How to verify a successful OAuth configuration

Use the Test-OAuthConnectivity cmdlet to verify your OAuth configuration is correct. This cmdlet verifies that on-premise Exchange and Exchange Online endpoints can successfully authenticate requests from each other.

Learn more about the cmdlet at Microsoft https://docs.microsoft.com/en-us/powershell/module/exchange/test-oauthconnectivity?view=exchange-ps

Authentication issues

Error ‘Failed to reach device’ displayed during authentication.

This error can be caused by any of the following:

  1. The screen is not connected to the internet.
  2. The authentication process was not completed within 15 minutes and the code expired.
  3. The screen does not have the required minimum software version installed. See Technical information

A previously authenticated screen is showing as unauthenticated.

  1. If the service account is unavailable for any reason, the Self-Service Admin Portal will show the screen as unauthenticated. When the issue with the service account has been resolved, follow the steps for Authenticating a meeting room screen for OAuth.
  1. If the email address for the Exchange room is changed, the Self-Service Admin Portal will show the screen as unauthenticated. Follow the steps for Authenticating a meeting room screen for OAuth and apply the up-to-date email address.

Issues connecting to Exchange

If problems are experienced when connecting to Exchange, check the following.

Check OAuth is enabled for Exchange online

An Exchange admin can run the following Powershell commands to determine if OAuth is enabled:

Install-Module -Name ExchangeOnlineManagement
Connect-ExchangeOnline -UserPrincipalName adminEmailId
Get-OrganizationConfig | Format-Table Name,OAuth* -Auto

If the result shows OAuth2ClientProfileEnabled = False, run the folowing:

Set-OrganizationConfig -OAuth2ClientProfileEnabled $true

Validate access to Exchange Web Services (EWS)

  1. Open a private browser page (incognito or private mode, depending on browser) and go to https://outlook.office365.com/
  2. Enter user credentials for the Exchange room when prompted.

If an unauthorized access error is displayed, or the username/password prompt reappears, either the credentials for the Exchange room are incorrect or the account does not have the required permissions.

Check the correct EWS URL is saved in Calendar Settings

See how to set the calendar URL here.

Feedback

Was this helpful?

Yes No
You indicated this topic was not helpful to you ...
Could you please leave a comment telling us why? Thank you!
Thanks for your feedback.

Post your comment on this topic.

Please do not use this for support questions.
Condeco Support

Post Comment