Can't connect to Exchange message appears when using Microsoft Dynamics 365 App for Outlook
This article provides resolutions for the issue that you receive a Can't connect to Exchange message when using Microsoft Dynamics 365 App for Outlook.
Applies to: Microsoft Dynamics 365 Customer Engagement Online
Original KB number: 4534356
Symptoms
When using Microsoft Dynamics 365 App for Outlook, you see the following message:
"Can't connect to Exchange".
The rest of the app may load successfully but the ability to track items and use Set Regarding may be missing.
Cause
This typically occurs when using a Microsoft Exchange on-premises mailbox and may be caused by one of the following reasons:
Cause 1: OAuth authentication is not enabled in Exchange.
Cause 2: There is an issue with the authentication certificate used by Exchange.
Resolution 1: Verify OAuth authentication is enabled in Exchange
On the Exchange server, open the Exchange Management Shell.
Run the following command:
Get-WebServicesVirtualDirectory | FL server,*auth
Verify the results returned show that OAuthAuthentication is set to True.
If
OAuthAuthentication
is set to False, a command such as the following needs to be run:Set-WebServicesVirtualDirectory -Identity "EWS (Default Web Site)" -OAuthAuthentication $true
The identify value is the name of the virtual directory that can be found in the Exchange Admin Center by selecting servers and then selecting virtual directories or by running the following command and reviewing the Name value returned:
Get-WebServicesVirtualDirectory | FL
More information about this command can be found in Set-WebServicesVirtualDirectory.
For more details on authentication requirements for allowing an Outlook Add-in to make asynchronous Exchange Web Service (EWS) requests, see Authentication and permission considerations for makeEwsRequestAsync.
Run the following command:
Get-OrganizationConfig | FL OAuth2ClientProfileEnabled
If the value returned is False, run the following command:
Set-OrganizationConfig -OAuth2ClientProfileEnabled:$True
Also verify your version of Exchange has the update mentioned in Can't access EWS from Outlook/OWA add-ins via makeEwsRequestAsync in Exchange Server 2016 and Exchange Server 2013.
Resolution 2: Verify Exchange Certificate
On the Exchange server, open the Exchange Management Shell.
Run the following command:
Get-AuthConfig | FL
Verify the results show IsValid as True.
Copy the value returned for CurrentCertificateThumbprint and use it in the following command:
Get-ExchangeCertificate -Thumbprint <CurrentCertificateThumbprint Value>| FL
Verify the results show the following:
Status = Valid
The current date is within the NotAfter and NotBefore dates indicating the certificate is not expired.
If the prior command does not successfully retrieve the certificate, this indicates an issue with the certificate configuration that may require you to create and configure a new certificate. The following are some resources with steps for creating and configuring a new certificate:
If any changes were required after following the steps above, close and reopen Outlook to see if the issue has been resolved. If the issue persists and your Microsoft Exchange administrator has verified OAuth is enabled and the certificate is valid, it may be necessary to contact Microsoft Support.