Office 365 Insight into the Hybrid Configuration Wizard

In this post I want to cover the Hybrid Configuration process - specifically detail on the Configure Legacy Exchange Support step.

The Hybrid Configuration Wizard has 6 tasks that it executes:

  1. Global Prerequisites task – prerequisite check see below.
  2. Legacy Exchange Support Task – Legacy Exchange requirements.
  3. Recipient Configuration Task – Accepted domains and email address policy changes.
  4. Organization Relationship Task – Federation configuration. (covered here)
  5. On Off Settings Task – Organization Relationship config like Availability Address Space, Free Busy Access, TargetOWAURL etc.
  6. Hybrid mail flow task – Creates send and receive connectors for Hybrid mail flow.

Lets cover the first two tasks where most of the problems usually occur (from what I’ve seen in the field).

Global prerequisites task – this task does the following checks:

  1. Checks the accepted domains to determine if a hybrid domain exists. This enumerates and loops through all your accepted domains so please don’t use * as an accepted domain on your Exchange Organization (yes I’ve encountered this) – this breaks the Hybrid Configuration Wizard and it crashes the EMC.
  2. Checks if the current server has the CAS Role installed and checks your Autodiscover URLs on the ExternalURL - so ensure the hybrid namespace and Autodiscover URLs are set correctly as this is used later in the configuration during Organization Relationship configuration.
  3. Checks the validity of the certificate for the current Client Access Server.
    1. Check if the certificate is a self-signed certificate.
    2. Check if the certificate is trusted on the CAS role.
    3. Check if the date on the certificate is valid.

Legacy Exchange Support task – This task covers legacy Public Folder configuration to allow Free/Busy lookup where Public Folder Databases exist in an organization. It can cause some major headaches if your Public Folder infrastructure is not healthy and the way it looks up Exchange servers in the organization.

Herewith the logic of this task:

  1. Checks if Legacy Exchange Support is required – this is done as follows:
    1. Populates list with Get-ExchangeServer
    2. Loops through each server and checks if server is Exchange 2010 or higher.
    3. Runs Get-PublicFolderDatabase against each server.
    4. If the above returns any results the code will continue and kick off the rest of the Public Folder configuration in the next steps.
    5. If Get-PublicFolder –identity ‘\NON_IPM_SUBTREE\SCHEDULE+ FREE BUSY’ –server <server> -recurse cmdlet returns any results the code will go to the next step.
    6. Loops through each Public Folder and checks if “OU=EXTERNAL (FYDIBOHF25SPDLT)” exists.
    7. If step e returns null objects the code kicks off the Install-FreeBusyFolder cmdlet to create the OU=EXTERNAL (FYDIBOHF25SPDLT) folder in Public Folder hierarchy.

I want to pause here for a moment and just highlight that the code executes Get-ExchangeServer and loops through each server. The impact of this is that your first Exchange 2010 server in the Get-ExchangeServer results will be the oldest Exchange 2010 server in your organization. Your brandspanking new Exchange 2010 Hybrid servers will be the last servers on this list. So be aware that if you have any firewalls between any of your Exchange Servers we need clear traffic between the Hybrid Servers and all the Exchange 2010 mailbox servers hosting Public Folders in that list – otherwise you might get the ‘Subtask ValidateConfiguration execution failed: Configure Legacy Exchange Support’ error. If the Hybrid Servers are your only Exchange 2010 Servers you need the Mailbox Role and Public Folder databases replicated to them for the above to work (see below).

It’s also important that your Public Folder infrastructure replication is working and healthy – otherwise you might experience problems with the Intall-FreeBusyFolder cmdlet.

The Mailbox role is a requirement on the Hybrid server in the event that you have Public Folders in the organization for Exchange 2003 mailboxes.

You will need to create a Public Folder database on the hybrid servers and ensure (force) that the hierarchy - \NON_IPM_SUBTREE folders and subfolders are replicated to this database by using AddReplicaToPFRecursive.ps1 script

  • .\AddReplicaToPFRecursive.ps1 –Server OLD2007 –TopPublicFolder \ –ServerToAdd NEW2010
  • .\AddReplicaToPFRecursive.ps1 –Server OLD2007 –TopPublicFolder \NON_IPM_SUBTREE –ServerToAdd NEW2010
  • .\AddReplicaToPFRecursive.ps1 –Server OLD2007 –TopPublicFolder \NON_IPM_SUBTREE\ SCHEDULE+ FREE BUSY’ –ServerToAdd NEW2010 

Why?

  • Well, when Exchange 2003 mailbox requests availability for a user in Office 365 the mailbox query will be a free/busy query to the Public Folders.
  • The remote-mailuser object will contain a LegacyExchangeDN attribute with the “External” public folder and because the Exchange 2010 Hybrid Servers are the only servers that contain the replica a referral will be sent to the client to use the Exchange 2010 Public Folder. If there are other Exchange 2010 servers in the organization it won’t really matter where the “External” replica is located, but you'd want the replica on all your Exchange 2010 mailbox servers (NOT any Exchange 2003 servers) hosting Public Folders to decrease traffic where you can (multiple lookups to Public Folder F/B in a 15 minute period for the same user will utilize the cache) . 
  • When the client initiates the query to the Exchange 2010 Public Folder the RPC Client Access Service will jump in and catch the query and then route it to the Availability service which will then notice that it’s for a remote organization and sends it to Availability service of Exchange Online.
  • When Exchange Online sends the traffic back to the Hybrid namespace the Hybrid server RPC Client Access Service will change the request to a Public Folder F/B response and send it to the Outlook client.

The above isn't very detailed, but to understand the actual process and why the legacy step is so important in Exchange 2003 environments check out this great article from the Exchange Team.

https://blogs.technet.com/b/exchange/archive/2011/06/28/cross-org-availability-using-federation-trust-and-organization-relationship.aspx#scenario3

Some more information on Hybrid Servers with Public Folders - https://technet.microsoft.com/en-us/library/hh757251(v=exchg.141).aspx

Remember to size your storage correctly for the Hybrid Servers if they will be hosting Public Folder Databases and the usual Public Folder guidance applies - https://technet.microsoft.com/en-us/library/bb629523(v=exchg.141).aspx

Hopefully the above can help with your troubleshooting steps if you receive the dreaded ‘Subtask ValidateConfiguration execution failed: Configure Legacy Exchange Support’ error during your Hybrid Configuration.

PS: And remember if your organization contains Exchange 2003 users, you must manually populate the TargetSharingEPR property (ex: https://hybrid.contoso.com/ews/exchange.asmx) on the Organization Relationship on the Exchange Online side :-)

UPDATE: The Exchange Team released the The Hybrid Free Busy Troubleshooter which is an awesome tool to help with Free/Busy issues - https://aka.ms/hybridfreebusy

Until next time,

Michael