How to export office 365 mailbox in PST format

 Go to 

Content search - Microsoft 365 compliance

Then Content Search-->on Search--> Start Search with .+New Search--->Enter Name and description--->next-->select Location--it may be Exchange (You can include here the mailbox you want to search )/SharePoint sites/Exchange Public Folder--->Next-->can apply different conditions here, like sender/date/recipients etc...--->Next----> Review the search---click on submit

now you can monitor the status of Search in the Search tab, it may be in starting/completed etc. status.

and once completed, click on it and at the bottom click on Action and select Export result.

Now go to Export tab and here you will see your search name as the nameofSearch_Export.

Another window will open and here in the mid of the window, will see the status as preparing data/completed etc. and may wait for the status to be completed or you can start the download. To start The download, from the top of the window click on download result.

A small window of eDiscovery export tool will open, asking for Export key and location on your system where you want to save the result.

in the eDiscovery tool you can monitor the status of the download and once completed you may have a folder at the downloaded locations like (D:\Nawaz\SearchName_Export\12.25.2021-1659PM\Exchange) 

here you will find your pst file/files.

 

To Add another email address to a mailbox in office 365

 To Add another email address to a mailbox in office 365, you would be unable to do some from office 365/Exchange online in Exchange hybrid environment.

You have to run the following command from on premise exchange server. and then run the directorysync from directory  sync server/tool.

Set-remoteMailbox -Identity "Nawaz.Q2" -EmailAddresses@{add="nawaz.q2@ptcl4.onmicrosoft.com"}

How much emails received by each user in last one month in exchange server 2016

 To find How much emails received by each user in last one month in exchange server 2016

Get-TransportServer | Get-MessageTrackingLog -ResultSize unlimited -Start "10/23/2021 09:00:00" -End "11/23/2021 09:10:00" | where{$_.Recipients -like "*@mydomain.com"} | Group-Object -Property Sender | Select-Object name,count | sort count -desc | ft -auto >c:\path\EmailCountRecipt.csv

How much emails sent by each user in exchange server 2016

I used the following command to generate a report, have count of the number of emails sent by each user.

Note: it also had the email sent by external users (hotmail.com/gmail.com) so i had to remove those send from the report and leave only the internal users. 

Get-transportservice | Get-MessageTrackingLog -Start (Get-Date).adddays(-1) -EventId "send" -ResultSize unlimited | Group-Object sender | ft name, count >c:\path\AllSendcount.csv

Or you we can use the following command so only email sent by a specific domain's users will exported

Get-TransportServer | Get-MessageTrackingLog -ResultSize unlimited | where{$_.sender -like "*@domain.com"} | Group-Object -Property Sender | Select-Object name,count | sort count -desc | ft -auto >c:\path\EmailCount23Nov21.csv

To get number of emails in last one day or hour

(get-TransportServer | Get-MessageTrackingLog -Start (Get-Date).adddays(-1) -EventId "send" -ResultSize unlimited | where{$_.sender -eq "myemail@domain.com"}).count

(get-TransportServer | Get-MessageTrackingLog -Start (Get-Date).addhours(-1) -EventId "send" -ResultSize unlimited | where{$_.sender -eq "myemail@domain.com"}).count

Searching Message Tracking Logs by Sender or Recipient Email Address (practical365.com)

How to Migrate Skype for business on premise users to skype for business online

 As we know that Microsoft have deprecated skype for business online, so we have to connect Microsoft Teams for migration of skype for business on premise users. 

We have to user Skype for business Power shell on the FE server having internet access.

First save the credentials in a variable $cred.

$cred=Get-Credential

then connect to teams:

Type Connect-MicrosoftTeams and enter the credentials

Place the skype HostedMigrationOverrideUrl in a variable $url

$url=https://admin1e.online.lync.com/HostedMigration/hostedmigrationService.svc

Then use the following command

Move-CsUser -Identity nawaz@domain.com -Target sipfed.online.lync.com -Credential $cred -HostedMigrationOverrideUrl $url

then you should get the prompt for confirmation, after entering "Y" the command should be successful and the user should be migrated.

Note: in the skype HostedMigrationOverrideUrl the two yellow highlighted characters (1e) will be different for each organization.

$url=https://admin1e.online.lync.com/HostedMigration/hostedmigrationService.svc

How to restore deleted emails in office 365 through powershell

 You may use different commands, for example you want to restore 1 day emails of a user

New-MailboxSearch -Name "Nawaz11-Oct-DeletedEmails" -SourceMailboxes Nawaz@domain.com -TargetMailbox khan@domain.com -StartDate "10/10/2021" -EndDate "10/10/2021"

How to identify the proxy server in Azure AD Password Protection on premise environment

Environment:

Have Active directory 2016 environment, synchronized with Azure AD. Few months back got a requirement from the management to deploy "Azure AD password protection policy for cloud and on-premise". The deployment was completed successfully.

Issue:

Today the management asked for the detail of servers in this environment.

We know that we had installed the agents on all DCs but we also had one Azure AD Password Protection Proxy server as well but lost its name.

Solution:

Could search in the inventory but the easy/quick way was to run the following command. 

 PS C:\Windows\system32> Get-AzureADPasswordProtectionProxy

ServerFQDN      : ap1.domain.com

SoftwareVersion : 1.2.172.0

Domain          : domain.com    

Forest          : domain.com

HeartbeatUTC    : 10/1/2021 10:27:49 AM

AzureTenant     : domain.com

How to delete all content-emails from a mailbox and make it blank in exchange server 2016

Some time you may have a test mailbox and it may have some unwanted emails and you may need to delete all the emails permanently.

 You can use a simple command as below in Exchange PowerShell

Search-Mailbox -Identity "nawaz" -DeleteContent

Please note that the emails will be deleted permanently and you would not able to recover even from the recoverable items.

Resolved: The term 'New-ComplianceSearch' is not recognized as the name of a cmdlet

 Today i was trying to search and delete an email from user's mailboxes in Exchange online/Office 365.

My steps were as below.

1: Connect-EXOPSSession -UserPrincipalName myadmin@mydomain.com

2:

$Search=New-ComplianceSearch -Name "Remove Phishing Message" -ExchangeLocation All -ContentMatchQuery '(Received:4/13/2016..4/14/2016) AND (Subject:"Action required")' Start-ComplianceSearch -Identity $Search.Identity

But were getting the following error

New-ComplianceSearch : The term 'New-ComplianceSearch' is not recognized as the name of a cmdlet, function, script      file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct   and try again.          

Solution:

Run the following command to connect to "Security & Compliance Center PowerShell"

Connect-IPPSSession -UserPrincipalName khan.nawaz@ptcl.net.pk

and after that is was able to run the New-ComplianceSearch command.

As per TechNet article this command is used to connect to Security & Compliance Center PowerShell or standalone Exchange Online Protection PowerShell using modern authentication. The cmdlet works for MFA or non-MFA enabled accounts.

For further detail:

Connect-IPPSSession (ExchangePowerShell) | Microsoft Docs

and 

Search for and delete email messages in your organization - Microsoft 365 Compliance | Microsoft Docs 

                                               

How to migrate Skype for business users from Skype for business online to skype for business on premise with powershell

Some time you need to offboard your skype users from Skype for business online (Office 365) to your Skype for business on premise infrastructure. you can use the Skype for business Control panel or the PowerShell. To use the PowerShell you can follow the following steps. make sure that your FE server have internet access or access at least to Office 365, and also make sure that you have the required privileges to both Office 365 and on your on premise Skype for business environment.

Then Login to your FE server and open the "Skype for business Server management shell" with Run as administrator privileges. 

Then store your credentials with the following command in $cred variable.

$cred=Get-Credential 

(Note: you should use Global Admin or any other admin users with required rights and the user should be like in admin@yourdomain.onmicrosoft.com format )

then use the following command to move for example the user Abc@domain.com.

Move-CsUser -Identity Abc@domain.com -Target SFB15FEPool.domain.com -HostedMigrationOverrideUrl  https://adminxa.online.lync.com/HostedMigration/hostedmigrationService.svc -Credential $cred  -Confirm:$False 

or you can store the URL in a variable and then use following command.

$url="https://admin1a.online.lync.com/HostedMigration/hostedmigrationService.svc"

Move-CsUser -Identity username@contoso.com -Target pool.corp.contoso.com -Credential $cred -HostedMigrationOverrideUrl $url

(Note: store your HostedMigrationOverrideUrl in $url, which you can find from office 365 and may be some thing like in below format. (only the XA may be different for each tenant)

$url=https://adminXA.online.lync.com/HostedMigration/hostedmigrationService.svc)

For further detail look into the following link.

https://docs.microsoft.com/en-us/previous-versions/office/lync-server-2013/lync-server-2013-move-users-to-lync-online?redirectedfrom=MSDN 

Resolved: The subscription file failed to load for the following reason: The direct trust certificate of the subscribed Edge Transport server with thumbprint is a duplicate of the certificate of one of the HubTransport servers. Sharing the same certificate between Edge and Hub Transport

Issue:

Due to some issues, i had to re subscribe the edge server.

After creating the edge subscription file on the edge server with the following command.

New-EdgeSubscription –FileName “c:\EdgeSubFile.xml”

then copied the file "EdgeSubFile" to one mailbox server. and tried the following command.

New-EdgeSubscription -FileData ([byte[]]$(Get-Content -Path "c:\EdgeSubFile.xml" -Encoding Byte -ReadCount 0)) -Site "sitename"

 Getting the following Error:

The subscription file failed to load for the following reason: The direct trust certificate of the subscribed Edge Transport server with thumbprint

<Thumprint> is a duplicate of the certificate of one of the HubTransport servers. Sharing the same certificate between Edge and Hub Transport

servers is not allowed.

    + CategoryInfo          : InvalidOperation: (:) [New-EdgeSubscription], InvalidOperationException

Solution:

as mentioned in the error, the issue was with the SSL certificate, So after some searching on some forums, tried the following steps and the issue was resolved/successfully subscribed the edge.

On the edge server

1. copy/backup of the currently used SSL certificate for SMTP services.
2. delete that SSL
3. import another SSL certificate to the personal store of that edge
4. Enable that SSL for SMTP services
5. i.e (Enable-ExchangeCertificate -Thumbprint <34434kklkjlkjkdkfjk> -Services SMTP) 
6. restart the "Microsoft Exchange ADAM" service
7. create the subscription file again (New-EdgeSubscription –FileName “c:\EdgeSubFile1.xml”)
8. copy the file maibox server

on mailbox server

in exchange management shell use the following command for new sub subscription.

New-EdgeSubscription -FileData ([byte[]]$(Get-Content -Path "c:\EdgeSubFile.xml" -Encoding Byte -ReadCount 0)) -Site "sitename"

was successfully able to resubscribe

On the edge server

1. delete the SSL certificate which we imported and assigned to SMTP services before for edge subscription
2. So open mmc and delete that certificate.
3. import the valid certificate which we want to use for SMTP services 
4. enable that new certificate for smtp services 
5. i.e (Enable-ExchangeCertificate -Thumbprint <34fdsf434kklkfdfjlkjkdkfjk> -Services SMTP)
6. restart the "Microsoft Exchange ADAM" service on the edge server

on the mailbox server 

restart the Microsoft Exchange Transport and Microsoft Exchange EdgeSync services

Test the subscription with the following power shell commands 

Start-EdgeSynchronization -ForceUpdateCookie -ForceFullSync

should have result as success or inprogress like as below.

Result         : Success

Type           : Configuration

or 

Result         : InProgress

Type           : Recipients

Test-EdgeSynchronization

should have syncstatus Normal, like as below.

RunspaceId                  : 58fdsfad-dfds-4123-adf1-39a802dcd2bd

SyncStatus                  : Normal

UtcNow                      : 7/10/2021 3:55:35 PM

check mailflow/Queue

with get-Queue poweshell command

How To connect Exchange online through powershell if MFA is enabled

 You have to first download "Microsoft Exchange Online Power shell Module" from your exchange admin center portal (https://outlook.office.com/ecp/) 

then you have to open the "Microsoft Exchange Online Power shell Module" and you should get the window like below.

Then you have to use the command (Connect-EXOPSSession -UserPrincipalName AdminUser@domain.com) in Microsoft Exchange Online Power shell Module.

then it should pop up for the credentials and also for the second factor authentication.

Get Office 365 users with a specific license

First we have to connect MSOLService through powershell.

Connect-MsolService

Then get the list of available licenses with the following command.

Get-MsolAccountSku

then we can use the following command to Get the users with a specific license

Get-MsolUser -MaxResults 200000 | Where-Object {($_.licenses).AccountSkuId -match "p:ems"} >c:\pathc\EMSUsers.CSV

How to Search Admin Audit log in Office 365 against a mailbox

 Go to 

Audit log search - Security & Compliance (office.com)

on the right side Select Search ---> Audit log Search---->in Search Activities "Show activities for all activities"

set Start and End dates

in Users box enter the mailbox/email address on which you want the activities performed.

in file, folder, or Site you may enter required details, even may be the subject of the email.

then it may take some time to complete the query  and then you may download the result of the search in excel sheet or can view in the same window here.

it will show all the activities performed on the mailbox.

Resolved: An attempt to resolve the DNS name of a domain controller in the domain being joined has failed. Please verify this client is configured to reach a DNS server that can resolve DNS names in the target domain.

Environment Detail:

A friend of mine was trying to join a Windows server 2012 R2 Machine to Active Directory but was getting failed with the following error.

Error: 

The following error occurred attempting to join the domain "mydomain.com":

An attempt to resolve the DNS name of a domain controller in the domain being joined has failed. Please verify this client is configured to reach a DNS server that can resolve DNS names in the target domain. For information about network troubleshooting, see windows Help.

Troubleshooting:

Tried enough to troubleshooting, check network , ports, Active directory, DNS but no luck, at last the following solution, resolved this issue.

Solution:

Go to the properties of the network card--->internet protocol Version 4(TCP/IPv4)--->Properties---->Advanced--->DNS tab---->select Append these DNS suffixes (in order): and enter the name of the domain (mydomain.com) and click to save the changes.

Further findings:

The Active directory domain name (mydomain.com), is the same name (mydomain.com) as the website of the company accessible on internet. 

The client machine has internet access.

How to Export last password date of users in an OU through powershell

How to Export last password date of users in an OU.

can you the following powersheel command 

PS C:\Windows\system32> Get-ADUser -SearchBase "OU=Users,DC=Mydomain,DC=net" -filter * -Properties * | select name, @{name ="pwdLastSet"; expression={[datetime]::FromFileTime($_.pwdLastSet)}} >c:\pic\nameAndPass.csv

Get email send/receive statistics of a mailbox in exchange server 2016

To get last 1 days sent emails of a mailbox

Get-MessageTrackingLog -sender nawaz@domain.com -start (Get-date).addday(-1) | messageid -unique | measure

To get last 1 days received emails of a mailbox

Get-MessageTrackingLog -sender nawaz@domain.com -start (Get-date).addday(-1) | messageid -unique | measure

To get last 7 days sent emails of a mailbox

Get-MessageTrackingLog -sender nawaz@domain.com -start (get-date).adddays(-7) | select mes

sageid -unique | measure

To get last 7 days received emails of a mailbox

Get-messageTrackiglog -recipient nawaz@domain.com -start (get-date).adddays(-7) | select messageid -unique | measure

To get last 30 days sent emails of a mailbox

Get-messageTrackiglog -Send nawaz@domain.com -start (get-date).adddays(-30) | select messageid -unique | measure

To get last 30 days received emails of a mailbox

Get-messageTrackiglog -recipient nawaz@domain.com -start (get-date).adddays(-30) | select messageid -unique | measure

Sending data to a remote command failed with the following error message. Exchange 2016

Environment:

Have Hybrid environment, with Exchange Server 2016 and Office 365.

ISSUE:

Want to Search a specific email in all users mailboxes with the following command:  

 [PS] C:\>Get-Mailbox -ResultSize unlimited | Search-Mailbox -SearchQuery 'Subject:"FW:SubjectOfEmail"' -TargetMailbox nawazABC -TargetFolder "inbox\spamitems"

But getting the following Error:  

Sending data to a remote command failed with the following error message: [ClientAccessServer=SERVERNAME,BackEndSer

ver=SERVERNAME.Domain.com,RequestId=9c2cdfdse-4fd7-fds80-8df7-efdsfdsfa,TimeStamp=3/30/2021 7:32:30 AM]

[FailureCategory=WSMan-Others] The total data received from the remote client exceeded the allowed maximum. The

allowed maximum is 524288000. For more information, see the about_Remote_Troubleshooting Help topic.

REASON/Solution:

The Search-Mailbox have some limitations as per the given error that it can return limited number of results. So we have to run our command multiple times, may be for a group of mailboxes, mailbox databases or servers. like as below

1-

Search-Mailbox -identity mailbox1 -SearchQuery 'Subject:"FW:SubjectOfEmail"' -TargetMailbox nawazABC -TargetFolder "inbox\spamitems"

2 -

Get-Mailbox -database DB1 | Search-Mailbox -SearchQuery 'Subject:"FW:SubjectOfEmail"' -TargetMailbox nawazABC -TargetFolder "inbox\spamitems"

3-

Get-Mailbox -Server Server1 | Search-Mailbox -SearchQuery 'Subject:"FW:SubjectOfEmail"' -TargetMailbox nawazABC -TargetFolder "inbox\spamitems"

How to Search and delete an email from a mailbox in exchange server 2016

Environment:

Have exchange 2016 hybrid environment with office 365.

Issue:

A phishing email received to a user and need to be deleted from his mailbox ASAP.

Solution:

Run the following command to delete the email from a mailbox

Search-Mailbox -identity nawazabc -SearchQuery 'Subject:"SubjectOfTheEmail"' -TargetMailbox nawazxyz -TargetFolder "inbox\spamitems" -LogLevel full -DeleteContent

Run the following command to delete the email from the mailbox DataBase

Get-Mailbox -ResultSize unlimited -Database "db1"|Search-Mailbox -SearchQuery 'Subject:"SubjectOfTheEmail"' -TargetMailbox nawazxyz -TargetFolder "inbox\spamitems" -LogLevel full -DeleteContent

To search and delete such emails from Office 365 please look  into this link https://nawazblogger.blogspot.com/2020/07/how-to-search-and-delete-email-from.html 

Get-Mailbox -ResultSize unlimited -Database "db1" | Search-Mailbox -SearchQuery 'Subject:"Security Awareness Module Assigned "Full Social Media Policy""' -deleteContent

Service unavailable, HTTP Error 503. The service is unavailable.

 Environment:

Wanted to publish some services with ADFS and WAP.

ADFS was placed in internal network while WAP was placed in DMZ.

ADFS was configured properly and the default page was accessible internally.

But was getting the following error, while trying the same from the external network.

Error:

Service unavailable, HTTP Error 503. The service is unavailable.

Reason:

TLS 1.0 was disabled on the ADFS server

Solution:

After enabling TLS 1.0 on the ADFS server, the issue was resolved. 

Note: As Registry changes are always critical, so before doing any registry changes, please take backup of your system.

unable to login ADFS with default page after installation

Issue:

After installing the ADFS role successfully on the server, was unable to logged in to the default login page of ADFS.

i.e

 https://ADFS-url/adfs/ls/idpinitiatedsignon.html

was not accessible

Solution:

After searching on internet came to know that i have to enable the default page with the following power shell command.

So open PowerShell with run as administrator on the ADFS server and run the following command, resolved the issue.

Set-AdfsProperties -EnableIdPInitiatedSignonPage $true

Unable to share any local drive through remote desktop Connection with remote system (Resolved)

  Issues:

1:

Unable to copy any file from local system to a remote system, connected through remote desktop connection

2:

unable to share the local drives with remote system through Remote Desktop Connection

Or

The local drives not visible on the remote system through Remote Desktop Connection

3:

The past option was grayed out

Solution:

After looking in local security policy as below

Type-->GPEDIT.msc in run-->Local computer policy-->computer configuration-->Administrative Templates-->windows components-->Remote Desktop Services-->Remote Desktop Session Host--->Device and Resource Redirection-->Do not allow Drive redirection--option was --Enabled

So after changing option to not configured the above issues were resolved

Unable to copy any file from local system to a remote system, connected through remote desktop connection

 Issues:

1:

Unable to copy any file from local system to a remote system, connected through remote desktop connection

2:

unable to share the local drives with remote system through Remote Desktop Connection

Or

The local drives not visible on the remote system through Remote Desktop Connection

3:

The past option was grayed out

Solution:

After looking in local security policy as below

Type-->GPEDIT.msc in run-->Local computer policy-->computer configuration-->Administrative Templates-->windows components-->Remote Desktop Services-->Remote Desktop Session Host--->Device and Resource Redirection-->Do not allow Drive redirection--option was --Enabled

So after changing option to not configured the above issues were resolved

your organization has disabled this device.(Resolved)

Issue:

One of office 365 user was trying to open outlook on his system but were getting the following error.

Error: 

Something went wrong, your organization has disabled this device 

To fix this, contact your system administrator and provide the error code 135011

And after clicking on the continue button, on the next page was getting the below error.

We couldn't sign you in. if this error persists. Contact your system administrator and provide the error code CAA20003

Solution:

First i have to note the name of device on which the user was facing the issue.

Then, Go to "https://portal.azure.com" then Azure active directory then All devices--->then search for the device and here the device was disabled. after enabling the device here, the issue was resolved. 

Mailbox migration failed with The connection to the server 'autodiscover.domain.com' could not be completed

Issue:

was trying to migrate a mailbox from office 365 to on premises exchange server 2016.

was getting the following error. 

 "The connection to the server 'autodiscover.domain.com' could not be completed"

Resolution:

As recently i had changed the password of the admin user in the migration endpoint.

so after updating the password in the migration endpoint with the following steps the issue was resolved.

Steps:

login to "https://outlook.office.com/ecp"

then Recipients ---> migration-->click the 3 dots and click on Migration Endpoints. double click on the migration endpoint and update the password.

ContentIndexErrorMessage : The Microsoft Exchange Search Host Controller Service is not running on server

After updating Exchange 2016 CU16 to CU19 and applying the "HAFNIUM" security patches, some databases were in Failed state. 

Error 1:

in ECP was getting the error "Content index state: Failed" against the database

Error 2:

in Exchange Shell, running 

Get-MailboxDatabase DatabaseName | Get-MailboxDatabaseCopyStatus | ft Name,*index* 

was getting this error

"ContentIndexErrorMessage     : The Microsoft Exchange Search Host Controller Service is not running on server"

Solution:

After checking the "Microsoft Exchange Search Host Controller" Service on the effected server, found that this "Microsoft Exchange Search Host Controller" was in stopped/disabled state. 

after changing the startup type to automatic of "Microsoft Exchange Search Host Controller" service and starting it and restart the server.

the issue was resolved.  

To count skype for business users

To count skype for business users in a Pool

PS C:\Users\admin> (Get-CsUser -Filter {RegistrarPool -ne "SFBPool.mydomain.com"}).count

2140

To count skype for business online users

PS C:\Users\admin> (Get-CsUser -Filter {hostingprovider -eq "sipfed.online.lync.com"}).count

2140

To count skype for business users

PS C:\Users\admin> (Get-CsUser).count

3633

Search or filter users on the basis of mobile attribute in Active directory

 PS C:\Users\adsync> $var="123456789"

PS C:\Users\adsync> Get-ADUser -Filter {mobile -like $var} -Properties name |select name

Send-MailMessage : Mailbox unavailable. The server response was: 5.7.1 Unable to relay for nawaz@domain.com

 Issue Detail:

Was using the following powershell command to send the email from the IIS/SMTP relay

Send-MailMessage -From "nawaz@domain.com" -to "khan@domain.com" -Cc "ali@domain.com" -Subject "SUBJECT TEST with no cred" -Body "BODY Test for the email" -SmtpServer SMTPSERVERNAME -Credential USER -usessl

but was unable to do so, getting the following error.   

Error:

Send-MailMessage : Mailbox unavailable. The server response was: 5.7.1 Unable to relay for nawaz@domain.com

Solution:

Go to IIS and right click on your SMTP relay-->Properties-->Access tab-->Relay--->add the IP from where you are trying to send the emails

Send-MailMessage : Unable to send to all recipients

Issue Detail:

Was using the following powershell command to send the email from the IIS/SMTP relay

Send-MailMessage -From "nawaz@domain.com" -to "khan@domain.com" -Cc "ali@domain.com" -Subject "SUBJECT TEST with no cred" -Body "BODY Test for the email" -SmtpServer SMTPSERVERNAME -Credential USER -usessl

but was unable to do so, getting the following error.   

Error:

Send-MailMessage : Unable to send to all recipients

Solution:

Go to IIS and right click on your SMTP relay-->Properties-->Access tab-->Relay--->add the IP from where you are trying to send the emails

Resolved: (2148074274) The target principal name is incorrect

 The issue, reason and solution was here in below article. 

 Error (Target Principal Name is incorrect) when manually replicating data between domain controllers - Windows Server | Microsoft Docs

and explanation

Troubleshoot AD replication error 2146893022 - Windows Server | Microsoft Docs

Resolutions steps.

First we have to identify the PDC emulator with the following command.

using the command prompt with admin credentials.

1:

netdom query fsmo

2:

On The Faulty DC , disable the Kerberos Key Distribution Center service (KDC)

and restart the Faulty DC

3:

After restart, with Netdom reset the secure channels between this faulty DC and PDC.

To do so, Run this command in command prompt of the faulty DC.

netdom resetpwd /server: DC /userd: domain\admin /passwordd: *

Note: Where server is the name of the PDC, not the faulty DC.

Restart the faulty DC again.

Start/restart the KDC service (net start KDC)

Force replication again via repadmin /syncall /APed