microsoft · MarcoLFrancisco · Apr 30, 2026 · Apr 30, 2026 · May 8, 2026 · Jun 6, 2026
@@ -167,11 +167,11 @@ begin {
 
     $Script:ExchangeOnPremLocalDomain = $ADDomain.forest
     if ([string]::IsNullOrWhitespace($ADDomain)) {
-        $Script:ExchangeOnPremLocalDomain = $exchangeOnPremDomain
+        $Script:ExchangeOnPremLocalDomain = $Script:ExchangeOnPremDomain
     }
 
-    if ($ExchangeOnPremDomain) {
-        $Script:FedInfoEOP = Get-federationInformation -DomainName $ExchangeOnPremDomain  -BypassAdditionalDomainValidation -ErrorAction SilentlyContinue -WarningAction SilentlyContinue | Select-Object *
+    if ($Script:ExchangeOnPremDomain) {
+        $Script:FedInfoEOP = Get-federationInformation -DomainName $Script:ExchangeOnPremDomain  -BypassAdditionalDomainValidation -ErrorAction SilentlyContinue -WarningAction SilentlyContinue | Select-Object *
     }
     #endregion
 
@@ -253,10 +253,10 @@ begin {
             exit
         }
         Write-Host " Connected to Exchange Online."
-        $Script:ExoOrgRel = Get-EOOrganizationRelationship | Where-Object { ($_.DomainNames -like $ExchangeOnPremDomain ) } | Select-Object Enabled, Identity, DomainNames, FreeBusy*, TarGet*
+        $Script:ExoOrgRel = Get-EOOrganizationRelationship | Where-Object { ($_.DomainNames -like $Script:ExchangeOnPremDomain ) } | Select-Object Enabled, Identity, DomainNames, FreeBusy*, TarGet*
         $Script:ExoIntraOrgCon = Get-EOIntraOrganizationConnector | Select-Object Name, TarGetAddressDomains, DiscoveryEndpoint, Enabled
-        $Script:tarGetAddressPr1 = ("https://AutoDiscover." + $ExchangeOnPremDomain + "/AutoDiscover/AutoDiscover.svc/WSSecurity")
-        $Script:tarGetAddressPr2 = ("https://" + $ExchangeOnPremDomain + "/AutoDiscover/AutoDiscover.svc/WSSecurity")
+        $Script:tarGetAddressPr1 = ("https://AutoDiscover." + $Script:ExchangeOnPremDomain + "/AutoDiscover/AutoDiscover.svc/WSSecurity")
+        $Script:tarGetAddressPr2 = ("https://" + $Script:ExchangeOnPremDomain + "/AutoDiscover/AutoDiscover.svc/WSSecurity")
         exoHeaderHtml
 
         #endregion

@@ -24,12 +24,24 @@ function FetchEWSInformation {
     if (-not $Script:WebServicesVirtualDirectory -or -not $Script:WebServicesVirtualDirectoryOAuth) {
         $Script:WebServicesVirtualDirectory = Get-WebServicesVirtualDirectory -Server $Script:Server | Select-Object Identity, Name, ExchangeVersion, *Authentication*, *url -ErrorAction SilentlyContinue
         $Script:WebServicesVirtualDirectoryOAuth = $Script:WebServicesVirtualDirectory
-        $Script:ExchangeOnPremEWS = ($Script:WebServicesVirtualDirectory.externalURL.AbsoluteUri)
+
+        if ([string]::IsNullOrWhiteSpace($Script:ExchangeOnPremEWS)) {
+            $externalUrl = $Script:WebServicesVirtualDirectory |
+                Where-Object { $null -ne $_.ExternalUrl } |
+                Select-Object -First 1 -ExpandProperty ExternalUrl
+
+            if ($null -ne $externalUrl) {
+                $Script:ExchangeOnPremEWS = $externalUrl.ToString()
+            }
+        }
     }
 }
 function CheckIfExchangeServer {
-    $exchangeShell = Confirm-ExchangeShell
-    if (-not($exchangeShell.ShellLoaded)) {
+    param (
+        [string]$Server
+    )
+    $exchangeServer = Get-ExchangeServer $Server -ErrorAction SilentlyContinue
+    if (!$exchangeServer) {
         Write-Host "$Server is not an Exchange Server. This script should be run in Exchange Server Management Shell"
         exit
     }
@@ -42,10 +54,10 @@ function CheckParameters {
     if ([string]::IsNullOrWhiteSpace($Script:ExchangeOnPremLocalDomain)) {
         $MissingParameters += "Exchange On Premises Local Domain.  Example: . 'C:\scripts\FreeBusyChecker\FreeBusyChecker.ps1' -OnPremisesUser John@Contoso.com"
     }
-    if ([string]::IsNullOrWhiteSpace($exchangeOnPremDomain)) {
+    if ([string]::IsNullOrWhiteSpace($Script:ExchangeOnPremDomain)) {
         $MissingParameters += "Exchange On Premises Domain.  Example: -OnPremLocalDomain Contoso.local"
     }
-    if ([string]::IsNullOrWhiteSpace($exchangeOnPremEWS)) {
+    if ([string]::IsNullOrWhiteSpace($Script:ExchangeOnPremEWS)) {
         $MissingParameters += "Exchange On Premises EWS Virtual Directory External URL.  Example:  'C:\FreeBusyChecker.ps1' -OnPremEWSUrl https://mail.contoso.com/EWS/Exchange.asmx"
     }
     if ([string]::IsNullOrWhiteSpace($Script:UserOnPrem)) {

@@ -3,21 +3,21 @@
 
 function ExoOrgRelCheck () {
     PrintDynamicWidthLine
-    Write-Host -ForegroundColor Green " Get-EOOrganizationRelationship  | Where{($_.DomainNames -like $ExchangeOnPremDomain )} | Select Identity,DomainNames,FreeBusy*,TarGet*,Enabled"
+    Write-Host -ForegroundColor Green " Get-EOOrganizationRelationship  | Where{($_.DomainNames -like $Script:ExchangeOnPremDomain )} | Select Identity,DomainNames,FreeBusy*,TarGet*,Enabled"
     PrintDynamicWidthLine
     $ExoOrgRel
     PrintDynamicWidthLine
     Write-Host  -ForegroundColor Green " Summary - Organization Relationship"
     PrintDynamicWidthLine
     Write-Host  " Domain Names:"
-    if ($exoOrgRel.DomainNames -like $ExchangeOnPremDomain) {
-        Write-Host -ForegroundColor Green "  Domain Names Include the $ExchangeOnPremDomain Domain"
+    if ($exoOrgRel.DomainNames -like $Script:ExchangeOnPremDomain) {
+        Write-Host -ForegroundColor Green "  Domain Names Include the $Script:ExchangeOnPremDomain Domain"
         $Script:tdExoOrgRelDomainNames = $exoOrgRel.DomainNames
         $Script:tdExoOrgRelDomainNamesColor = "green"
     } else {
-        Write-Host -ForegroundColor Red "  Domain Names do Not Include the $ExchangeOnPremDomain Domain"
+        Write-Host -ForegroundColor Red "  Domain Names do Not Include the $Script:ExchangeOnPremDomain Domain"
         $exoOrgRel.DomainNames
-        $Script:tdExoOrgRelDomainNames = "$($exoOrgRel.DomainNames) - Domain Names do Not Include the $ExchangeOnPremDomain Domain"
+        $Script:tdExoOrgRelDomainNames = "$($exoOrgRel.DomainNames) - Domain Names do Not Include the $Script:ExchangeOnPremDomain Domain"
         $Script:tdExoOrgRelDomainNamesColor = "green"
     }
     #FreeBusyAccessEnabled
@@ -50,7 +50,7 @@ function ExoOrgRelCheck () {
     }
     #TarGetApplicationUri
     Write-Host  " TarGetApplicationUri:"
-    $a = "FYDIBOHF25SPDLT." + $ExchangeOnPremDomain
+    $a = "FYDIBOHF25SPDLT." + $Script:ExchangeOnPremDomain
     $HybridAgentTargetSharingEpr = "http://outlook.office.com/"
     $HATargetAutodiscoverEpr = "https://autodiscover-s.outlook.com/autodiscover/autodiscover.svc/"
     if ($exoOrgRel.TarGetSharingEpr -like "*resource.mailboxMigration.his.MSAppProxy.net/EWS/Exchange.asmx") {

@@ -12,14 +12,14 @@ function EXOIntraOrgConCheck {
     Write-Host -ForegroundColor Green " Summary - Online Intra Organization Connector"
     PrintDynamicWidthLine
     Write-Host -ForegroundColor White " TarGet Address Domains: "
-    if ($Script:ExoIntraOrgCon.TarGetAddressDomains -like "*$ExchangeOnpremDomain*") {
+    if ($Script:ExoIntraOrgCon.TarGetAddressDomains -like "*$Script:ExchangeOnPremDomain*") {
         Write-Host -ForegroundColor Green " " $Script:ExoIntraOrgCon.TarGetAddressDomains
         $Script:tdExoIntraOrgConTarGetAddressDomains = $Script:ExoIntraOrgCon.TarGetAddressDomains
         $Script:tdExoIntraOrgConTarGetAddressDomainsColor = "green"
     } else {
         Write-Host -ForegroundColor Red " TarGet Address Domains is NOT correct."
-        Write-Host -ForegroundColor White " Should contain the $ExchangeOnpremDomain"
-        $Script:tdExoIntraOrgConTarGetAddressDomains = " $($Script:ExoIntraOrgCon.TarGetAddressDomains) . Should contain the $ExchangeOnpremDomain"
+        Write-Host -ForegroundColor White " Should contain the $Script:ExchangeOnPremDomain"
+        $Script:tdExoIntraOrgConTarGetAddressDomains = " $($Script:ExoIntraOrgCon.TarGetAddressDomains) . Should contain the $Script:ExchangeOnPremDomain"
         $Script:tdExoIntraOrgConTarGetAddressDomainsColor = "red"
     }
     Write-Host -ForegroundColor White " DiscoveryEndpoint: "
@@ -56,20 +56,20 @@ function EXOIntraOrgConCheck {
 function EXOIntraOrgConfigCheck {
     Write-Host -ForegroundColor Green " Get-IntraOrganizationConfiguration | Select OnPremiseTarGetAddresses"
     PrintDynamicWidthLine
-    $Script:ExoIntraOrgConfig = Get-EOOnPremisesOrganization | Select-Object OrganizationGuid | Get-EOIntraOrganizationConfiguration | Select-Object * | Where-Object { $_.OnPremiseTarGetAddresses -like "*$ExchangeOnPremDomain*" }
+    $Script:ExoIntraOrgConfig = Get-EOOnPremisesOrganization | Select-Object OrganizationGuid | Get-EOIntraOrganizationConfiguration | Select-Object * | Where-Object { $_.OnPremiseTarGetAddresses -like "*$Script:ExchangeOnPremDomain*" }
     $IOConfig = $Script:ExoIntraOrgConfig | Format-List
     $IOConfig
     PrintDynamicWidthLine
     Write-Host -ForegroundColor Green " Summary - Exchange Online Intra Organization Configuration"
     PrintDynamicWidthLine
     Write-Host -ForegroundColor White " OnPremiseTarGetAddresses: "
-    if ($Script:ExoIntraOrgConfig.OnPremiseTarGetAddresses -like "*$ExchangeOnpremDomain*") {
+    if ($Script:ExoIntraOrgConfig.OnPremiseTarGetAddresses -like "*$Script:ExchangeOnPremDomain*") {
         Write-Host -ForegroundColor Green " " $Script:ExoIntraOrgConfig.OnPremiseTarGetAddresses
         $Script:tdExoIntraOrgConfigOnPremiseTarGetAddresses = $Script:ExoIntraOrgConfig.OnPremiseTarGetAddresses
         $Script:tdExoIntraOrgConfigOnPremiseTarGetAddressesColor = "green"
     } else {
         Write-Host -ForegroundColor Red " OnPremise TarGet Addresses are NOT correct."
-        Write-Host -ForegroundColor White " Should contain the $ExchangeOnpremDomain"
+        Write-Host -ForegroundColor White " Should contain the $Script:ExchangeOnPremDomain"
         $Script:tdExoIntraOrgConfigOnPremiseTarGetAddresses = $Script:ExoIntraOrgConfig.OnPremiseTarGetAddresses
         $Script:tdExoIntraOrgConfigOnPremiseTarGetAddressesColor = "red"
     }

@@ -204,7 +204,7 @@ function FedTrustCheck {
     PrintDynamicWidthLine
     $CurrentTime = Get-Date
     Write-Host -ForegroundColor White " Federation Trust Application Uri:"
-    if ($FedTrust.ApplicationUri -like "FYDIBOHF25SPDLT.$ExchangeOnpremDomain") {
+    if ($FedTrust.ApplicationUri -like "FYDIBOHF25SPDLT.$Script:ExchangeOnPremDomain") {
         Write-Host -ForegroundColor Green " " $FedTrust.ApplicationUri
         $Script:tdFedTrustApplicationUriColor = "green"
         $Script:tdFedTrustApplicationUriFL = $FedTrust.ApplicationUri

@@ -49,9 +49,12 @@ function IntraOrgConCheck {
 }
 function AuthServerCheck {
     #PrintDynamicWidthLine
-    Write-Host -ForegroundColor Green " Get-AuthServer | Select Name,IssuerIdentifier,TokenIssuingEndpoint,AuthMetadataUrl,Enabled"
+    Write-Host -ForegroundColor Green " Get-AuthServer | Select Name, Realm, IssuerIdentifier, TokenIssuingEndpoint, AuthMetadataUrl, Enabled"
     PrintDynamicWidthLine
-    $AuthServer = Get-AuthServer | Where-Object { $_.Name -like "ACS*" } | Select-Object Name, IssuerIdentifier, TokenIssuingEndpoint, AuthMetadataUrl, Enabled
+    $AuthServer = Get-AuthServer |
+        Where-Object { $_.Name -like "EvoSts*" } |
+        Sort-Object Name |
+        Select-Object -First 1 Name, Realm, IssuerIdentifier, TokenIssuingEndpoint, AuthMetadataUrl, Enabled
     $AuthServer
     $Script:tDAuthServerIssuerIdentifier = $AuthServer.IssuerIdentifier
     $Script:tDAuthServerTokenIssuingEndpoint = $AuthServer.TokenIssuingEndpoint
@@ -61,30 +64,30 @@ function AuthServerCheck {
     Write-Host -ForegroundColor Green " Summary - Auth Server"
     PrintDynamicWidthLine
     Write-Host -ForegroundColor White " IssuerIdentifier: "
-    if ($AuthServer.IssuerIdentifier -like "00000001-0000-0000-c000-000000000000" ) {
+    if ($AuthServer.IssuerIdentifier -like "https://sts.windows.net/$($AuthServer.Realm)/" ) {
         Write-Host -ForegroundColor Green " " $AuthServer.IssuerIdentifier
         $Script:tDAuthServerIssuerIdentifierColor = "green"
     } else {
         Write-Host -ForegroundColor Red " IssuerIdentifier appears not to be correct."
-        Write-Host -ForegroundColor White " Should be 00000001-0000-0000-c000-000000000000"
+        Write-Host -ForegroundColor White " Should be https://sts.windows.net/<Cloud Tenant ID>/"
         $Script:tDAuthServerIssuerIdentifierColor = "red"
     }
     Write-Host -ForegroundColor White " TokenIssuingEndpoint: "
-    if ($AuthServer.TokenIssuingEndpoint -like "https://accounts.accesscontrol.windows.net/*" -and $AuthServer.TokenIssuingEndpoint -like "*/tokens/OAuth/2" ) {
+    if ($AuthServer.TokenIssuingEndpoint -like "https://login.windows.net/common/oauth2/token*" ) {
         Write-Host -ForegroundColor Green " " $AuthServer.TokenIssuingEndpoint
         $Script:tDAuthServerTokenIssuingEndpointColor = "green"
     } else {
         Write-Host -ForegroundColor Red " TokenIssuingEndpoint appears not to be correct."
-        Write-Host -ForegroundColor White " Should be  https://accounts.accesscontrol.windows.net/<Cloud Tenant ID>/tokens/OAuth/2"
+        Write-Host -ForegroundColor White " Should be  https://login.windows.net/common/oauth2/token"
         $Script:tDAuthServerTokenIssuingEndpointColor = "red"
     }
     Write-Host -ForegroundColor White " AuthMetadataUrl: "
-    if ($AuthServer.AuthMetadataUrl -like "https://accounts.accesscontrol.windows.net/*" -and $AuthServer.TokenIssuingEndpoint -like "*/tokens/OAuth/2" ) {
+    if ($AuthServer.AuthMetadataUrl -like "https://login.windows.net/*/federationmetadata/2007-06/federationmetadata.xml" ) {
         Write-Host -ForegroundColor Green " " $AuthServer.AuthMetadataUrl
         $Script:tDAuthServerAuthMetadataUrlColor = "green"
     } else {
         Write-Host -ForegroundColor Red " AuthMetadataUrl appears not to be correct."
-        Write-Host -ForegroundColor White " Should be  https://accounts.accesscontrol.windows.net/<Cloud Tenant ID>/Metadata/json/1"
+        Write-Host -ForegroundColor White " Should be  https://login.windows.net/<Initial Tenant Domain>/FederationMetadata/2007-06/FederationMetadata.xml"
         $Script:tDAuthServerAuthMetadataUrlColor = "red"
     }
     Write-Host -ForegroundColor White " Enabled: "
@@ -162,7 +165,7 @@ function PartnerApplicationCheck {
         $Script:tdPartnerApplicationRealm = "Should be Blank"
     }
     Write-Host -ForegroundColor White " LinkedAccount: "
-    if ($PartnerApplication.LinkedAccount -like "$exchangeOnPremDomain/Users/Exchange Online-ApplicationAccount" -or $PartnerApplication.LinkedAccount -like "$Script:ExchangeOnPremLocalDomain/Users/Exchange Online-ApplicationAccount"  ) {
+    if ($PartnerApplication.LinkedAccount -like "$Script:ExchangeOnPremDomain/Users/Exchange Online-ApplicationAccount" -or $PartnerApplication.LinkedAccount -like "$Script:ExchangeOnPremLocalDomain/Users/Exchange Online-ApplicationAccount"  ) {
         Write-Host -ForegroundColor Green " " $PartnerApplication.LinkedAccount
         $Script:tdPartnerApplicationLinkedAccountColor = "green"
     } else {
@@ -541,6 +544,7 @@ function AutoDVirtualDCheckOauth {
 function EWSVirtualDirectoryCheckOAuth {
     Write-Host -ForegroundColor Green " Get-WebServicesVirtualDirectory  -Server $($server)| Select Identity,Name,ExchangeVersion,*Authentication*,*url"
     PrintDynamicWidthLine
+    FetchEWSInformation
     $W = $WebServicesVirtualDirectoryOAuth | Format-List
     $W
     EWSVirtualDirectoryCheckOAuthHtmlHead
@@ -623,6 +627,7 @@ function EWSVirtualDirectoryCheckOAuth {
         }
         Write-Host -ForegroundColor White "  Should be True"
     }
+    #PrintDynamicWidthLine
     Write-Host -ForegroundColor White "`n  WindowsAuthentication:"
     if ($WebServicesVirtualDirectoryOauth.WindowsAuthentication -eq "True") {
         foreach ( $ser in $WebServicesVirtualDirectoryOauth) {

@@ -58,9 +58,9 @@ function ShowParameters() {
     Write-Host  -ForegroundColor White " AD root Domain"
     Write-Host -ForegroundColor Green "  $Script:ExchangeOnPremLocalDomain"
     Write-Host -ForegroundColor White " Exchange On Premises Domain:  "
-    Write-Host -ForegroundColor Green "  $exchangeOnPremDomain"
+    Write-Host -ForegroundColor Green "  $Script:ExchangeOnPremDomain"
     Write-Host -ForegroundColor White " Exchange On Premises External EWS url:"
-    Write-Host -ForegroundColor Green "  $exchangeOnPremEWS"
+    Write-Host -ForegroundColor Green "  $Script:ExchangeOnPremEWS"
     Write-Host -ForegroundColor White " On Premises Hybrid Mailbox:"
     Write-Host -ForegroundColor Green "  $Script:UserOnPrem"
     Write-Host -ForegroundColor White " Exchange Online Mailbox:"
@@ -83,7 +83,7 @@ function hostOutputIntraOrgConEnabled($Auth) {
         Write-Host -ForegroundColor White "    -> Running for OAuth only as OAuth takes precedence over DAuth;"
         Write-Host -ForegroundColor White "`n         This script can be Run using the -Auth All parameter to Check for both OAuth and DAuth configuration. `n `n         Example: ./FreeBusyChecker.ps1 -Auth All"
         Write-Host -ForegroundColor White "`n         This script can be Run using the -Auth DAuth parameter to Check for DAuth configuration only. `n `n         Example: ./FreeBusyChecker.ps1 -Auth DAuth"
-        lookupMethodDAuthHtml
+        lookupMethodOAuthHtml
     }
     if ($Auth -like "All") {
         lookupMethodCheckAllHtml