Office 365: ‘Subtask ValidateConfiguration execution failed: Configure Mail Flow’

by Oleg

Problem

When executing Hybrid Configuration Wizard you may receive plenty of different error messages related to any part of the process. One of the errors I have seen quite often is “Configure Mail Flow” error which happening on ‘Get-HybridMailflow’ command. It looking like:

[1/11/2000 18:16:56] ERROR:Updating hybrid configuration failed with error 'Subtask ValidateConfiguration execution failed: Configure Mail Flow
  at Microsoft.Exchange.Management.Hybrid.Engine.ExecuteTask(ITask taskBase, ITaskContext taskContext)
Additional troubleshooting information is available in the Update-HybridConfiguration log file located at C:\Program Files\Microsoft\Exchange Server\V14\Logging\Update-HybridConfiguration\HybridConfiguration_date_logfile.log.

Cause

That is happening if Get-HybridMailFlow command is unable to get results or unable to handle these results. 

There could be number of reasons why that is happening, but there are two most common ones:

1.  Time-out when connecting to Office 365 servers. If during HCW execution there will be network delay on your side or O365 side it may cause disconnection and as result error message will be logged.

2. That may happen if you trying to configure centralised transport to route all emails trough on-premise Exchange organisation.

Troubleshooting

First thing you need to try is just execute Hybrid Wizard once again. Quite often it is single troubleshooting step you need to perform.

In case you still receiving same error, you may want run Get-HybridMailFlow command on you Office 365 PowerShell console. It may give you a good idea what is happening exactly.

Your output should look like:

RunspaceId : xxxxxxxx-e27b-xxxx-abdc-418870ccxxxx
OutboundDomains : {*,yourhybriddomain.com}
InboundIPs : {97.10.5.222}
OnPremisesFQDN : autodiscover.yourhybriddomain.com
CertificateSubject : autodiscover.yourhybriddomain.com
SecureMailEnabled : True
CentralizedTransportEnabled : True
Identity :
IsValid : True
ObjectState : New

In case your Hybrid transport is configured as expected, but Hybrid Wizard unable to be completed, you may need to complete it using non-centralised transport option and then manually configure it.

To do that select “Deliver Internet-bound messages directly using the external recipient’s DNS settings.” in Mail Flow Security step of HCW.

HybridWizard

When Hybrid Configuration Wizard will be completed, then perform following actions on you Office 365 tenant to enable Centralized Transport:

  • from EAC on Office 365 portal, go to Mail Flow->Connectors
  • Double-click Hybrid Mail Flow Outbound Connector,  go to Scope, press add button (+) and add “*” (without quotes), press OK then Save.

Then you may want to send few test messages from Office 365 mailboxes in order to check that centralized transport functioning properly.