Edge Transport Role Fails To Install - "Port 50389 is already in use"
We are running Essential Business Server, and Edge Transport synchronization began failing at some point last year (we found this out when we couldn't increase the max. email receive size!). Since then, we have been directing emails directly into the Messaging
Server and have left the Edge Transport Role on the Security server doing nothing.
We now want to get Edge Transport up and running again, and started I the process by uninstalling the Edge Transport Role from the Security Server with the plan of reinstalling and then configuring from scratch. However, when I came to reinstall (after a
reboot), although the installation passes all of the readiness checks, but at the last point of installation I get the message "Port 50389 is already in use" and the installation quits out (without even rolling back the changes).
I know that this port is for Secure LDAP, but I don't understand what could be using this, and how to get around it! I've run PORTQRY on the server and the 50389 port returns FILTERED. I've also run logging on the local TMG management console and it's not
getting blocked/triggered there.
Any suggestions will be greatly appreciated. Thanks!
March 28th, 2011 12:05pm
1. Whether users only cannot receive internet emails? Can users receive Emails from
internal?
2. Have you registered/subscribed the Exchange 2007 Edge Transport server? Whether
DNS MX record is pointing to the Edge server now?
4. Whether the old Exchange 2007 server is currently powered on?
Free Windows Admin Tool Kit Click here and download it now
March 28th, 2011 4:22pm
Hi
Verify that the network firewall that separates the Edge Transport server from the Exchange Server 2007 Hub Transport server(s) is configured to enable communications through the correct ports. The Edge Transport server uses custom LDAP ports. The following
ports are needed for the directory synchronization:
LDAP: Port 50389/TCP
Secure LDAP: Port 50636/UDP
Port 50389 is only used locally by Edge itself to access ADAM.
The second question:
The Microsoft Exchange Best Practices Analyzer reads the following registry entries to determine the ports that are used by
the Active Directory Application Mode (ADAM) directory service on the Edge Transport server:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Exchange\v8.0\EdgeTransportRole\AdamSettings\MsExchangeAdam\LdapPort
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Exchange\v8.0\EdgeTransportRole\AdamSettings\MsExchangeAdam\SslPort
ADAM is a Lightweight Directory Access Protocol (LDAP) directory service that is designed specifically
for use with directory-enabled applications. ADAM stores and replicates only application-specific information and does not require deployment on a domain controller or depend on the Active Directory directory service. ADAM does not provide network operating
system authentication or authorization.
In Microsoft Exchange Server 2007, the Edge Transport server role uses ADAM to store configuration
information and recipient data for content filtering. When ADAM is synchronized with Active Directory, it can also be used to perform recipient lookup for message security.
You can read this article
http://64.4.11.252/en-us/library/bb693319(EXCHG.80).aspx
Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
March 29th, 2011 5:30am
Hello Terence, thanks for the reply.
I have created a rule in the TMG firewall which allows access on Port 50389 from the localhost to the localhost and to the Exchange server. The problem is still present when I rerun the Edge Transport Role installation.
The registry keys you reference are not present on the server. Should I be creating them manually?
Thanks.
Free Windows Admin Tool Kit Click here and download it now
March 30th, 2011 11:14am
Hi
If you can’t find registry keys, there is no need to create them.
I don’t know which service obtains
50389.
Can you run netstat.exe –a –n –o and you will find out pid of this port.
Then run tasklist and you can find out which exe using this port.
please killing it in memory by task management.
This
blog explains the process. Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
March 30th, 2011 12:37pm
Hi Terence, Unfortunately this hasn't worked. The output of netstat does not include any entries for port 50389. I sent the output to a log file and searched through it in notepad! Thanks,
Free Windows Admin Tool Kit Click here and download it now
March 31st, 2011 12:39pm
I have a question, as you mentioned that you uninstall the server old server, is that the same server you are reinstalling the EDGE server?Gulab | MCTS-MCITP Messaging: 2010 | MCTS-MCITP Messaging: 2007 | MCC 2011 | Skype: Gulab.Mallah
March 31st, 2011 2:34pm
That's right, I uninstalled the Exchange Edge Transport Role from the EBS Security server, and I'm now trying to reinstall the role back onto that same server.
Free Windows Admin Tool Kit Click here and download it now
March 31st, 2011 2:37pm
Seems like the port is still assigned to the same server..
Did you try to disconnect the server from the network and try it? I know its a weird try, but have u tried it.
Till than i will get some more information.... Gulab | MCTS-MCITP Messaging: 2010 | MCTS-MCITP Messaging: 2007 | MCC 2011 | Skype: Gulab.Mallah
March 31st, 2011 3:03pm
Hi Gulab,
There is no chance of disconnecting the server from the network to try, it's a critical server that handles firewall for the whole site. If that goes down, everything goes down.
Could this problem be anything to do with ADAM? Should I try uninstalling that before reinstalling the Edge Transport Role?
Thanks,
Free Windows Admin Tool Kit Click here and download it now
April 4th, 2011 10:50am
Any more ideas please?
Thanks,
April 11th, 2011 11:15am
Uninstall ADAM and try reinstall EDGE and post the result.Gulab | MCTS-MCITP Messaging: 2010 | MCTS-MCITP Messaging: 2007 | MCC 2011 | Skype: Gulab.Mallah
May 3rd, 2011 12:20pm
Your problem seems to be the DNS Server role, installed on the same machine. After installing some update or SP it reserves a range of ports for itself. You should prereserve this port or remove DNS Service completely. Check this:
http://blog.mreza.info/archive/2009/09/02/pow-9-exchange-server-2007-edge-amp-dns-server.aspx
For my W2K8 R2 this command works fine:
dnscmd /Config /SocketPoolExcludedPortRanges 50389-50389 50636-50636
Free Windows Admin Tool Kit Click here and download it now
June 4th, 2011 1:42pm