As more folks are deploying the SharePoint 2013 Hybrid features we continue to pick up little tidbits that help make the journey easier. A couple of new ones have come up recently that are worth sharing at this point, so here goes:
- Don’t include a -StartDate and -EndDate when creating a new Msol-ServicePrincipalCredential. At one time there was a problem that could occur without these being set, but it has since been resolved. To simplify things all around it’s just easier and removes another possibility of mistake by excluding them altogether. If you get the dates wrong you will find that when you try and execute a query against o365 from your on prem farm you will get an error along the lines of invalid JWT token (you’ll have to dig into the ULS logs to get this level of detail on the issue).
- PLEASE be careful when you create your Search Service Application that you do NOT create it in partitioned mode. If you created it in partitioned mode then hybrid search will not work; again you will get an invalid JWT token. There must be some PowerShell script floating around the interwebs that creates in partitioned mode because we’ve seen a few of these cases come up recently, which is unusual because most customers don’t knowingly create their service applications in partitioned mode.