DetailPage-MSS-KB

Microsoft small business knowledge base

Article ID: 2712678 - Last Review: July 9, 2014 - Revision: 9.0

PROBLEM

When you try to add a domain to Microsoft Exchange federation in Microsoft Office 365, the process is unsuccessful. This issue may occur even if the TXT (text) record of the federation proof is successfully added to the domain's DNS record.

CAUSE

This issue occurs if the TXT record of the federation proof is too large.

By default, DNS uses User Datagram Protocol (UDP) for queries, and it replies with a DNS payload limit of 512 bytes. Larger replies are truncated, and this leads to a later handling through Transmission Control Protocol (TCP) with more overhead. In this case, TCP is not enabled outgoing. Therefore, verification fails if the TXT record of the federation proof is too large.

SOLUTION

To work around this issue, follow these steps:
  1. Manually change the hosts file on the hybrid server or servers to include the following information:
    207.46.164.41 domains.live.com
    Note This server has TCP outgoing access permissions.
  2. Add the domain to the Exchange federation list by running the following Windows PowerShell command:
    Add-FederatedDomain –DomainName <SmtpDomain>
    For example, run the following command:
    Add-FederatedDomain –DomainName contoso.com
  3. Remove the hosts file entry that you added in step 1.

MORE INFORMATION

In Windows 2008 Server and in Windows 2008 Server R2, the hosts file is saved in the following location:
%windir%\system32\drivers\etc\hosts
Still need help? Go to the Office 365 Community (http://community.office365.com/) website.

Applies to
  • Microsoft Exchange Online
Keywords: 
o365 o365a o365e hybrid o365m o365022013 kbgraphic KB2712678
Share
Additional support options
Ask The Microsoft Small Business Support Community
Contact Microsoft Small Business Support
Find Microsoft Small Business Support Certified Partner
Find a Microsoft Store For In-Person Small Business Support