We wanted to post a quick reminder that on September 16 2025, we will enforce the first temporary block of shared security principal use for our hybrid customers, as per our announcement Dedicated Hybrid App: temporary enforcements, new HCW and possible hybrid functionality disruptions.
Your organization might be impacted if:
- You have both on-premises and Exchange Online user mailboxes
- You have not updated all Exchange Servers on-premises to April 2025 HU (or newer)
- You have not created and enabled the use of the dedicated Exchange hybrid app
If all the above is true, the following will be disrupted during the temporary enforcement:
- Users with Exchange on-premises mailboxes might not be able to see free/busy information, MailTips or profile picture sharing with Exchange Online users.
Other hybrid functionality (migrations, management, mail flow etc.) will not be impacted.
When exactly will this enforcement happen?
- Temporary disruption duration: 48 hours
- Starting time: Sep 16th, 2025, 7 AM GMT
- End time: Sep 18th, 2025, 7 AM GMT
- Impacted cloud environments: WW, 21Vianet
How can organizations avoid the disruption?
Please see Exchange Server Security Changes for Hybrid Deployments for information on how to create and enable the dedicated Exchange hybrid app in your tenant. Please note that after September 16 temporary disruption, there will also be another one on October 7, before the final deprecation of use of shared service principal using EWS protocol, at the end of October 2025.
The Exchange Team
