Topic Last Modified: 2008-06-11
This topic provides information about how to resolve EdgeSync failure with Event ID 10104. If this error occurs, you will see the following errors in the event log of your Hub Transport servers:
Event ID: 1024 Event Source: MSExchange EdgeSync Event Category: Topology Event Type: Error Description: The connection to the ADAM instance of the Edge Transport server failed with exception "The LDAP server is unavailable." This could be caused by a failure to resolve the Edge Transport server name <Edge Server> in DNS, a failure when trying to connect to port 50636 on Edge Transport server <Edge Server>, network connectivity issues, an invalid certificate, or an expired subscription. Verify the configurations of your network and server. |
Event ID: 10104 Event Source: MSExchange EdgeSync Event Category: Synchronization Event Type: Error Description: Microsoft Exchange couldn't match certificate when contacting <Edge Server>. The connection was stopped. |
In addition to the errors in the event log, Test-EdgeSynchronization and Start-EdgeSynchronization cmdlets will both fail on the Hub Transport server with the "The LDAP server is unavailable" error.
Note: |
---|
Mail flow between the Hub and Edge Transport servers may still work even though the EdgeSync process fails. |
Cause
The same third-party certificate is installed on both the Hub and Edge Transport servers. By default, Microsoft Exchange 2007 uses a self-signed certificate installed by Microsoft Exchange instead of using a third-party custom certificate. While it is possible to install and use third-party certificates, you can't install the same certificate on the Hub and Edge Transport servers.
Resolution
To resolve this error, you must ensure that the same third-party certificate is not installed on the Hub and Edge Transport servers.
Before You Begin
To perform this procedure on the Edge Transport server, the account you use must be delegated membership in the local Administrators group. For more information about permissions, delegating roles, and the rights that are required to administer Exchange 2007, see Permission Considerations.
Procedure
-
To verify if the same certificate is installed on the Hub and Edge Transport servers, run the following command on both servers and compare the certificate thumbprints:
Copy Code Get-TransportServer <Server Name> | Format-List Name,InternalTransportCertificateThumbprint
-
Remove the third-party certificate from the Edge Transport server. For syntax and parameter information, see Remove-ExchangeCertificate.
-
Install a self-signed certificate on the Edge Transport server. For more information about creating certificates in Exchange 2007, see Creating a Certificate or Certificate Request for TLS.
-
Re-create the Edge subscription. For more information about creating an Edge subscription, see Subscribing the Edge Transport Server to the Exchange Organization.
For More Information
To learn more about how certificates are used in Exchange 2007, see Certificate Use in Exchange Server 2007.