Share via

On-prem user can't access delegated EXO user in Exchage hybrid environment

ken C 0 Reputation points
2025-11-12T14:07:40.9533333+00:00

We have an on-prem Exchange 2016 server, and in the process of moving to M365. An user can access another delegated user (full access) when they are both on-prem, after one user moved to EXO, the on-prem user no longer can access the moved user using Outlook(latest version from M365), just keep prompting for credentials. However, an moved EXO user can access a delegated (full access) on-prem user using Outlook. We are using Azure Ad connect to sync users, the hybrid setup is full classic.

I have tried the following, still same problem:

https://learn.microsoft.com/en-us/exchange/hybrid-deployment/set-up-delegated-mailbox-permissions

Appreciate any input

Thank you

Moved from <Microsoft 365 and Office | Other>

Exchange | Hybrid management
Exchange | Hybrid management
The administration of a hybrid deployment that connects on-premises Exchange Server with Exchange Online, enabling seamless integration and centralized control.
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Richard Trinidad 5,020 Reputation points Independent Advisor
    2025-11-12T14:44:42.2866667+00:00

    Hi, thanks for posting here in Microsoft community, it looks like delegated access between on prem and EXO mailboxes requires proper hybrid configuration. If an on-prem user can’t access an EXO mailbox, check the Hybrid Modern Authentication is enabled then then Autodiscover and free/busy sharing are working also the OAuth configuration between on prem and EXO is complete.

    You may need to re-run the Hybrid Configuration Wizard and verify that delegation settings sync via Azure AD Connect.

    Also, have you confirmed whether OAuth and Autodiscover are correctly configured for hybrid authentication? This is often the root cause of cross-premises delegation issues.

    I hope this helps you, let me know how it goes.

    Chard

  2. Richard Trinidad 5,020 Reputation points Independent Advisor
    2025-11-12T14:53:10.2833333+00:00

    Hi, yes, HMA is typically required for cross-premises delegation to work. Without it, OAuth-based authentication fails, causing credential prompts.

    I recommend enabling HMA and re-running the Hybrid Configuration Wizard to ensure OAuth and Autodiscover are properly configured.

    I hope this helps you

    Chard

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.