I have been working on a project recently and setting up an exchange hybrid deployment for 1400 users.I ran into a lot of issues with the wizard and have noticed a lot of people on the web have had some problems as well. So I thought I would post the most common issues and how I resolved them.
This is the default directory for the hybrid wizard log files
C:\Program Files\Microsoft\Exchange Server\V14\Logging\Update-HybridConfiguration
Before you run the hybrid configuration wizard or need to do any of the below , run this command in the exchange management shell
Set-AutodiscoverVirtualDirectory "casservername\Autodiscover (Default Web Site)" -WSSecurityAuthentication $True
So now browse to the federation tab on your onpremise organisation and take note of the application URI
Now browse to the Online tenant and create a new organisation relationship and call it "Exchange Online to on premises Organization Relationship" Then manually enter the settings as per the image below. Adding in your already federated domains. You can simply add the domain that is blacklisted at a later stage. Enter the application uri that you previously took note of and finally enter https://autodiscover.yourdomain.com/autodiscover/autodiscover.svc/WSSecurity and this will be the domain that can access your hybrid server and the wild card certificate.
Enable free/busy on both the onprem and online organisation relationship.
Then add in a send connector and add the default onmicrosoft.com domain. If you were transitioned from bpos to office 365 add in that domain as well.Add in the smart hosts as per the image below and your source servers.
Then create a receive connector and only allow email from the following ip addresses and ranges. These addresses may change pending on what part of the world you are in.
Lastly you need to enable the mailbox replication proxy service which you can do so by running this command in the exchange management shell
Set-WebServicesVirtualDirectory -Identity “EWS (Default Web Site)” -MRSProxyEnabled $true –MRSProxyMaxConnections 100
This will enable the MRSProxy correctly in SP2. If you have changed the timeout values of the data move then you will again need to go to your web.config file and update the timeout value again. If you are not familiar with this it is the timeout value of the MRSProxy when performing a remote mailbox move. When you are performing bulk migrations of users to Office 365 it is a good idea to increase this so you don’t get failures during overnight data loads if you are using virtual machines for the Mailbox or CAS roles.Open the web.config file located in C:\Program Files\Microsoft\Exchange Server\V14\ClientAccess\exchweb\ewsGo to the bottom of the file and locate the new smaller MRSProxy section and make the change shown:
So this worked for me , I could see free busy between onprem and an online tenant, and move mailboxes between onprem and office 365 even though the hybrid wizard had been failing.
This is the default directory for the hybrid wizard log files
C:\Program Files\Microsoft\Exchange Server\V14\Logging\Update-HybridConfiguration
- "" isn't a valid SMTP domain - This is when there is still a self signed certificate that has iis & smtp services applied to it Delete the certificate and ensure iis & smtp are assigned to a trusted certificate and rerun the wizard.
- An unexpected result was received from Windows Live. Detailed information: "InvalidUri InvalidUri: Passed URI is not valid.".
This is when the federation gateway services have blocked the domain you are trying to federate.Your DNS TXT confirmation record shows up fine when you query it on mxtoolbox.com txt:yourdomain.com. So you need to escalate it with Microsoft and get it white listed. The unfortunate part for me was that the particular domain that wasn't trusted was the external facing domain on my hybrid server and had the domain name linked to my wild card certificate and because of this the wizard would not complete. - ERROR:Updating hybrid configuration failed with error 'Subtask Configure execution failed: Creating Organization Relationships.
Before you run the hybrid configuration wizard or need to do any of the below , run this command in the exchange management shell
Set-AutodiscoverVirtualDirectory "casservername\Autodiscover (Default Web Site)" -WSSecurityAuthentication $True
So now browse to the federation tab on your onpremise organisation and take note of the application URI
Now browse to the Online tenant and create a new organisation relationship and call it "Exchange Online to on premises Organization Relationship" Then manually enter the settings as per the image below. Adding in your already federated domains. You can simply add the domain that is blacklisted at a later stage. Enter the application uri that you previously took note of and finally enter https://autodiscover.yourdomain.com/autodiscover/autodiscover.svc/WSSecurity and this will be the domain that can access your hybrid server and the wild card certificate.
Enable free/busy on both the onprem and online organisation relationship.
Then add in a send connector and add the default onmicrosoft.com domain. If you were transitioned from bpos to office 365 add in that domain as well.Add in the smart hosts as per the image below and your source servers.
Then create a receive connector and only allow email from the following ip addresses and ranges. These addresses may change pending on what part of the world you are in.
Lastly you need to enable the mailbox replication proxy service which you can do so by running this command in the exchange management shell
Set-WebServicesVirtualDirectory -Identity “EWS (Default Web Site)” -MRSProxyEnabled $true –MRSProxyMaxConnections 100
This will enable the MRSProxy correctly in SP2. If you have changed the timeout values of the data move then you will again need to go to your web.config file and update the timeout value again. If you are not familiar with this it is the timeout value of the MRSProxy when performing a remote mailbox move. When you are performing bulk migrations of users to Office 365 it is a good idea to increase this so you don’t get failures during overnight data loads if you are using virtual machines for the Mailbox or CAS roles.Open the web.config file located in C:\Program Files\Microsoft\Exchange Server\V14\ClientAccess\exchweb\ewsGo to the bottom of the file and locate the new smaller MRSProxy section and make the change shown:
So this worked for me , I could see free busy between onprem and an online tenant, and move mailboxes between onprem and office 365 even though the hybrid wizard had been failing.