Forum Discussion
Calendar button missing - On Prem 2016 Exchange
I had exactly the same issue as you and have solved it by following OAUTH manual setup to the letter via this doc https://docs.microsoft.com/en-us/exchange/configure-oauth-authentication-between-exchange-and-exchange-online-organizations-exchange-2013-help?redirectedfrom=MSDN
Get-IntraOrganizationConnector |fl Name,TargetAddressDomains,DiscoveryEndpoint,Enabled
brought no errors but no data. I had previously ran HCW and this completed with no errors (I assumed the hybrid process was fully complete). Exchange 2016 on premises, premium office 365 with licenses applied for exchange online plan. No mailboxes have been migrated, all are on premises. On premises existing Mail contacts and groups WERE visible in exchange online admin. AD Azure connect was already run with optional hybrid exchange enabled. Calendar button did not appear in teams. Teams worked otherwise.
So I ran the manual configuration of OAUTH from that link and calendar button started to appear after 30 mins. Again, these are ALL on premises mailboxes, we have not migrated any mailboxes yet.
One caveat, at the end of the process you need to create an AD object - this object had already been created so it looked like HCW had at least tried to make the OAUTH link but hadnt fully completed it.
you must have an Oauth configuration for the calendar to appear. To do this either enable a Full Hybrid solution which will configure Oauth for you, or exchange minimal hybrid +
https://docs.microsoft.com/en-us/exchange/configure-oauth-authentication-between-exchange-and-exchange-online-organizations-exchange-2013-help
David Bargna please allow me to add my 2 cents.
You don't really need Exchange full or minimal to get the calendar button in Microsoft Teams.
It is enough if you have
- Azure AD Connect, active Exchange Hybrid under sync options
- Autodiscover entry in Public DNS and Exchange Server accessible from MS Teams IP addresses
- OAUTH configured as described in the following article, steps 1-5 should be enough
- https://docs.microsoft.com/exchange/configure-oauth-authentication-between-exchange-and-exchange-online-organizations-exchange-2013-help
Please let me know if your issue is solved and mark also the reply that helped you as correct.
Thank you
Spikar
- Hello Sir,
Any idea why I'm getting this error when I try to export auth cert from step 3?
You cannot call a method on a null-valued expression.
At C:\ExportAuthCert.ps1:9 char:1
+ $certBytes = $oAuthCert.Export($certType)
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (:) [], RuntimeException
+ FullyQualifiedErrorId : InvokeMethodOnNull
Exception calling "WriteAllBytes" with "2" argument(s): "Value cannot be null.
Parameter name: bytes"
At C:\ExportAuthCert.ps1:11 char:1
+ [System.IO.File]::WriteAllBytes($CertFile, $certBytes)
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [], MethodInvocationException
+ FullyQualifiedErrorId : ArgumentNullException - Hi there I have same issue calendar button is visible from teams but it could not load the calendar.
I have mixed environment with 2010 and 2016 configured OAuth manually. What do you suggest here ?- Tushar Pathak
Microsoft
Shadab1991 Please ensure all mailboxes are on Exchange 2016 CU3+. Calendar will not load for mailboxes on 2010. Additionally, check if EwsApplicationAccessPolicy is set to enforce in Get-Casmailbox or Get-organizationConfig. If yes add Teams/* and MicrosoftNinja/* UAs in EWSAllowList.
Spiros Karampinis
I seem to have this working in our setup with Exchange Hybrid and OAuth - Users can see the on-prem calendar in Teams.We have 4 other domains in our setup and those users cannot see the calendar. Is there additional config required to enabled users with different domains to see the calendar. They all have mailboxes on the same Exch Server.
Thanks
rvt20s glad that the solution worked.
Regarding the additional domains yes further steps are necessary.To open your calendar in MS Teams, MS Teams backend services will run an autodiscover process for the domain fo the user. If you have configured everything only for your main domain, step 5 should be repeated for the additional domains. Keep in mind that you also need an autodiscover.DOMAIN.com entry in your Public DNS that points to your Exchange server. If your Exchange server doesn't include the other domains in the certificate with the entry autodiscover.DOMAIN.com then you should create SRV records for each domain and remove the A record that points to autodiscover. With SRV record you will redirect the connection to your public domain that is included in the certificate of the exchange server without issue.
Please let me know if everything worked as excepted.Kind regards
Spikar
Spiros Karampinis - Thank you very much! Working now since adding the dns SRV records (due to mismatch on domain name)
- Wow, I have the same symptoms too.
(Exchange 2016 hybrid - default domain works fine with mailboxes on prem and can see calendar in teams but other domains don't work unless mailbox is o365)
Thanks for any thoughts!kcmoun we didn't want to investigate this any further, so we started migrating on-prem users to the cloud, and the teams calendar icon appears within a few hours.
But, I'm pretty sure that if you follow the guide on OAuth, you will get it working without moving the users, but keep in mind that it can take up to a day before you see any changes in teams
Nice it works well - only one small thing is missing - adding the channel to a meeting will give an error since the mail boxes for the "channel team" has not been recognized by Exchange as a valid mail-address.
Rest is so far I can see now working well - Thank you Spiros
PS: I am a user - so got our IT-guys to follow your instruction - they first replied that there was an error in the set-up from MS
- Tushar Pathak
holmj Can you check if the group's email address has a special character in it? Get-UnifiedGroup -Identity "Group name" cmdlet will show email address of the group.
If there is then it needs to changed to something that does not contain special character for channel meeting scheduling to work.Tushar Pathak Hi Tushar,
here is an example of the e-mail adress (auto-generated from Teams)
General - sales <b576444f.xxxxx.xx@emea.teams.ms> (I have left out company name in first block and put in some x instead - otherwise it is identical with the channel email-adress.
Meeting is added nicely in channel
Invitation is sent to all in the channel with "team" as organizer -
only the "accept" on meeting give an error since the reply goes to Team adress - mentioned above and this is not present in On Prem 2016 Exchange
Work Around could be "edit before reply - delete group adress and insert organizer e-mail insted"
Understand that alternative would be to go "on Line" or make a real Hybrid with both On prem and On line - which we do not want to do right now at least.
Have a nice day out there
holmj
I agree Spiros. I am configuring this for my organization as well and have been looking into this.
For those interested https://docs.microsoft.com/en-us/microsoftteams/exchange-teams-interact explains what is required. While the article writes OAuth must be configured "preferably via the Hybrid Configuration wizard" it doesn't say it is required.
I have this requirement too. I don't want any Exchange online functionality and want to retain my on-premise Exchange for now. Can I enable the Exchange hybrid deployment in Azure AD connect without worrying about breaking anything to do with my on-premise email?
Enabling Exchange Hybrid in Azure AD Connect should not break anything. However, please review this link for the list of attributes that could be edited on the on premises AD objects.
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/reference-connect-sync-attributes-synchronized#exchange-hybrid-writeback
Also, please view this thread: https://techcommunity.microsoft.com/t5/exchange/azure-ad-connect-and-quot-exchange-hybrid-deployment-quot-write/m-p/294190
