Hello, I wonder if you can help with a problem I've been having with a Federated Trust. I've been following the instructions in the enclosed article to setup the Trust: http://technet.microsoft.com/en-us/library/ff601760.aspx The Trust is setup OK and TXT records are available for the primary & exchangedelegation domains but when I try to add the exchangedelegation domain I'm getting a domain reservation error. The error message has “FYDIBOHF23SPDLT” sequence in the DNS name for the registration request. Not sure where it's getting that from or if that's to be expected? Any ideas what the problem is here? Thanks *Full error message below (using domain.com rather than the actual domain name): Summary: 2 item(s). 1 succeeded, 1 failed. Elapsed time: 00:00:03 Set-FederationTrust Completed Exchange Management Shell command completed: Set-FederationTrust -RefreshMetadata -Identity 'Microsoft Federation Gateway' Elapsed Time: 00:00:00 Set-FederatedOrganizationIdentifier Failed Error: Unable to reserve domain "FYDIBOHF25SPDLT.exchangedelegation.domain.com" for Application Identifier "0000000044009501". Detailed information: "Windows Live returned a domain reservation error. Detailed information "DomainUnavailable: The specified domain is not available.".". Windows Live returned a domain reservation error. Detailed information "DomainUnavailable: The specified domain is not available.". DomainUnavailable: The specified domain is not available. Click here for help... http://technet.microsoft.com/en-US/library/ms.exch.err.default(EXCHG.141).aspx?v=14.2.247.1&t=exchgf1&e=ms.exch.err.Ex703205 Exchange Management Shell command attempted: Set-FederatedOrganizationIdentifier -DelegationFederationTrust 'Microsoft Federation Gateway' -AccountNamespace 'exchangedelegation.domain.com' -Enabled $true Elapsed Time: 00:00:03

Hi Nige555, If your organization may use DNS server software from another vendor or use a service provider to host the DNS zone for the domain, please wait 24 hours to reflect the changes in DNS. Please also try to run the cmdlet Set-FederatedOrganizationIdentifier in EMS as the link said. Please add the -verbose and post the result here.Frank Wang TechNet Community Support

Thanks Frank. Enclosed are the results: [PS] C:\Windows\system32>Set-FederatedOrganizationIdentifier -DelegationFederationTrust "Microsoft Federation Gateway" AccountNamespace exchangedelegation.staffordshire.gov.uk -Enabled $True -Verbose VERBOSE: [09:54:47.074 GMT] Set-FederatedOrganizationIdentifier : Initializing Active Directory server settings for the remote Windows PowerShell session. VERBOSE: [09:54:47.089 GMT] Set-FederatedOrganizationIdentifier : Active Directory session settings for 'Set-FederatedOrganizationIdentifier' are: View Entire Forest: 'False', Default Scope: 'staffordshire.gov.uk', Configuration Domain Controller: 'XXXXXX.staffordshire.gov.uk', Preferred Global Catalog: 'XXXXXX.staffordshire.gov.uk', Preferred Domain Controllers: '{ XXXXX.staffordshire.gov.uk }' VERBOSE: [09:54:47.089 GMT] Set-FederatedOrganizationIdentifier : Runspace context: Executing user: , Executing user organization: , Current organization: , RBAC-enabled: Enabled. VERBOSE: [09:54:47.089 GMT] Set-FederatedOrganizationIdentifier : Beginning processing & VERBOSE: [09:54:47.089 GMT] Set-FederatedOrganizationIdentifier : Instantiating handler with index 0 for cmdlet extension agent "Admin Audit Log Agent". VERBOSE: [09:54:47.105 GMT] Set-FederatedOrganizationIdentifier : Current ScopeSet is: { Recipient Read Scope: {{, }}, Recipient Write Scopes: {{, }}, Configuration Read Scope: {{, }}, Configuration Write Scope(s): {{, }, }, Exclusive Recipient Scope(s): {}, Exclusive Configuration Scope(s): {} } VERBOSE: [09:54:47.105 GMT] Set-FederatedOrganizationIdentifier : Searching objects of type "FederatedOrganizationId" with filter "$null", scope "SubTree" under the root "$null". VERBOSE: [09:54:47.105 GMT] Set-FederatedOrganizationIdentifier : Previous operation run on domain controller 'xxxxxx.staffordshire.gov.uk'. VERBOSE: [09:54:47.105 GMT] Set-FederatedOrganizationIdentifier : Processing object "Federation". VERBOSE: [09:54:47.136 GMT] Set-FederatedOrganizationIdentifier : Admin Audit Log: Entered Handler:Validate. VERBOSE: [09:54:47.136 GMT] Set-FederatedOrganizationIdentifier : Admin Audit Log: Entered ClassFactory:InitializeConfig. VERBOSE: [09:54:47.136 GMT] Set-FederatedOrganizationIdentifier : Admin Audit Log: Exited ClassFactory:InitializeConfig. VERBOSE: [09:54:47.183 GMT] Set-FederatedOrganizationIdentifier : Admin Audit Log: Exited Handler:Validate. VERBOSE: Setting Federated Organization "Staffordshire County Council". Setting account namespace to "exchangedelegation.staffordshire.gov.uk" and trust to "Microsoft Federation Gateway". VERBOSE: [09:54:47.183 GMT] Set-FederatedOrganizationIdentifier : Resolved current organization: . VERBOSE: [09:54:47.183 GMT] Set-FederatedOrganizationIdentifier : Searching the local certificate store for a certificate with thumbprint "9F7DA1D9CE38784E4F2A0A34392FFF9C5DEE0D4D". VERBOSE: [09:54:47.230 GMT] Set-FederatedOrganizationIdentifier : Calling 'CreateAppId(uri='FYDIBOHF25SPDLT.exchangedelegation.staffordshire.gov.uk',properties=[0])' at the domain services endpoint https://domains.live.com/service/managedelegation2.asmx. VERBOSE: [09:54:49.855 GMT] Set-FederatedOrganizationIdentifier : Call to the federation server "LiveId" succeeded. A new federation trust with Application Identity "000000004C008005" is created. VERBOSE: [09:54:49.871 GMT] Set-FederatedOrganizationIdentifier : Contacting Windows Live Domain Services to reserve domain "FYDIBOHF25SPDLT.exchangedelegation.staffordshire.gov.uk". VERBOSE: [09:54:49.871 GMT] Set-FederatedOrganizationIdentifier : Calling 'ReserveDomain(applicationId='000000004C008005',domain='FYDIBOHF25SPDLT.exchangedelegation.staffordshire.gov.uk',progra mId='ExchangeConnector')' at the domain services endpoint https://domains.live.com/service/managedelegation2.asmx. VERBOSE: [09:54:50.636 GMT] Set-FederatedOrganizationIdentifier : The request to Windows Live Domain Services failed with the following exception: [0]: Microsoft.Exchange.Management.FederationProvisioning.LiveDomainServicesException Windows Live returned a domain reservation error. Detailed information "DomainUnavailable: The specified domain is not available.". [1]: System.Web.Services.Protocols.SoapException DomainUnavailable: The specified domain is not available. Code: http://schemas.xmlsoap.org/soap/envelope/:Client Detail: <detail><ErrorCode>2005</ErrorCode><ErrorEnum>DomainUnavailable</ErrorEnum><Retryable>False</Retryable><ErrorDescriptio n>The specified domain is not available.</ErrorDescription></detail> at System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response, Stream responseStream, Boolean asyncCall) at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters) at Microsoft.Exchange.SoapWebClient.CustomSoapHttpClientProtocol.<>c__DisplayClass4.<Invoke>b__3() at Microsoft.Exchange.SoapWebClient.HttpAuthenticator.NoHttpAuthenticator.AuthenticateAndExecute[T](SoapHttpClientProtocol client, AuthenticateAndExecuteHandler`1 handler) at Microsoft.Exchange.SoapWebClient.SoapHttpClientAuthenticator.AuthenticateAndExecute[T](SoapHttpClientProtocol client, AuthenticateAndExecuteHandler`1 handler) at Microsoft.Exchange.Management.ManageDelegation2.ManageDelegation2.ReserveDomain(String appId, String domainName, String programId) at Microsoft.Exchange.Management.FederationProvisioning.ManageDelegationClient.ExecuteAndRetry(String description, WebMethodDelegate webMethod) at Microsoft.Exchange.Management.FederationProvisioning.ManageDelegationClient.ExecuteAndHandleError(String description, WebMethodDelegate webMethod) . VERBOSE: [09:54:50.636 GMT] Set-FederatedOrganizationIdentifier : Admin Audit Log: Entered Handler:OnComplete. VERBOSE: [09:54:50.667 GMT] Set-FederatedOrganizationIdentifier : Admin Audit Log: Exited Handler:OnComplete. Unable to reserve domain "FYDIBOHF25SPDLT.exchangedelegation.staffordshire.gov.uk" for Application Identifier "00000000 4C008005". Detailed information: "Windows Live returned a domain reservation error. Detailed information "DomainUnava ilable: The specified domain is not available.".". + CategoryInfo : InvalidResult: (:) [Set-FederatedOrganizationIdentifier], UnableToReserveDomainException + FullyQualifiedErrorId : 85490D5,Microsoft.Exchange.Management.SystemConfigurationTasks.SetFederatedOrganizationI dentifier VERBOSE: [09:54:50.683 GMT] Set-FederatedOrganizationIdentifier : Ending processing & [PS] C:\Windows\system32>

Your delegation for exchangedelegation.staffordshire.gov.uk is longer than 32 characters. Domains accepted to be federated are limited to a maximum of 32 characters.