Link to home
Start Free TrialLog in
Avatar of Findwise
Findwise

asked on

New-EdgeSubscription, The LDAP server is unavailable

I have EBS 2008 installed and have played around a little with certificates. When I now check my security server which has the edge transport service installed I get "The LDAP server is unavailable" in the Exchange managment console. So then I tried to issue a new subscription but then I get this error:

New-EdgeSubscription : An Active Directory error 0x51 occurred when trying to c
heck server 'localhost:50389' suitability: 'The LDAP server is unavailable.'.
At line:1 char:21
+ New-EdgeSubscription  <<<< -file "C:\EdgeSubscriptionExport.xml"
Avatar of shauncroucher
shauncroucher
Flag of United Kingdom of Great Britain and Northern Ireland image

Can you confirm that DNS is all working ok? Event viewer clean? Can you ping by FQDN to the servers concerned. I don't have EBS 2008 specific experience but Edge servers are supposed to be on an independant computer not joined to the domain of the hub transport server(s).

Can you telnet the port 50389 on the Hub and Edge server?

Shaun
Run through ports discussed on this post and ensure that these are all open on the Edge server.

http://technet.microsoft.com/en-us/library/aa996562.aspx

Shaun
Avatar of Findwise
Findwise

ASKER

Could not open connection to the host on port 50389. Seems like we have a problem here.

A strange thing is when I look at my Server Manager I get an error from Active Directory Lightweight Directory Services that is running on the security server. There is a process called ADAM_Microsoft Exchange ADAM and it say Not available on the status. I can get any more status from it. Maybe this is the problem. I have no idea what this is.

I tried all the port in the list and only get smtp on port 25 working.
Hi,

ADAM is very much related to the Edge Subscription syncronisation process. It uses the ADAM process to do a one way sync of data such as the recipients in the Exchange organisation, the domains that the exchange organisation are authoritative for etc.

You should look to getting this ADAM process issue resolved and you should then find that you can recreate the edge subscription successfully.

Shaun
Thanks. Will look in to this tomorrow.
This explains the relationship in more detail:

http://technet.microsoft.com/en-us/library/aa996855.aspx

Is there anything that has changed recently in your infrastructure?

shaun

I've looked on my Windows 2008 server and I have a similar warning in my Server Manager about the service not being available. I do not have any issues with Edgesync.

Can you just ensure that the Microsoft Exchange ADAM service is running by using Exchange management shell (or powershell) console and typing the following command:

Get-Service *ADAM* | ft St*

What does this return?

You should be able to telnet the port 50389 on the Edge server and if you cannot, this could indicate a firewall issue, can you telnet locally on this port? If you use netsat -anp udp do you see the 50389 port as an active connection?

shaun
On my secureity server:
[PS] C:\>Get-Service *ADAM* | ft St*

                                                                         Status
                                                                         ------
                                                                        Running
                                                                        Stopped


[PS] C:\>
Picture-1.png
Picture-5.png
Hmm, I wrote alot here but it all disaperare after the attchment of the files. I attached them in the middle.

I had logs and everything :-(

Anyhow, my last comments was that I found that this might be the problem of an rouge ip adress ;-). I have had some problems with the ad and now I found that I had the same ip on a virtual domain controller that I had in the installation of EBS. I totally forgott about this and had another linux computer running on the same ip with a lot of strange problem. But I found it now and will dcpromo it tomorrow. Will be back if this dosent help out.
ASKER CERTIFIED SOLUTION
Avatar of shauncroucher
shauncroucher
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
One wonder how one rouge domain controller could f**ck everything up. Yesterday I rebooted all the servers and now it works like a charm. Mails can go both way through :-)

[PS] C:\Windows\System32>Get-Service *ADAM* | ft Di*,St*

DisplayName                                                              Status
-----------                                                              ------
ISASTGCTRL                                                              Running
Microsoft Exchange ADAM                                                 Running


[PS] C:\Windows\System32>

The command you gave me looks good to. So lets consider this as solved. Thanks for all your help. And lessons learned. Never have a rouge domain controller ;-)
Glad I could help.

Shaun