Exchange Hybrid (Teams Calendar)

CWT 391 Reputation points

Good evening,

Been racking my brain around this and the MS documentation is not clear (to me at least). Hoping to find a nugget here that can help with the current hurdle.

Current State:
Downloaded and ran through the HCW on one of our Exchange servers. Hit a snag with Federation not getting enabled, so we knocked that out. Seems to have worked just fine (box checked).

Teams Calendar Issue
Open Teams and when we click on Calendar we see the infamous "Couldn't load your calendar" error. Currently this is our only focus and I'm having trouble zeroing in on what to check as every article seems to go down a never ending link to pages that don't necessarily seem related.

Note: Prior to enabling Federation we could not do user lookups. Now, we can at least perform user lookups in the attendees field, but we also receive text below their name stating "Unknown".

Is there a better site to help identify the correct source Exchange Online URLs we need to white list? The link below looked correct at first, but the information lists that these ports are ONLY for On-Prem to EXO connections.

Are the Exchange Online & Skype for Business Online and Microsoft Teams URLs provided in that link all trying to hit our EWS virtual directory?
Exchange Web Services (EWS Endpoints):
InternalUrl : TCP 443
ExternalUrl : TCP 443

Lastly, if our autodiscover URL is (internal only), will we be forced to add a public (public) A record to make it all works or will our EWS provide the connection for autodiscover?

Thanks for any information or guidance you can provide.


Microsoft Teams
Microsoft Teams
A Microsoft customizable chat-based workspace.
9,009 questions
Microsoft Exchange Online Management
Microsoft Exchange Online Management
Microsoft Exchange Online: A Microsoft email and calendaring hosted service.Management: The act or process of organizing, handling, directing or controlling something.
4,151 questions
0 comments No comments
{count} votes

Accepted answer
  1. JimmyYang-MSFT 48,536 Reputation points Microsoft Vendor

    Hi @CWT ,

    The following picture shows the URLs, IP address ranges and ports that are required for Office 365 connectivity.


    Are the Exchange Online & Skype for Business Online and Microsoft Teams URLs provided in that link all trying to hit our EWS virtual directory?
    Exchange Web Services (EWS Endpoints):

    Yes, for calendar app support and Teams outlook Add-in for Mac, Exchange Web Service URLs must be configured as SPNs in
    Tenant Azure AD for the Exchange Service Principal. For more details about steps about it, you can refer to:

    For more details about troubleshooting Teams calendar issue, you can learn it from:

    If the response is helpful, please click "Accept Answer" and upvote it.

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

1 additional answer

Sort by: Most helpful
  1. CWT 391 Reputation points

    Good afternoon Jimmy.

    Finally was able to try and break down your reply and look more closely at our current configuration and wanted to run a couple of things by you if I may.

    So it seems that Hybrid Modern Authentication is required (based upon the link you provided). Makes sense as does most of the article, but when I review the section labelled "Add on-premises web service URLs as SPNs in Azure AD", the cmdlets it specifies are all MSOL based. As I understand it, MSOL was replaced by the newer Exchange module "ExchangeOnlineManagement" using the connect-ExchangeOnline cmdlet to get started. Is that correct? I could install the older MSOL module with no issues, but importing it was never possible as the get-module command never showed it installed in the first place (even though the progress bar indicated success). Can I just ignore those MSOL commands since they appear to be deprecated?

    Lastly, if the MSOL commands have been replaced, what would the commands be using the ExchangeOnline module? Is that an option?
    Get-MsolServicePrincipal -AppPrincipalId 00000002-0000-0ff1-ce00-000000000000 | select -ExpandProperty ServicePrincipalNames

    Thanks much sir.

    0 comments No comments