Error message when you run the Get-FederationInformation cmdlet in Office 365: "An unexpected error has occurred and a Watson dump is being generated"

Note The Hybrid Configuration wizard that's included in the Exchange Management Console in Microsoft Exchange Server 2010 is no longer supported. Therefore, you should no longer use the old Hybrid Configuration wizard. Instead, use the Office 365 Hybrid Configuration wizard that's available at http://aka.ms/HybridWizard. For more information, see Office 365 Hybrid Configuration wizard for Exchange 2010.
PROBLEM
When you connect to Exchange Online in Office 365 by using Windows PowerShell and then run the Get-FederationInformation cmdlet for a given domain, you get the following error message:
WARNING: An unexpected error has occurred and a Watson dump is being generated: Operation is not valid due to the current state of the object.
Operation is not valid due to the current state of the object.
+ CategoryInfo : NotSpecified: (:) [Get-FederationInformation], InvalidOperationException
+ FullyQualifiedErrorId : System.InvalidOperationException,Microsoft.Exchange.Management.SystemConfigurationTasks.
GetFederationInformation


CAUSE
This issue occurs because the federation certificate is missing from the server that's running Microsoft Exchange 2010. This server is also known as the hybrid server. When you run the Get-FederationInformation cmdlet, the cmdlet tries to obtain federation info about the on-premises hybrid server.

The Test-FederationTrust cmdlet reveals this issue more accurately. For example, after you run the Test-FederationTrust cmdlet, the result resembles the following:
RunspaceId : xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxxxxxxId : OrganizationCertificateType : ErrorMessage : Unable to find the certificate referenced by property OrgPrivCertificate in the FederationTrust object.

SOLUTION
To resolve this issue, follow these steps:
  1. Export the federation certificate from another Exchange server that has the certificate to your Exchange server.

    Note The certificate may have to be updated to include the federation service and delegation domains.
  2. Make sure that the certificate is enabled for the federation service. For more info about how to enable a certificate for the federation service, go to the following Microsoft website:
  3. Restart the MSExchangeServicesAppPool application pool by using the Internet Information Services (IIS) 7 console. For more info about how to restart application pools in IIS 7, go to the following Microsoft website:

Still need help? Go to the Office 365 Community website.
Properties

Article ID: 2710846 - Last Review: 05/10/2016 09:27:00 - Revision: 12.0

Microsoft Office 365

  • o365 o365a o365e kbgraphxlink o365022013 hybrid o365m kbgraphic KB2710846
Feedback