Exchange 2016/hybrid ECP

Gareth Davies 276 Reputation points
2022-09-29T21:31:29.543+00:00

Out of the blue I am unable to log into the Exchange ECP page. It brings up the logon page then thinks about it for a few seconds before giving me a 404.503 - Not found error.

I recently updated to CU23, but after this I was able to log in just fine.
The reason I need to log in is we found a shared mailbox we do not recognize, the email address is not in our namespace and I am unable to delete it in EOL because it is syncing from the on premises server. The mailbox appears to have been created before the CU23 update so it is not a case of someone hacking in, creating this and denying access.

How can I fix the 404 error and is there another way to delete the shared mailbox without deleting all shared mailboxes?

Exchange Server Management
Exchange Server Management
Exchange Server: A family of Microsoft client/server messaging and collaboration software.Management: The act or process of organizing, handling, directing or controlling something.
7,398 questions
{count} votes

3 answers

Sort by: Most helpful
  1. Andy David - MVP 142.7K Reputation points MVP
    2022-09-29T21:37:24.827+00:00

    Depends on what you mean by delete:

    1. Delete the AD Account on-prem or run
      Remove-RemoteMailbox <shared Maibox>
      on-prem Exchange Powershell https://learn.microsoft.com/en-us/powershell/module/exchange/remove-remotemailbox?view=exchange-ps
    2. Or move the AD account to an OU that isnt sycned to Azure. the AD Account will remain but just not in Azure
    3. You can mail disable the remote mailbox on-prem as well which leaves the AD Account intact: https://learn.microsoft.com/en-us/powershell/module/exchange/disable-remotemailbox?view=exchange-ps

  2. Andy David - MVP 142.7K Reputation points MVP
    2022-09-29T21:55:43+00:00

    Hi there.
    So I would use on-prem Powershell and connect to the on-prem Exch Server

    https://learn.microsoft.com/en-us/powershell/exchange/connect-to-exchange-servers-using-remote-powershell?view=exchange-ps#connect-to-a-remote-exchange-server

    then run:
    https://learn.microsoft.com/en-us/powershell/module/exchange/disable-remotemailbox?view=exchange-ps

    Disable-RemoteMailbox <remote shared mailbox>  
    

    that will remove the shared mailbox in Exchange Online once it syncs via AADConnect, but leave the AD Account intact.


  3. Gareth Davies 276 Reputation points
    2022-09-30T13:33:26.123+00:00

    So I solved both issues.

    ECP access - My boss had tried to add a filter to the IP address and domain restrictions in IIS, but had then left Edit Feature Settings disabled. As soon as this was enabled access to ECP came back.

    The rogue shared email - I gave the AD account an O365 license, changed the mail, proxy addresses and target address attributes so he had a primary address within our namespace, waited for AADC to sync and for EOL to show the changes. I then converted the now valid shared mailbox to a user mailbox, removed the license and waited for the AADC sync to run again. The mailbox has gone away.

    0 comments No comments