One of my customers ran the hybrid configuration wizard with success, but their users are unable to use the hybrid sites functionality: whenever they follow a site, they get a 401 error in the logs:
FollowedContent.FollowItem:Exception:System.Net.WebException: The remote server returned an error: (401) Unauthorized.
All users have SharePoint Online licenses assigned to them in Office 365 and identity synchronization has been configured. In the on-premises farm the trust has been configured as the ACS service application proxy, the SPTrustedSecurityIssuer and the matching root authority certificates are all in place.
They also activated hybrid OneDrive and Profiles, and that seems to work - although that's just a redirect of course and not a CSOM call...
They are using SharePoint Server 2013 with the October 2017 cumulative update.
Any ideas?
