MSExchangeGuru.com

Learn Exchange the Guru way !!!

 

Microsoft Tenant Azure Sync Issue impacted Email delivery to DL & nested DL. Also sender did not receive Non delivery report.

Issue

When Exchange on Line (EXO) User sent an email to a distribution list, it did not deliver to DL member’s and it’s nested DLs. There was NO NDR.

Impact:

Business-critical communications with external parties are severely interrupted & O365 Migration Project timeline got delayed.

Analysis

  • The mail which was sent to a DL is delivered to the groups who have members and dropped for nested groups. The trace report shows the Resolver group expansion error was generated in EOP.
  • The nested groups and some of them are expanded, resolved and mail delivered to recipients. Some DLs/Groups are Expanded but not resolved and their mails are dropped in EOP O365 which means message not sent to next hop.
  • EventID DROP being generated at prior level of nested group, however some nested groups recipients received mails of the same Expanded groups and some not. We tried to find the exact DL/Group on which DROP EventID generated but due to limitation we could not do in-depth investigation because expansion server is located at MSFT. Mails can be dropped by many reasons like DLs’/Groups could not be found by Expansion server, No members in groups, Corrupted or invalid entries. All these information

Resolution

Run below CMDLets and validate membership between Azure and Exchange online.

          Azure Environment

                Get-MSOLGroupMember

          Exchange online (EXO) Environment

               Get-DistributionGroupMember

         Validate AD email objects in Azure and Exchange online (EXO).

If find an email object not found in Exchange & exist in Azure environment and run below cmdlet to force the sync in case if there any changes

which need to be replicated immediate basis.

              Get-msolgroup -searchstring “Email” | fl *object*

              Redo-MsolProvisionGroup -Object <Guid>​

          Note: Full tenant synchronization, may complete in 24 hours.

  1. How to validate sync status between Azure and Exchange online.

               Get-MsolUser -HasErrorsOnly

               Get-MsolGroup -HasErrorsOnly

               Get-MsolDirSyncProvisioningError

Fix object level errors and run full tenant level sync to converse the Email objects across between Azure and Exchange Online (EXO).

 

Vinod Kumar Singh
MCSE, MCITP – Exchange 2010, MCITP LYNC 2010, CCNA
Team@ MSExchangeGuru

Leave a Reply

Categories

Archives

MSExchangeGuru.com