Moving mailboxes from Exchange 2016 to Exchange Online is not that difficult, that is when you have all the prerequisites in place of course. Public Folders is a bit different, but luckily Public Folders in Exchange 2016 are ‘Modern Public Folders’ and as such similar to Public Folders in Exchange Online.
You must move Public Folders from Exchange 2016 to Exchange Online when all mailboxes are in Exchange Online, and before doing that you must use Public Folders cross-premises. When mailboxes are in Exchange Online, they must use Public Folders in Exchange 2016.
The first step is to synchronize the Public Folder mailboxes from Exchange 2016 to Exchange Online using Azure AD Connect. Then the mail-enabled folders must be synchronized to Azure AD using the Sync-ModernMailPublicFolders.ps1 script that you can download from the Microsoft download site.
When starting the script, it wants to setup a Remote PowerShell connection to Exchange Online, and the following screenshot says it all: this is a basic authentication login prompt:
When entering the global admin credentials, it fails with an ‘access denied’ error:
And in plain text:
[3/24/2022 11:40:25 AM] Creating an Exchange Online remote session...
InitializeExchangeOnlineRemoteSession : Unable to create a remote shell session to Exchange Online. The error is as follows: "Connecting to remote server outlook.office365.com failed with the following error message : Access is denied. For more information, see the about_Remote_Troubleshooting Help topic.".
At C:\Scripts\Sync-ModernMailPublicFolders.ps1:687 char:5
+ InitializeExchangeOnlineRemoteSession;
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [Write-Error], WriteErrorException
+ FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,InitializeExchangeOnlineRemoteSession
[PS] C:\Scripts>
This is because the script is using Basic Authentication, and in Office 365 basic authentication is disabled (at least in our tenant).
A workaround is to enable basic authentication only for PowerShell. To do this, click ‘Help & Support’ in lower right corner and in the ‘how can we help’ enter the following text “Diag: Enable Basic Auth in EXO” as shown in the following screenshot:
In the next pop-up window, the current basic authentication settings are shown and in the drop-down box you can select the protocol you want to enable basic authentication for:
Select the Exchange Online Remote PowerShell option.
It takes some time before basic authentication is enabled. In my case, I disabled it late in the afternoon and the next morning it was possible to login using basic authentication. Most likely it will take less time, but overnight was not a big deal 🙂
Now when running the Sync-ModernMailPublicFolders.ps1 again it succeeds and finishes successfully.
However, enabling basic authentication is just a work-around and not really a long-term solution. And, Microsoft will turn off Basic Authentication by the end of this calendar year. But in the meantime, we must wait for Microsoft to release a new script that support Modern Authentication.
I’m currently working on a project where we are going to move 24,000 mailboxes from Exchange 2016 to Exchange Online. For planning purposes we would like to know the basic statistics, like the LastLogonTime and the number of items (both regular and deleted).
To retrieve this for my mailbox, you can use something like this:
The TotalItemSize and TotalDeletedItemSize are returned as text and not numeric. Since I want to export everything into a CSV file and import into Excel for further processing, it must be converted to a numeric value. This is called a calculated property and this is possible using the following option:
Now use the Export-Csv command and we are good to go (you would hope 😊):
[PS] C:\>get-mailbox -ResultSize unlimited | Get-MailboxStatistics | Select DisplayName,LastLogonTime,ItemCount,@{Name="TotalItemSizeMB";Expression={$_.TotalItemSize.Value.ToBytes()}},DeletedItemsCount,@{Name="TotalDeletedItemSizeMB";Expression={$_.TotalDeletedItemSize.Value.ToBytes()}} | export-csv -Path statistics.csv -nti
Sending data to a remote command failed with the following error message: [ClientAccessServer=EXCH2016,BackEndServer=exch2016.labs.local,RequestId=c0430cd6-6f4d-48a5-8434-d59ebcd91887,TimeStamp=28-4-2022 10:03:54] [FailureCategory=W
SMan-Others] The total data received from the remote client exceeded the allowed maximum. The allowed maximum is 524288000. For more information, see the about_Remote_Troubleshooting Help topic.
+ CategoryInfo : OperationStopped: (exch2016.labs.local:String) [], PSRemotingTransportException
+ FullyQualifiedErrorId : JobFailure
+ PSComputerName : exch2016.labs.local
[PS] C:\>
Unfortunately, the Get-Mailbox command retrieves all 24,000 mailboxes in one run and then tries to use this as input for the Get-MailboxStatistics command. While this works for just a few mailboxes, it runs out of memory for a large set of mailboxes.
The solutions here (or one of the solutions) is to import all mailboxes into a variable, and loop through all mailboxes in this variable combined with the Get-MailboxStatistics command:
One last question I got is to add a UPN or alias of the user to the CSV file. UPN and alias are not in the object that’s returned by Get-MailboxStatistics, but are returned by the Get-Mailbox command. To get these properties in the output, again a calculated property must be used, similar to the size properties that were used earlier.
To retrieve the UPN, use something similar to the following:
Last week, on April 20, Microsoft released Cumulative Update 12 for Exchange 2019 and Cumulative Update 23 for Exchange 2016.
It took Microsoft six month for the Cumulative Update, that’s because Microsoft is changing from a quarterly release cycle to a bi-annual release cycle. As a result, this will the Cumulative Update of the first half of 2022, so H1 2022 Cumulative Update.
This is only true for Exchange 2019 as there will be no new Cumulative Updates for Exchange 2016 anymore. Exchange 2016 has entered extended support, so Microsoft will deliver Security Updates when needed, but not more CUs. Mainstream support for Exchange 2019 will end on January 9, 2024 and extended support for Exchange 2019 will end on October 14, 2025. This is the same date as for Exchange 2016. What will happen then is still unknown….
Exchange 2019 CU12 now has support for Windows 2022 (finally). Support for Windows 2022 is only true for Exchange 2019 CU12, Exchange 2016 is only supported on Windows 2016.
When it comes to Active Directory, only Exchange 2019 CU12 supports Windows 2022 Domain Controllers. Exchange 2016 and Exchange 2013 do not support Windows 2022 Domain Controllers (despite earlier communication from Microsoft). For more information regarding supportability check the Exchange Supportability Matrix.
One of the new features of Windows 2022 is support for TLS 1.3 and several of my clients have a requirement for this. Unfortunately, Exchange 2019 still does not support TLS 1.3 and support for TLS 1.3 is expected by the end of this year.
With the new Cumulative Update comes a change in (free) licensing. Previously, there was a free license for the ‘hybrid server’ but this was Exchange 2016. Now with Exchange 2016 in extended support and no more CUs for Exchange 2016, the free hybrid license is available for Exchange 2019!
A lot of noise regarding the “remove the last Exchange server” in your organization. When you have all mailboxes in Exchange Online and you have Azure AD Connect running, you need to have one Exchange server, just for management purposes. This is no longer required with Exchange 2019 CU12. You can install the management tools for CU12 and get rid of the Exchange server. Be aware that you must NOT UNINSTALL the Exchange server, but clean up the hybrid configuration using PowerShell, shutdown the Exchange server and run the CleanupActiveDirectoryEMT.ps1 script (released with Exchange 2019 CU12).
Are there reasons to not do this? Yes, think about SMTP relay from on-premises to Exchange Online, or RBAC on-premises (not available with only the Management Tools on-premises), or maybe an offloading possibility when needed. Oh, and if you are not good with PowerShell, be aware that this is a PowerShell only solution. If you are addicted to the Exchange Admin Center, leave the Exchange server running 😉
But nevertheless, it’s good that Microsoft finally heard this feedback and offers a solution for the last Exchange server when all mailboxes are in Exchange Online.
A couple of remarks:
Be aware that Microsoft only supports the two latest CUs, i.e. Exchange 2019 CU11/CU12 and Exchange 2016 CU22/CU23.
There are no schema changes in these Cumulative Updates, but there are changes in the configuration, so you need to run setup with the /PrepareAD switch.
When running a Database Availability Group, do not forget to put the Exchange servers in maintenance mode.
As always, test the new CUs in your test environment before installing in your production environment.
Installing and configuring MCDB in Exchange 2019 has been on my bucket list for a long time, but like most organizations my Exchange servers have been running on either Hyper-V or VMware. I have seen posts on the forums where people were able to publish SSD disks on VMware to VMs, but MCDB has been targeted towards bare metal deployments. But the good news is that I managed to get two big HP boxes to play around with 🙂
MCDB was introduced in Exchange 2019 to speed up access to information in mailboxes that is used frequently. According to the Exchange Preferred Architecture, Mailbox database are stored on (relatively) slow SATA disks. When using MCDB, frequently accessed mailbox information is also stored on SSD disks instead of spinning disks and as such it is much faster to access this information. It is a cache mechanism, so the information on SSD is a copy of information on the spinning disks. If the SSD disk is lost, performance will drop but no information will be lost.
MCDB is useful when running Outlook clients in online mode, for example in a Citrix environment. OWA can also benefit from the improved performance.
MCDB is built on top of Database Availability Groups, so it is not available on single servers (I assume you don’t have a DAG with only one server). It also depends on the AutoReseed feature, so you must deploy this first before configuring MCDB.
My Servers have eight disks installed:
2 SSD disks for boot and system.
4 SAS disks (10 krpm) for Mailbox databases (I preferred SATA disks, but the servers came with these disks).
1 SSD disk for MCDB.
1 (large) SATA disk for storing other information (IIS logs, Queue database, ISO image etc.).
Three of the SAS disks contain two Mailbox databases each, the remaining SAS disk is used as a hot spare for AutoReseed.
In short, AutoReseed is using the ‘multiple mount points per volume’ option in Windows. For example, the first disk is mounted in C:\ExchVols\Vol1, but this disk is also mounted in C:\ExchDbs\MDB11 as shown in the following image (where only 2 disks are shown):
To achieve this, add additional mount points using the disk management MMC snap-in. In the screenshot below, Disk1 is mounted in C:\ExchVols\Vol1, and C:\ExchDbs\MDB11 and C:\ExchDbs\MDB12 are additional mount points on this disk:
Mailbox database locations are strict when using AutoReseed. For example, MDB11 mailbox database and logfiles must be created in the following directories:
C:\ExchDbs\MDB11\MDB11.db
C:\ExchDbs\MDB11\MDB11.log
The locations of the mount points are properties of the Database Availability Group:
AutoDagDatabaseRootFolderPath
AutoDagVolumesRootFolderPath
AutoDagDatabaseCopiesPerVolume
You can check the correct values using the Get-DatabaseAvailabilityGroup command in Exchange PowerShell:
Create all Mailbox databases, mount them and create Mailbox database copies in the correct locations with the correct names. That’s all it takes to configure AutoReseed. When one of the disks containing Mailbox databases fail, the repair workflow will kick in and in about an hour the spare disk is configured, and a reseed will start. All steps of the repair workflow will be logged in the event log. The last entry with a successful reseed is shown in the following screenshot:
Now that we have AutoReseed up-and-running, we can continue with configuring the MetaCache Database.
Configuring MetaCache Database
One of the prerequisites of the MetaCache Database is a fully functional AutoReseed configuration as outlined in the previous steps. Of course, you also need one or more SSD disks, depending on your disk layout.
The official recommendation for the SSD disks is one SSD disk on three spinning disks. Also, the SSD disk should be a raw disk (not formatted) and it must be exposed as MediaType SSD in Windows. To check this, use the Get-PhysicalDisk | sort DeviceID command in PowerShell as shown in the following screenshot:
As for sizing, 5% or 6% SSD capacity of the total HDD capacity is sufficient. So, if you have 8TB of storage for databases, your SSD capacity can be approx. 400 GB.
Important to note is that the disks must be symmetrical amongst all Exchange 2019 servers in the DAGs.
The first step is to configure the DAG for use with MCDB. MCDB uses the following properties of the DAG for its configuration:
AutoDagTotalNumberOfDatabases. The number of Mailbox databases in the DAG.
AutoDagDatabaseCopiesPerDatabase. The total number of copies (active and passive) of each individual Mailbox database.
AutoDagTotalNumberOfServers. The number of Exchange 2019 Mailbox servers in your DAG.
In my lab, there are two Exchange 2019 Servers in a DAG, 3 spinning disks (plus 1 hot spare), 6 Mailbox databases and 2 copies (one active, one passive) per Mailbox database.
Use the following command to set these properties:
The second step is to configure the MCDB prerequisites using the Manage-MCDB command. This command takes the DagName, SSDSizeInBytes and SSDCountPerServer options.
Notes:
The Manage-MDCB command is default not available in PowerShell. You must import the Manage-MetaCacheDatabase.ps1 script (found in $Exscripts) first using the following command:
CD $ExScripts
Import-Module .\Manage-MetaCacheDatabase.ps1
This step is not in the Microsoft documentation, it took me quite some time to figure it out 😦
The SSDSizeInBytes can be found using the following command:
Get-PhysicalDisk -DeviceNumber x | Select Size
The command for the MCDB prerequisites will be something like this:
The third step is to allow (or disallow) an Exchange 2019 server to use MCDB using the ServerAllowMCDB parameter of the Manage-MCDB command. To do this, execute the following Exchange PowerShell command on each DAG member:
The fourth step is to actually configure MCDB on each Exchange 2019 server. In this step, the raw (unformatted) SSD disk is formatted and the mount points for the MCDB instances are created. To do this, execute the following Exchange PowerShell command, again on each DAG member:
This is all it takes to configure MCDB on a DAG and it is now ready to create the MCDB instances and populate it with cached data. The creation and population (en thus enable acceleration) is initiated by a fail-over. You can use the following MCDB command to initiate this fail-over:
When it comes to monitoring there’s not much to see. You can use the Get-MailboxDatabase command to retrieve configuration properties of MCDB, and you can use the Get-MailboxDatabaseCopyStatus command to see ‘some’ health information regarding MCDB as shown in the following two screenshots:
Unfortunately, Unfortunately that’s it, no more options for monitoring, not even counters in performance monitoring.
So how do you know it works?
Besides the Get-MailboxDatabaseCopyStatus command, you can check the SSD disk which is visible in the Explorer. When configured, the SSD disk is mounted in C:\ExchangeMetaCacheDbs and C:\ExchangeMCDBVolumes. You will find a special (small) MCDB version of the Mailbox database as shown in the following screenshot:
Since this is a regular physical disk you can find it in perfmon, but there are no MCDB specific counters here.
The most interesting thing to test is just login to a Mailbox in one of these Mailbox databases. The look and feel is seriously better than without MCDB. When opening a mailbox in Outlook online mode, or in OWA is just much faster. I have also tried opening a Mailbox remotely via a 20 Mbit line (fiber, so low latency) and it also works better than Exchange without MCDB.
Summary
Exchange 2019 came with this new feature called MetaCache Database, where mailbox data is stored on SSD disks. In the Preferred Architecture, mailbox databases are stored on large SATA disks, but to improve performance frequently accessed data is stored on SSD disk.
The tricky part in configuring MCDB is the configuration of AutoReseed which I find more complex. The lack of proper monitoring is disappointing, but when configured it works very well and you will experience an improved performance. Like most of us, I have worked a lot with properly designed virtualized Exchange environments, but never seen an Exchange environment working as fast as a bare metal Exchange environment with Exchange 2019 and MCDB.
A bit later than planned, but I was attending a training last week, but a long-awaited feature in Exchange is sending mail from another email address that is stamped on a user, a so called alias. In a typical environment, a mailbox has a primary SMTP address and this address is used to send an receive email. This can be something like j.wesselius@exchangelabs.nl. Besides this primary SMTP address there can be more SMTP addresses that can be used to receive mail, for example Mr.Exchange@exchangelabs.nl or MasterOfDisaster@exchangelabs.nl. In Exchange on-premises and Exchange Online, these Aliasses are only used to receive email, not to send email. Up until now that is (for Exchange Online, no idea if they want to enable this for Exchange on-premises).
Microsoft has started to roll out the Send From Alias in Exchange Online starting in January 2022 (it was already announced back in April 2021) and it is available in Outlook on the Web and Outlook for iOS and Outlook for Android. Outlook for the PC will follow, according to Microsoft in Q2, 2022.
To enable the Send from Alias in Exchange Online, execute the following command in Exchange Online PowerShell:
It takes some time before effective, in my case it worked the next day.
All SMTP proxy addresses on a mailbox are available for this. When you logon as a user and go to settings | Mail | Compose and Reply you can check which aliases you want to use. + Addresses are also shown and so are the mail.onmicrosoft.com addresses. Don’t know who thought this was useful, in my opinion you don’t want to use these (internal) addresses at all:
Now when you write a new email in Outlook on the Web and select the From option, you can select the email address that you checked in the previous step.
The proxy addresses that are selected in the first step (the OWA settings) will automatically available in Outlook for Android and Outlook for iOS.
When you send an email using one of these aliases as a from address, it will automatically be visible in the recipient mailbox, in this example in Gmail:
I don’t expect much use of this feature until Outlook for the desktop will offer it, but it’s a nice add-on (finally).
Jaap Wesselius 
You must be logged in to post a comment.