Issue
Free busy requests fail from Office 365 users to on-premise users after oauth is enabled on an Exchange 2013 Hybrid server.
you may see in the Event log:
event ID 3002
Protocol /EWS failed to process request from identity NT AUTHORITY\SYSTEM. Exception: Microsoft.Exchange.Security.OAuth.InvalidOAuthTokenException: The user specified by the user-context in the token does not exist.
You also may see in the exchange hybrid IIS logs something similar to the below. (where 401 is an authentication fail)
443
- 192.168.1.110 ASProxy/CrossForest/EmailDomain//15.01.0427.019 - 401 0 0 15
Resolution
If after applying the latest Exchange 2013 CU Updates this issue still persists, you can disable the oAuth connector in Exchange online to resolve this issue.
1. Open Exchange online Powershell and connect to your tenant.
2. Get-IntraOrganizationConnector MyHybridConnector | Set-IntraOrganizationConnector -Enabled $false
The change may take 30 minutes to fully update within Office 365, so please be patient.
This issue relates to KB https://support.microsoft.com/en-us/kb/3001281 but its is not clear on what the issue is or how it should be fixed other than disabling the connector. Assume CU would correct, but my lab was Running SP1 CU 11 and I had this issue.
