"Length of the property is too long" error when you try to set up a hybrid deployment

Notice
The Hybrid Configuration wizard that's included in the Exchange Management Console in Microsoft Exchange Server 2010 is no longer supported. Therefore, you should no longer use the old Hybrid Configuration wizard. Instead, use the Office 365 Hybrid Configuration wizard that's available at http://aka.ms/HybridWizard. For more information, see Office 365 Hybrid Configuration wizard for Exchange 2010.
PROBLEM
You try to use the Hybrid Configuration Wizard or the Set-HybridConfiguration Exchange Management Shell cmdlet to set up a hybrid deployment between your on-premises Microsoft Exchange Server 2013 or Microsoft Exchange 2010 environment and Microsoft Exchange Online in Office 365. However, you receive an error message that states that the value of the TlsCertificateName parameter exceeds the maximum limit of 256 characters. The error message resembles the following:
The length of the property is too long. The maximum length is 256 and the length of the value provided is <Number>.
CAUSE
This issue occurs if the value of the rangeUpper attribute for the TlsCertificateName parameter contains more than 256 characters. Certificate names can't have more than 256 characters.
SOLUTION
To fix this problem, use one of the following methods.

If you're running Exchange 2013

  1. Install the latest cumulative update for Exchange Server 2013. To download this update, go to Updates for Exchange 2013.
  2. Run the latest version of the Hybrid Configuration wizard. For the latest Hybrid Configuration wizard, go to http://aka.ms/TAPHCW.
For more information about the benefits of the latest Hybrid Configuration wizard, see Introducing the Microsoft Office 365 Hybrid Configuration Wizard.

If you're running Exchange 2013 and you specify an Edge Transport server in the Hybrid Configuration wizard

Warning This procedure requires Active Directory Service Interface Edit (ADSI Edit). Using ADSI Edit incorrectly can cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that problems that result from the incorrect use of ADSI Edit can be resolved. Use ADSI Edit at your own risk.

  1. Install the latest cumulative update for Exchange Server 2013. To download this update, go to Updates for Exchange 2013.
  2. On the Edge Transport server, follow these steps:

    1. Open ADSI Edit.
    2. Right-click ADSI Edit, and then click Connect to.
    3. In the Select a well known Naming Context box, select Configuration, and then click OK.
    4. Under Computer, type localhost:50389.
    5. When you're connected, select the Schema container.
    6. Locate and right-click CN=ms-Exch-Smtp-TLS-Certificate, and then click Properties.
    7. Locate the rangeUpper attribute. If the value is set to 256, set it to 1024, and then click OK.

If you're running Exchange 2010

Use a certificate from a third-party certification authority (CA) that has a certificate name that contains fewer than 256 characters.
MORE INFORMATION
Still need help? Go to the Office 365 Community website or the Exchange TechNet Forums.
Properties

Article ID: 2860844 - Last Review: 08/05/2016 17:27:00 - Revision: 13.0

Microsoft Exchange Online, Microsoft Exchange Server 2013 Enterprise, Microsoft Exchange Server 2013 Standard, Microsoft Exchange Server 2010 Enterprise, Microsoft Exchange Server 2010 Standard

  • o365e o365m o365022013 o365 o365a hybrid kbbug kbfix KB2860844
Feedback