We came across the error trying to integrate an On-Premise Server 2016 Essentials Server to Office 365 to enable Office 365 licenses management with the On-Premise user accounts. To integrate I followed the below instructions, simple enough:
To connect our local on-premises Windows Essentials Experience Server to the Microsoft cloud by enabling the Azure Active Directory and Office 365 integrations. Before I continued I made sure I had created an Office 365 admin account I could use to connect my On-Premise Server to the Office 365 Tenancy in question.
Enable the integrations
From the Server Essentials Dashboard Home, choose Services from the left pane and Office 365 from the middle pane. Click the link to Integrate With Office 365 on the far right. This will also enable the Azure Active Directory integration at the same time. PLEASE NOTE STRONG PASSWORD POLICY WILL BE ENABLED AND THE LOCAL SERVER PASSWORDS WILL TAKE PRIORITY NOT THE PASSWORD IN OFFICE 365.
A wizard will guide you through the process. You will use your Office 365 administrator account to connect to your Microsoft Azure AD tenant; it may ask you to acknowledge that strong passwords will be enabled, and then after a short waiting period you’ll be done, or so I thought.
Below is the error I got when trying to integrate my Server to Office 365:
The Server was connected to the internet and I tested the user account on the same server by logging into the Office 365 portal and also connecting via PowerShell all tests came back fine so I was stumped as to what the issue could be and how to resolve it.
As a result, I needed to log a ticket with Microsoft in order to try and resolve the issue. The engineer pointed me in the direction of the below log file on my server:
–Renamed SharedServiceHost-EmailProviderServiceConfig.log at C:\ProgramData\Microsoft\Windows Server\ Logs & reproduced the issue.
–Checked the SharedServiceHost-EmailProviderServiceConfig.log:
at Microsoft.WindowsServerSolutions.O365Integration.O365ManagementCore.QueryAllMailboxStatistics() at Microsoft.WindowsServerSolutions.Common.ProviderFramework.ProviderBase`1.InvokeOperation[TResult](String operationName, Func`1 func)  210407.103027.8580: CloudServiceEnvironment: Failed to download cloud service environment file.  210407.103028.9112: O365ManagementCore: failed to install MSOIDCRL, 0 times remaining, exp = Microsoft.WindowsServerSolutions.MailService.MailServiceException: The remote server returned an error: (404) Not Found. at Microsoft.WindowsServerSolutions.MailService.MailServiceUtils.InstallMsoIdCrl() at Microsoft.WindowsServerSolutions.O365Integration.O365ManagementCore.ActivateAAD(String adminUserName, String adminPassword)  210407.103028.9353: O365ManagementCore: failed to install MSOIDCRL, 1 times remaining, exp = Microsoft.WindowsServerSolutions.MailService.MailServiceException: The remote server returned an error: (404) Not Found. at Microsoft.WindowsServerSolutions.MailService.MailServiceUtils.InstallMsoIdCrl() at Microsoft.WindowsServerSolutions.O365Integration.O365ManagementCore.ActivateAAD(String adminUserName, String adminPassword)
The error message shows that the dashboard is trying to download a cloud services file which it is unable to do. In order to get around the issue we need to download and install the file manually by following the link below:
- Microsoft Online Services Sign-In Assistant for IT Professionals RTW
After installing this I retired the integration and this time it worked, thumbs up to Microsoft for helping me on this Case.
Case reference for anyone else having issues on this please see refer Microsoft to notes from case 2104010050000749.