?
Solved

EdgeSync Error 1024 and "The supplied credential is invalid"

Posted on 2010-11-17
2
Medium Priority
?
6,581 Views
Last Modified: 2012-06-21
Hello Everyone,

I have a problem and I am pulling my teeth out trying to get this one to work!

I have a new Exchange 2010 CAS/HUB Server and New TMG Server that will server as my Edge Server.

I am trying to enable EdgeSync between the Hub and TMG and I am getting the error 1024 on the Hub and when I run Test-EdgeSyncronization it returns the error "The supplied credential is invaild". After all my research I have atleast fiqured out it is a problem with the cert.

I currently have a 3rd party cert that is mail.xxx.com that is installed on the CAS and enabled for SMTP, IIS, IMAP, and POP services.

I know that I can't move the 3rd party cert onto the edge and enable it for SMTP and attempt to get the EdgeSync service to work b/c when I try to import the Sync File that was generated on the Edge to the Hub is fails and says you can't have the cert in both locations.

What is one to do, I am supposed to have the same internal cert on both machines? I can't see to fiqure this one out on my own.

Thanks for you help!

-Mike
0
Comment
Question by:BAYCCS
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 17

Accepted Solution

by:
Viral Rathod earned 2000 total points
ID: 34158270
The problem  that you are having is not because of certs, its an issue with credentials. EdgeSync uses ADAM credentials to connect to the edge server, and those are periodically changed by the "Edge Credential Service" running on the edge server. I would guess that service might not be running on your edge box, or a sync didn't happen for whatever reason within the initial 4 hours after you created the subscription. What you'll need to do is

1. Make sure the credential service is up and running on the edge.
2. Create a new subscription file by calling new-edgesubscription again.
3. Reimport the subscription.
4. Call start-edgesynchronization immediately after you subscribe.

the CN is expected to be different between the file and what start-edgesynchronization is telling you. The CN in the file is the CN of the ADAM user account Edge Sync will connect with initially, and the CN in start-edgesynchronization is the CN of the representatino of the Edge server in AD (how we keep track of it basically) so they will be different.  

Let me know if the above works.
0
 
LVL 5

Author Closing Comment

by:BAYCCS
ID: 34158430
The Credential service wasn't running... WOW I can't believe it was that simple...

Thanks you!!
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains how to install and use the NTBackup utility that comes with Windows Server.
How to resolve IMCEAEX NDRs in Exchange or Exchange Online related to invalid X500 addresses.
how to add IIS SMTP to handle application/Scanner relays into office 365.
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
Suggested Courses

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question