Exchange Hybrid Calendar Sharing Not Working

Copper Contributor

Hello All,


Kindly suggest me what I should do to solve calendar sharing issue for hybrid environment. My goal is to share calendar information with Limited Details. Our issue is that all O365 users can see the On-Premises users' calendar information, but the On-Premises users can't see the O365 users calendar information not even the free/busy. Our Default Sharing Policy is "Limited Details" for both Exchange Online and Exchange On-Premises.


  • We have same Sharing Policy between Exchange On-Premises and Exchange Online. 
  • We have already configured our on-premises domain for hybrid environment with Exchange Hybrid Configuration Wizard.
  • We have already enabled ACL for our environment



Set-OrganizationConfig -ACLableSyncedObjectEnabled $True 



  • We have already enabled ACL on the user's mailbox.



Get-AdUser "testexo" | Set-AdObject -Replace @{msExchRecipientDisplayType=-1073741818}<p>When I test the Organization Relationship with Exchange Management Shell, I got the error that the Application Uri is missing.<ul><li-code lang="powershell">Test-OrganizationRelationship -Identity "On-premises to O365" -useridentity  "email address removed for privacy reasons"

There is an error with the local federation configuration, error code is 'MisconfiguredFederationTrust' and error sub code is 'MissingApplicationUri'.
    + CategoryInfo          : InvalidOperation: (:) [Test-OrganizationRelationship], InvalidOperationException
    + FullyQualifiedErrorId : [Server=ServerName,RequestId=aaeeb937-fac7-4777-95d3-d5f8c022c843,TimeStamp=5/27/2024 9:01:18 AM] [FailureCategory=Cmdlet-InvalidOperationException] 66528795,Microsoft.Exchange.Management.Sharing.TestOrganizationRelationship
    + PSComputerName        : ServerName<p>When I test the Organization Relationship form the Exchange Online side, <ul><li-code lang="powershell">Test-OrganizationRelationship -Identity "O365ToOnPrem" -useridentity  "email address removed for privacy reasons"

Begin testing for organization relationship CN=O365ToOnPrem,CN=Federation,CN=Configuration,,CN=ConfigurationUnits,DC=APCPR01111,DC=PROD,DC=OUTLOOK,DC=COM, enabled state True.

Exchange D-Auth Federation Authentication STS Client Identities are urn:federation:MicrosoftOnline/;uri:WindowsLiveID/;

STEP 1: Validating user configuration

RESULT: Success.

STEP 2: Getting federation information from remote organization...
RESULT: Unable to retrieve federation information from remote organization.  Doing local testing only.

STEP 3: Requesting delegation token from the STS...
RESULT: Error.

LAST STEP: Writing results...

Identity    : 
Id          : FailureToGetDelegationToken
Status      : Error
Description : Failed to get delegation token: <S:Fault 
              xmlns:S=""><S:Code><S:Value>S:Sender</S:Value><S:Subcode><S:Value>wst:FailedAuthentication</S:Value></S:Subcode></S:Code><S:Reason><S:Text xml:lang="en-US">Authentication 
              xmlns:psf=""><psf:value>0x80048800</psf:value><psf:internalerror><psf:code>0x80048800</psf:code><psf:text>AADSTS901124: Application '' 
              does not exist.</psf:text></psf:internalerror></psf:error></S:Detail></S:Fault>
              Microsoft.Exchange.Net.WSTrust.SoapFaultException: Soap fault exception received.
                 at Microsoft.Exchange.Net.WSTrust.SoapClient.Invoke(IEnumerable`1 headers, XmlElement bodyContent)
                 at Microsoft.Exchange.Net.WSTrust.SecurityTokenService.IssueToken(DelegationTokenRequest request, XmlTextWriter debugStream)
                 at Microsoft.Exchange.Management.Sharing.TestOrganizationRelationship.GetDelegationToken().
IsValid     : True
ObjectState : New


WARNING: The federated domain 'onpremises.domaiin' of the user is in the local organizational relationship which normally only contains the domains of external organizations.<p>Thank you very much all of you for your positive supports in advance. I really appriciate it!</p>



0 Replies