Exchange 2007 - edge transport (error on HT - The LDAP server is unavailable)

294 views
Skip to first unread message

Matthew (UK76)

unread,
Nov 18, 2007, 8:03:37 PM11/18/07
to
Hi,

Testing in a virtual environment, I have added a hub transport server (not
in domain / no firewalls).

I create the subscription file and add this to the hub transport server.

Run the powershell command "Start-EdgeSynchronization" receiving the
following output:
Result : CouldNotConnect
Type : General
Name : CN=ISATEST-ET01,CN=Servers,CN=Exchange Administrative Group
(F
YDIBOHF23SPDLT),CN=Administrative
Groups,CN=ISATEST-EXORG,CN=M
icrosoft
Exchange,CN=Services,CN=Configuration,DC=ISATEST,DC=L
OCAL
FailureDetails : The LDAP server is unavailable.
StartUTC : 19/11/2007 00:50:22
EndUTC : 19/11/2007 00:50:23
Added : 0
Deleted : 0
Updated : 0
Scanned : 0
TargetScanned : 0

Run the powershell command "Test-EdgeSynchronization"receiving the following
output:
Name : ISATEST-ET01
ConnectionResult : Failed
FailureDetail : No EdgeSync credentials were found for Edge
trans
port server isatest-et01.isatestwg.local on
the l
ocal Hub Transport server. Remove the Edge
subscr
iption and re-subscribe the Edge Transport
server
.
LastSynchronized : 01/01/0001 00:00:00
CredentialStatus : Skipped
TransportServerStatus : Skipped
TransportConfigStatus : Skipped
AcceptedDomainStatus : Skipped
SendConnectorStatus : Skipped
MessageClassificationStatus : Skipped
RecipientStatus : Skipped


I am able to resolve the name of the edge from the hub:
C:\>nslookup isatest-et01.isatestwg.local
Server: isatest-dc01.isatest.local
Address: 192.168.230.110

Name: isatest-et01.isatestwg.local
Address: 192.168.230.113


I am able to resolve the name of the hub from the edge:
C:\>nslookup isatest-ex01.isatest.local
Server: isatest-dc01.isatest.local
Address: 192.168.230.110

Name: isatest-ex01.isatest.local
Address: 192.168.230.111


I am able to connect to port 50636 from the hub to the edge and in turn see
the active connection on the edge:
C:\>netstat -na | find /i ":50636"
TCP 0.0.0.0:50636 0.0.0.0:0 LISTENING
TCP 192.168.230.113:50636 192.168.230.111:1732 ESTABLISHED


I dont know if it is a problem with certificates (should there be one for
the edge), but when i issue the command "Get-ExchangeCertificate", receive
the following output:
[PS] C:\>Get-ExchangeCertificate | fl
AccessRules : {System.Security.AccessControl.CryptoKeyAccessRule,
System
.Security.AccessControl.CryptoKeyAccessRule}
CertificateDomains : {isatest-ex01.isatest.local}
HasPrivateKey : True
IsSelfSigned : False
Issuer : CN=ISATest Cert Auth, DC=ISATEST, DC=LOCAL
NotAfter : 04/11/2009 22:19:42
NotBefore : 05/11/2007 22:19:42
PublicKeySize : 1024
SerialNumber : 616ED663000000000005
Status : Valid
Subject : CN=isatest-ex01.isatest.local, OU=isatest, O=isatest,
L=Lo
ndon, S=London, C=GB
Thumbprint : DF5A8B0AB5D75D43B790EEA7D6F6338DD98186A3


AccessRules : {System.Security.AccessControl.CryptoKeyAccessRule,
System
.Security.AccessControl.CryptoKeyAccessRule}
CertificateDomains : {webmail.testing.domain.removed}
HasPrivateKey : True
IsSelfSigned : False
Issuer : CN=ISATest Cert Auth, DC=ISATEST, DC=LOCAL
NotAfter : 04/11/2009 20:40:50
NotBefore : 05/11/2007 20:40:50
PublicKeySize : 1024
SerialNumber : 61145458000000000004
Status : Valid
Subject : CN=webmail.testing.domain.removed, OU=isatest,
O=isatest, L
=London, S=London, C=GB
Thumbprint : 633720193366F2739AF4D5F42949F1D3F3453D68


I have fired up network monitor on both nodes and have noticed no traffic
between either of the machines on port 50636 (at any point).

Any ideas how to resolve would be appreciated.

Thanks
Matthew


Ivan

unread,
Dec 11, 2007, 5:02:35 AM12/11/07
to
Hi,

I have exactly the same problem, did you find the issue ?


Thanks

valery...@gmail.com

unread,
Jan 17, 2008, 11:15:06 AM1/17/08
to
I have same problem after delete local self-signed certificates. How
to resolve - i do not know.....
Reply all
Reply to author
Forward
0 new messages