I am working with a customer that’s running Exchange 2010 on-premises and want to move to Office 365 in a hybrid scenario. The hybrid servers are running Exchange 2010. After implementing a hybrid scenario everything was working fine, but after some time I received calls that free/busy wasn’t working correctly anymore.

When a user with a Mailbox in Exchange online and he wants to schedule a meeting with a Mailbox in Exchange 2010 on-premsises all goes well and the user can see all free/busy information from all users.

When a user with an on-premises Mailbox (on Exchange 2010) wants to schedule a meeting with a Mailbox in Office 365 free/busy information from a Mailbox that’s not Domain joined he cannot check the availability information from Mailbox in Exchange Online as shown in the following screenshot:

But when performing the same action from a workstation that’s Domain joined everything works fine as shown in the following screenshot:

The only difference between a domain-joined client and a standalone client is the way of authenticating. When a domain-joined client tries to access the Exchange Web Services in Office 365 the proper credentials are automatically included.

So, it looks like the standalone client cannot authenticate when accessing the Exchange Web Services in Office 365 to retrieve the free/busy information. When you look with Fiddler on the workstation (non Domain joined) where the issue arises you can see this:

Obviously the Exchange 2010 Client Access server cannot resolve the servers used to logon to the service. After fixing this it still didn’t work.

The next step is to test the Federation Trust using the Test-FederationTrust cmdlet on the hybrid servers and this is where the issue is:

Some metadata seems to be missing, causing issues in the validation process.

Microsoft knowledgebase article KB2928514 discusses this exact problem. To resolve it you have to fix the metadata in the Federation Trust using the Set-FederationTrust command, like this:

Get-FederationTrust | Set-FederationTrust –RefreshMetadata

After running this command the free/busy information was shown correctly in all scenarios.

Microsoft recommends running this on a regular basis. You can create a scheduled task (which invokes the Exchange Management Shell) to do this:

Schtasks /create /sc Daily /tn FedRefresh /tr "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -version 2.0 -command Add-PSSnapIn Microsoft.Exchange.Management.PowerShell.E2010;$fedTrust = Get-FederationTrust;Set-FederationTrust -Identity $fedTrust.Name -RefreshMetadata" /ru System