I think this phenomenon doesn't related to hybrid. From this article, we can know that we could set the IISAuthenticationMethods to Negotiate for a non-hybrid Exchange server.
This phenomenon more related with the GPO that you used for your organization.
Did you try to test MAPI Over Http your Exchange server? I guess there doesn't issue with MAPI Over Http on the server side.
Test-OutlookConnectivity -RunFromServerId Exch -ProbeIdentity OutlookMapiHttpSelfTestProbe
If the application specifies Negotiate, Negotiate analyzes the request and picks the best SSP to handle the request based on configured security policy. The Negotiate isn't a real protocol, it is suggested enable Negotiate for your organization.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.