If you run the Test-FederationTrust cmdlet, you receive an error message that indicates that the Delegation token has validation issues. For example, you receive an error message that resembles the following:
Type : Error
Message : Failed to validate delegation token.
Note This command forces the information that's used for the federation trust to become up-to-date. You won't have to re-create organization relationships or sharing policies.
To do this, follow these steps:
- Open the Exchange Management Shell on the on-premises Exchange server.
- Run the following cmdlet:
Get-FederationTrust | Set-FederationTrust –RefreshMetadata
To run the procedure in the "Solution" section as an automated task to prevent future issues, open a command prompt on the Exchange server, and then run the following command. Doing this updates the federation trust daily.
Schtasks /create /sc Daily /tn FedRefresh /tr "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
-version 2.0 -command Add-PSSnapIn Microsoft.Exchange.Management.PowerShell.E2010;
$fedTrust = Get-FederationTrust;Set-FederationTrust -Identity $fedTrust.Name -RefreshMetadata" /ru System
Still need help? Go to Microsoft Community or the Exchange TechNet Forums.
Article ID: 2928514 - Last Review: Dec 29, 2016 - Revision: 1