OAuth authentication fails in a proxy scenario between Exchange Server 2013 hybrid on-premises and Office 365

Applies to: Exchange Server 2013 EnterpriseExchange Server 2013 Standard Edition

Symptoms


When you set up OAuth authentication between an Exchange Server 2013 hybrid on-premises installation and Office 365, OAuth authentication may fail in a proxy scenario.

If the on-premises Exchange organization can successfully connect to Exchange Online, you may receive the following error:
System.Net.WebException: Unable to connect to the remote
server ---> System.Net.Sockets.SocketException: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond IP_Address:443
at System.Net.Sockets.Socket.EndConnect(IAsyncResult asyncResult)

If the direction from Exchange Online organization to the on-premises Exchange organization is successful, the Free/Busy information works only from a cloud user to an Exchange on-premises user.

Cause


This issue occurs because OAuth authentication does not honor InternetWebProxy. This causes an OAuth token retrieval failure.

Resolution


To fix this issue, install Cumulative Update 12 for Exchange Server 2013 or a later cumulative update for Exchange Server 2013.

Status


Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

References


Learn about the terminology that Microsoft uses to describe software updates.