Blogs by Ashwin

  Symptoms You apply one of the following options to an email message by using a sensitivity label or email encryption in Outlook: Do Not Forward Encrypt-Only  When you try to send this encrypted email message to many recipients, you receive the following error message: Too many users have been granted access to this protected content. Reduce the number of users or replace users with user groups, and try again.  Note: The number of recipients that causes this error varies, depending on both the number of recipients and the length of each recipient's email address. For typical email addresses, this error usually occurs if hundreds of email addresses are added to the message. Only the number of email addresses that are individually added to the recipient list causes this error. Cause This problem arises from the size restriction of the protection policy applied to the email. In Microsoft Purview Information Protection, this rigid size cap is set at 4 MB. The protection poli...

  Issues That Affect PST Import Jobs When utilizing the Import service in the Security & Compliance Center to bring PST files into user mailboxes within your organization, the final step in your process is to initiate the import job you have created. During the execution of the import process, you may encounter problems, including sluggish performance or the failure of the job.  Import Job is Stuck Or Running Slowly The Microsoft 365 Import service typically ingests PST files into mailboxes at a rate of around 24 GB daily. While this rate is common, it cannot be assured since the Import service operates within a shared environment that accommodates multiple tenants.  Note- You should use the Import Service UI in Microsoft 365 to create new Import jobs. Using PowerShell for this task isn't supported.  If your import process is slow or seems to be halted, the PST file may exceed the recommended maximum size of 20 GB. For the ongoing job, anticipate delays if the si...

  Symptoms When utilizing the Microsoft 365 Import Service in the Security & Compliance Center to import PST files via network or drive shipping, you might encounter an error message.  Cause This problem arises when there are items that share the same user principle name (UPN) or Simple Mail Transfer Protocol (SMTP) address in Exchange Online.  Workaround To work around this issue, run the following commands to see whether the objects are recipients or soft-deleted users: Get-Recipient <SMTP_ADDRESS> Get-Mailbox <SMTP_ADDRESS> -SoftDeleteMailbox Get-MailUser <SMTP_ADDRESS> -SoftDeleteMailuser  After you find the user, you can use the Exchange GUID as the target mailbox in mapping the CSV file.  Conclusion The issue related to PST import service is resolved.

  Symptoms User in your organization experience one or more of the following issues: They can't open encrypted email messages in Microsoft Outlook or Outlook on the web. They can't send encrypted email messages. The Encrypt button is missing in both Outlook and Outlook on the web.  Cause These issues can occur due to several reasons, such as: Your organization's Microsoft 365 subscription doesn't support Microsoft Purview Message Encryption.  The tenant used by your organization is misconfigured. The account that's used by the affected users to sign in to Outlook or Outlook on the web isn't assigned a valid license to use the Microsoft Purview Message Encryption (Office 365 Message Encryption) feature.  Resolution To resolve the issues, follow these steps in the given order: Step 1: Run the diagnostic for Microsoft Purview Message encryption Select the "Run Tests: Microsoft Purview Message Encryption" button to open the diagnostic in the Microsoft 365 ...

  Symptoms A member of your Microsoft Exchange organization sends an encrypted email to an outside recipient who attempts to access it using their Microsoft Outlook desktop application. However, the recipient either: Can't open the encrypted message. Receives a message that has a "Read message" link in the message body.  Cause The symptoms can occur for either of the following reasons: To open an email message encrypted with Microsoft Purview Message Encryption, the recipient's Outlook desktop application needs to connect to the Azure Information Protection (AIP) endpoint associated with your Exchange Online tenant.  However, the Outlook desktop client might not connect to AIP endpoint if either of the following conditions are true: An outward-facing Conditional Access (CA) policy in the tenant utilized by the sender prevents access to the endpoint.  The Multifactor Authentication (MFA) policy implemented in the tenant utilized by the sender provides an additional se...

  Problem When a user of Microsoft Exchange Online attempts to open a message encrypted with Microsoft Purview Message Encryption in Outlook Web App, they receive the error message: We cannot display your message at this moment. This problem happens even when user is capable of sending encrypted messages using Outlook Web App.  Cause This issue arises due to alterations in the MIME types linked to the default Outlook Web App policy, resulting in the removal or modification of the text/html MIME type.  Solution To address this issue, restore the MIME types linked to the default Outlook Web App policy to their original settings. To achieve this, follow these steps: Connect to Exchange Online via Remote PowerShell. Run the following commands: $owapolicy = Get -OwaMailboxPolicy Set -OwaMailboxPolicy -AllowedMimeTypes @{remove = "text/html"} -BlockedMimeTypes @{remove = "text/html"} -ForcedSaveMimeTypes @{add = "text/html"} -Identity $owapolicy.Identity Conclus...