web
You’re offline. This is a read only version of the page.
close
Skip to main content

Announcements

No record found.

News and Announcements icon
Community site session details

Community site session details

Session Id :
Dynamics 365 Community / Forums / Customer experience | Sales, Customer Insights,... / Connect Customer Engag...
Customer experience | Sales, Customer Insights,...
Unanswered

Connect Customer Engagement (on-premises) to Exchange Online

(3) ShareShare
ReportReport
Posted on by Ajlan 10
Hello
 
We are working on integrating our on-premises Dynamics 365 with Exchange Online, but we are encountering various errors during the setup process. Could anyone of you please assist us in resolving these issues? Your help would be greatly appreciated!

We were referring to the below link

https://learn.microsoft.com/en-us/dynamics365/customerengagement/on-premises/admin/connect-dynamics-365-on-premises-exchange-online?view=op-9-1
 
Regards
Categories:
Microsoft Dynamics CRM
I have the same question (1)
  • Aymen CHELBI Profile Picture
    Aymen CHELBI 620 Super User 2026 Season 1 on at
    Hello, 
     
    Could you provide more details about the errors encountered?
     
    Best regards,
  • CU25021615-0 Profile Picture
    CU25021615-0 6 on at
    What specific errors are you encountering during the setup process, and have you checked if all required configurations like server-side sync and OAuth authentication are correctly set up?
  • CU25021615-0 Profile Picture
    CU25021615-0 6 on at
    Have you verified that all firewall rules and network settings allow communication between your on-premises Dynamics 365 server and Exchange Online?
  • Ajlan Profile Picture
    Ajlan 10 on at
    We were receiving the below error
     
    "></StackTrace><ExceptionString>System.InvalidOperationException: The client certificate is not provided. Specify a client certificate in ClientCredentials. </ExceptionString></Exception></TraceRecord>
    [2024-02-21 11:09:44.225] Process:CrmAsyncService |Organization:00000000-0000-0000-0000-000000000000 |Thread:   39 |Category: Platform.Sdk |User: 00000000-0000-0000-0000-000000000000 |Level: Error |ReqId: 00000000-0000-0000-0000-000000000000 |ActivityId: 4f77b316-1b5e-42d5-b211-93eac416dfba | ServiceModelTraceRedirector.TraceData  ilOffset = 0x5B
    ><TraceRecord xmlns=/http://schemas.microsoft.com/2004/10/E2ETraceEvent/TraceRecord/ Severity=/Error/>"

    However, we even refer to this forum question as well "https://community.dynamics.com/forums/thread/details/?threadid=398ef2b8-a1d0-ee11-9079-6045bda7c912". But the issue persist.
  • Daivat Vartak (v-9davar) Profile Picture
    Daivat Vartak (v-9d... 7,845 Moderator on at
    Hello Ajlan,
     

    You're encountering a classic issue when trying to connect your on-premises Dynamics 365 with Exchange Online using server-side synchronization: the system is failing to authenticate due to a missing client certificate. The error message clearly states: 

    System.InvalidOperationException: The client certificate is not provided. Specify a client certificate in ClientCredentials.
     

    Let's break down the problem and how to resolve it:

    Understanding the Problem:

    • Server-Side Synchronization: This method allows Dynamics 365 to synchronize emails, appointments, contacts, and tasks with Exchange Online.
    • Authentication: Exchange Online requires secure authentication. In this case, Dynamics 365 is attempting to use a client certificate for authentication, but it's not finding one.
    • Certificate Requirements: To establish the connection, you need a valid client certificate that's trusted by Exchange Online.

      •  

    Troubleshooting and Solutions:

    1. Verify Certificate Existence and Installation:

       

      • Check Certificate Store:

        • On the Dynamics 365 server, open the Microsoft Management Console (MMC).
        • Add the "Certificates" snap-in for the "Computer account."
        • Navigate to "Personal" > "Certificates."
        • Verify that the required certificate is installed.

      • Certificate Validity:

        • Ensure that the certificate is valid and not expired.
        • Check the certificate's "Issued To" and "Issued By" fields.
        • Confirm that the certificate's private key is available.

    2. Certificate Configuration in Dynamics 365:

      • Email Server Profile:

        • In Dynamics 365, go to "Settings" > "Email Configuration" > "Email Server Profiles."
        • Open the Exchange Online email server profile you're using.
        • There should be a section related to authentication and certificates.
        • Confirm that the correct certificate is selected, or that the correct thumbprint is entered.

      • Certificate Thumbprint:

        • Copy the certificate's thumbprint from the MMC.
        • In the Dynamics 365 email server profile, paste the thumbprint into the appropriate field.
        • Verify that the thumbprint is entered correctly (no extra spaces or characters).

          •  
         

    3. Permissions:

      • Service Account Permissions:

        • Ensure that the Dynamics 365 service account has the necessary permissions to access the certificate's private key. 

      • Exchange Online Permissions:

        • Verify that the service account has the required permissions in Exchange Online to access mailboxes.
        • This typically involves application impersonation or delegated permissions.

          •  
         

    4. Exchange Online Configuration:

       

      • Modern Authentication:

        • Ensure that modern authentication is enabled in Exchange Online.
        • Server-side synchronization works best with modern authentication.

      • Application Impersonation:

        • Verify that application impersonation is correctly configured in Exchange Online if you're using it. 

    5. Firewall and Network:

      • Firewall Rules:

        • Ensure that your firewall is not blocking communication between the Dynamics 365 server and Exchange Online.
        • Verify that the necessary ports are open.

      • Network Connectivity:

        • Confirm that the Dynamics 365 server has stable internet connectivity.

          •  
         

    6. Dynamics 365 Async Service:

      • Restart Async Service:

        • Sometimes, restarting the Dynamics 365 Async Service can resolve authentication issues. 

      • Service Account:

        • Ensure the Async service is running under an account that has the proper permissions.

          •  
         

    7. Verify the Microsoft documentation:

      • Double check the Microsoft documentation that you are using. Sometimes the documentation is updated, and steps are changed. 

        •  

      8.  

    Troubleshooting Steps:

    1. Verify Certificate Installation: Double-check that the correct certificate is installed on the Dynamics 365 server.
    2. Verify Certificate Thumbprint: Ensure the correct thumbprint is entered in the email server profile.
    3. Verify Permissions: Confirm that the service account has the necessary permissions.
    4. Restart Async Service: Restart the Dynamics 365 Async Service.
    5. Test Connectivity: Use tools like Test-NetConnection in PowerShell to test connectivity to Exchange Online.

      6.  

    If you've followed these steps and are still experiencing issues, it's recommended to contact Microsoft Support. They can provide more specific guidance based on your environment.

     
    If my answer was helpful, please click Like, and if it solved your problem, please mark it as verified to help other community members find more. If you have further questions, please feel free to contact me.
     
    My response was crafted with AI assistance and tailored to provide detailed and actionable guidance for your Microsoft Dynamics 365 query.
     
    Regards,
    Daivat Vartak
  • Suggested answer
    ThomasBergmair Profile Picture
    ThomasBergmair 19 on at
    You are hitting a known limitation of server-side synchronization between Dynamics 365 on-prem and Exchange Online.
     
    The core problem is not configuration – it is the underlying architecture:
    CRM on-prem still depends on EWS and legacy authentication patterns, while Exchange Online expects modern OAuth-based access.
     
    We solved this by replacing the EWS communication layer entirely:
     
    - CRM stays unchanged (standard Exchange Server profile)
    - Instead of connecting to Exchange Online directly, it connects to a proxy endpoint
    - The proxy handles all communication using modern OAuth (via an Entra ID app with mailbox permissions)
     
    No change in CRM functionality:
    - same server-side sync logic
    - same tracking, matching, correlation
    - no changes for users
     
    This removes the typical issues (401, token errors, certificates, hybrid connector complexity) and makes the setup stable and future-proof.
     
    If you're interested, I can share more details.
     

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Introducing the 2026 Season 1 community Super Users

Congratulations to our 2026 Super Stars!

Meet the Microsoft Dynamics 365 Contact Center Champions

We are thrilled to have these Champions in our Community!

Congratulations to the April Top 10 Community Leaders

These are the community rock stars!

Leaderboard > Customer experience | Sales, Customer Insights, CRM

#1
Muhammad Shahzad Shafique Profile Picture

Muhammad Shahzad Sh... 69 Most Valuable Professional

#2
ManoVerse Profile Picture

ManoVerse 55 Super User 2026 Season 1

#3
11manish Profile Picture

11manish 37

Last 30 days Overall leaderboard

Featured topics

Hide selecting Contact for potential customer when creating quote

Product updates

Dynamics 365 release plans
Liquid error: parsing "/globalsearch/?q=when+i+delete+emails+in+my+outlook+then+close+out+outlook.++The+next+time+i+open+outlook+all+my+emails+I+deleted+are+back.++How+can+i+fix+this%3F" - Nested quantifier +.