I was on a client site recently and they had users sync’d from On-Premises and Hybrid setup between Exchange On-Premises and Exchange Online. When I was testing migration of users, I came across three problems:
1. On-Premises User couldn’t see Free/Busy details of Exchange On-Premises users calendar
2. On-Premises User Couldn’t open mailbox of 365 user (even with FullAccess permissions)
3. When On-Premises user was migrated to Exchange Online then Outlook wouldn’t automatically detect the move and configure the Outlook profile for the migrated user.
Investigating the issue further I could see there was no issue for users who hadn’t been enrolled with Multifactor Authentication. I then noticed that it was an issue with Modern Auth (which is used for MFA).
The mailbox before migration was from an Exchange server that Outlook connects to by using RPC.
In these scenarios, you may be prompted for credentials, and Outlook doesn’t use Modern Authentication to connect to Office 365
This was resolved by adding the following registry key (first manually on one machine to test and then via GPO):
1. Locate the following registry subkey: HKEY_CURRENT_USER\Software\Microsoft\Exchange
2. On the Edit menu, point to New, and then click DWORD Value.
3. Type AlwaysUseMSOAuthForAutoDiscover, and then press Enter.
4. Right-click AlwaysUseMSOAuthForAutoDiscover, and then click Modify.
5. In the Value data box, type 1, and then click OK.
6. Exit Registry Editor.