Solved

EdgeSync Error 1024 and "The supplied credential is invalid"

Posted on 2010-11-17
2
5,836 Views
Last Modified: 2012-06-21
Hello Everyone,

I have a problem and I am pulling my teeth out trying to get this one to work!

I have a new Exchange 2010 CAS/HUB Server and New TMG Server that will server as my Edge Server.

I am trying to enable EdgeSync between the Hub and TMG and I am getting the error 1024 on the Hub and when I run Test-EdgeSyncronization it returns the error "The supplied credential is invaild". After all my research I have atleast fiqured out it is a problem with the cert.

I currently have a 3rd party cert that is mail.xxx.com that is installed on the CAS and enabled for SMTP, IIS, IMAP, and POP services.

I know that I can't move the 3rd party cert onto the edge and enable it for SMTP and attempt to get the EdgeSync service to work b/c when I try to import the Sync File that was generated on the Edge to the Hub is fails and says you can't have the cert in both locations.

What is one to do, I am supposed to have the same internal cert on both machines? I can't see to fiqure this one out on my own.

Thanks for you help!

-Mike
0
Comment
Question by:BAYCCS
2 Comments
 
LVL 17

Accepted Solution

by:
Viral Rathod earned 500 total points
ID: 34158270
The problem  that you are having is not because of certs, its an issue with credentials. EdgeSync uses ADAM credentials to connect to the edge server, and those are periodically changed by the "Edge Credential Service" running on the edge server. I would guess that service might not be running on your edge box, or a sync didn't happen for whatever reason within the initial 4 hours after you created the subscription. What you'll need to do is

1. Make sure the credential service is up and running on the edge.
2. Create a new subscription file by calling new-edgesubscription again.
3. Reimport the subscription.
4. Call start-edgesynchronization immediately after you subscribe.

the CN is expected to be different between the file and what start-edgesynchronization is telling you. The CN in the file is the CN of the ADAM user account Edge Sync will connect with initially, and the CN in start-edgesynchronization is the CN of the representatino of the Edge server in AD (how we keep track of it basically) so they will be different.  

Let me know if the above works.
0
 
LVL 5

Author Closing Comment

by:BAYCCS
ID: 34158430
The Credential service wasn't running... WOW I can't believe it was that simple...

Thanks you!!
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Not sure what the best email signature size is? Are you worried about email signature image size? Follow this best practice guide.
This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…

786 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question