Exchange Server Forums

LDAP server is unavailable

Users viewing this topic: none

Logged in as: Guest

Printable Version

All Forums >> [Microsoft Exchange 2007] >> Message Routing >> LDAP server is unavailable

Page: [1]

Message

<< Older Topic Newer Topic >>

LDAP server is unavailable - 23.Aug.2009 10:21:44 PM

choppol

Posts: 720
Joined: 9.Feb.2003
From: sydney
Status: offline

Hi all,

I am in the process of setting up an Edge server and I'm running into a problem. When I run test-edgesynchronization or start-edgesynchronization. I get "the ldap server is unavailable".

I have removed the subscription and request a new one from the Edge but still comes up with the LDAP issue.

Has anyone encounter this problem?

Post #: 1

Featured Links*

RE: LDAP server is unavailable - 24.Aug.2009 3:55:59 PM

jveldh

Posts: 2335
Joined: 12.Apr.2008
From: The Netherlands
Status: offline

Hi,

Please check that you can reach your domaincontroller via telnet, for example:

telnet dc.domain.com 389
telnet dc.domain.com 3268 (if connecting to the global catalog)

If this works you know it can connect so the firewall is no issue.
Please posts the results so I can assist further if needed.

_____________________________

Best regards,

Johan Veldhuis

Visit my Exchange blog

(in reply to choppol)

Post #: 2

RE: LDAP server is unavailable - 24.Aug.2009 7:15:41 PM

choppol

Posts: 720
Joined: 9.Feb.2003
From: sydney
Status: offline

Hi jveldh,

You are correct. I am unable to telnet to port 389 or 3268. I have turned off the firewall.

The topology is in a dmz environment so it's 3 servers, DC, MBX/HT/CAS and the Edge server itself.

There are no firewall between the 3 servers.

(in reply to jveldh)

Post #: 3

RE: LDAP server is unavailable - 25.Aug.2009 3:37:59 PM

jveldh

Posts: 2335
Joined: 12.Apr.2008
From: The Netherlands
Status: offline

Hi,

And did you turn off the firewalls on both sides ? Since it's a DMZ are you 100% sure there is no firewall between the Domain Controller and the Edge server ?

_____________________________

Best regards,

Johan Veldhuis

Visit my Exchange blog

(in reply to choppol)

Post #: 4

RE: LDAP server is unavailable - 25.Aug.2009 8:27:48 PM

choppol

Posts: 720
Joined: 9.Feb.2003
From: sydney
Status: offline

Both firewall has been turned off. No there are no firewall between the boxes.

sorry that i left one thing out. This is a test environment in the dmz so I'm in the process of rebuilding the DC/MBX and Edge.

what I did earlier was rebuild the Edge and I was able to run start-edgesynchronization from the HT and it failed with credential instead of LDAP server is unavailable. So my guess is that something was wrong with the Edge in the first place.

Am I correct to stating that?

(in reply to jveldh)

Post #: 5

RE: LDAP server is unavailable - 26.Aug.2009 2:14:28 AM

choppol

Posts: 720
Joined: 9.Feb.2003
From: sydney
Status: offline

I have just rebuilt the new domain and it is the same problem.

(in reply to choppol)

Post #: 6

RE: LDAP server is unavailable - 26.Aug.2009 10:09:19 AM

de.blackman

Posts: 3542
Joined: 4.Apr.2005
From: Toronto, Canada
Status: offline

Ok I am not understanding one thing here. An edge server should not be installed in the same domain that your exchange servers exist in!! You have to install ADAM on the server and the edge subscription is used to copy data from your AD to the Edge server. It is the transport servers (edge and hub) that handles the edgesync process, not a domain controller! You need to have LDAP ports open between your Edge transport and hub transport, not your DC!! Check the ports required to be open at http://technet.microsoft.com/en-us/library/cc526574.aspx

http://technet.microsoft.com/en-us/library/aa996855.aspx

_____________________________

Ibrahim Benna - Microsoft Exchange MVP
Forum Moderator
Navantis
@IbrahimBenna

(in reply to choppol)

Post #: 7

RE: LDAP server is unavailable - 26.Aug.2009 4:55:28 PM

choppol

Posts: 720
Joined: 9.Feb.2003
From: sydney
Status: offline

I definitely understand what you mean. The Edge is part of the workgroup and correct me if I'm wrong but don't you run the new-edgesubscription on the edge server? and start-edgesubscription on the Hub?

When you run new-edgesynchronization it should talk to DC and the DC will pass a copy of the attributes to the Edge in a read-only format, am I correct to say that?

when I run test-edgesubscription or start-edgesubscription, I would get the ldap server is unavailable.

(in reply to de.blackman)

Post #: 8

RE: LDAP server is unavailable - 26.Aug.2009 5:01:17 PM

choppol

Posts: 720
Joined: 9.Feb.2003
From: sydney
Status: offline

quote:

ORIGINAL: choppol

I definitely understand what you mean. The Edge is part of the workgroup and correct me if I'm wrong but don't you run the new-edgesubscription on the edge server? and start-edgesubscription on the Hub?

When you run new-edgesynchronization it should talk to DC and the DC will pass a copy of the attributes to the Edge in a read-only format, am I correct to say that?

when I run test-edgesubscription or start-edgesubscription, I would get the ldap server is unavailable.

My correction on paragraph 2. It's the Hub that passes the AD attributes to the Edge server.

(in reply to choppol)

Post #: 9

RE: LDAP server is unavailable - 26.Aug.2009 9:34:39 PM

de.blackman

Posts: 3542
Joined: 4.Apr.2005
From: Toronto, Canada
Status: offline

Its good you corrected yourself :)! The edge server has nothing to do with the DCs in your domain. All communication between Edge and your exchange organization is handled by hub transport server in the site you subscribed the edge server to. So make sure the correct ports are open as mentioned in the article.

_____________________________

Ibrahim Benna - Microsoft Exchange MVP
Forum Moderator
Navantis
@IbrahimBenna

(in reply to choppol)

Post #: 10

RE: LDAP server is unavailable - 26.Aug.2009 10:16:51 PM