This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(150.4, 98%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ER%3C/text%3E%3C/svg%3E)
Free Busy not working from O365 to on-premises (one way). Can anyone help with suggestions or have experienced such issue? Autodiscover failed for email address User.xyz@jaswant .com with error System.Net.WebException: The request failed with HTTP status 401: Unauthorized.\r\n at System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response, Stream responseStream, Boolean asyncCall)\r\n at System.Web.Services.Protocols.SoapHttpClientProtocol.EndInvoke(IAsyncResult asyncResult)\r\n at Microsoft.Exchange.SoapWebClient.AutoDiscover.DefaultBinding_Autodiscover.EndGetUserSet…cover.DefaultBinding_Autodiscover.EndGetUserSettings(IAsyncResult asyncResult)\r\n at Microsoft.Exchange.InfoWorker.Common.Availability.SoapAutoDiscoverRequest.[]c__DisplayClass48_0.[EndInvoke]b__0()\r\n at Microsoft.Exchange.InfoWorker.Common.Availability.SoapAutoDiscoverRequest.ExecuteAndHandleException(ExecuteAndHandleExceptionDelegate operation), diagnostics: *2000003;reason=\"The hostname component of the audience claim value 'https://mail.abc.com' is invalid*";error_category=\"invalid_resource\"", ResponseCode: "ErrorAutoDiscoverFailed", …
Walk through the troubleshooting steps:
https://learn.microsoft.com/en-us/exchange/troubleshoot/calendars/troubleshoot-freebusy-issues-in-exchange-hybrid
Thanks Andy! I have tried all the recommendations available on Internet but nothing helped. Now Microsoft has started using OAuth instead of using Organization Relationship (DAuth) which made the things a bit more complex.
Do you know the meaning of the error below and the way to fix it:
The hostname component of the audience claim value* 'https://mail.abc.com' is invalidstrong text
Thanks!
That tells me your endpoint / autodiscover URL is set incorrectly.
or is being changed or using SSL offloading?
See:
Thanks Andy for the directions. I looked at the Autodiscover and found that SSL was disabled in the IIS. Autodiscover was working fine without any issues when browsing the Autodiscover/Autodiscover.svc URL from outside with SSL Required checkbox disabled in IIS.
When I enable the "Require SSL" checkbox in IIS for Autodiscover and EWS then it does not let me browse the EWS and Autodiscover URL from outside. In logs it throws the error: 403: Forbidden
Inside it does work. I tried resetting the EWS and Autodiscover Virtual directory with NO success. My believe is that Free busy will work when we enable the "SSL required" checkbox.
I will check with Firewall team as my next step to make sure there is no SSL inspection enabled for the Exchange traffic.
Please let me know if you have experienced such issues in the past.
Issue Resolved. I had to disable OAuth in Office 365 by running the following PowerShell in Exchange Online:
Get-IntraOrganizationConnector| Set-IntraOrganizationConnector -Enabled $false
Confirmed that TargetApplicationUri, TargetSharingEpr, TargetAutodiscoverEpr are configured in Exchange Online.
Get-OrganizationRelationship | Set-OrganizationRelationship -TargetSharingEpr https://mail.abc.com/ews/exchange.asmx -TargetAutodiscoverEpr https://autodiscover.abc.com/autodiscover/autodiscover.svc/WSSecurity
Enabled the Federation Trust in Exchange On-premises as it was not enabled by hybrid wizard (Exchange Admin center > Organization)
Added the abc.com in Exchange On-premises "Organization Sharing".
wait 5 mins and Free Busy started working both ways.
OAuth sucks..
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(252.8, 22%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELL%3C/text%3E%3C/svg%3E)
Hi @PriyavertSharma-0904 ,
It’s glad to know that the issue has been resolved.
If possible, you could mark your solution as an answer in your free time, which will help more community members who encounter the same problem.
Thanks for your understanding.
----------
If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(51.2, 97%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJ%3C/text%3E%3C/svg%3E)
I have the same issue.
I noticed on my onprem TargetSharingEpr is empty. Is this normal ?
The TargetApplicationUri and TargetAutodiscoverEpr are populated.
Both of my SSL settings in IIS are enabled.
Hi @Jimmy ,
Please try to run the following command to set the "TargetSharingEpr" parameter.
Get-OrganizationRelationship | Set-OrganizationRelationship -TargetSharingEpr <Office 365 EWS endpoint>
----------
If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Setting the TargetSharingEpr didn't change anything.
Hi @Jimmy ,
Based on my knowledge, the "TargetSharingEpr" ideally this is blank.
Please try to run the following command to set it again:
Get-OrganizationRelationship | Set-OrganizationRelationship -TargetSharingEpr <Office 365 EWS endpoint>
----------
If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Hi @PriyavertSharma-0904 ,
I agree with what Andy said.
Are there any errors after you deploy the hybrid environment?
Please run the following command to verify that the OAuth configuration is correct:
Test-OAuthConnectivity -Service EWS -TargetUri https://outlook.office365.com/ews/exchange.asmx -Mailbox <On-Premises Mailbox> -Verbose | Format-List
Please run the following command to check the url and AuthenticationMethods of EWS’s virtual directory.
Get-WebServicesVirtualDirectory | fl *auth*,*url*
According to my inspection in the laboratory environment, by default, "Autodiscvoer" and "EWS" have both checked "Require SSL".
Looking forward to your feedback.
----------
If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.