Sign in with Microsoft
Sign in or create an account.
Hello,
Select a different account.
You have multiple accounts
Choose the account you want to sign in with.

Note The Hybrid Configuration wizard that's included in the Exchange Management Console in Microsoft Exchange Server 2010 is no longer supported. Therefore, you should no longer use the old Hybrid Configuration wizard. Instead, use the Office 365 Hybrid Configuration wizard that's available at http://aka.ms/HybridWizard. For more information, see Office 365 Hybrid Configuration wizard for Exchange 2010.

PROBLEM

When you connect to Exchange Online in Office 365 by using Windows PowerShell and then run the Get-FederationInformation cmdlet for a given domain, you get the following error message:

WARNING: An unexpected error has occurred and a Watson dump is being generated: Operation is not valid due to the current state of the object.

Operation is not valid due to the current state of the object.

+ CategoryInfo : NotSpecified: (:) [Get-FederationInformation], InvalidOperationException

+ FullyQualifiedErrorId : System.InvalidOperationException,Microsoft.Exchange.Management.SystemConfigurationTasks.

GetFederationInformation


CAUSE

This issue occurs because the federation certificate is missing from the server that's running Microsoft Exchange 2010. This server is also known as the hybrid server. When you run the Get-FederationInformation cmdlet, the cmdlet tries to obtain federation info about the on-premises hybrid server.

The Test-FederationTrust cmdlet reveals this issue more accurately. For example, after you run the Test-FederationTrust cmdlet, the result resembles the following:

RunspaceId : xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxxxxxx
Id : OrganizationCertificate
Type : Error
Message : Unable to find the certificate referenced by property OrgPrivCertificate in the FederationTrust object.


SOLUTION

To resolve this issue, follow these steps:

  1. Export the federation certificate from another Exchange server that has the certificate to your Exchange server.

    Note The certificate may have to be updated to include the federation service and delegation domains.

  2. Make sure that the certificate is enabled for the federation service. For more info about how to enable a certificate for the federation service, go to the following Microsoft website:

    Manage Federation

  3. Restart the MSExchangeServicesAppPool application pool by using the Internet Information Services (IIS) 7 console. For more info about how to restart application pools in IIS 7, go to the following Microsoft website:

    Recycle an Application Pool on Demand (IIS 7)


Still need help? Go to Microsoft Community.

Facebook LinkedIn Email
SUBSCRIBE RSS FEEDS

Need more help?

Want more options?

Discover Community

Explore subscription benefits, browse training courses, learn how to secure your device, and more.

Microsoft 365 subscription benefits

Microsoft 365 training

Microsoft security

Accessibility center

Communities help you ask and answer questions, give feedback, and hear from experts with rich knowledge.

Ask the Microsoft Community

Microsoft Tech Community

Windows Insiders

Microsoft 365 Insiders

Was this information helpful?

What affected your experience?
By pressing submit, your feedback will be used to improve Microsoft products and services. Your IT admin will be able to collect this data. Privacy Statement.

Thank you for your feedback!

×