Topic Last Modified: 2008-06-11

This topic provides information about how to resolve EdgeSync failure with Event ID 10104. If this error occurs, you will see the following errors in the event log of your Hub Transport servers:

Event ID: 1024

Event Source: MSExchange EdgeSync

Event Category: Topology

Event Type: Error

Description: The connection to the ADAM instance of the Edge Transport server failed with exception "The LDAP server is unavailable." This could be caused by a failure to resolve the Edge Transport server name <Edge Server> in DNS, a failure when trying to connect to port 50636 on Edge Transport server <Edge Server>, network connectivity issues, an invalid certificate, or an expired subscription. Verify the configurations of your network and server.

Event ID: 10104

Event Source: MSExchange EdgeSync

Event Category: Synchronization

Event Type: Error

Description: Microsoft Exchange couldn't match certificate when contacting <Edge Server>. The connection was stopped.

In addition to the errors in the event log, Test-EdgeSynchronization and Start-EdgeSynchronization cmdlets will both fail on the Hub Transport server with the "The LDAP server is unavailable" error.

Note:
Mail flow between the Hub and Edge Transport servers may still work even though the EdgeSync process fails.

Cause

The same third-party certificate is installed on both the Hub and Edge Transport servers. By default, Microsoft Exchange 2007 uses a self-signed certificate installed by Microsoft Exchange instead of using a third-party custom certificate. While it is possible to install and use third-party certificates, you can't install the same certificate on the Hub and Edge Transport servers.

Resolution

To resolve this error, you must ensure that the same third-party certificate is not installed on the Hub and Edge Transport servers.

Before You Begin

To perform this procedure on the Edge Transport server, the account you use must be delegated membership in the local Administrators group. For more information about permissions, delegating roles, and the rights that are required to administer Exchange 2007, see Permission Considerations.

Procedure

To verify the same certificate is installed on the Hub and Edge Transport servers
  • To verify if the same certificate is installed on the Hub and Edge Transport servers, run the following command on both servers and compare the certificate thumbprints:

    Copy Code
    Get-TransportServer <Server Name> | Format-List Name,InternalTransportCertificateThumbprint
    
To create a different certificate
  1. Remove the third-party certificate from the Edge Transport server. For syntax and parameter information, see Remove-ExchangeCertificate.

  2. Install a self-signed certificate on the Edge Transport server. For more information about creating certificates in Exchange 2007, see Creating a Certificate or Certificate Request for TLS.

  3. Re-create the Edge subscription. For more information about creating an Edge subscription, see Subscribing the Edge Transport Server to the Exchange Organization.

For More Information

To learn more about how certificates are used in Exchange 2007, see Certificate Use in Exchange Server 2007.