I'm trying to set up the sharing of free/busy info with our partner organization. We both have Exchange Server 2010 SP1. We both have certificates for the servers, and Federation Trust is set up on both. I've even set up the Organization Relationship to share it both ways. I've created a Sharing Policy and applied them to specific mailboxes as well. When I test it, I'm unable to share a calendar or see the free/busy information with any user in the external organization. What can I do?

hope you have created XTX record http://technet.microsoft.com/en-us/library/dd335198.aspx Dhruv

I've created a TXT record on both ends. The Organization Relationship could not be set up without it. I've done everything on this page: http://www.virmansec.com/blogs/otaiby/archive/2010/03/21/share-your-calendar-free-busy-information-and-contacts-with-external-recipient-outside-your-exchange-organization-using-exchange-2010.aspx

Hi BDS_AndrewT, It is difficult to confirm the issue through information you referred. I would check the configuration through the DOC of the MS as following: http://technet.microsoft.com/en-us/library/dd298055.aspx Or, you could post more information through the test-federationtrust, follow below: http://technet.microsoft.com/en-us/library/dd979787.aspx Regards! GavinPlease remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

I've created everything on the technet article about setting it up. I used my Exchange certificate, got a thumbprint to set up Federation Trust,which gave me an AppID, which I then used to create a TXT record on my DNS I did the same thing for the other organization I then set up an Organization Relationship that has Free/Busy with location I don't know what I'm missing. I ran Test-FederationTrust before, and it gives me an error message: [PS] C:\Windows\system32>test-federationtrust Couldn't find object "extest_902c17146cac4". Please make sure that it was spelled correctly or specify a different object. + CategoryInfo : NotSpecified: (:) [Test-FederationTrust], ManagementObjectNotFoundException + FullyQualifiedErrorId : 8C5D44C5,Microsoft.Exchange.Management.SystemConfigurationTasks.TestFederationTrust

Hi BDS_AndrewT, Did you follow below: http://technet.microsoft.com/en-us/library/bb125182.aspx I have run into some issue cuased by missing the procedures. Regards! GavinPlease remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Hey Gavin, I didn't follow those steps. I guess it was my understanding that I could set up Federation Trust as-is without having a Forest Trust or anything like that. So, do I have to use Identity Integration Services or Identity Lifecycle Management or GALSync to get Federation Trust to work? Could you perhaps explain what I need to get Federation Trust for Exchange 2010 to work? Thanks, -Andrew

Hi BDS_AndrewT, I would suggest that you could refer to below information firstly: http://technet.microsoft.com/en-us/library/dd638083.aspx Regards! GavinPlease remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Hi Any update for your issue? Regards! GavinPlease remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Gavin, Thanks for following up with me. I've actually read that article before, but I guess I didn't clearly understand the requirements of Federation Trust (I'm actually still a little fuzzy). The thing is what gets me stuck is the Microsoft Federation Gateway. http://msdn.microsoft.com/en-us/library/cc287610.aspx How do I send that SOAP message? I've already gotten a certificate. I've done steps 1, 2, 3, 4, and 5 here http://technet.microsoft.com/en-us/library/ff601760.aspx I feel like I'm very close, but just don't know which thread to pull to finish it up. -Andrew

Hi Andrew, Which ORG do you want to make federation with? Is the ORG also exchange 2010, and also configured well for the federation, such as with MS federation gatedway, and configure either an organization relationship or sharing policies with each other. Regards! GavinPlease remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Maybe i can help you out alittle here, as I am having a similar problem. First off, the test-federationtrust command. The error your getting is telling you that you dont have a test mailbox created to run the command. You can do that by running the script: new-TestCasConnectivityUser.ps1 located in the exchange scripts folder. You'll proubbly get some errors the first time about an OU issue, or the password isnt complex. here's a good page to get through those http://www.zerohoursleep.com/2010/10/new-testcasconnectivityuser-ps1-fails-with-verify-that-ou-users-exists/ once the mailbox is created, then the test-federationtrust command will run. -------------------------------------- now maybe someone can help me. info, we are trying to federate exchange systems in domain a and domain b. systems are exchange 2010 sp1. They are not in a forest, and have no trusts what so ever setup between the two. We created setup the Trust with the Microsoft Federation Gateway. Added the required Proof hash to the TXT record, and successfully created the trust with exchangedelegation.a.com and exchangedelegation.b.com as the address namespace and accepted domain. We then added a.com and b.com as the federated domain. After that we created an Organization Relationship using the autoconfigure options (which worked just fine), and set the permissions to allow freebusy information and did not set up a security group. test-federationtrust completes with NO errors. Everything is successful. get-federationinformation for a.com and b.com complete successful test-outlookwebservices -identity xxx@a.com -targeraddress xxx@b.com (ran from a.com exchange server) gives the following errors RunspaceId : 45a95c82-ddcb-4908-917c-ce81eb003a11 Id : 1011 Type : Error Message : Receipent address xxx@b.com is invalid. Please check your command parameters. RunspaceId : 45a95c82-ddcb-4908-917c-ce81eb003a11 Id : 1011 Type : Error Message : Receipent address xxx@b.com is invalid. Please check your command parameters. RunspaceId : 45a95c82-ddcb-4908-917c-ce81eb003a11 Id : 1111 Type : Error Message : Receipent address xxx@b.com is invalid. Please check your command parameters. users in a.com are unable to see free busy information for users in b.com and vice versa. Please help.

I neglected to comment on this, but thanks for the links. That helped me sort of fix the Test-FederationTust cmdlet. I was able to run it, but now I have a different error: Creating a new session for implicit remoting of "Test-FederationTrust" command... RunspaceId : c8b0bd02-f3a8-45fb-8893-db3fad209bc5 Id : FederationTrustConfiguration Type : Success Message : FederationTrust object in ActiveDirectory is valid. RunspaceId : c8b0bd02-f3a8-45fb-8893-db3fad209bc5 Id : FederationMetadata Type : Success Message : The federation trust contains the same certificates published by the security token service in its federat ion metadata. RunspaceId : c8b0bd02-f3a8-45fb-8893-db3fad209bc5 Id : StsCertificate Type : Success Message : Valid certificate referenced by property TokenIssuerCertificate in the FederationTrust object. RunspaceId : c8b0bd02-f3a8-45fb-8893-db3fad209bc5 Id : StsPreviousCertificate Type : Success Message : Valid certificate referenced by property TokenIssuerPrevCertificate in the FederationTrust object. RunspaceId : c8b0bd02-f3a8-45fb-8893-db3fad209bc5 Id : OrganizationCertificate Type : Success Message : Valid certificate referenced by property OrgPrivCertificate in the FederationTrust object. RunspaceId : c8b0bd02-f3a8-45fb-8893-db3fad209bc5 Id : TokenRequest Type : Success Message : Request for delegation token succeeded. RunspaceId : c8b0bd02-f3a8-45fb-8893-db3fad209bc5 Id : TokenValidation Type : Error Message : Failed to validate delegation token. What do I do now? There are no results for Failed to validate delegation token.

Did anybody find an answer to this, I am having the same issue.