Error: "Unable to access the federation Metadata document..." after running Set-Federationtrust

Tanisorn Sowudomsilp 231 Reputation points
2023-07-13T09:06:59.3433333+00:00

Hi All,

My customer has the Exchange 2016 hybrid servers coexist with Exchange 2010 servers.

I renewed the Exchange Server OAuth certificate in two weeks ago, but I have not run the Exchange Hybrid Wizard.

Next, I found the Microsoft Delegation Federation certificate will expire in the next week.

So, I have created new Microsoft Delegation Federation certificate, then I found the error message when run the command below,

Set-FederationTrust -Identity "Microsoft Federation Gateway" -Thumbprint <thumprint> -RefreshMetaData

the error message says "Unable to access the federation Metadata document from the federation partner. Detailed information: "The remote server returned an error (426) Upgrade Required."..."

User's image

Please suggest me the solution to resolve the problem.

Thank you very much,

Tanisorn

Microsoft Exchange Online
Microsoft Exchange Online Management
Microsoft Exchange Online Management
Microsoft Exchange Online: A Microsoft email and calendaring hosted service.Management: The act or process of organizing, handling, directing or controlling something.
4,037 questions
Exchange Server Management
Exchange Server Management
Exchange Server: A family of Microsoft client/server messaging and collaboration software.Management: The act or process of organizing, handling, directing or controlling something.
7,201 questions
Microsoft Exchange Hybrid Management
Microsoft Exchange Hybrid Management
Microsoft Exchange: Microsoft messaging and collaboration software.Hybrid Management: Organizing, handling, directing or controlling hybrid deployments.
1,775 questions
Excel Management
Excel Management
Excel: A family of Microsoft spreadsheet software with tools for analyzing, charting, and communicating data.Management: The act or process of organizing, handling, directing or controlling something.
1,610 questions
{count} vote

2 answers

Sort by: Most helpful
  1. Jarvis Sun-MSFT 10,091 Reputation points Microsoft Vendor
    2023-07-14T05:22:14.02+00:00

    Hi @Tanisorn Sowudomsilp

    As per as research, you can try to run PowerShell as Administrator to update the FederationTrust with cmdlet:

    Update-AdfsRelyingPartyTrust -TargetName "trustname" -Metadatafile FederationMetadata.xml.
    
    

    Refence: https://learn.microsoft.com/en-us/powershell/module/adfs/update-adfsrelyingpartytrust?view=windowsserver2022-ps&viewFallbackFrom=win10-ps

    If it doesn't work, please run the Exchange Hybrid Wizard and make sure the federation metadata URL is accessible. If there are more error messages, please feel free to let us know.


    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment". 

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


  2. Thomas Biland 0 Reputation points
    2023-07-14T08:41:15.62+00:00

    maybe same issue here:

    [PS] C:\Windows\system32>New-FederationTrust -Name "Microsoft Federation Gateway" -Thumbprint D3AFBE73C02F2E4EF867F596D1B0E1015FD28190
    Auf das Verbundmetadatendokument kann nicht vom Verbundpartner aus zugegriffen werden. Detaillierte Informationen: "Der Remoteserver hat einen Fehler zurückgegeben: (426) Upgrade Required.".
        + CategoryInfo          : MetadataError: (:) [New-FederationTrust], FederationMetadataException
        + FullyQualifiedErrorId : [,RequestId=72dc3afb-058d-4bd4-88dd-f2362b5c1d94,TimeStamp=14.07.2023 08:40:05] [FailureCategory=Cmdlet-FederationMetadataException] E06888A8,Microsoft.Exchange.Ma
       nagement.SystemConfigurationTasks.NewFederationTrust
        + PSComputerName        :