Exchange Online users cannot see on-premises Exchange Server Free/Busy information

Scenario:

Came almost each time after Exchange Hybrid Configuration Wizard (HCW) finished its job successfully:

• Customer's Exchange Hybrid configuration based on Exchange Server 2010 (you have all chances to have newer 2013/2016 versions affected).
• Customer's on-premises users can see Free/Busy status of Exchange Online users in Office 365. 
• However Exchange Online users can't see status of on-premises Exchange Server users.
• Hybrid Deployment has passed Free/Busy and Autodiscover tests of Remote Connectivity Analyzer.
• Hybrid Deployment has passed through "The Hybrid Free Busy Troubleshooter" with no errors until it suggested to open ticket with Microsoft Support team.
• Following PowerShell command showed no errors:
  
  
  Test-FederationTrust -UserIdentity <OnPremisesMailbox> -verbose

• Following PowerShell command is showing WSSecurity enabled:
  
  
  Get-WebServicesVirtualDirectory -Identity "HybridServer\EWS (default web site)" | fl *auth*
  
  InternalAuthenticationMethods   : {Basic, Ntlm, WindowsIntegrated, WSSecurity}
  ExternalAuthenticationMethods   : {Basic, Ntlm, WindowsIntegrated, WSSecurity}
  LiveIdSpNegoAuthentication      : False
  WSSecurityAuthentication        : True
  LiveIdBasicAuthentication       : False
  BasicAuthentication             : True
  DigestAuthentication            : False
  WindowsAuthentication           : True


• However we noticed error "500" in W3SVC IIS logs of Hybrid Exchange Server very similar to:

POST /autodiscover/autodiscover.svc/WSSecurity - 443 - ASAutoDiscover/CrossForest/EmailDomain//15.01.0225.018 – 500 0 0 124

Solution:

You'll be surprised... Even though "Get-WebServicesVirtualDirectory | fl" showed WSSecurity enabled, the following command fixed issue:

Set-WebServicesVirtualDirectory -Identity "<HybridServer>\EWS (default web site)" -WSSecurityAuthentication $true

Other guys reported they had exactly the same resolution for Autodiscover IIS virtual directory even though "Get-AutodiscoverVirtualDirectory | fl" showed WSSecurity enabled:

Set-AutodiscoverVirtualDirectory -Identity "<HybridServer>\Autodiscover (Default Web Site)" -WSSecurityAuthentication $true

Another guy solved this issue simply with iisreset after initial Hybrid configuration.

I like my solution since it has no services restart and downtime for Exchange Server. Cause is unknown.

References:

• How to troubleshoot free/busy issues in a hybrid deployment of on-premises Exchange Server and Exchange Online in Office 365
• Troubleshooting free/busy issues in Exchange hybrid environment
• Unable to see free/busy from cloud to onprem
• Office 365 users cannot see on-premises free/busy
• Free/Busy not working from Office 365/Exchange Online to On-Premise Exchange / Hybrid Configuration – “The external recipient’s server could not be determined” “No information” (You forgot to iisreset)
• Users from a federated organization cannot see the free/busy information of the local Exchange Server 2010 organization