Forum Discussion
MS Teams with Exchange On-Premises
AtanasM How is the on-premises Exchange Server published to the Internet? Is Windows Server 2016+ Application Proxy used, or another reverse proxy component?
In regard to the Exchange hybrid configuration, is AutoDiscover DNS used or does the Exchange hybrid configuration use a static TargetAutodiscoverEpr?
HelloAtanasM !
Tried enabling Group-Writeback?
Also make sure that OAuth is set up correct
https://docs.microsoft.com/en-us/exchange/configure-oauth-authentication-between-exchange-and-exchange-online-organizations-exchange-2013-help
KR
Oliwer Sjöberg
Hello oliwer_sundgren
I checked many times and Oauth is set up correctly.
Are you sure, that enabling Group-Writeback can solve the issue?
Thanks in advance.
HelloAtanasM !
If OAuth is set up correctly and your on-prem Exchange server(s) are published correctly towards the internet without special proxies or smarthosts. then Group writeback could be the issue here. It's worth a try 🙂
I've previously enabled Group-Writeback and got this to work.
Since you're in a hybrid, the local Exchange resources usualy needs a reference object in Active directory to route mail and work correctly.
Read this Docs article for referencehttps://docs.microsoft.com/en-us/exchange/hybrid-deployment/set-up-office-365-groups
Kind Regards
Oliwer sjöbergHello oliwer_sundgren
The groups write back is already activated.
However, this has no influence on the access to the calendar from Teams and it is still not visible.
The Teams client tries to connect to the local Exchange but gets a response error 400.
This happens both in the WebClient and via the installed Teams client (verified with Fiddler).ErrorCode: ErrorNonExistentMailbox, ErrorMessage: Mailbox doesn't exist; StatusCode 400
Please check the attachment.
Hello AtanasM !
I see, the error message is strengthening the theory that ThomasStensitzki-MVP Had regarding Autodiscover.
The error message says that "Error while fetching apointments from EWS" And that the mailbox was not found.
So there seems more likely that Autodiscover is the issue here.
Is it possible for you to share your Autodiscover and EWS Virtual Directories configurations with us?
Kind Regards
Oliwer
AtanasM How is the on-premises Exchange Server published to the Internet? Is Windows Server 2016+ Application Proxy used, or another reverse proxy component?
In regard to the Exchange hybrid configuration, is AutoDiscover DNS used or does the Exchange hybrid configuration use a static TargetAutodiscoverEpr?
ThomasStensitzki-MVP I added the local web service URLs as SPN in Azure AD and this solved the issue. For instructions, see the following link and section: “Add local web service URLs as SPNs in Azure AD”:
https://docs.microsoft.com/en-us/office365/enterprise/configure-exchange-server-for-hybrid-modern-authentication
ThomasStensitzki-MVP The local exchange is addressed via a load balancer (KEMP Loadmaster). Inquiries to EWS etc. are passed on.
The HCW has filled out the TargetAutodiscoverEpr automatically.
from EXO to on premises and from on premises to EXO.
However, I have only tried it with registered target sharing EPR, but this did not lead to success.
AtanasM I'd recommend the following steps for troubleshooting this further:
- Use Exchange RCA to verify that free/busy is working fine (https://testconnectivity.microsoft.com/Default.aspx?testId=freeBusy)
- (Re-)Check the OAuth configuration of Exchange Server (https://docs.microsoft.com/en-us/exchange/configure-oauth-authentication-between-exchange-and-exchange-online-organizations-exchange-2013-help)
If there are multiple Exchange Server in the DAG, ensure that the AutoD- and EWS-vDir configuration is consistent across all servers - Are there any authentication error (401) entries in the IIS front-end logs, as shown in this post (https://c7solutions.com/2014/08/exchange-online-freebusy-issues-with-oauth-authentication)
This is an older post, but still helpful - Did you check the Exchange Server's EWS and Availability Service (AS) logs?
