-
⚠️ Exchange DAG, dynamic quorum and an unexpected datacenter failover behavior
A missing File Share Witness, dynamic quorum vote recalculation, and a real-world datacenter isolation scenario led to unexpected Exchange DAG behavior during a failover event. In this post, we analyze how dynamic quorum adjusted node votes, why the “wrong” datacenter retained quorum, why previous DR tests did not reveal the issue, and how hidden quorum…
-
📦 Exchange troubleshooting and log collection: why time matters
Exchange troubleshooting often begins too late — after important logs have already been overwritten. In this post, we discuss the Microsoft ExchangeLogCollector script, why rapid diagnostic collection matters, and how preserving the right data early can dramatically improve the chances of successful Root Cause analysis.
-
⚠️ Exchange DAG with an even number of nodes and no File Share Witness: a hidden risk
A healthy-looking DAG does not always mean a healthy quorum configuration. In this post, we discuss why an Exchange DAG with an even number of nodes still requires a properly configured File Share Witness, how dynamic quorum can hide the problem for a long time, and why missing witness resources may only become visible during…
-
🛡 Antivirus on Exchange Servers: When “Configured According to Best Practices” Still Isn’t Enough
Antivirus software is mandatory on Exchange servers, but misconfiguration goes far beyond missing folder exclusions. This article explains how antivirus process-level integration can silently affect IIS and Exchange services, why issues may look unrelated to antivirus at first glance, and how Microsoft-provided diagnostic scripts help identify configuration problems.
-
📅 A Second Calendar Took Over: Why New Events Land There and How We Fixed It
A real-world Exchange support case where a second calendar suddenly became the default one. All existing meetings stayed in the old calendar, while new events were created in the new one. We walk through why Exchange can’t tell you who caused it, why third-party mobile apps are often involved, and how to restore the correct…
-
❌ Unsupported Exchange Server Recovery Methods
Most Exchange server restore attempts “work” only by luck — but they are never supported. This post explains why snapshot-based, image-based, offline VM, or storage-level restores create state divergence between the recovered server and Active Directory, why this leads to silent corruption (Search, Cluster, IIS, Transport, CUs), and why Setup.exe /RecoverServer is the only supported…
-
🔍 When Search Works “But Doesn’t” in Exchange 2016 DAG
Search reported “Healthy,” but wasn’t working on a DAG node restored from a VM-level backup. The server had been recovered using an unsupported method, which left the Ceres Search Engine in an inconsistent state. The post explains how the issue manifested, why the correct recovery approach is Setup /RecoverServer, and how the customer temporarily repaired…
-
🔐 Why You Cannot “Switch Exchange to LDAPS (636)” — and Why You Don’t Need To
Why Exchange cannot use LDAPS (636) — and why it doesn’t need to. Auditors often require “LDAPS everywhere,” but Exchange relies on LDAP over SASL (Kerberos/NTLM), which already provides encryption and integrity via signing/sealing on ports 389/3268. No plaintext data is ever transmitted. This post explains the architectural reasons, shows packet captures, and provides a…
-
📨 SMTPUTF8 in Mixed Exchange Environments (2019 ⇄ 2016): Why Your Go (gomail) App Fails — and How to Fix It
Mixed Exchange 2019↔2016 can break SMTP submissions from Go/gomail when FE 2019 advertises SMTPUTF8 and the session is proxied to BE 2016 that doesn’t support it. The fix: disable SMTPUTF8 on the 2019 connector, adjust the client, or finish migrating to 2019.
-
🔍 Granting Cross-Forest Mailbox Access: Linked Mailbox or Full Access?
Two forests, one mailbox. Should you just assign Full Access or go with a Linked Mailbox? Here’s the difference, a real-world error we hit, and why linked mailboxes often win for long-term stability.
EWS Free Area 