Announcement

Collapse
No announcement yet.

Exchange 2010 SP1 Edge Subscription File

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Exchange 2010 SP1 Edge Subscription File

    UPDATE: SOLVED Run the Exchange Management Shell "As Administrator" No problem after that.
    Interestingly, this is the first time during this Exchange 2010 setup I've had to "Run As" administrator.
    And that includes un-installing the Exchange 2010 mailbox servers.


    When attempting to create an Exchange 2010 SP1 Edge subscription file, I get the following:
    [PS] C:\Windows\system32>New-EdgeSubscription -FileName "c:\exedge-01.xml"

    Confirm
    If you create an Edge Subscription, this Edge Transport server will be managed via EdgeSync replication. As a result, any of the following objects that were created manually will be deleted: accepted domains, message classifications, remote domains, and Send connectors. After creating the Edge Subscription, you must manage these objects from inside the organization and allow EdgeSync to update the Edge Transport server. Also, the InternalSMTPServers list of the TransportConfig object will be overwritten during the synchronization process.
    EdgeSync requires that this Edge Transport server is able to resolve the FQDN of the Hub Transport servers in the Active Directory site to which the Edge Transport server is being subscribed, and those Hub Transport servers be able to resolve the FQDN of this Edge Transport server. You should complete the Edge Subscription inside the organization in the next "1440" minutes before the bootstrap account expires.

    [Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"): y

    New-EdgeSubscription : The command couldn't add the certificate to the AD LDS directory service store. Error: Access is denied.
    At line:1 char:21
    + New-EdgeSubscription <<<< -FileName "c:\exedge-01.xml"
    + CategoryInfo : InvalidOperation: (exedge-01.prod.x.tld:String) [New-EdgeSubscription], InvalidOperationException
    + FullyQualifiedErrorId : 78E1D1AB,Microsoft.Exchange.Management.SystemConfi gurationTasks.NewEdgeSubscription

    [PS] C:\Windows\system32>


    The Edge subscription file is necessary to synchronize the Edge with Hub Transport servers.


    Trying to search for the error

    http://www.google.com/search?q=%22Th...vice+store.%22

    produces only one result, that isn't helpful. In the book, the example setup does not use an Edge server, and instead uses the Hub Transport to route mail to and from the internet, and doesn't go into Edge Subscription files (or at least the available sample chapters do not).

    Any ideas of what to look for next would be greatly appreciated. If I had any hair, I'd be pulling it out.

    UPDATE: Now the search produces two results, with this post being the top hit. That was fast.


    PS: The Edge server can resolve the Hub Transport servers:
    [PS] C:\Windows\system32>nslookup exhts-01.prod.x.tld
    Server: dcp01.prod.x.tld
    Address: 172.18.50.131

    Name: exhts-01.prod.x.tld
    Addresses: 172.18.51.3
    10.192.1.3

    [PS] C:\Windows\system32>nslookup exhts-02.prod.x.tld
    Server: dcp01.prod.x.tld
    Address: 172.18.50.131

    Name: exhts-02.prod.x.tld
    Addresses: 172.18.51.4
    10.192.1.4

    [PS] C:\Windows\system32>
    Last edited by Robert R.; 13th July 2011, 21:39.

  • #2
    Re: Exchange 2010 SP1 Edge Subscription File

    To verify that I have the proper permission, per Microsoft's "Transport Permissions: Exchange 2010 SP1 Help" article :

    [PS] C:\Windows\system32>Get-ManagementRoleAssignment

    The term 'Get-ManagementRoleAssignment' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again.
    At line:1 char:29
    + Get-ManagementRoleAssignment <<<<
    + CategoryInfo : ObjectNotFound: (Get-ManagementRoleAssignment:String) [], CommandNotFoundException
    + FullyQualifiedErrorId : CommandNotFoundException


    [PS] C:\Windows\system32>

    I am a member of (local) Administrators and (local) Backup Administrators (and also domain Domain Admins and forest Enterprise Admins).
    Last edited by Robert R.; 13th July 2011, 19:10.

    Comment


    • #3
      Re: Exchange 2010 SP1 Edge Subscription File

      Originally posted by Robert R. View Post
      To verify that I have the proper permission, per Microsoft's "Transport Permissions: Exchange 2010 SP1 Help" article :
      [PS] C:\Windows\system32>Get-ManagementRoleAssignment

      The term 'Get-ManagementRoleAssignment' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again.
      At line:1 char:29
      + Get-ManagementRoleAssignment <<<<
      + CategoryInfo : ObjectNotFound: (Get-ManagementRoleAssignment:String) [], CommandNotFoundException
      + FullyQualifiedErrorId : CommandNotFoundException


      [PS] C:\Windows\system32>
      I am a member of (local) Administrators and (local) Backup Administrators (and also domain Domain Admins and forest Enterprise Admins).
      Windows permisions like local Administrator, Domain or Enterprise Administrators means nothing for Exchange 2010. In order to fullfil the job as a Exchange admin you have to have permissions within the RBAC (Role Based Access Control) system of Exchange 2010.

      You might want to seacrh for RBAC on the Technet to get familiar with the new split permission model of Exchange 2010.

      Comment


      • #4
        Re: Exchange 2010 SP1 Edge Subscription File

        Run the Exchange Management Shell as Admnistrator.

        Right click EMS and select 'Run as Administrator'.

        Smidge

        Comment

        Working...
        X