Hi. Thank you for your question and reaching out. I’d be more than happy to help you with your query.
The MS Hybrid Configuration Wizard is a tool used to configure a hybrid deployment between on-premises Exchange and Exchange Online. If the hybrid configuration is stuck on a 401 error when extended protection is active, it could be due to a few different issues:
- Authentication Method: Ensure that the correct authentication method is being used for the hybrid connection. Extended protection is typically used with NTLM or Kerberos authentication.
- Service Principal Names (SPN): Verify that the appropriate SPNs are registered for the Exchange servers involved in the hybrid deployment.
- Certificate Trust: Ensure that the certificate used for the hybrid connection is trusted by both the on-premises and Exchange Online environments.
- Firewall Configuration: Make sure that the firewall is configured to allow communication between the on-premises Exchange and Exchange Online environments.
- Network Load Balancer Configuration: If a load balancer is being used, ensure that it is properly configured to support the hybrid connection.
- User Account Control (UAC): If UAC is enabled, run the Hybrid Configuration Wizard as an administrator.
If these steps do not resolve the issue, you may need to consult the event logs or perform further troubleshooting to determine the root cause of the 401 error.
If the reply was helpful, please don’t forget to upvote or accept as answer, thank you.