And immediately, you notice that free/busy query from Exchange Online to On Premises have started to fail again.
If you have already fixed it from my previous post, why is this happening again?
Firstly, run the following command from Exchange Online PowerShell:
Test-OrganizationRelationship -UserIdentity onPremiseMailbox@company.com -Identity “O365 to On-premises 6633cadc-0124-4111-2a22-e51f8853d1c5” -Verbose
Note that it will fail at STEP 4:
STEP 4: Getting organization relationship settings from remote partner...
RESULT: Unable to retrieve organization relationships from remote organization.
RESULT: Error.
But if you look back at STEP 3 - you will notice that the target URL is probably showing the new domain that you just added:
STEP 3: Requesting delegation token from the STS...
RESULT: Success.
Retrieved token for target https://autodiscover.newcompany.com/autodiscover/autodiscover.svc/WSSecurity for offer Name=MSExchange
.Autodiscover,Duration=28800(secs)
So what's the problem here? Most likely, this is used as a secondary email address and you haven't bothered to configure autodiscover for it.
To confirm this, run the following command from Exchange Online PowerShell:
Get-OrganizationRelationship | FL
Check out the "TargetAutodiscoverEpr" field, it is probably pointing to https://autodiscover.newcompany.com/autodiscover/autodiscover.svc/WSSecurity, instead of https://autodiscover.company.com/autodiscover/autodiscover.svc/WSSecurity
To solve the problem, either configure autodiscover for that domain (add it in public DNS, and update your TMG rules + add the SAN into your certificate), or just repoint it back to the correct autodiscover URL.
This can be done by executing the following command from Exchange Online PowerShell:
Get-OrganizationRelationship | Set-OrganizationRelationship -TargetAutodiscoverEpr https://autodiscover.company.com/autodiscover/autodiscover.svc/WSSecurity
No comments:
Post a Comment