Hybrid Wizard Error: Unable to reserve domain "<FQDN>" for Application Identifier "<ID>".

%3CLINGO-SUB%20id%3D%22lingo-sub-98314%22%20slang%3D%22en-US%22%3EHybrid%20Wizard%20Error%3A%20Unable%20to%20reserve%20domain%20%22%3CFQDN%3E%22%20for%20Application%20Identifier%20%22%3CID%3E%22.%3C%2FID%3E%3CLINGO-BODY%20id%3D%22lingo-body-98314%22%20slang%3D%22en-US%22%3E%3CP%3EUsing%20the%20Exchange%20Hybrid%20Configuration%20Wizard%20the%20following%20error%20is%20recorded%20in%20the%20eventlog%20during%20the%20validation%20of%20the%20%22Domain%20Ownership%22%26nbsp%3Breporting%20status%20%22Adding%20Federated%20Domain...%22.%20The%20process%20hangs%20from%20that%20point.%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-center%22%20style%3D%22width%3A%20700px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F18898iD5B0CD8F8DE48E43%2Fimage-size%2Flarge%3Fv%3D1.0%26amp%3Bpx%3D999%22%20alt%3D%22WizardScreenshot.png%22%20title%3D%22WizardScreenshot.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3BThe%20%3CSPAN%3EExchange%20%3C%2FSPAN%3E%3CSPAN%3EHybrid%20Configuration%20Wizard%20%3C%2FSPAN%3Elogging%20has%20recorded%20the%20following%20error%3A%3C%2FP%3E%3CP%3E%26nbsp%3B%26nbsp%3B%3C%2FP%3E%3CP%3EPowerShell%20Error%20Record%3A%20%7BCategoryInfo%3D%7BActivity%3DSet-FederatedOrganizationIdentifier%2CCategory%3DInvalidResult%2CReason%3DUnableToReserveDomainException%2CTargetName%3D%2CTargetType%3D%7D%2CErrorDetails%3D%2CException%3DUnable%20to%20reserve%20domain%20%22FYDIBOHF25SPDLT.DedicatedISPOC.Desktopplatform.nl%22%20for%20Application%20Identifier%20%22000000004404D013%22.%26nbsp%3B%20Detailed%20information%3A%20%22A%20Windows%20Live%20ID%20error%20occurred.%20Detailed%20information%3A%20%22PassportError%3A%20Passport%20error.%22.%22.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EIn%20the%20Windows%20Eventlog%20the%20following%20error%20is%20recorded%3A%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ELog%20Name%3A%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20MSExchange%20Management%3CBR%20%2F%3ESource%3A%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20MSExchange%20CmdletLogs%3CBR%20%2F%3EDate%3A%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%2022-8-2017%2014%3A49%3A33%3CBR%20%2F%3EEvent%20ID%3A%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%206%3CBR%20%2F%3ETask%20Category%3A%20General%3CBR%20%2F%3ELevel%3A%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20Error%3CBR%20%2F%3EKeywords%3A%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20Classic%3CBR%20%2F%3EUser%3A%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20N%2FA%3CBR%20%2F%3EComputer%3A%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%3CSERVER%3E%3CBR%20%2F%3EDescription%3A%3CBR%20%2F%3ECmdlet%20failed.%20Cmdlet%20Set-FederatedOrganizationIdentifier%2C%20parameters%20-AccountNamespace%20%22%3CDOMAIN%3E%22%20-DelegationFederationTrust%20%22Microsoft%20Federation%20Gateway%22%20-Enabled%20%22True%22%20-DefaultDomain%20%24null.%3CBR%20%2F%3EEvent%20Xml%3A%3CBR%20%2F%3E%3CEVENT%20xmlns%3D%22%26quot%3B%26lt%3BA%22%20href%3D%22http%3A%2F%2Fschemas.microsoft.com%2Fwin%2F2004%2F08%2Fevents%2Fevent%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3E%3CA%20href%3D%22http%3A%2F%2Fschemas.microsoft.com%2Fwin%2F2004%2F08%2Fevents%2Fevent%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttp%3A%2F%2Fschemas.microsoft.com%2Fwin%2F2004%2F08%2Fevents%2Fevent%3C%2FA%3E%22%26gt%3B%3CBR%20%2F%3E%26nbsp%3B%20%3CSYSTEM%3E%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%3CPROVIDER%20name%3D%22%26quot%3BMSExchange%22%20cmdletlogs%3D%22%22%3E%3C%2FPROVIDER%3E%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%3CEVENTID%20qualifiers%3D%22%26quot%3B49152%26quot%3B%22%3E6%3C%2FEVENTID%3E%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%3CLEVEL%3E2%3C%2FLEVEL%3E%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%3CTASK%3E1%3C%2FTASK%3E%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%3CKEYWORDS%3E0x80000000000000%3C%2FKEYWORDS%3E%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%3CTIMECREATED%20systemtime%3D%22%26quot%3B2017-08-22T12%3A49%3A33.254214500Z%26quot%3B%22%3E%3C%2FTIMECREATED%3E%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%3CEVENTRECORDID%3E2553%3C%2FEVENTRECORDID%3E%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%3CCHANNEL%3EMSExchange%20Management%3C%2FCHANNEL%3E%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%3CCOMPUTER%3E%3CSERVER%3E%3C%2FSERVER%3E%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%3CSECURITY%3E%3C%2FSECURITY%3E%3CBR%20%2F%3E%26nbsp%3B%20%3C%2FCOMPUTER%3E%3CBR%20%2F%3E%26nbsp%3B%20%3CEVENTDATA%3E%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%3CDATA%3ESet-FederatedOrganizationIdentifier%3C%2FDATA%3E%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%3CDATA%3E-AccountNamespace%20%22%3CDOMAIN%3E%22%20-DelegationFederationTrust%20%22Microsoft%20Federation%20Gateway%22%20-Enabled%20%22True%22%20-DefaultDomain%20%24null%3C%2FDOMAIN%3E%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%3CDATA%3E%3CADDOMAIN%3E%2FAdministrators%2F%3CADMIN%3E%3C%2FADMIN%3E%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%3CDATA%3E%3CSID%3E%3C%2FSID%3E%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%3CDATA%3E%3CSID%3E%3C%2FSID%3E%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%3CDATA%3ERemote-PowerShell-Unknown%3C%2FDATA%3E%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%3CDATA%3E12040%20w3wp%23MSExchangePowerShellAppPool%3C%2FDATA%3E%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%3CDATA%3E%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%3C%2FDATA%3E%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%3CDATA%3E76%3C%2FDATA%3E%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%3CDATA%3E00%3A00%3A02.3317721%3C%2FDATA%3E%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%3CDATA%3EView%20Entire%20Forest%3A%20'False'%2C%20Default%20Scope%3A%20'%3CADDOMAIN%3E'%2C%20Configuration%20Domain%20Controller%3A%20'%3CDC%3E.%3CADDOMAIN%3E'%2C%20Preferred%20Global%20Catalog%3A%20'%3CDC%3E.%3CADDOMAIN%3E'%2C%20Preferred%20Domain%20Controllers%3A%20'%7B%20%3CDC%3E.%3CADDOMAIN%3E%20%7D'%3C%2FADDOMAIN%3E%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%3CDATA%3EMicrosoft.Exchange.Management.SystemConfigurationTasks.UnableToReserveDomainException%3A%20Unable%20to%20reserve%20domain%20%22%3CHOSTNAME%3E.%3CDOMAIN%3E%22%20for%20Application%20Identifier%20%22%3CID%3E%22.%26nbsp%3B%20Detailed%20information%3A%20%22A%20Windows%20Live%20ID%20error%20occurred.%20Detailed%20information%3A%20%22PassportError%3A%20Passport%20error.%22.%22.%20---%26amp%3Bgt%3B%20Microsoft.Exchange.Management.FederationProvisioning.LiveDomainServicesException%3A%20A%20Windows%20Live%20ID%20error%20occurred.%20Detailed%20information%3A%20%22PassportError%3A%20Passport%20error.%22.%20---%26amp%3Bgt%3B%20System.Web.Services.Protocols.SoapException%3A%20PassportError%3A%20Passport%20error.%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%20at%20System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage%20message%2C%20WebResponse%20response%2C%20Stream%20responseStream%2C%20Boolean%20asyncCall)%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%20at%20System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String%20methodName%2C%20Object%5B%5D%20parameters)%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%20at%20Microsoft.Exchange.Management.FederationProvisioning.ManageDelegationClient.ExecuteAndRetry(String%20description%2C%20WebMethodDelegate%20webMethod)%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%20at%20Microsoft.Exchange.Management.FederationProvisioning.ManageDelegationClient.ExecuteAndHandleError(String%20description%2C%20WebMethodDelegate%20webMethod)%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%20---%20End%20of%20inner%20exception%20stack%20trace%20---%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%20at%20Microsoft.Exchange.Management.FederationProvisioning.ManageDelegationClient.ExecuteAndHandleError(String%20description%2C%20WebMethodDelegate%20webMethod)%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%20at%20Microsoft.Exchange.Management.FederationProvisioning.ManageDelegation2Client.ReserveDomain(String%20applicationId%2C%20String%20domain%2C%20String%20programId)%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%20at%20Microsoft.Exchange.Management.SystemConfigurationTasks.LiveFederationProvision.ReserveDomain(String%20domain%2C%20String%20applicationIdentifier%2C%20ManageDelegationClient%20client%2C%20LocalizedString%20errorProofDomainOwnership%2C%20GetDomainStateDelegate%20getDomainState)%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%20---%20End%20of%20inner%20exception%20stack%20trace%20---%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%20at%20Microsoft.Exchange.Configuration.Tasks.Task.ThrowError(Exception%20exception%2C%20ErrorCategory%20errorCategory%2C%20Object%20target%2C%20String%20helpUrl)%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%20at%20Microsoft.Exchange.Configuration.Tasks.Task.WriteError(Exception%20exception%2C%20ErrorCategory%20category%2C%20Object%20target)%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%20at%20Microsoft.Exchange.Management.SystemConfigurationTasks.SetFederatedOrganizationIdentifier.ProvisionSTS()%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%20at%20Microsoft.Exchange.Management.SystemConfigurationTasks.SetFederatedOrganizationIdentifier.InternalProcessRecord()%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%20at%20Microsoft.Exchange.Configuration.Tasks.Task.%26amp%3Blt%3BProcessRecord%26amp%3Bgt%3Bb__b()%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%20at%20Microsoft.Exchange.Configuration.Tasks.Task.InvokeRetryableFunc(String%20funcName%2C%20Action%20func%2C%20Boolean%20terminatePipelineIfFailed)%3C%2FID%3E%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%3CDATA%3E8%3C%2FDATA%3E%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%3CDATA%3EMicrosoft.Exchange.Management.FederationProvisioning.LiveDomainServicesException%3A%20A%20Windows%20Live%20ID%20error%20occurred.%20Detailed%20information%3A%20%22PassportError%3A%20Passport%20error.%22.%20---%26amp%3Bgt%3B%20System.Web.Services.Protocols.SoapException%3A%20PassportError%3A%20Passport%20error.%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%20at%20System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage%20message%2C%20WebResponse%20response%2C%20Stream%20responseStream%2C%20Boolean%20asyncCall)%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%20at%20System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String%20methodName%2C%20Object%5B%5D%20parameters)%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%20at%20Microsoft.Exchange.Management.FederationProvisioning.ManageDelegationClient.ExecuteAndRetry(String%20description%2C%20WebMethodDelegate%20webMethod)%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%20at%20Microsoft.Exchange.Management.FederationProvisioning.ManageDelegationClient.ExecuteAndHandleError(String%20description%2C%20WebMethodDelegate%20webMethod)%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%20---%20End%20of%20inner%20exception%20stack%20trace%20---%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%20at%20Microsoft.Exchange.Management.FederationProvisioning.ManageDelegationClient.ExecuteAndHandleError(String%20description%2C%20WebMethodDelegate%20webMethod)%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%20at%20Microsoft.Exchange.Management.FederationProvisioning.ManageDelegation2Client.ReserveDomain(String%20applicationId%2C%20String%20domain%2C%20String%20programId)%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%20at%20Microsoft.Exchange.Management.SystemConfigurationTasks.LiveFederationProvision.ReserveDomain(String%20domain%2C%20String%20applicationIdentifier%2C%20ManageDelegationClient%20client%2C%20LocalizedString%20errorProofDomainOwnership%2C%20GetDomainStateDelegate%20getDomainState)%3C%2FDATA%3E%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%3CDATA%3EEx703205%3C%2FDATA%3E%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%3CDATA%3E%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%3C%2FDATA%3E%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%3CDATA%3E%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%3C%2FDATA%3E%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%3CDATA%3EFalse%3C%2FDATA%3E%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%3CDATA%3E%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%3C%2FDATA%3E%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%3CDATA%3E0%20objects%20execution%20has%20been%20proxied%20to%20remote%20server.%3C%2FDATA%3E%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%3CDATA%3E%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%3C%2FDATA%3E%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%3CDATA%3E%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%3C%2FDATA%3E%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%3CDATA%3E0%3C%2FDATA%3E%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%3CDATA%3EActivityId%3A%204654ba68-a13f-4bed-9d9b-e8710f7b97f4%3C%2FDATA%3E%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%3CDATA%3EServicePlan%3A%3BIsAdmin%3ATrue%3B%3C%2FDATA%3E%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%3CDATA%3E%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%3C%2FDATA%3E%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%20%3CDATA%3Een-US%3C%2FDATA%3E%3CBR%20%2F%3E%26nbsp%3B%20%3C%2FDOMAIN%3E%3CBR%20%2F%3E%3C%2FHOSTNAME%3E%3C%2FDATA%3E%3C%2FDC%3E%3C%2FADDOMAIN%3E%3C%2FDC%3E%3C%2FADDOMAIN%3E%3C%2FDC%3E%3C%2FADDOMAIN%3E%3C%2FDATA%3E%3C%2FDATA%3E%3C%2FDATA%3E%3C%2FADDOMAIN%3E%3C%2FDATA%3E%3C%2FDATA%3E%3C%2FEVENTDATA%3E%3C%2FSYSTEM%3E%3C%2FEVENT%3E%3C%2FDOMAIN%3E%3C%2FSERVER%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAnyone%20tips%20to%20solve%20this%20issue%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-98314%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EExchange%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EOffice%20365%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-124222%22%20slang%3D%22en-US%22%3ERe%3A%20Hybrid%20Wizard%20Error%3A%20Unable%20to%20reserve%20domain%20%22%3CFQDN%3E%22%20for%20Application%20Identifie%3C%2FFQDN%3E%3CLINGO-BODY%20id%3D%22lingo-body-124222%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20Brian%2C%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThanks%20for%20replying%20(and%20reminding%20me%20of%20the%20post%20%3B-)).%20It's%20solved%2C%20it%20had%20something%20to%20do%20with%20the%20timezone%20settings%20on%20both%20the%20Exchange%20server%20and%20the%20domaincontroller.%20Somehow%20the%20wizard%20breaks%20when%26nbsp%3Bit's%20not%20configured%20to%20GMT.%20I%20would%20expect%20it%26nbsp%3Bwould%20work%20independent%20of%20timezones%2C%20but%20it%20doesn't.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ERegards%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EMark%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-124217%22%20slang%3D%22en-US%22%3ERe%3A%20Hybrid%20Wizard%20Error%3A%20Unable%20to%20reserve%20domain%20%22%3CFQDN%3E%22%20for%20Application%20Identifie%3C%2FFQDN%3E%3CLINGO-BODY%20id%3D%22lingo-body-124217%22%20slang%3D%22en-US%22%3E%3CP%3EThree%20tips%20for%20you.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E1.%20Was%20the%20domain%20in%20question%20ever%20registered%20as%20a%20custom%20domain%20for%20LiveIDs%20back%20ten%20or%20so%20years%20ago%3F%20If%20so%20open%20a%20support%20call%20with%20Microsoft%20to%20get%20it%20removed%20from%20that%20system%3C%2FP%3E%3CP%3E2.%20Do%20you%20have%20full%20unfiltered%20access%20from%20the%20machine%20running%20the%20hybrid%20wizard%20to%20the%20internet%3F%20Make%20sure%20you%20allow%20all%20the%20URL%20and%20ports%20required%20by%20the%20hybrid%20wizard.%20The%20wizard%20checks%20the%20URL%20domains.live.com%20or%20something%20like%20that.%20I%20have%20see%20n%20customers%20decide%20that%20as%20it%E2%80%99s%20is%20live.com%20they%20remove%20it%20from%20the%20list%20of%20domains%20that%20are%20reachable%20from%20the%20LAN%2C%20except%20it%E2%80%99s%20not%20live.com%2C%20it%E2%80%99s%20domains.live.com%20(this%20FQDN%20is%20from%20memory%2C%20check%20the%20actual%20list%20from%20Microsoft)%3C%2FP%3E%3CP%3E3.%20Register%20the%20domain%20using%20Exchange%20directly%20on%20the%20organisation%20tab%20in%20EMS%20and%20not%20in%20the%20hybrid%20wizard.%20Once%20the%20domain%20is%20registered%20for%20federation%20the%20wizard%20will%20skip%20this%20step.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3C%2FLINGO-SUB%3E%3C%2FLINGO-SUB%3E%3C%2FFQDN%3E%3C%2FLINGO-SUB%3E
Highlighted
New Contributor

Using the Exchange Hybrid Configuration Wizard the following error is recorded in the eventlog during the validation of the "Domain Ownership" reporting status "Adding Federated Domain...". The process hangs from that point.

WizardScreenshot.png

 The Exchange Hybrid Configuration Wizard logging has recorded the following error:

  

PowerShell Error Record: {CategoryInfo={Activity=Set-FederatedOrganizationIdentifier,Category=InvalidResult,Reason=UnableToReserveDomainException,TargetName=,TargetType=},ErrorDetails=,Exception=Unable to reserve domain "FYDIBOHF25SPDLT.DedicatedISPOC.Desktopplatform.nl" for Application Identifier "000000004404D013".  Detailed information: "A Windows Live ID error occurred. Detailed information: "PassportError: Passport error.".".

 

In the Windows Eventlog the following error is recorded:

 

Log Name:      MSExchange Management
Source:        MSExchange CmdletLogs
Date:          22-8-2017 14:49:33
Event ID:      6
Task Category: General
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      <Server>
Description:
Cmdlet failed. Cmdlet Set-FederatedOrganizationIdentifier, parameters -AccountNamespace "<Domain>" -DelegationFederationTrust "Microsoft Federation Gateway" -Enabled "True" -DefaultDomain $null.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="MSExchange CmdletLogs" />
    <EventID Qualifiers="49152">6</EventID>
    <Level>2</Level>
    <Task>1</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2017-08-22T12:49:33.254214500Z" />
    <EventRecordID>2553</EventRecordID>
    <Channel>MSExchange Management</Channel>
    <Computer><Server></Computer>
    <Security />
  </System>
  <EventData>
    <Data>Set-FederatedOrganizationIdentifier</Data>
    <Data>-AccountNamespace "<Domain>" -DelegationFederationTrust "Microsoft Federation Gateway" -Enabled "True" -DefaultDomain $null</Data>
    <Data><ADDomain>/Administrators/<admin></Data>
    <Data><SID></Data>
    <Data><SID></Data>
    <Data>Remote-PowerShell-Unknown</Data>
    <Data>12040 w3wp#MSExchangePowerShellAppPool</Data>
    <Data>
    </Data>
    <Data>76</Data>
    <Data>00:00:02.3317721</Data>
    <Data>View Entire Forest: 'False', Default Scope: '<ADDomain>', Configuration Domain Controller: '<DC>.<ADDomain>', Preferred Global Catalog: '<DC>.<ADDomain>', Preferred Domain Controllers: '{ <DC>.<ADDomain> }'</Data>
    <Data>Microsoft.Exchange.Management.SystemConfigurationTasks.UnableToReserveDomainException: Unable to reserve domain "<Hostname>.<Domain>" for Application Identifier "<ID>".  Detailed information: "A Windows Live ID error occurred. Detailed information: "PassportError: Passport error.".". ---&gt; Microsoft.Exchange.Management.FederationProvisioning.LiveDomainServicesException: A Windows Live ID error occurred. Detailed information: "PassportError: Passport error.". ---&gt; System.Web.Services.Protocols.SoapException: PassportError: Passport error.
   at System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response, Stream responseStream, Boolean asyncCall)
   at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
   at Microsoft.Exchange.Management.FederationProvisioning.ManageDelegationClient.ExecuteAndRetry(String description, WebMethodDelegate webMethod)
   at Microsoft.Exchange.Management.FederationProvisioning.ManageDelegationClient.ExecuteAndHandleError(String description, WebMethodDelegate webMethod)
   --- End of inner exception stack trace ---
   at Microsoft.Exchange.Management.FederationProvisioning.ManageDelegationClient.ExecuteAndHandleError(String description, WebMethodDelegate webMethod)
   at Microsoft.Exchange.Management.FederationProvisioning.ManageDelegation2Client.ReserveDomain(String applicationId, String domain, String programId)
   at Microsoft.Exchange.Management.SystemConfigurationTasks.LiveFederationProvision.ReserveDomain(String domain, String applicationIdentifier, ManageDelegationClient client, LocalizedString errorProofDomainOwnership, GetDomainStateDelegate getDomainState)
   --- End of inner exception stack trace ---
   at Microsoft.Exchange.Configuration.Tasks.Task.ThrowError(Exception exception, ErrorCategory errorCategory, Object target, String helpUrl)
   at Microsoft.Exchange.Configuration.Tasks.Task.WriteError(Exception exception, ErrorCategory category, Object target)
   at Microsoft.Exchange.Management.SystemConfigurationTasks.SetFederatedOrganizationIdentifier.ProvisionSTS()
   at Microsoft.Exchange.Management.SystemConfigurationTasks.SetFederatedOrganizationIdentifier.InternalProcessRecord()
   at Microsoft.Exchange.Configuration.Tasks.Task.&lt;ProcessRecord&gt;b__b()
   at Microsoft.Exchange.Configuration.Tasks.Task.InvokeRetryableFunc(String funcName, Action func, Boolean terminatePipelineIfFailed)</Data>
    <Data>8</Data>
    <Data>Microsoft.Exchange.Management.FederationProvisioning.LiveDomainServicesException: A Windows Live ID error occurred. Detailed information: "PassportError: Passport error.". ---&gt; System.Web.Services.Protocols.SoapException: PassportError: Passport error.
   at System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response, Stream responseStream, Boolean asyncCall)
   at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
   at Microsoft.Exchange.Management.FederationProvisioning.ManageDelegationClient.ExecuteAndRetry(String description, WebMethodDelegate webMethod)
   at Microsoft.Exchange.Management.FederationProvisioning.ManageDelegationClient.ExecuteAndHandleError(String description, WebMethodDelegate webMethod)
   --- End of inner exception stack trace ---
   at Microsoft.Exchange.Management.FederationProvisioning.ManageDelegationClient.ExecuteAndHandleError(String description, WebMethodDelegate webMethod)
   at Microsoft.Exchange.Management.FederationProvisioning.ManageDelegation2Client.ReserveDomain(String applicationId, String domain, String programId)
   at Microsoft.Exchange.Management.SystemConfigurationTasks.LiveFederationProvision.ReserveDomain(String domain, String applicationIdentifier, ManageDelegationClient client, LocalizedString errorProofDomainOwnership, GetDomainStateDelegate getDomainState)</Data>
    <Data>Ex703205</Data>
    <Data>
    </Data>
    <Data>
    </Data>
    <Data>False</Data>
    <Data>
    </Data>
    <Data>0 objects execution has been proxied to remote server.</Data>
    <Data>
    </Data>
    <Data>
    </Data>
    <Data>0</Data>
    <Data>ActivityId: 4654ba68-a13f-4bed-9d9b-e8710f7b97f4</Data>
    <Data>ServicePlan:;IsAdmin:True;</Data>
    <Data>
    </Data>
    <Data>en-US</Data>
  </EventData>
</Event>

 

 

 

Anyone tips to solve this issue?

2 Replies
Highlighted

Three tips for you.

 

1. Was the domain in question ever registered as a custom domain for LiveIDs back ten or so years ago? If so open a support call with Microsoft to get it removed from that system

2. Do you have full unfiltered access from the machine running the hybrid wizard to the internet? Make sure you allow all the URL and ports required by the hybrid wizard. The wizard checks the URL domains.live.com or something like that. I have see n customers decide that as it’s is live.com they remove it from the list of domains that are reachable from the LAN, except it’s not live.com, it’s domains.live.com (this FQDN is from memory, check the actual list from Microsoft)

3. Register the domain using Exchange directly on the organisation tab in EMS and not in the hybrid wizard. Once the domain is registered for federation the wizard will skip this step.

Highlighted

Hi Brian, 

 

Thanks for replying (and reminding me of the post ;-)). It's solved, it had something to do with the timezone settings on both the Exchange server and the domaincontroller. Somehow the wizard breaks when it's not configured to GMT. I would expect it would work independent of timezones, but it doesn't.

 

Regards,

 

Mark