My google-fu is coming up short today.
I have 2 Exchange 2007 in coexistence with 2 Exchange 2013 servers, which are in turn configured for hybrid mode with O365. I have run the Hybrid configuration wizard, and it seems to have passed. The sole purpose of the 2013 servers is to facilitate the hybrid connection to Office 365 so that we can migrate our mailboxes from 2007 to O365.
For authentication to O365, we are using ADFS built on Server 2012 R2 (essentially ADFS 3.0). ADFS works beautifully.
I was preparing to migrate my first mailbox, and decided to run the BPA one last time, and got this message:
"Exchange Server: Office 365 hybrid configuration - Validate the certificate 'EX001.CONTOSO.CORP\THUMBP
RINT' is proper in place for federation and mail flow"
"The server EX001 is configured for Office 365 hybrid, but the certificate 'EX001.CONTOSO.CORP\THUMBP
RINT' is not proper in place for federation and mail flow for Office 365 hybrid configuration. Expected status: get-exchangecertificate to see it should be third party, have a private key, and have the SMTP service associated with. Actual status: IsSelfSigned = True, HasPrivateKey = True, Service = SMTP,Federation. Learn more
My question - is this just simply looking for the third party certificate that I have installed for IMAP, POP, IIS, & SMTP to be assigned for Federation, or is it looking for a different certificate? in the EAC, you cannot assign this service, so I am assuming it has to be enabled in the Exchange Management Shell?