Mailbox fails to move with a 404 error no service listening

So I was moving some mailboxes the other day and had a batch of mailboxes and two of them in the batch wouldn’t move it showed errors similar to the following:

Error(s): The call to failed because no service was listening on the specified endpoint

Error details:
There was no endpoint listening at that could accept the message this is often cause by an incorrect address of soap action. The remote server returned an error 404 not found.

However all the other mailboxes would sync just not these two. After further digging I found that these mailboxes had recently been converted from user mailboxes to shared mailboxes.

What I then did was to compare the Exchange GUID to see if they matched from on premise which they didn’t!!!

So to fix this I ran the following:

On Premise Exchange Powershell

get-mailbox “mailboxname” | fl ExchangeGUID

Office 365 Exchange Online Powershell

Set-mailuser “mailboxname” -ExchangeGUID “Result from above command”

Then as if by magic the move kicked into life and migrated successfully.

My scenario is Exchange 2013 CU9 hybrid with the legacy as the same version, however there is reports of Exchange 2013 CU2 hybrid’s with same issue!


Office 365 IRM templates in Outlook appear in Vietnamese although the local language setting in the Windows OS is “English – United Kingdom”

Shortly after Wave 15 was deployed I started testing functionality for issues and found the following the Office 365 IRM templates in Outlook appear in Vietnamese although the local language setting in the Windows 8 and above is “English – United Kingdom” as shown below when using Office 2013

The default “Confidential” and “Confidential – View Only“ templates provided by Office 365 IRM contain numerous languages.

In our case, we set the local settings to “English – United Kingdom” in Windows (LCID: 2057) using windows 8 or 8.1
There is no translation in the templates for LCID 2057 – so Office 2013 simply defaults to the first one listed in the template; LCID 1066 (Vietnamese)
There is a possible solution to this issue:
1)      Set the 1033 (English – US) locale to be the first in the list, so that the default Language seen in Office is English.

I also have a bug call logged with Microsoft who state that by the end of December 2013 the template will be updated and fixed I will keep you updated!

Update as of 24th Jan 2014 this issue should be resolved for EMEA tenants you will need to re download the templates by carry out the following:

  1. Shut down any office application such as Work and Outlook
  2. In regedit Rename the following key or delete it: HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\MSIPC
  3. The browse to C:\user\<userprofilename>\appdata\local\microsoft and rename the MSIPC folder to old or even delete it
  4. Restart the machine and then upon restarting Outlook or Word it will then download the templates upon going into the IRM settings.


Relinquishing job because the mailbox is locked

Relinquishing job because the mailbox is locked


I was getting this error constantly when trying to move a mailbox from Exchange 2013 back to Exchange 2010. For the life of me I could not get to the bottom of it then I looked through the event logs and noticed this happening every time the mailbox tried to move as shown below.

(highlighted sections in red) – Which to me looked like there was search issues upon conferring with a colleague it was suggested that the outlook profile has a corrupt index and would need resetting. Easy enough:

fire up a cmd prompt and run outlook.exe /cleanfinders  /cleanviews

Give it 5 minutes then try the move again and it went through successfully!


Event id 1012

MSexchange mailbox replication

The Microsoft Exchange Mailbox Replication service hit an unexpected failure.

Failure type:


Unable to cast object of type ‘System.String’ to type ‘System.String[]’.

Stack trace:

at Microsoft.Mapi.PropValue.GetBytesToMarshal()

at Microsoft.Mapi.Restriction.ContentRestriction.GetBytesToMarshal()

at Microsoft.Mapi.Restriction.AndOrNotRestriction.GetBytesToMarshal()

at Microsoft.Mapi.Restriction.AndOrNotRestriction.GetBytesToMarshal()

at Microsoft.Mapi.Unmanaged.SafeExMapiContainerHandle.InternalSetSearchCriteria(Restriction lpRestriction, Byte[][] lpContainerList, Int32 ulSearchFlags)

at Microsoft.Mapi.MapiContainer.SetSearchCriteria(Restriction restriction, Byte[][] entryIds, SearchCriteriaFlags flags)

at Microsoft.Exchange.MailboxReplicationService.MapiDestinationFolder.Microsoft.Exchange.MailboxReplicationService.IDestinationFolder.SetSearchCriteria(RestrictionData restriction, Byte[][] entryIds, SearchCriteriaFlags flags)

at Microsoft.Exchange.MailboxReplicationService.DestinationFolderWrapper.<>c__DisplayClass28.<Microsoft.Exchange.MailboxReplicationService.IDestinationFolder.SetSearchCriteria>b__27()

at Microsoft.Exchange.MailboxReplicationService.ExecutionContext.Execute(Action operation)

at Microsoft.Exchange.MailboxReplicationService.DestinationFolderWrapper.Microsoft.Exchange.MailboxReplicationService.IDestinationFolder.SetSearchCriteria(RestrictionData restriction, Byte[][] entryIds, SearchCriteriaFlags flags)

at Microsoft.Exchange.MailboxReplicationService.CommonUtils.ProcessKnownExceptions(Action actionDelegate, FailureDelegate failureDelegate)

at Microsoft.Exchange.MailboxReplicationService.MailboxCopierBase.CopyFolderProperties(FolderRecWrapper folderRec, ISourceFolder sourceFolder, IDestinationFolder destFolder, FolderRecDataFlags dataToCopy, Boolean& isContentAvailable)

at Microsoft.Exchange.MailboxReplicationService.MoveBaseJob.<>c__DisplayClass2d.<>c__DisplayClass31.<CreateFolderHierarchy>b__2a()

at Microsoft.Exchange.MailboxReplicationService.ExecutionContext.Execute(Action operation)

at Microsoft.Exchange.MailboxReplicationService.MoveBaseJob.<>c__DisplayClass2d.<CreateFolderHierarchy>b__29(FolderRecWrapper folderRec, EnumFolderContext context)

at Microsoft.Exchange.MailboxReplicationService.FolderMap.EnumSingleFolder(FolderRecWrapper folderRec, EnumFolderContext ctx, EnumFolderCallback callback, EnumHierarchyFlags flags)

at Microsoft.Exchange.MailboxReplicationService.FolderMap.EnumSingleFolder(FolderRecWrapper folderRec, EnumFolderContext ctx, EnumFolderCallback callback, EnumHierarchyFlags flags)

at Microsoft.Exchange.MailboxReplicationService.FolderMap.EnumSingleFolder(FolderRecWrapper folderRec, EnumFolderContext ctx, EnumFolderCallback callback, EnumHierarchyFlags flags)

at Microsoft.Exchange.MailboxReplicationService.FolderMap.EnumerateSubtree(EnumHierarchyFlags flags, FolderRecWrapper root, EnumFolderCallback callback)

at Microsoft.Exchange.MailboxReplicationService.MoveBaseJob.CreateFolderHierarchy(Object[] wiParams)

at Microsoft.Exchange.MailboxReplicationService.CommonUtils.ProcessKnownExceptions(Action actionDelegate, FailureDelegate failureDelegate)

at Microsoft.Exchange.MailboxReplicationService.WorkItem.Run()Failure context:


Operation: IDestinationFolder.SetSearchCriteria

OperationSide: Target

Primary (xxxxxxx)

Restriction: Restriction: AND[count:2, PROPERTY[ptag:0x360003(Sensitivity), NotEqual, val:[Tag:0x360003(Sensitivity), Value:2(int)]]; OR[count:16, CONTENT[ptag:0x8002001f(NamedProp), SubString, IgnoreCase, val:[Tag:0x8137001f(NamedProp), Value:”naick”(string)]]; CONTENT[ptag:0x8013001f(NamedProp), SubString, IgnoreCase, val:[Tag:0x8138001f(NamedProp), Value:”naick”(string)]]; CONTENT[ptag:0xe02001f(DisplayBcc), SubString, IgnoreCase, val:[Tag:0xe02001f(DisplayBcc), Value:”naick”(string)]]; CONTENT[ptag:0xe03001f(DisplayCc), SubString, IgnoreCase, val:[Tag:0xe03001f(DisplayCc), Value:”naick”(string)]]; CONTENT[ptag:0xe04001f(DisplayTo), SubString, IgnoreCase, val:[Tag:0xe04001f(DisplayTo), Value:”naick”(string)]]; CONTENT[ptag:0xc1f001f(SenderEmailAddress), SubString, IgnoreCase, val:[Tag:0xc1f001f(SenderEmailAddress), Value:”naick”(string)]]; CONTENT[ptag:0xc1a001f(SenderName), SubString, IgnoreCase, val:[Tag:0xc1a001f(SenderName), Value:”naick”(string)]]; CONTENT[ptag:0x65001f(SentRepresentingEmailAddress), SubString, IgnoreCase, val:[Tag:0x65001f(SentRepresentingEmailAddress), Value:”naick”(string)]]; CONTENT[ptag:0x42001f(SentRepresentingName), SubString, IgnoreCase, val:[Tag:0x42001f(SentRepresentingName), Value:”naick”(string)]]; CONTENT[ptag:0x8004001f(NamedProp), SubString, IgnoreCase, val:[Tag:0x807d001f(NamedProp), Value:”naick”(string)]]; CONTENT[ptag:0x3703001f(AttachExtension), SubString, IgnoreCase, val:[Tag:0x3703001f(AttachExtension), Value:”naick”(string)]]; CONTENT[ptag:0x3707001f(AttachLongFileName), SubString, IgnoreCase, val:[Tag:0x3707001f(AttachLongFileName), Value:”naick”(string)]]; CONTENT[ptag:0xea5001f, SubString, IgnoreCase, val:[Tag:0xea5001f, Value:”naick”(string)]]; CONTENT[ptag:0x8003101f(NamedProp), SubString, IgnoreCase (mv), val:[Tag:0x8002101f(NamedProp), Value:”naick”(string)]]; CONTENT[ptag:0x1000001f(Body), SubString, IgnoreCase, val:[Tag:0x1000001f(Body), Value:”naick”(string)]]; CONTENT[ptag:0x37001f(Subject), SubString, IgnoreCase, val:[Tag:0x37001f(Subject), Value:”naick”(string)]]]]

EntryIDs: [count:1, [len=46, data=00000000BDDED84A13037743AF12A0FBB395C0D9010093A0DC80C8953B4B88DB2726AE921E26004DDB4EC4E80000]]

Flags: Restart, NonContentIndexed, FailOnForeignEID

Skype for Business Online for Office 365 Firewall Requirements

The following are the requirements of Skype for Business Online for Office 365, note this information can change as the service evolves. This is from the clients machine to Office 365

Firewall Ports

Port Destination Protocol Client Usage Direction



SIP Signalling




Audio, Video, Application sharing sessions and Web Conferencing




Audio and Video Sessions




SfB Mobile push notifications –  iOS Only


50000 TO 59999 INCLUSIVE


Audio and Video Sessions


50000 TO 59999 INCLUSIVE


Application Sharing and File   Transfer


The following is the URL’s that SfB Online from the client will use to get to the SfB Online servers so if the traffic is going through internet proxies and you are having issues these URL’s will be helpful:


Finally the last point is if your firewall guys want to lock down access to specific IP addresses (although NOT recommended due to the fact these can be changed) Please refer here:

Converting a User to a Shared Mailbox or Vice Versa in Office 365

I was working with a customer recently who wanted to convert a shared mailbox back to a user and found that I was given the following error message:

Error on proxy command ‘Set-Mailbox -Type:’Regular’ -Identity:’BLAH’ -Confirm:$False -Force:$True’ to server Server version 1941996335, Proxy method PSWS:
Request return error with following error message:
The remote server returned an error: (500) Internal Server Error…

After some digging and a quite conversation with my contacts within Microsoft, it was discussed that this is a known issue which to affects all EMEA customers. However being the bearer of good news there is a workaround:

Instead of connecting to ExO Ps the normal way you have to use the following:
New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri $Cred -Authentication Basic -AllowRedirection

Ensuring a targetserver is set and the target server should be the server in the error message as also shown above.

MS are aware of this bug and have advised that this will be resolved in the next build release which should be within the next quarter.

Office 365 Hosted IRM Configuration for Exchange Online

I recently had the opportunity to actually deployed hosted IRM for a customer with Exchange Online. Now there are some restrictions to this which is you only get what the templates are you don’t have the ability to customize the templates. If you want this then AADRM should be deployed on premise and then connected to Exchange Online.

Before we start the following needs to be installed locally:

Sign in Assistant:

Then download the Azure AD Module for PowerShell – – Note this is the 64 bit version if you are running 32 bit go here

Then download the Azure AD RM Tools – – Note this states 2010 but is the current version as of writing.


Then open PowerShell on your machine and run the following commands

Import-module AADRM

Connect-aadrmservice – you will be then prompted for credentials enter your admin account on the tenant.

Then run get-aadrmconfiguration – and look for functionalstate is enabled this proves it has been enabled successfully for your tenant.

Then run the following command to connect to Exchange Online

Import-module msonline


$Sess = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri -Credential $Cred -Authentication Basic -AllowRedirection Import-PSSession $Sess

Once connected run


Set-IRMConfiguration –RMSOnlineKeySharingLocation “

Note this is for the EMEA region if you want the other regions they are listed below: for North America for Asia Pacific

Import-RMSTrustedPublishingDomain -RMSOnline -name “RMS Online”

Get-IRMConfiguration – you should get back the same as below you will notice internallicensingenabled is set to false which blocks OWA the next step is to turn this on




Set-IRMConfiguration -InternalLicensingEnabled $true

Test-IRMConfiguration –sender – note this is an dummy account replace the name and the domain for the tenant you are trying it out on.

You should get back the following:



After this time I have noticed that it can take up to 24 hours for it to work in OWA but in Outlook it should be instant. Viola you are free to play and test with.

Now from this you have the ability to create rules that will also apply these templates otherwise by default a user will have to select them for each email.

DirSync installation ERROR on Server 2012 – Timeout has occured

Issue:  During the latest DirSync Install released in June 2013 you get following error when installing Dirsync on Windows Server 2012:



  1. First from Control panel uninstall all DirSync related components
  2. Open CMD as an Administrator and browse to DirSync directory
  3. Run dirsync.exe /FULLSQL (This will install Sync Tool without SQL bits)
  4. Once Installation in complete, go ahead and Uninstall Windows Azure Active Directory Sync tool” from Control Panel
  5. Now re-run DirSync.exe (WITHOUT the /FULLSQL switch), to complete DirSync installation.


Office 365 Auto Attendant with Lync 2013 On Premise

In my previous post I discussed Unified Messaging for the Voicemail feature of Office 365 with Lync 2013 on premise now in this article I will discuss how to configure the auto attendant in the same scenario.

Within The New Office 365 portal (Wave 15)

Select Dial Plan in O365 tenant > under UM Auto Attendants click + and fill out the information you can enable this straight away or come back and enable later on.

auto attendant

Then select the new Attendant and set the following as per the currently deployed options or query with customer.



business hours



dialling author auto

Then with Lync 2013 on premise open PS and run the following command to create the account:

  • New-CsExUmContact –sipaddress -RegistrarPool “” -OU “OU=Blah,DC=yourcompany,dc=com” -DisplayNumber “+14255550101” -AutoAttendant $True
  • Grant-cshostedvoicemailpolicy –identity “post the GUID that has been created” –policyname CloudUM

Then within Exchange Online Powershell

  • Set-UMmailboxpolicy -identity “Policy Name in O365” -SourceForestPolicy “CloudUM”

Viola auto attendant should be ready to go. Bear in mind the settings show here are pretty much the defaults and can be changed as you choose.

Office 365 Unified Messaging with Lync 2013 On Premise

UPDATE – 13/01/16 – Further updates and some tasks removed. Also note this does not contain any information for configuring Cloud PBX using UM in O365.

UPDATE – 10/06/15 I have also tested this configuration with Skype for Business and Exchange 2013 SP1 RU5 Hybrid with the current Office 365 wave.


I recently was working with a customer who had Exchange 2010 SP3 on premise but wanted to move all the functionality onto Office 365 whilst keeping Lync 2013/SfB 2015 on premise as this was the companies telephony system. No sweat I thought, well this blog is a list of my findings and how to actually get it configured. We will start with Voicemail and then discuss Auto attendant later on.

Lync 2013/SfB 2015 Enterprise Voice On Premise – Exchange 2010 Sp3/ 2013 CU11 Hybrid with The New Office 365 tenant (Wave 16)

First of all open up a PS shell on your Lync/SfB FE on premise then run:

  1. Set-csaccessedgeconfiguration –allowfederatedusers $true
  2. New-CsHostingProvider -Identity “Exchange Online” -Enabled $True -EnabledSharedAddressSpace $True -HostsOCSUsers $False -ProxyFqdn “” -IsLocal $False -VerificationLevel UseSourceVerification
  3. Get-csmanagementstorereplicationstatus ( to ensure replication has occured between all Lync/SfB servers make sure they all say true before moving on)
  4. Get-cshostingprovider -localstore to show the following
  5. Cshostingprovider
  6. Set-CsAccessEdgeConfiguration -UseDnsSrvRouting -AllowFederatedUsers $true -EnablePartnerDiscovery $true
  7. New-CsHostedVoicemailPolicy -identity CloudUM -Destination -Description “Office 365 Voicemail” -Organization “” (Ensure you use the tenant name and NOT your on premise domain otherwise the traffic will not route and this will not work)

Log onto the O365 Wave 16 tenant

Go to Unified Messaging > UM Dial Plans > New

new um dial

Then Edit the Dial Plan > Configure

For this you should try and match the company’s on premise configuration so that it matches but below is an example:


dial codes

outlook voice access

Under the Outlook Voice Access numbers also add the number without the E164 format and any shorter version such as 3/4/5 digits.


dialling rules

dialling auth


Then on premise Lync 2013/ SfB 2015 you need to create the Exchange UM Contact for O365 within Lync/SfB Powershell

  • new-csexumcontact -displaynumber +44203XXXXX –sipaddress -registrarpool -ou “OU=User,DC=yourcompany,dc=com”
  • Grant-cshostedvoicemailpolicy –identity “post the GUID that has been created” –policyname CloudUM

Then switch to Exchange Online Powershell

  • Set-UMmailboxpolicy -identity “Policy Name in O365” -SourceForestPolicy “On Premise UM Policy Name”

Then finally on your on premise Exchange 2010 SP3/ Exchange 2013 server (Note this is only if Unified Messaging is already configured on premise so that when you migrate a UM mailbox it doesn’t fail otherwise if you don’t run this step the remote move request will fail)

  • Set-UMmailboxpolicy -identity “On Premise UM Policy” -SourceForestPolicy “Policy Name in O365”

The Very last step is to configure the user. Now if you are setting up UM brand new then carry out the following steps but if you are migrating a user then ONLY carry this out after the user has migrated to Office 365 or you have suspended the move before completion. As otherwise UM will route to the cloud and until the mailboxes exists the voicemail message will never be delivered to the end user. As you cannot have a split UM in cloud and mailbox on premise and vice versa.

Within Lync 2013/ SfB 2015 PowerShell

  • Grant-cshostedvoicemailpolicy –identity “accountname” –policyname CloudUM
  • Run get cs-user –identity “accountname” and check that hostedvoicemail is set to true if not run the following command.
  • Set-csuser –identity “youraccount” –hostedvoicemail $true


The Service Fails to Start: The service did not respond to the start or control request in a timely fashion

During a recent deployment it was noticed that the DirSync and ADFS 2.0 servers were showing the following error in the Event log which stopped me from proceding with the installation

The Service Fails to Start: “The service did not respond to the start or control request in a timely fashion –  Event ID 7000 – The response has taken longer than 30,000 milliseconds to respond.

Looking at various factors and elimating them was a tideous task such as:

Has the server enough resources – Yes

Any issues with DC’s – No

Any issues with Firewall’s/Proxy for internet connectivity – No

Any issues with the hypervisor – No

So based on this I stumbled across the following fix which allows you to increase the timeout:

Increase the default timeout value:

  • Start Registry Editor (Regedit.exe).
  • To change the value data for the ServicesPipeTimeout DWORD value to 60000 in the Control key, follow these steps:
    1. Locate and then click the following registry key:
    2. Click the Control subkey
    3. Right-click the ServicesPipeTimeout DWORD value, and then click Modify.
    4. Click Decimal.
    5. Type 60000, and then click OK.
  • If the ServicesPipeTimeout value is not available, add the new DWORD value, and then set its value data to 60000 in the Control key. To do so, follow these steps:
    1. Locate and then click the following registry key:
    2. Click the Control subkey.
    3. On the Edit menu, point to New, and then click DWORD Value.
    4. Type ServicesPipeTimeout, and then press ENTER.
    5. Right-click the ServicesPipeTimeout DWORD value, and then click Modify.
    6. Click Decimal.
    7. Type a value of 60000, and then click OK.
      The value is 60000 milliseconds and is equivalent to 60 seconds or to one minute.

    Note This change does not take effect until the computer is restarted.

And viola as if by magic on the next pass no issues were observed. To date it would just seem that the server did not respond in a timely fashion and by increasing this gave us more time for it to succeed.