User Profile
Curious_Kevin16
Iron Contributor
Joined 3 years ago
User Widgets
Recent Discussions
Exchange RBAC Challenge: Restricting Admin Level Access to Selected Mailboxes
Hi Exchange Brain Trust, I'm looking to implement a restriction for a specific group of admins (let's say Service Desk L1 team) so they do not have administrative access to executive EXO mailboxes (e.g., email address removed for privacy reasons, email address removed for privacy reasons), while retaining access to all other mailboxes. I've explored built-in RBAC configurations, Administrative Units, and role assignments in Exchange, but haven’t found a solution that meets this requirement. Any guidance or suggestions would be greatly appreciated. Thanks in advance!Hybrid Entra ID Device stuck in Pending
I'm working on onboarding multiple devices to Intune automatically. I’ve created a group containing all relevant users and devices, which has been targeted in the Intune automatic enrolment scope. While the initial testing with just two users was successful (one of those devices took 3-4 days to complete this process of consolidating the two objects from Entra Registered to Hybrid Joined). Expanding the scope to include all users has led to issues. Although all devices are synced to Entra ID via Entra Connect, many device objects are now stuck in a pending state specifically, they're not progressing from "Entra Registered" to "Entra Hybrid Joined". Has anyone worked around this? Is this time taking for this task normal? (very keen to understand what's going on behind the scenes as one of the test devices also had the same issue and succeeded after 3-4 days) Appreciate any ideas/thoughts on this. Thank you!Cross-Tenant Shared Meeting Room Spaces
We have two M365 tenancies under our group. We need to allow users from both tenants to use Meeting room resources (book rooms, use calendars etc..). Is this just about configuring Exchange OR Sharing in EXO or do we need anything beyond that to facilitate Teams meeting room resource sharing? Would we also need to sync these meeting room objects across tenancies to allow users to see them in GAL etc.. ? Thank you!Pointing MX and Autodiscover to 365
We recently migrated to Exchange Online via Exchange Hybrid. MX and Autodiscover are still pointed to on-prem environment as we have room booking mailboxes and resource mailboxes located on-prem. Is it ok to Cut-over MX and AutoDiscover to Exchange Online now? What implications would it have on Room booking for cloud users and devices configured to use these mailboxes? Much appreciate your ideas.Re: Exchange 2019 Mailbox Migration Error - Folder conflicts with Exchange Online folder
"Files" seems to be a system folder and you can't do much except renaming which we tried through MFCMapi with no luck, it still refers to the "Files' folder. EXO shouldn't matter should it? as we're simply trying to remote move the mailbox and obviously there's no mailbox exists in EXO for this user yet.Deploy 802.1x Policies to Windows 10 Devices using traditional management tools
Hi Folks, We've been asked to implement 802.1x endpoint policies to Windows 10 devices using traditional tools such as AD, GPO etc.. Has anyone achieved this and is it a possibility? Thanks and much appreciate any helpful information!Exchange Mailbox Migration Errors - Corrupted items
Howdy Folks! I'm getting a lot of errors in one of the last mailboxes we're migrating to 365 from Exchange 2019 Hybrid. Has anyone managed to remediate these type of errors? I've remediated abandoned users from permissions but nothing has worked. The errors still popping up even after creating a new batch. Subject Kind Scoring Classification Folder Name FolderACL CorruptFolderACL FolderACL, SourcePrincipalError Tasks FolderACL CorruptFolderACL FolderACL, SourcePrincipalError Tasks FolderACL CorruptFolderACL FolderACL, SourcePrincipalError Notes FolderACL CorruptFolderACL FolderACL, SourcePrincipalError Notes FolderACL CorruptFolderACL Inbox, FolderACL, SourcePrincipalError Inbox FolderACL CorruptFolderACL Inbox, FolderACL, SourcePrincipalError Inbox FolderACL CorruptFolderACL FolderACL, SourcePrincipalError Investments FolderACL CorruptFolderACL FolderACL, SourcePrincipalError Investments FolderACL CorruptFolderACL FolderACL, SourcePrincipalError Health FolderACL CorruptFolderACL FolderACL, SourcePrincipalError Health FolderACL CorruptFolderACL FolderACL, SourcePrincipalError Eleanor FolderACL CorruptFolderACL FolderACL, SourcePrincipalError Eleanor FolderACL CorruptFolderACL FolderACL, SourcePrincipalError Clover FolderACL CorruptFolderACL FolderACL, SourcePrincipalError Clover FolderACL CorruptFolderACL FolderACL, SourcePrincipalError ACL ASIC FolderACL CorruptFolderACL FolderACL, SourcePrincipalError ACL ASIC FolderACL CorruptFolderACL FolderACL, SourcePrincipalError __Pre 2011 FolderACL CorruptFolderACL FolderACL, SourcePrincipalError __Pre 2011 FolderACL CorruptFolderACL FolderACL, TargetPrincipalError __Pre 2011 FolderACL CorruptFolderACL FolderACL, SourcePrincipalError __2011-2012 FolderACL CorruptFolderACL FolderACL, SourcePrincipalError __2011-2012 FolderACL CorruptFolderACL FolderACL, TargetPrincipalError __2011-2012 FolderACL CorruptFolderACL FolderACL, SourcePrincipalError Contacts FolderACL CorruptFolderACL FolderACL, SourcePrincipalError Contacts FolderACL CorruptFolderACL FolderACL, SourcePrincipalError Recipient Cache FolderACL CorruptFolderACL FolderACL, SourcePrincipalError Recipient Cache FolderACL CorruptFolderACL FolderACL, SourcePrincipalError Recipient Cache FolderACL CorruptFolderACL FolderACL, SourcePrincipalError Recipient Cache FolderACL CorruptFolderACL FolderACL, SourcePrincipalError PeopleCentricConversation Buddies FolderACL CorruptFolderACL FolderACL, SourcePrincipalError PeopleCentricConversation Buddies FolderACL CorruptFolderACL FolderACL, SourcePrincipalError PeopleCentricConversation Buddies FolderACL CorruptFolderACL FolderACL, SourcePrincipalError PeopleCentricConversation Buddies FolderACL CorruptFolderACL FolderACL, SourcePrincipalError Organizational Contacts FolderACL CorruptFolderACL FolderACL, SourcePrincipalError Organizational Contacts FolderACL CorruptFolderACL FolderACL, SourcePrincipalError Organizational Contacts FolderACL CorruptFolderACL FolderACL, SourcePrincipalError Organizational Contacts FolderACL CorruptFolderACL FolderACL, SourcePrincipalError GAL Contacts FolderACL CorruptFolderACL FolderACL, SourcePrincipalError GAL Contacts FolderACL CorruptFolderACL FolderACL, SourcePrincipalError GAL Contacts FolderACL CorruptFolderACL FolderACL, SourcePrincipalError GAL Contacts FolderACL CorruptFolderACL FolderACL, SourcePrincipalError Companies FolderACL CorruptFolderACL FolderACL, SourcePrincipalError Companies FolderACL CorruptFolderACL FolderACL, SourcePrincipalError Companies FolderACL CorruptFolderACL FolderACL, SourcePrincipalError Companies FolderACL CorruptFolderACL FolderACL, SourcePrincipalError {A9E2BC46-B3A0-4243-B315-60D991004455} FolderACL CorruptFolderACL FolderACL, SourcePrincipalError {A9E2BC46-B3A0-4243-B315-60D991004455} FolderACL CorruptFolderACL FolderACL, SourcePrincipalError {06967759-274D-40B2-A3EB-D7F9E73727D7} FolderACL CorruptFolderACL FolderACL, SourcePrincipalError {06967759-274D-40B2-A3EB-D7F9E73727D7} FolderACL CorruptFolderACL FolderACL, SourcePrincipalError Calendar FolderACL CorruptFolderACL FolderACL, SourcePrincipalError Calendar FolderACL CorruptFolderACL FolderACL, SourcePrincipalError Calendar FolderACL CorruptFolderACL FolderACL, SourcePrincipalError Calendar FolderACL CorruptFolderACL FolderACL, SourcePrincipalError Calendar FolderACL CorruptFolderACL FolderACL, SourcePrincipalError Calendar FolderFreeBusyACL CorruptFolderACL FolderACL, SourcePrincipalError Calendar FolderFreeBusyACL CorruptFolderACL FolderACL, SourcePrincipalError Calendar FolderFreeBusyACL CorruptFolderACL FolderACL, SourcePrincipalError Calendar FolderFreeBusyACL CorruptFolderACL FolderACL, SourcePrincipalError Calendar FolderFreeBusyACL CorruptFolderACL FolderACL, SourcePrincipalError Calendar FolderFreeBusyACL CorruptFolderACL FolderACL, SourcePrincipalError Calendar FolderFreeBusyACL CorruptFolderACL FolderACL, SourcePrincipalError Calendar FolderACL CorruptFolderACL FolderACL, SourcePrincipalError Calendar_JFK3F8.ics FolderACL CorruptFolderACL FolderACL, SourcePrincipalError Calendar_JFK3F8.ics FolderACL CorruptFolderACL FolderACL, SourcePrincipalError Calendar_JFK3F8.ics FolderACL CorruptFolderACL FolderACL, SourcePrincipalError Calendar_JFK3F8.ics FolderACL CorruptFolderACL FolderACL, SourcePrincipalError Calendar_JFK3F8.ics FolderACL CorruptFolderACL FolderACL, SourcePrincipalError Calendar_JFK3F8.ics FolderACL CorruptFolderACL FolderACL, SourcePrincipalError Calendar_JFK3F8.ics FolderACL CorruptFolderACL FolderACL, SourcePrincipalError Calendar_JFK3F8.ics FolderACL CorruptFolderACL FolderACL, SourcePrincipalError Calendar_JFK3F8.ics FolderACL CorruptFolderACL FolderACL, TargetPrincipalError Calendar_JFK3F8.ics FolderACL CorruptFolderACL FolderACL, SourcePrincipalError Freebusy Data Model walkthrough with NT CorruptItem Calendar, Item, StartMustExistCalendarCorruption CalendarExchange 2019 Mailbox Migration Error - Folder conflicts with Exchange Online folder
Hi Exchange Experts, I'm migrating a small Exchange 2019 environment to 365. Been pulling my hair out becuase of just one mailbox giving this error Error description --------------------------- Error: AggregateMailboxFolderConflictPermanentException: The folder 'Files' conflicts with Exchange Online folder 'Files', please move the messages to another folder and restart the job. Data migrated: 0 B (0 bytes) Migration rate: -------------------------------------- Migration user report: 5/14/2025 12:32:05 PM [MEUP300MB0105] Request processing continued, stage CreatingFolderHierarchy. 5/14/2025 12:32:05 PM [MEUP300MB0105] Stage: CreatingFolderHierarchy. Percent complete: 10. 5/14/2025 12:32:12 PM [MEUP300MB0105] Stage: CreatingFolderHierarchy. Percent complete: 10. 5/14/2025 12:32:12 PM [MEUP300MB0105] Fatal error AggregateMailboxFolderConflictPermanentException has occurred. ---------------------- It seems to be a system folder and I've tried to remove files from it (although there're no files in it) using MFCMAPI tool with no success. Renamed the folder and tried to re-run the migration with no luck. Has anyone experience this issue? any thoughts or tips are much appreciated ! Thank you.Recurring Work or School Account Sign-In Error Notifications (Hybrid-Joined Devices)
We're seeing a recurring issue where users receive frequent notifications from Windows saying, “There is a problem with your work or school account”, prompting them to sign in. However, when they attempt to sign in to resolve it, the process fails—despite everything else seemingly working fine (e.g., no impact on Teams, Outlook, or other M365 services). All affected devices are hybrid Azure AD-joined (on-prem AD + Entra ID). This has been occurring across both Windows 10 and Windows 11 machines, including recent test deployments. Using dsregcmd /status, I noticed the following in the logs: SSO: Invalid Grant AADSTS7000022: VSM Binding Key missing from Ticket Granting Ticket Request Additionally, Azure AD Connect was found to be running an outdated version, which might be a factor—but I’m not certain if this is the root cause. Has anyone encountered this before or found a reliable fix? Appreciate any insight!Exchange 2019 SMTP Relay Issue After Adding New Server to Send Connector
I have an Exchange environment with two Exchange 2019 servers — one on-premises (EX01) and the other recently deployed in an Azure VM (EX02). The goal is to eventually decommission the old on-premises server. We use a receive connector for SMTP relay from MFPs (printers) and applications to send scanned documents to internal users (all mailboxes are hosted in Microsoft 365). I've replicated the receive connector on the new server (EX02) with identical settings, including the public certificate. All necessary ports are open, and the configuration matches the old server (anonymous relay). However, when I add EX02 to the send connector and test email relays from scanners or apps, the messages are never delivered — they seem to disappear entirely. No NDRs are generated, and nothing shows up in the queues or logs indicating a failure. Interestingly, the new server does receive the relay messages — I can see its hostname in the message headers for successfully delivered emails (prior to adding EX02 to the send connector), so it's definitely accepting the relay connection but something is wrong on the sending. I haven’t run the Hybrid Configuration Wizard on either server, as these servers are only used for SMTP relay purposes. Any idea what I might be missing? What could be causing this mail transport issue on the new server? Much appreciate your ideas !! Thank youExchange server transport logs reading tool
Hi Exchange Brain Trust, I need to get rid of any inactive IP addresses out of my SMTP receive connectors in Exchange 2019 server (Hybrid environment). Is there a free tool to monitor/study transport logs which provides a good UI as opposed to notepad readings? Appreciate any suggestions. Thank you!Programmatically remediate SharePoint and OneDrive Oversharing links
Hi SPO Brain Trust, Has anyone been able to work around a solution to programmatically remove oversharing links (from content level) from SharePoint sites and OneDrives as opposed to using 3rd party tooling? Very keen to hear your thoughts on this as we're looking at manually remediating these from our environment. Thank you!Auto-labelling in Purview-Which license or alternatives can be used rather than E5 ?
We are considering adopting Purview for Information Protection and DLP, but we are currently on E3 licenses. Given the extensive size of our SharePoint environment, auto-labelling is crucial for applying sensitivity labels to content across wide scopes automatically. My question is, are there any alternatives to upgrading licenses to E5 or adding the Compliance Add-on? Upgrading several thousand users to E5 or the Compliance Add-on requires significant justification, and I am wondering if there are other interim solutions we could leverage for a period of one year. Any thoughts would be greatly appreciated! Thank you! KevConvert large number of Public Teams to Private
Howdy Folks, We currently have a substantial number of public Teams in our environment and would like to convert as many of these to private as possible as part of our security and compliance remediation efforts. Is there a recommended approach for automating this task, potentially using a script? Additionally, what implications should we be aware of as a result of converting these Teams to private? Any advise/help is much much appreciated!What are the exact steps (the latest) to enable container support in Purview?
I've been pulling my hair out trying to figure this one for the last couple hours. Can someone help me out with the exact steps (the latest) to enable container support (SharePoint Sites, Teams, 365 Groups) in Purview? Thanks in advance !
