Fix: Modern Hybrid Agent exit code 1603 on Exchange 2016

Updated 25/05/23 to include .reg file

Today I was faced with a new issue while running through the Hybrid Configuration Wizard on a new Exchange 2016 machine running Windows Server 2016.

Setup terminated with an Exit Code 1603.

This error can also be seen in the HCW log file which can be found in %AppData%\Roaming\Microsoft\Exchange Hybrid Configuration on the machine running HCW. Open the latest Date_time.log file using Notepad and you’ll a similar message to the below:

2022.07.28 09:09:48.589         10341 [Client=UX, Page=HybridConnectorInstall, Step=InstallConnector, Thread=18] FINISH Time=33.0s Results=Failed Setup terminiated with an Exit Code 1603.

Exit code 1603 is a generic error which helpfully tells us nothing about what might be causing it. Reading through the Hybrid Agent system requirements, I spotted TLS 1.2 which is not enabled by default (SCHANNEL) in Server 2016.

As such, adding the below registry keys got me through the Wizard (after restarting it; a full machine reboot wasn’t required). To speed this up, copy the below text to Notepad and save as a .reg file:

Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client]
"DisabledByDefault"=dword:00000000
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server]
"DisabledByDefault"=dword:00000000
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v2.0.50727]
"SystemDefaultTlsVersions"=dword:00000001
"SchUseStrongCrypto"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319]
"SystemDefaultTlsVersions"=dword:00000001
"SchUseStrongCrypto"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft.NETFramework\v2.0.50727]
"SystemDefaultTlsVersions"=dword:00000001
"SchUseStrongCrypto"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft.NETFramework\v4.0.30319]
"SystemDefaultTlsVersions"=dword:00000001
"SchUseStrongCrypto"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v2.0.50727]
"SystemDefaultTlsVersions"=dword:00000001
"SchUseStrongCrypto"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\.NETFramework\v4.0.30319]
"SystemDefaultTlsVersions"=dword:00000001
"SchUseStrongCrypto"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft.NETFramework\v2.0.50727]
"SystemDefaultTlsVersions"=dword:00000001
"SchUseStrongCrypto"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft.NETFramework\v4.0.30319]
"SystemDefaultTlsVersions"=dword:00000001
"SchUseStrongCrypto"=dword:00000001

If I’d been sensible and ran the optional prerequisite connectivity verification, I believe this issue would have been highlighted before I’d began as it does check that TLS 1.2 is enabled.

As I wrote earlier, this error code is generic so I can’t promise this article will fix your instance, though you’ll at least be able to rule out one possibility.

11 thoughts on “Fix: Modern Hybrid Agent exit code 1603 on Exchange 2016”

Leave a comment