Bize Ulaşın / Contact Us

Exchange Server Logo

Failed to validate delegation token. Reason: InvalidExpired

09 / 01 / 2014 by Exchange Server 2010, Exchange Server 2013 Yorum yok / No Comments

When you test the Federation Trust that you have created between your On-Premise Exchange environment and the Microsoft Federated Gateway the Token Validation fails with the message ‘Failed to validate delegation token’ run the same command with the -Verbose switch to see detailed information on the error.

DelegationToken_InvalidExpired1

If the reason is appears is InvalidExpired this can be due to a time difference problem between your server and MS Federated Gateway service.

So you will need to configure an authoritative time server on your side. The MS article How to configure an authoritative time server in Windows Server  provides detailed information about configuring NTP , you can use the manual steps to accomplish it or use Fix It utilities provided. You can run the following command to set the time service to synchronise with an external time service.

  • w32tm /config /manualpeerlist:time.windows.com /syncfromflags:manual /reliable:yes /update
  • net stop w32time
  • net start w32time

After restarting the time service ensure that the system is synchronising the time with the source set in the above step successfully.

DelegationToken_InvalidExpired2

Re-run the Test-FederationTrust command. This time the delegation token should be displayed as valid.

DelegationToken_InvalidExpired3

 

ecsword

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code class="" title="" data-url=""> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong> <pre class="" title="" data-url=""> <span class="" title="" data-url="">

*

Kontrol / Control * Time limit is exhausted. Please reload CAPTCHA.