Running the new Office 365 Hybrid Configuration Wizard

As you all know, the latest Hybrid Configuration Wizard now runs from O365 irrespective of the previous versions of Exchange where HCW is embedded with the on-prem product. With this addition you will get the latest wizard every time you download it, which means that  you don’t have to wait for the next CU to resolve issues with the current HCW.

I recently updated my Exchange 2013 SP1 to CU16 and is about to run the new wizard:

First, I have to enable Exchange Hybrid on the on-prem server.

You will be asked to log in to your O365 tenant.

The wizard will redirect to O365 sign in page.

Once logged in, click on Enable again and a new tab will open with the link to download the HCW.

Download and run the HCW tool.

Below is the launch page of the Office 365 HCW. Click Next to proceed.

The HCW detects the optimal on-prem server to be the Hybrid Server (in this case, its the Ex 2013 server). You can also manually select a server of your choice. Also specify the type of O365 Organization. Click Next.

Next you have to provide your windows and Office 365 tenant credentials. Once done, click Next to proceed.


In next stage, the wizard will gather and confirm the configuration information. Once the test is successful, click Next.

The wizard will ask how the hybrid environment has to be configured for mail flow. If your organization uses Edge servers, you may have to select the second option.

Click on the Advanced button to list additional features. You will then see a check box that says ‘Enable centralized mail transport‘, the description also provides information about what this feature does. If you enable this, all your e-mail flow will happen through the on-prem environment. Once the options are selected, click on Next.

Choose the on-prem Exchange server that should host the receive connector for secure mail transport. Click Next.

Now, choose the on-prem Mailbox server that should host the send connector for secure mail transport. Click Next.

Select the transport certificate to be used for secured mail flow trusted by an external CA. Click Next.

Specify your Organization FQDN for mail flow. Click Next.

Make sure your external URL’s are configured on all virtual directories prior to running the HCW. Click Next.

Since, I already have an Exchange 2010 SP3 Hybrid in place the wizard detects the same and asks to update the configuration. Click Update.

The configuration starts as shown below. Click Stop to cancel.

The HCW process completes. If any configurations are pending it will be shown as below. In this case, my endpoint (Exchange 2010 hybrid server) is offline due to which the notification was received.

The server was turned on and DNS records were confirmed. On re-running the HCW, no issues were reported indicating that procedure completed successfully.




Updating hybrid configuration failed with error ‘Subtask CheckPrereqs execution failed:Check Tenant Prerequisites’

I came across this error when running the Hybrid Configuration Wizard on my Exchange Server 2013 SP1 server. Detailed error :

Subtask CheckPrereqs execution failed: Check Tenant Prerequisites
Deserialization fails due to one SerializationException: Microsoft.Exchange.Compliance.Serialization.Formatters.BlockedTypeException: The type to be (de)serialized is not allowed:

Towards the end of the error, it asked to view the Hybrid Configuration log for more information. You can find the log in the following location of your Exchange 2013 server : C:\Program Files\Microsoft\Exchange Server\V15\Logging\Update-HybridConfiguration.

Upon searching on the issue, I came across a Microsoft article that says this issue occurs due to a recent change in Microsoft’s Exchange Online environment that prevents the Exchange 2013 HCW to run correctly. The issue can be resolved by installing the latest cumulative update. In my environment I had to download the CU6 update to resolve this issue.

Reference :


Converting an Office 365 Federated domain to Managed

My existing azure lab has an Exchange 2010 Hybrid set up with ADFS for single sign-on. I am planning to remove ADFS from the environment and use password sync instead.

First I should check if password sync is already enabled or not. I can check and confirm this from the Azure AD Connect application. Launch AAD Connect tool and check the current configuration :

To check the status of the domain you can use the following commands, once connected to Exchange Online using powershell:

Connect-MsolService -Credential $cred


The output will be similar to the below screenshot:


As you can see above, the domain ‘‘ is ‘Federated’.

If you go to ADFS management -> Relaying Party Trust, you will notice a trust already set up with MS Office 365.


Now to convert the domain to ‘Managed’ execute the below command :

Convert-MsolDomainToStandard -DomainName <String> -PasswordFile <String>              -SkipUserConversion <Boolean>  [-Confirm] [-WhatIf] [<CommonParameters>]


Once the domain is converted to ‘Managed’ single sign-on will be no longer applicable, instead same sign-on will be applied. The trust with Microsoft Office 365 will be removed from Relaying Party Trust as well.

Installing Exchange 2013 in an Exchange 2010 SP3 Hybrid Environment

I have an Exchange 2010 SP3 hybrid set up in my lab, and is planning to install and an Exchange 2013 as an Hybrid server.

I directly ran the Exchange 2013 setup without performing any schema preps and received the following error


So, I went on to my DC server and tried executing the commands for Schema preps as shown below only to get another failure notification :


As I am already in Hybrid, Exchange requires me to run the prep command adjacent to the /TenantOrganizationConfig switch. You also have to generate a config xml file by connecting to your Exchange online tenant.

For this, connect to your Exchange online tenant through powershell and execute the below command :

Get-OrganizationConfig | Export-Clixml -Path MyTenantOrganizationConfig.XML


The xml file will be generated as shown above. Copy the xml file to C: of the server where you are running the prep command ie, the DC.

Make a note that instead of /PrepareSchema, we will use /PrepareAD to run the /TenantOrganizationConfig switch adjacent to the setup.

.\Setup.exe /PrepareAD /IAcceptExchangeServerLicenseTerms /TenantOrganizationConfig:C:\MyTenantOrganizationConfig.XML


The Exchange setup will complete successfully now. 🙂

Error “You haven’t configured a target delivery domain. Please choose the appropriate remote domain as the target delivery domain.”

The scenario being discussed here is an Exchange 2010 to Exchange Online (Office 365) migration. A hybrid configuration was set up resulting in the coexistence of Exchange 2010 SP3 and Office 365. The procedure selected for mailbox move was ‘Remote Move Migration’. However, an error was received while trying to move an on-premise Exchange 2010 mailbox to the cloud ie, Office 365.


While performing the remote move request, in the move settings, you will be asked to provide the ‘Target Delivery Domain’. When I click on Browse option all I get is the error above, indicating that no domains are configured.

This error can be resolved by following the below steps:

  • In the Exchange Management Console, navigate to Organization Configuration -> Hub Transport   -> Remote Domains
  • Add your domain name specifically along with the Default ‘*’ value


Now, right click the domain name entry you just created, and select Properties. Ensure that under the Office 365 Tenant Domain the tick mark is selected as shown below:


Create a new remote move request and confirm that the mailbox move is working fine now.