Federate Exchange and Exchange Online for Calendar Sharing

The following steps will create Exchange delegation federation between Exchange on premise and Exchange Online.

This specific use case for is for two organizations to share full calendar information between each other. The first organization has an Exchange Server 2010 environment on premise. The second organization uses Exchange Online in Office 365. Neither organization is configured for hybrid.

 

FROM ON PREMISE EXCHANGE (2010)

1. Open the Exchange Management Console (EMC) > Organization Configuration > Federation Trust to create a “New Federation Trust”

• This task creates a self-signed certificate for the federation named “Exchange Delegation Federation” and a federation trust named “Microsoft Federation Gateway” using the new certificate

 

2. Open the Exchange Management Shell (EMS) to get domain proof

• Use this command “Get-FederatedDomainProof -DomainName onpremisedomain.com” to get the domain proof
• The domain proof will always end with two equal signs (‘==’) that must be included when adding the TXT record in Step 3

 

3. In our public DNS hosting service, add the domain proof as TXT record

• Wait for DNS to replication and resolve TXT record.
• Check for DNS replication via nslookup (or mxtoolbox.com). From a command prompt, type the follow to check for the updated DNS record against public DNS servers:

nslookup
server 8.8.8.8
set type=txt
onpremisedomain.com

• The result must match the domain proof in Step 2. If they do not match, setting the federation trust in Step 4 will fail. Re-check until they match.
• Additionally, I prefer to check alternate public DNS servers for replication (i.e. use 4.2.2.2 [Level3] with the server command instead of 8.8.8.8 [Google])

 

4. Set the Federation Trust

• Click Manage Federation
• Click Next
• Add a federation domain using an existing accepted domain and an email address of our organization contact
• Click Next
• Click Manage
• Once completed, click Finish
• The federation trust will now show an Application Identifier and an Application URI.

IMPORTANT: Do not change the application URI (FYDIBOHF25SPDLT.onpremisedomain.com’) to match your OWA URL.

 

5. Open EMC > Organization Configuration > Organization Relationships to create a “New Organization Relationship”

• Give a name that identifies the external organization that will be federated with (i.e. “Exchange On Premise to Exchange Online”)
• Select “Enable the organization relationship”
• Select “Enable free/busy information access”
• Set free/busy data access level to “Free/busy access with time, plus subject and location”
• Click Next
• Select “Automatically discover configuration information” and enter the domain of external exchange organization that will be federated (i.e. “o365domain.onmicrosoft.com”)
• Click Next
• Click New to create the relationship
• Once completed, click Finish

 

6. Open EMC > Organization Configuration > Mailbox > Sharing Policies

• Edit the “Default Sharing Policy”
• Select the General tab and select “Enable sharing policy…”
• Highlight the ” * ” domain and click Edit
• Set “Specify the actions…” to “Calendar sharing with free/busy information plus subject, location, and body, Contacts sharing”
• Select the Mailboxes tab to add on premise mailboxes as needed
• Click OK to complete

 

 

FROM EXCHANGE ONLINE

1. Exchange Admin Center (EAC) > Organization to create a new organization relationship

• Under Organization Sharing click ‘+’ to add new relationship
• Give a “Relationship Name” that identifies the on premise organization to be federated with (i.e. “Exchange Online to Exchange On Premises”)
• Enter the on premise domain that will be federated with (i.e. “onpremisedomain.com”)
• Select “Enable calendar free/busy information sharing”
• Select “Calendar free/busy information with time, subject, and location”
• Select “Everyone in your organization” (default)
• Click Save

 

2. EAC > Organization > Individual Sharing

• Edit the “Default Sharing Policy”
• Edit “Sharing with all domains” rule
• Select “Share your calendar folder”
• Select “All calendar appointment information, including time, subject, location, and title”
• Select “Share your contacts folder”
• Click Save

 

3. Connect to Exchange Online via PowerShell

• Since the “Default Sharing Policy” is the default policy applied to all users in Exchange Online, we will need to enable the policy for individual or all mailboxes
• From PowerShell, run “Start-ManagedFolderAssistant -Identity <MailboxAlias>” for individual mailboxes
  • … or run “Get-Mailbox | Start-ManagedFolderAssistant” to apply to all mailboxes

 

TESTING

1. Test scheduling assistant from both on premise and Exchange Online
2. From Exchange Online OWA, shared calendar with external mail user (i.e. user@onpremisedomain.com)
3. From Exchange OWA, shared calendar with external mail user (i.e. user@o365domain.onmicrosoft.com)

 

Good luck and have fun!

 

Reference(s):

• Set up Federated Free/Busy and Calendar Sharing between Exchange 2010 SP1 and Outlook Live [Updated]
• Exchange Federation – part I