How to: Remove a single Azure AD Password Protection Proxy server

If you’re migrating your Azure AD Password Protection Proxy to a new host, you will have found that no documentation exists to guide you through decommissioning the legacy proxy without removing AAD Password Protection entirely. To remove a single (or multiple) servers without decommissioning the entire server, see below: Uninstall the proxy software on the … Read more

Tip: Unable to sign in after Azure AD Join – “We are unable to connect right now”

I recently encountered an issue where I was unable to sign into a Windows 10 device which had completed device ESP. After entering my Azure AD credentials on the Windows sign-in screen, I received the error “We are unable to connect right now. Please check your network and try again later.”. After checking the obvious … Read more

Fix: “Not valid SMTP address” while adding migrated mailbox permissions

A customer recently came to me with an issue leaving them unable to add permissions for a migrated user to an on-prem calendar. Upon attempting to do this, they received the below error: A very confusing issue as the mailbox Exchange is looking for most certainly does exist. A quick check using the below command … Read more

Fix: Cryptographic exception error when assigning certificates on Exchange

During a certificate renewal on Exchange 2016, I received the below error while attempting to assign services to the new certificate: You’ll also see a similar message when generating new self-signed certificates via PowerShell: In my case, this was caused by McAfee Endpoint Security. Disabling Threat Prevention and Adaptive Threat Protection allowed me to complete … Read more

Fix: Modern Hybrid Agent exit code 1603 on Exchange 2016

Today I was faced with a new issue while running through the Hybrid Configuration Wizard on a new Exchange 2016 machine running Windows Server 2016. This error can also be seen in the HCW log file which can be found in %AppData%\Roaming\Microsoft\Exchange Hybrid Configuration on the machine running HCW. Open the latest Date_time.log file using … Read more

Fix: Seamless SSO not working for Staged Rollout users

If you’re planning on making the switch from federated to cloud authentication, you have probably heard of Staged Rollout; a new feature from Microsoft that allows you to pilot the migrated experience without migrating your entire domain. While the feature works as advertised, Microsoft’s setup instruction are missing a key step to get Seamless Single … Read more

Fix: ScriptingAgent error on Exchange 2016

I recently worked with a client to install a new Exchange 2016 server into an existing Exchange 2010 environment. The install was smooth and all tests were successful, however I faced a recurring warning whenever using the New-Mailbox cmdlet. This error was present in both EAC and EMS (full error can be found at the … Read more

How to: Remove domain-specific Public Folder SMTP proxy addresses

In preparation for migrating legacy Public Folders to Exchange 2016, I needed to remove a large number of SMTP proxy addresses that that used the “@local” domain, created by an old email address policy. Many scripts exist for this purpose, should you only need to update mailboxes, however I was unable to find anything that … Read more