
PublicFolder 2
DynamicDistributionGroup 3
Organization 4
PrivateDistributionList 5
RemoteMailUser 6
ConferenceRoomMailbox 7
EquipmentMailbox 8
ArbitrationMailbox 10
MailboxPlan 11
LinkedUser 12
RoomList 15
SyncedMailboxUser -2147483642
SyncedPublicFolder -2147483130
SyncedDynamicDistributionGroup -2147482874
SyncedRemoteMailUser -2147482106
SyncedConferenceRoomMailbox -2147481850
SyncedEquipmentMailbox -2147481594
SecurityDistributionGroup 1043741833
RBAC Role Group 1073741824
msExchRecipientTypeDetails Value (Decimal)
UserMailbox 1
LinkedMailbox 2
SharedMailbox 4
LegacyMailbox 8
RoomMailbox 16
EquipmentMailbox 32
MailContact 64
MailUser 128
MailUniversalDistributionGroup 256
MailNonUniversalGroup 512
MailUniversalSecurityGroup 1024
DynamicDistributionGroup 2048
PublicFolder 4096
SystemAttendantMailbox 8192
SystemMailbox 16384
MailForestContact 32768
User 65536
Contact 131072
UniversalDistributionGroup 262144
UniversalSecurityGroup 524288
NonUniversalGroup 1048576
Disable User 2097152
MicrosoftExchange 4194304
ArbitrationMailbox 8388608
MailboxPlan 16777216
LinkedUser 33554432
RoomList 268435456
DiscoveryMailbox 536870912
RoleGroup 1073741824
RemoteUserMailbox 2147483648
RemoteRoomMailbox 8589934592
RemoteEquipmentMailbox 17179869184
RemoteSharedMailbox 34359738368
PublicFolderMailbox 68719476736
Team Mailbox 137438953472
RemoteTeamMailbox 274877906944
MonitoringMailbox 549755813888
GroupMailbox 1099511627776
LinkedRoomMailbox 2199023255552
AuditLogMailbox 4398046511104
RemoteGroupMailbox 8796093022208
SchedulingMailbox 17592186044416
GuestMailUser 35184372088832
AuxAuditLogMailbox 70368744177664
SupervisoryReviewPolicyMailbox 140737488355328
msExchRemoteRecipientType Value (Decimal)
ProvisionedMailbox (Cloud Mailbox) 1
ProvisionedArchive (Cloud Archive) 2
ProvisionedMailbox, ProvisionedArchive (Cloud Mailbox & Cloud Archive) 3
Migrated 4
Migrated, ProvisionedArchive (Migrated Mailbox & Cloud Archive) 6
DeprovisionMailbox 8
ProvisionArchive, DeprovisionMailbox 10
DeprovisionArchive 16
ProvisionMailbox, DeprovisionArchive 17
DeprovisionArchive, Migrated 20
ProvisionMailbox, Migrated, DeprovisionArchive 21
DeprovisionMailbox, DeprovisionArchive 24
RoomMailbox 32
ProvisionMailbox, RoomMailbox 33
ProvisionMailbox, ProvisionArchive, RoomMailbox 35
Migrated, RoomMailbox 36
ProvisionArchive, Migrated, RoomMailbox 38
ProvisionMailbox, DeprovisionArchive, RoomMailbox 49
Migrated, DeprovisionArchive, RoomMailbox 52
EquipmentMailbox 64
ProvisionMailbox, EquipmentMailbox 65
ProvisionMailbox, ProvisionArchive, EquipmentMailbox 67
Migrated, EquipmentMailbox 68
ProvisionArchive, Migrated, EquipmentMailbox 70
ProvisionMailbox, DeprovisionArchive, EquipmentMailbox 81
Migrated, DeprovisionArchive, EquipmentMailbox 84
SharedMailbox 96
ProvisionMailbox, SharedMailbox 97
Migrated, SharedMailbox 100
ProvisionArchive, Migrated, SharedMailbox 102
Migrated, DeprovisionArchive, SharedMailbox 116

Have a nice day !

Office 365 Mailbox Not Showing In On-Premises Exchange Server

If you create your user’s mailbox directly from the Office 365 management console, you will not be able to see the newly created mailbox on your On-Premises Exchange server.

The recommended method is to create the mailbox on the On-Premises Exchange server.

In order to solve the problem of the mailbox created directly on Office365 not appearing on Hybrid Exchange in our scenario above, you should run the following commands on the On-Premises Exchange according to the mailbox you are having trouble with.

$uid = read-host "Please enter username"
$mailnick = read-host "Please enter username"
$tempmail = $uid+"@company.mail.onmicrosoft.com"
$primarymail = $mailnick+"@company.com"

Set-ADUser $uid -Clear homemdb, homemta, msExchHomeServerName, msExchPoliciesExcluded
Set-ADUser $uid -Add @{msExchRemoteRecipientType="4"}
Set-ADUser $uid -Add @{mailNickname="$mailnick"}
Set-ADUser $uid -Add @{msExchProvisioningFlags="0"}
Set-ADUser $uid -Add @{msExchModerationFlags="6"}
Set-ADUser $uid -Add @{msExchAddressBookFlags="1"}
Set-ADUser $uid -Replace @{targetaddress="$tempmail"}
Set-ADUser $uid -Replace @{msExchRecipientDisplayType="-2147483642"}
Set-ADUser $uid -Replace @{msExchRecipientTypeDetails="2147483648"}
Set-RemoteMailbox $uid -PrimarySMTPAddress $primarymail

Have a nice day!

Minimum Outlook for Windows version requirements for Microsoft 365

After November 1, 2021, only Outlook 2013 Service Pack 1 (with latest fixes) and later will be able to connect to Microsoft 365 services.

Not supported versions;

  • Outlook 2007
  • Outlook 2010
  • Office 2013 versions earlier than 15.0.4971.1000
  • Office 2016 versions earlier than 16.0.4600.1000

Outlook 2007 or Outlook 2010 is blocked from connecting to Exchange Online.
Users can immediately start using Outlook on the web through a browser.

If you want to find the outlook version information used in your tenant organization, you can use the “Microsoft 365 Reports in the admin center – Email apps usage.

Have a nice day !

How to Fix Exchange Server EventID 15021 HttpEvent

If you get “Connection to remote server” / “ClientAccessServer = EXCHANGE, BackEndServer = EXCHANGE” error while opening Exchange Management Shell on your Exchange Servers and the Management Shell connects to another server that is a member of Exchange DAG.

If you get Event: 15021, HttpEvent error in the event logs like the following;

Open IIS Manager –> Sites –> Exchange Back End Sites

Check you https protocol “Exchange Back End” Binding

There is a must be self-signed “Microsoft Exchange” certificate here, if not here , it may have expired and you need to renew it on the Exchange ECP console or MMC console.

Have a nice day!

How to Move Exchange Queue

If you need to move the Exchange queue , you can follow the steps below.

1-Suspend Message Queue
Get-Message -Server ExcSrv | Suspend-Message

2-Export Suspend Message
Get-Message -Server ExcSrv | ForEach-Object {$Temp="E:\Export\"+$_.InternetMessageID+".eml";$Temp=$Temp.Replace("<","");$Temp=$Temp.Replace(">","");Export-Message $_.Identity | AssembleMessage -Path $Temp}

3-It is sufficient to move the exported mails to the Replay folder to enable resending.
Path –> “Exchange Server\V15\TransportRoles\Replay”

Note : Run Exchange Management Shell as an Administrator .

Have a nice day!