Azure Active Directory Sync tool installation

To install Azure Active Directory Sync , we will have to prepare prerequisites

https://technet.microsoft.com/library/jj151815.aspx?f=255&MSPPError=-2147217396#bkmk_installmodule

To prepare Azure Active Directory Sync Server, you will need to download the following tools to check for users attributes on your local AD:

  1. Mirosoft Windows Server 2008R2/2012R2
  2. NetFramework 4 (For IDFIX tool to work)
  3. IDFIX (to Check if there’s any issue on AD with DirSync)

Note:

One of the new features that came with AADSync is that it can be installed on the DC server as well. but some may choose to have it on a separate server to avoid any risk.

Software Prerequisites

Install required tools for Azure Active Directory Connector (Dirsync)

  1. AADSYNC latest version (Download here) (Version Review link)
  2. Microsoft Online Services Sign-In Assistant for IT Professionals RTW (Here)
  3. Azure Active Directory Module for Windows PowerShell (64-bit version) (Here)
clip_image001

Additionally, to connect and synchronize to Office 365, the following prerequisites need to be installed before installing AADSYNC…

Install “Windows Azure Active Directory Module for Windows PowerShell (64-bit version)”. It is highly recommended that this machine be restarted before installing DirSync.

NOTE: Effective October 20, 2014, the 32-bit version of Azure Active Directory Module for Windows PowerShell is discontinued. Support for the 32-bit version will no longer occur, and future updates to the Azure Active Directory Module will be released only for the 64-bit version. We strongly recommend you install the 64-bit version to ensure future support and compatibility. Refer to “Install the Azure AD Module” in Manage Azure AD using Windows PowerShell.

If DirSync is to be installed on a server with Windows 2008 R2, beginning with version 1.0.6765.0006, PowerShell 3.0 is required and can be installed from Windows Management Framework 3.0; AND beginning with version 1.0.6985.000, .NET Framework 4.5.1 is a prerequisite.

From <https://oddytee.wordpress.com/2014/03/11/requirements-for-dirsync/>

Installing Netframework 4.5

clip_image002
clip_image003

Once you download IDFIX, you have to unzip and run the exe tool

Right click on Idfix and run it as administrator to give it the required privileges to access AD users and groups.

image

After you run it, it must look like the following

clip_image004

After running the tool you will have to click on Query to get the problematic users/groups and solve the ones that you want them to be synced to Office 365 Azure AD.

Top Level Domain:

The most common issue that occurs when preparing for AADSYNC is the Top Level domain users related errors (If .local is used)

clip_image005

To Fix this issue for all the users/groups which will be synced to O365 you will have to open Active Directory Domains and Trusts:

Right click on Active directory domains and trusts and click properties then add your public domain to the Alternative UPN Suffixes:

image
image

Next open Active directory users and computers to change the UPN to the correct one that matches your public domain.

Note:

Changing the domain suffix for your users suffixes won’t affect their login to their machines or any other application server.

image

Select the users in which OU that you want it to be synced and right click and choose Properties.

image
image
image

Proxy Address:

You might as well face another issue with users that you intend to sync to Office 365 which is the SMTP proxy address. in some Exchange Organizations the e-mail policy might be set wrong and therefore the user might have an invalid domain value in his proxyaddress attribute e.g. user@domain.local

To solve this, there are 3 ways to solve it. First would be to use Exchange on-premises Email policy to delete the .local SMTP proxy and set the public domain one.

The other two ways would be that you delete the proxyaddress manually or with a powershell script . I personally prefer to do this manually due to avoid any risk that it may impose on the users objects.

Another method would be the IDFIX it self or Admodify.

In the below snapshot I used IDFIX to fix the proxyaddress of the problematic users.

clip_image008

Installation of ADDSYNC

First we’ll install Microsoft Online Services Sign-In Assistant for IT Professionals RTW…

clip_image009

Next Windows Azure AD powershell module

clip_image010

Installing AADirsync

clip_image011
clip_image012
clip_image013
clip_image014
clip_image015

In the next step you will have to enter an Office 365 Global administrator user (preferably not onmicrosoft.com user) and I would recommend that you create a cloud user on Office 365 with global admin privileges to use with AADSYNC.

clip_image016

Next before you continue, you should open your O365 portal and Enable ADSync there.

image

When you click on Set up the following page should come to you. you should click on Activate AD Sync.

clip_image018
clip_image019

Now you may continue to config AADSYNC, below I am going to use a different user that’s dedicated only to “AADSYNC” tool. I will calll it Dirsynccloud@domain.com

image

Next On Active directory on-premises I will configure a new user called (Dirsync) that’s member of enterprise admins. this user will have access to all the OUs that will be synced in order to sync their attributes and passwords..etc

image

Once you enter your Enterprise domain account below and click add forest, it will be enlisted below and you can add additional number of forests if you have more.

image
clip_image025

Next you may choose to have Hybrid deployment if you have Exchange on-premises (At least Exchange 2010 SP3) but if not then no need to tick the box. The password write-back is a feature that requires an Azure premium AD subscription so if you don’t have this subscription then you don’t really need to tick this box.

The Azure AD app and attribute filtering is a feature that allows you to pick a certain application attribute you want to sync back and forth to Azure AD e.g. (Exchange, SharePoint..etc). If you don’t tick this box the normal standard attributes will be synced which will include (Exchange and user’s basic info) you can find it as soon as the setup finished and you open ADDSync UI.

clip_image026

Password writeback overview

Password writeback is an Azure Active Directory Sync component that can be enabled and used by the current subscribers of Azure Active Directory Premium. For more information, see Azure Active Directory Editions. It allows you to configure your cloud tenant to write passwords back to you on-premises Active Directory. It obviates you from having to set up and manage a complicated on-premises self-service password reset solution, and it provides a convenient cloud-based way for your users to reset their on-premises passwords wherever they are. Read on for some of the key features of password writeback:

From <https://msdn.microsoft.com/en-us/library/azure/dn903642.aspx>

You can enable filtering in AADSync at any time. If you have already run the default configurations of directory synchronization and then configured the filtering, the objects that are filtered out are no longer synchronized to Azure AD. As a result, any objects in Azure AD that were previously synchronized but were then filtered are deleted in Azure AD. If objects were inadvertently deleted because of a filtering error, you can re-create the objects in Azure AD by removing your filtering configurations, and then synchronize your directories again.

From <https://msdn.microsoft.com/en-us/library/azure/dn801051.aspx>

image

Next I will not tick Synchronize now because this will sync All local AD objects and OUs to the cloud, in my case I just want to choose particular OUs to sync to the cloud.

clip_image029

In order to configure AADSYNC to choose which on-premises Active directory Organization Unit you want to change you will have to navigate to the following path on the server which you installed AADSYNC.

PATH:

C:\Program Files\Microsoft Azure AD Sync\UIShell\miisclient.exe

Right click on domain.local and click properties

image

Next Click on “Configure Directory Partitions” and Under “Credentials” Click on Containers and enter your new on-premises enterprise admin account.

image

Next select the OU you want to sync to the cloud and click OK

image

Next you will want to open “Task Scheduler” on the server and Enable the task that was created by AADSYNC installation to enable every 3 hours sync..

image

In order to Force the sync you will have to run a separate command that Microsoft has brought along with AADSYNC called “DirectorySyncClientCmd” the command can be run from Powershell or made a shortcut on a desktop and directly run.

Path:

c:\Program Files\Microsoft Azure AD Sync\Bin\DirectorySyncClientCmd

Hope you find this useful.

CHANGE WORDPRESS DOMAIN USING HTTP://WP-CLI.ORG/

These are instructions that demonstrate how to change WordPress to match your replaced or changed Public domain. as this occurs in case if you are already using WordPress and have it published on let’s say Domain1.com and then you transferred this domain to Domain2.com.

When you try to reach wordpress website from your new public domain. you might not reach it or wordpress might try to redirect you to your old domain1.com instead.

In order to fix this, we’ll have to use a tool called wp-cli which fixes this configuration problem. to do so please open your SSH shell or get in your UBuntu server and do the following.

  1. sudo curl -O https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar
clip_image001

2. From User@UbuntuServer:/var/www/html$ I will run the following command to make sure that the command is working

sudo php wp-cli.phar –info

clip_image002

3. I’ll move the file to a new path and location so I can access it from anywhere using only the command WP.

First I will give the required permissions

moh10ly@Ubunut-Mohammed:/var/www/html$ sudo chmod +x wp-cli.phar

clip_image003

Next I will move the file

sudo mv wp-cli.phar /usr//local/bin/wp

clip_image004

3. Check if the file is working properly after moving?

clip_image005

4. Final step is to change the domain of your wordpress site to a new domain.

My previous domain was www.mytechweb.ga and now I changed it to www.moh10ly.website

So I only used two commands to change the domain name to the new on

5. moh10ly@Ubunut-Mohammed:/var/www/html$ wp option update home “http://www.moh10ly.website

clip_image006

6. moh10ly@Ubunut-Mohammed:/var/www/html$ wp option update siteurl “http://www.moh10ly.website

clip_image007

Now I tested my website and it’s working perfectly…

http://wp-cli.org/

What to have in your Linux Desktop?

The tools that a Must have on Linux Desktop are

1- Variety

(Automatic desktop wallpaper downloader and customizer), Variety also displays quotes on your desktop along with wallpapers.

clip_image001

2- Cairo dock (shortcut bar to Applications)

clip_image002

3- Shutter (Graphic tool)

Shutter is a graphic tool that can take snapshots, desktop screenshots and edit them or send them to your e-mail.

it’s very powerful and every button on it can be customized with a shortcut by the keyboard. for example if you want to create a shortcut for screen selection (Like the OneNote on Windows) you can simply open the keyboard shortcuts app (mate-keybinding-properties)

clip_image003

Once you have launched the keyboard shortcuts utility, you can customize a new shortcut to take a screenshot for you with Shutter by selection.

clip_image004

You will have to click on Add and create a new shortcut as following

clip_image005

Once you click apply, you can assign the shortcut for this command.

For example, I am using the shortcut CTRL + SHIFT + S

clip_image006

4- Remote Desktop tools

A- NoMachine

NoMachine is a free and very powerful remote desktop utility that works on all Operating systems and supports all kinds of features that are available in other remote desktop utlities like (Radmin, Teamviewer, RDP).

clip_image007

5- OneDrive for Linux.

http://xmodulo.com/sync-microsoft-onedrive-linux.html

Install onedrive-d on Linux

While onedrive-d was originally developed for Ubuntu/Debian, it now supports CentOS/Fedora/RHEL as well.

Installation is as easy as typing the following.

$ git clone https://github.com/xybu92/onedrive-d.git

$ cd onedrive-d

$ ./inst install

First-Time Configuration

After installation, you need to go through one-time configuration which involves granting onedrive-d read/write access to your OneDrive account.

First, create a local folder which will be used to sync against a remote OneDrive account.

$ mkdir ~/onedrive

Then run the following command to start the first-time configuration.

$ onedrive-d

It will pop up a onedrive-d’s Settings window as shown below. In “Location” option, choose the local folder you created earlier. In “Authentication” option, you will see “You have not authenticated OneDrive-d yet” message. Now click on “Connect to OneDrive.com” box.

clip_image008

It will pop up a new window asking you to sign in to OneDrive.com.

clip_image009

After logging in to OneDrive.com, you will be asked to grant access to onedrive-d. Choose “Yes”.

clip_image010

Coming back to the Settings window, you will see that the previous status has changed to “You have connected to OneDrive.com”. Click on “OK” to finish.

clip_image011

Sync a Local Folder with OneDrive

There are two ways to sync a local folder with your OneDrive storage by using onedrive-d.

One way is to sync with OneDrive manually from the command line. That is, whenever you want to sync a local folder against your OneDrive account, simply run:

$ onedrive-d

onedrive-d will then scan the content of both a local folder and a OneDrive account, and make the two in sync. This means either uploading newly added files in a local folder, or downloading newly found files from a remote OneDrive account. If you remove any file from a local folder, the corresponding file will automatically be deleted from a OneDrive account after sync. The same thing will happen in the reverse direction as well.

Once sync is completed, you can kill the foreground-running onedrive-d process by pressing Ctrl+C.

clip_image012

Another way is to run onedrive-d as an always-on daemon which launches automatically upon start. In that case, the background daemon will monitor both the local folder and OneDrive account, to keep them in sync. For that, simply add onedrive-d to the auto-start program list of your desktop.

When onedrive-d daemon is running in the background, you will see OneDrive icon in the desktop status bar as shown below. Whenever sync update is triggered, you will see a desktop notification.

clip_image013

6- Evolution Email Client for Exchange accounts.

If you ever thought of using an e-mail client that supports your account on Microsoft Exchange Email server’s protocol which is known as (RPC over HTTP) then you have probably used Mozilla thunderbird or kmail, geary..etc but all those clients don’t support Exchange’s most flexible connectivity which is RPC over HTTP that will sync all your emails, contacts, tasks, calendars ..etc

To Install evolution, all you have to do is open Linux Terminal and type the following

Sudo apt-get install evolution

clip_image014

Since I already have Evolution installed it won’t proceed and will tell me that it’s already installed. but that’s not all!

In order to setup an Exchange account on Evolution you will have to install an Evolution plugin that will support the web services for the RPC over http connectivity which is known as (EWS = Exchange Web Services).

In order to install this plugin you will have to type the following command

Sudo apt-get install Evolution-ews

clip_image015

Once you install the plugin, you can launch the program and setup your account as following.

Click on Add as in the picture

clip_image016

When you click add you should be welcomed by a message saying “Welcome to Evolution wizard ..etd”

Click Continue and then type in your name and email address in the next window

You can skip the automatic configuration as Evolution still doesn’t support Exchange Autodiscover mechanism for auto configuration of the account. so you must manually provide all the configuration of your exchange as following

clip_image017

In the host URL you will have to provide your Exchange server’s EWS URL which usually looks like this

https://mail.domain.com/ews/exchange.asmx

In my case I am using an Office 365 account so instead I’ll use Microsoft’s EWS url.

https://outlook.office365.com/ews/exchange.asmx

For the OAB (Offline Address Book) you also need to provide the configured URL of the OAB on your Exchange Server. which in my case again it’s Microsoft Office 365.

https://outlook.office365.com/OAB

you will need to make sure that the correct authentication method is set (NTLM) in my case, this can vary though on Exchange server’s Outlook Anywhere configuration. it can be Basic as well. so it’s up to your configuration to choose but for Office 365 it’s NTLM.

clip_image018

Once you finish the configuration you can continue and you’ll get prompted to enter your Credentials. as soon as you finish typing your Password hit enter and your e-mails will start syncing. as in the following snapshot

clip_image019

That’s it, you’re setup here either if it’s an exchange on-premises or Office 365 for Linux desktop client.

Here’s another guide for the new mapi connectivity for Evolution, probably the same steps

https://www.linux.com/learn/tutorials/370590:connect-evolution-to-an-exchange-server

7- For Office (Word, Powerpoint ..etc) I prefer to use Kingsoft’s community version along with LibreOffice

Since Libre office provide more tools or the full package I still use it on Linux but Kingsoft’s WPS tools have a user friendly and rich of tools GUI.

clip_image020

In order to download WPS software you will have to navigate to the link below and download the suitable version with your Linux OS. or use the terminal to download latest available version with the following command

sudo apt-get install wps-office

http://wps-community.org/download.html

8- For media there are various available software and tools that you can use on Linux to either listen to music or edit mp3s or convert media types.

A- Audacity (Convert and Edit audio files).

B- Spotify (listen to music online)

C- Clementine (Listen to Music on your computer)

D- VLC (Watch Videos on your PC) or use it as a streaming server.

There are other useful tools and things to do on Linux OS as it’s a very flexible and customizable OS but I’ll end this article here and write a new one about how to decorate your welcome screen and your desktop with beautiful pictures and tools.

Hope you find this useful

Upgrading Exchange 2013 RTM to Latest SP and CU

To check for the current version use the following command line

Version 15.0 (Build 516.32)

Get-Exchangeserver | ft Name,Admin* -Autosize

How to upgrade your existing Exchange Server 2013 to CU7 using command-line

You will have to download CU7 pack, extract it and run the command line from CMD with administrative privileges.

http://www.microsoft.com/en-us/download/details.aspx?id=45221

Here we run the CMD as admin

Drag and drop the folder you extracted into CMD window to be able to enter into the path in order to run the setup file.

Run the following command to upgrade the existent server

Setup /Mode:Upgrade /IAcceptExchangeServerLicenseTerms

Below you can see the upgrade process to install the Cumulative Update 3.

Once the upgrade process is finished you will be able to see the new version in the cmdlet after you apply the cmdlet

Get-ExchangeServer | ft Name,Admin* -AutoSize

The version must show 15.00.1044.025

Testing Exchange ActiveSync

Testing Active Sync and fixing access issue on Exchange 2013

If you have an issue with ActiveSync on Exchange 2010/2013 and you want to troubleshoot it, First test ActiveSync from Microsoft Exchange Management shell.

You can use the following cmdlet to start

Test-ActiveSyncConnectivity -MailboxCredential (Get-Credential domain\user) -UseAutodiscoverForClientAccessServer

clip_image001

As you can see in the previous snapshot, the test failed in folder syncing part. But in order to get the full report on the failure we’ll have to add the option | fl and if you want to export the report to a text file you can use the parameter >c:\1.txt which will export the command output to a text file name called 1.txt on the C root drive.

clip_image002
clip_image003

Resolution:

As you can see the eror says “Internal server error” and if you proceed to read the error in the middle it says “Active Directory operation failed on DC.server.local. This error is not retriable. Additional information: Access is denied. Active Directory response: 000000005 up to <INSUFF_ACCESS_RIGHTS>. Searching for this error a little bit I found that it’s related to Inheritance under the user’s security advanced settings.

clip_image004
clip_image005

Once this was applied the user was able to log in from mobile without an issuedel.icio.us Tags: Exchange,ActiveSync,ActiveDirectory,Exchange Mobile.

Owa Redirection results in 401 Unauthorized access message

I have been asked by one client of mine to do a redirection to their mail.domain.com to go directly to the Owa page but after applying the redirection configuration I faced an issue.

Whenever I try to go to the OWA page using only the FQDN mail.domain.com I get a 401 unauthorized access page.

Resolution:

The solution was to add authenticated users to wwwroot with full permission and restart the IIS with noforce parameter.

OWA an unexpected error occurred and your request couldn’t be handled

OWA Displays Unexpected Error

OWA experinces an unexpected error when you try to browse and your request couldn’t be handled

Symptoms

In Exchange 2010, 2013 you might get an error in OWA when trying to access calendar.

Screenshot

Cause and Resolution 1:

This error could happen to you if you set a redirection of OWA has been configured. To fix the issue simply remove the redirect option.

Resolution 2:

Another resolution that works without turning Redirection off for default site is to turn off redirection from the Public folder.

Reference


Outlook 2007 prompting users for Credentials

OUTLOOK 2007 KEEPS PROMPTING USERS FOR PASSWORD

After migration from Exchange 2003 to Exchange 2010 outlook 2007 keeps prompting users for password:

Symptoms

After you migrate Exchange 2003 to Exchange 2010, some outlook client users keep getting prompted to enter their credentials again.

Cause

The problem might be related to the authentication method used on Outlook Anywhere. (Basic Authentication).

The recommended approach is to use NTLM authentication which keeps credentials cached.

Resolution:

Changing the authentication method of Outlook anywhere to NTLM will resolve the issue.

Ref:

https://support.microsoft.com/en-au/help/956531/outlook-2007-prompts-you-repeatedly-for-a-password-under-certain-netwo

Offline Address book Issue after migration from Exchange 2003 to Exchange 2010

OFFLINE ADDRESS BOOK ISSUE AFTER MIGRATION FROM EXCHANGE 2003 TO EXCHANGE 2010

Error: event ID: 9360 OABGen encountered an error while generating the changes.oab file for version 2 and 3 differential downloads of address list

RESOLUTION 1

Important This section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs. For more information about how to back up and restore the registry, click the following article number to view the article in the Microsoft Knowledge Base:

322756 How to back up and restore the registry in Windows

To resolve this issue, follow these steps on the server that is running Exchange Server 2003:

  1. Click Start, click Run, type regedit in the Open box, and then click OK.
  2. Locate and then right-click the following registry subkey:
  3. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSExchangeSA\Parameters
  4. Point to New, and then click DWORD Value.
  5. Type OAL post full if diff fails to name the new value.
  6. Right-click OAL post full if diff fails, and then click Modify.
  7. In the Value data box, type 1, and then click OK.
  8. Exit Registry Editor.
  9. Dismount and then mount the Public Folder Store again. To dismount and then mount the public folder store, follow these steps:
    1. Start Exchange System Manager.
    2. Expand Servers, expand the server that you want, expand Storage_Group_Name, and then right-click Public Folder Store.
    3. Note If administrative groups are defined, follow these steps:
      • Expand Administrative Groups.
      • Expand Administrative_Group_Name.
      • Expand Servers.
      • Expand the server that you want.
      • Expand Storage_Group_Name.
      • Right-click Public Folder Store.
    4. Click Dismount Store, and then click Yes to continue.
    5. Right-click Public Folder Store, click Mount Store, and then click OK.

A new parent Legacy Exchange DN container value ‘/o=HEMA/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients’ was found during generation of the differential update file for offline address list ‘\Global Address List’. This will force clients using this offline address list to do a full download of the offline address list.

– \Default Offline Address List

Resolution 2:

If the first resolution didn’t work, try to disable version 2 and 3 OAB, then update again and see if you get any errors.

Note that this may take some time to take effect.

New Mailbox migration suspended or queued with the error below generated

Detailed Error:

Database redundancy health check failed.

Database copy: DATABASE_3

Redundancy count: 1

Error: Passive copy ‘DATABASE_3\EXCH02’ is not in a good state. Status: DisconnectedAndResynchronizing.

Name Status RealCopyQueu InspectorQue ReplayQueue CIState

e ue

—- —— ———— ———— ———– ——-

DATABASE_3\EX Disconnected And Resynchronizing 426 0 0 Healthy

CH02

DATABASE_3\EX Mounted 0 0 0 Healthy

CH01

===============

Full Status

===============

Identity : DATABASE_3\EXCH02

Name : DATABASE_3\EXCH02

DatabaseName : DATABASE_3

Status : DisconnectedAndResynchronizing

MailboxServer : EXCH02

ActiveDatabaseCopy : exch01

ActivationSuspended : False

ActionInitiator : Unknown

ErrorMessage : The Microsoft Exchange Replication service w

as unable to perform an incremental reseed o

f database copy ‘DATABASE_3\EXCH02’ due to a

network error. The database copy status wil

l be set to Disconnected. Error An error occ

urred while communicating with server ‘EXCH0

1′. Error: Unable to read data from the tran

sport connection: A connection attempt faile

d because the connected party did not proper

ly respond after a period of time, or establ

ished connection failed because connected ho

st has failed to respond.

ErrorEventId : 2058

ExtendedErrorInfo :

SuspendComment :

SinglePageRestore : 0

ContentIndexState : Healthy

ContentIndexErrorMessage :

CopyQueueLength : 426

ReplayQueueLength : 0

LatestAvailableLogTime : 14.01.2014 07:13:37

LastCopyNotificationedLogTime : 14.01.2014 07:13:37

LastCopiedLogTime : 14.01.2014 07:11:52

LastInspectedLogTime : 14.01.2014 07:11:52

LastReplayedLogTime : 14.01.2014 07:11:52

LastLogGenerated : 592826

LastLogCopyNotified : 592400

LastLogCopied : 592400

LastLogInspected : 592400

LastLogReplayed : 592400

LogsReplayedSinceInstanceStart : 0

LogsCopiedSinceInstanceStart : 0

LatestFullBackupTime :

LatestIncrementalBackupTime :

LatestDifferentialBackupTime :

LatestCopyBackupTime :

SnapshotBackup :

SnapshotLatestFullBackup :

SnapshotLatestIncrementalBackup :

SnapshotLatestDifferentialBackup :

SnapshotLatestCopyBackup :

LogReplayQueueIncreasing : False

LogCopyQueueIncreasing : False

OutstandingDumpsterRequests : {}

OutgoingConnections :

IncomingLogCopyingNetwork :

SeedingNetwork :

ActiveCopy : False

Identity : DATABASE_3\EXCH01

Name : DATABASE_3\EXCH01

DatabaseName : DATABASE_3

Status : Mounted

MailboxServer : EXCH01

ActiveDatabaseCopy : exch01

ActivationSuspended : False

ActionInitiator : Service

ErrorMessage :

ErrorEventId :

ExtendedErrorInfo :

SuspendComment :

SinglePageRestore : 0

ContentIndexState : Healthy

ContentIndexErrorMessage :

CopyQueueLength : 0

ReplayQueueLength : 0

LatestAvailableLogTime :

LastCopyNotificationedLogTime :

LastCopiedLogTime :

LastInspectedLogTime :

LastReplayedLogTime :

LastLogGenerated : 0

LastLogCopyNotified : 0

LastLogCopied : 0

LastLogInspected : 0

LastLogReplayed : 0

LogsReplayedSinceInstanceStart : 0

LogsCopiedSinceInstanceStart : 0

LatestFullBackupTime :

LatestIncrementalBackupTime :

LatestDifferentialBackupTime :

LatestCopyBackupTime :

SnapshotBackup :

SnapshotLatestFullBackup :

SnapshotLatestIncrementalBackup :

SnapshotLatestDifferentialBackup :

SnapshotLatestCopyBackup :

LogReplayQueueIncreasing : False

LogCopyQueueIncreasing : False

OutstandingDumpsterRequests : {}

OutgoingConnections :

IncomingLogCopyingNetwork :

SeedingNetwork :

ActiveCopy : True

Resolution:

To resolve this issue, check if the database which is having the issue is over 1TB and if that’s the case try to remove some users from this database to another database.

To view the users of this database using the following powershell cmdlet.

Get-MailboxDatabase “Mailbox Database 1” | Get-MailboxStatistics | Sort totalitemsize -desc | Export-CSV C:\mailboxes.csv