Solved

EdgeSync Error 1024 and "The supplied credential is invalid"

Posted on 2010-11-17
2
5,499 Views
Last Modified: 2012-06-21
Hello Everyone,

I have a problem and I am pulling my teeth out trying to get this one to work!

I have a new Exchange 2010 CAS/HUB Server and New TMG Server that will server as my Edge Server.

I am trying to enable EdgeSync between the Hub and TMG and I am getting the error 1024 on the Hub and when I run Test-EdgeSyncronization it returns the error "The supplied credential is invaild". After all my research I have atleast fiqured out it is a problem with the cert.

I currently have a 3rd party cert that is mail.xxx.com that is installed on the CAS and enabled for SMTP, IIS, IMAP, and POP services.

I know that I can't move the 3rd party cert onto the edge and enable it for SMTP and attempt to get the EdgeSync service to work b/c when I try to import the Sync File that was generated on the Edge to the Hub is fails and says you can't have the cert in both locations.

What is one to do, I am supposed to have the same internal cert on both machines? I can't see to fiqure this one out on my own.

Thanks for you help!

-Mike
0
Comment
Question by:BAYCCS
2 Comments
 
LVL 16

Accepted Solution

by:
Viral Rathod earned 500 total points
ID: 34158270
The problem  that you are having is not because of certs, its an issue with credentials. EdgeSync uses ADAM credentials to connect to the edge server, and those are periodically changed by the "Edge Credential Service" running on the edge server. I would guess that service might not be running on your edge box, or a sync didn't happen for whatever reason within the initial 4 hours after you created the subscription. What you'll need to do is

1. Make sure the credential service is up and running on the edge.
2. Create a new subscription file by calling new-edgesubscription again.
3. Reimport the subscription.
4. Call start-edgesynchronization immediately after you subscribe.

the CN is expected to be different between the file and what start-edgesynchronization is telling you. The CN in the file is the CN of the ADAM user account Edge Sync will connect with initially, and the CN in start-edgesynchronization is the CN of the representatino of the Edge server in AD (how we keep track of it basically) so they will be different.  

Let me know if the above works.
0
 
LVL 5

Author Closing Comment

by:BAYCCS
ID: 34158430
The Credential service wasn't running... WOW I can't believe it was that simple...

Thanks you!!
0

Featured Post

Don't lose your head updating email signatures!

Do your end users still have the wrong email signature? Do email signature updates bore you or fill you with a sense of dread? You can make this a whole lot easier on yourself by trusting an Exclaimer email signature management solution. Over 50 million users do...so should you!

Join & Write a Comment

Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now