[Solved] Hybrid Configuration Wizard Stuck on ‘Adding Federated Domain’ Stage

ByRajith Enchiparambil

How to go past the ‘Adding Federated Domain’ status in the hybrid configuration wizard, while running from an Exchange 2016 CU7 server? More… I have come across this issue a couple of times now and mostly while the server from which I am running the hybrid configuration wizard is Exchange 2016 CU7. This is not…

How to go past the ‘Adding Federated Domain’ status in the hybrid configuration wizard, while running from an Exchange 2016 CU7 server?

More…

I have come across this issue a couple of times now and mostly while the server from which I am running the hybrid configuration wizard is Exchange 2016 CU7. This is not to say that it won’t happen on another CU level.

The issue is that HCW gets ‘stuck’ while trying to verify the domain’s TXT record (to prove the ownership) and adding the domain. The wizard verifies the existence of the TXT record, but doesn’t go past the window below even after letting it do it’s thing for hours!

Adding federated domain error

A quick google confirms that there are number of other customers who have the same issue  and number of workaround and solutions have been suggested.

The one solution that has worked for me all the time is to have an ini file in the ‘Config’ folder of the Exchange 2016 server. Follow the exact steps below.

  • check Open Notepad, copy & paste the text below.
  • check [SystemConfigurationTasks.settings.ini:FederationTrustFromCache]Enabled=False
  • check Save it as SystemConfigurationTasks.Overrides.ini
  • check Make sure that the file type is set to txt while saving. It won’t work otherwise.
  • check Place this file in ‘C:\Program Files\Microsoft\Exchange Server\V15\Config’, assuming that Exchange 2016 is installed on the C drive.
  • check Run the HCW again from scratch and it should go past the ‘Adding federated domain’ status. 

Have you used any other workarounds for the same issue? Let me know in the comments below.

Related posts:

  1. Disable Clutter For Office 365 Mailboxes
  2. AADSTS50008 SAML Token Is Invalid ADFS Error
  3. Auto-Mapping Mailboxes After Office 365 Migration
  4. Free Busy Not Working From Office 365 To On-Premise
  5. How To Change Microsoft Teams Ringtone & Dance Away
Rajith Enchiparambil

Cloud Architect & Blogger with interests in Microsoft 365, Azure, AWS & PowerShell. I am active on Experts Exchange & TechNet forums and I am a technical author for SearchExchange. Follow me on Twitter, LinkedIn, or Facebook for the latest updates. For consultancy opportunities, drop me a line.

23 Comments

  1. Ron Bramblett says:

    I had the same issue.
    My federation certificate had expired and I had to get it working.
    I have an Exchange 2016 CU22 (Which updated on the 3rd). I am running Server 2016.
    I followed this but could not get it to work.
    I contacted Microsoft. Took 3 days to get to the right queue.

    This was the error in the HCW log file
    An error occurred accessing Windows Live. Detailed information: “The underlying connection was closed: An unexpected error occurred on a send.”.”.,FullyQualifiedErrorId=[System.String] [Server=PM00EXCH01,RequestId=4727cdcc-0a11-44ab-950d-62dcb7719ee0,TimeStamp=1/5/2023 4:07:55 PM] [FailureCategory=Cmdlet-ProvisioningFederatedExchangeException] 59FABD8F,Microsoft.Exchange.Management.SystemConfigurationTasks.SetFederatedOrganizationIdentifier}

    I created a dword under [HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\.NETFramework\v4.0.30319]

    “SystemDefaultTlsVersions”=dword:00000001
    and [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319]
    “SystemDefaultTlsVersions”=dword:00000001

    I rebooted the server and then had to make sure that the new certificate was active and enabled and traffic started flowing again.

    Reply
    1. Rajith Enchiparambil says:

      Thanks Ron for the update, was the error message the same for you?

      Reply
  2. Brad Galliford says:

    This didnt seem to work for me, but I ended up needing to add in the following reg keys for .net TLS issues and it worked.

    Windows Registry Editor Version 5.00
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft.NETFramework\v2.0.50727]
    “SystemDefaultTlsVersions”=dword:00000001
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft.NETFramework\v2.0.50727]
    “SystemDefaultTlsVersions”=dword:00000001
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft.NETFramework\v4.0.30319]
    “SystemDefaultTlsVersions”=dword:00000001
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft.NETFramework\v4.0.30319]
    “SystemDefaultTlsVersions”=dword:00000001

    Reply
    1. Rajith Enchiparambil says:

      Thank you Brad for the update. I am sure it is going to help someone.

      Reply

  3. Whats the path for Exchange2010?

    Reply
    1. Rajith Enchiparambil says:

      Hi Aji,

      The default installation path for Exchange 2010 is C:/Program Files/Microsoft/Exchange Server/V14

      Reply

      1. It is, but there is no Config folder.

        Reply

  4. Any suggestions for exchange 2010? Thanks

    Reply
    1. Rajith Jose Enchiparambil says:

      Is it the same issue Lee?

      Reply
  5. SABBIR AHMED KHAN says:

    i applied this but not success.

    Reply
    1. Rajith Jose Enchiparambil says:

      This has worked time and time again for me.
      After adding the file, restart the machine and run the HCW again Sabbir.

      Reply
  6. René Eigenmann says:

    Same her
    Only one Domain is not working.

    Reply
    1. Rajith Jose Enchiparambil says:

      Did you setup the .ini file?
      Restart the server and run the HCW again.

      Reply
  7. Pete Fenak says:

    I had multiple domains. I checked then off one at a time, proceeded to next and then went back and did that for all of them until they were all able to get through the next step, then went back and selected all and was able to proceed.

    Reply
    1. Rajith Jose Enchiparambil says:

      Glad that the article helped you Pete

      Reply

  8. Worked in my Case. Thanks!

    Reply
    1. Rajith Jose Enchiparambil says:

      Glad that the article helped you Jan

      Reply
    1. Rajith Jose Enchiparambil says:

      Did yo get it resolved Renier? Waiting for a bit before trying again might help.

      Reply

  10. That worked like a charm! I love you man will you marry me?

    Reply
    1. Rajith Jose Enchiparambil says:

      Glad it worked for you Sean.

      Reply

      1. Save it as .ini or as .txt?

        Reply
        1. Rajith Jose Enchiparambil says:

          Save it as .ini Ayyappan.

          Reply

Leave a Reply

Your email address will not be published. Required fields are marked *