Exchnage 2010 SP3 and Exchange 2013 RTM coexistence issue


I know it is not supported to coexist Exchange 2010 SP3 and Exchange 2013 RTM, but I wanted to do some tests and see some issues. After installation of Exchange 2010 SP3 on my old Exchange server in LAB and then Exchange 2013 RTM servers in DAG with HAProxy load balancer in front of them, I have realized that everything works just fine.

After that I started to write article about federation trust (https://ficility.net/2013/02/08/exchange-federation-trust-part-1/) and problem started to raise.

Symptoms

I have configured federation trust according to article in the link on Exchange 2013 server and it was suppose to distribute Exchange certificate used for federation trust accross the organization, however Exchange 2013 server was not able to contact Exchange 2010 server and distribution failed.

On the other side Exchange 2010 server gathered information from AD about new Exchange certificate for federation which it was not able to find in local certification store. The result was, that MSExchangeServiceHost crashed with errors as seen in Pictures below.

Test-ServiceHealth
Role                    : Mailbox Server Role RequiredServicesRunning : False 
ServicesRunning         : {IISAdmin, MSExchangeADTopology, MSExchangeIS, MSExchangeMailboxAssistants, MSExchangeMailSubmission, MSExchangeRepl, MSExchangeRPC, MSExchangeSA, MSExchangeSearch, MSExchangeThrottling, MSExchangeTransportLogSearch, W3Svc, WinRM} 
ServicesNotRunning      : {MSExchangeServiceHost}

Role                    : Client Access Server Role RequiredServicesRunning : False 
ServicesRunning         : {IISAdmin, MSExchangeADTopology, MSExchangeFBA, MSExchangeProtectedServiceHost, MSExchangeRPC , W3Svc, WinRM} 
ServicesNotRunning      : {MSExchangeAB, MSExchangeFDS, MSExchangeMailboxReplication, MSExchangeServiceHost}

Role                    : Hub Transport Server Role RequiredServicesRunning : False ServicesRunning         : {IISAdmin, MSExchangeADTopology, MSExchangeTransport, MSExchangeTransportLogSearch, W3Svc, WinRM} 
ServicesNotRunning      : {MSExchangeEdgeSync, MSExchangeServiceHost}
Get-ExchangeCertificate -Server Frontend1
The target server isn't running a supported version of Exchange Server.     + CategoryInfo          : InvalidArgument: (:) [Get-ExchangeCertificate], 
ArgumentException     + FullyQualifiedErrorId : 75222B43,Microsoft.Exchange.Management.SystemConfigurationTasks.GetExchangeCertificate   

Event log sequence caused by error Event ID: 2003 followed by Event ID: 4999

error2

error1

Solution

Very simple. Export certificate for federation from Exchange 2013 RTM server and import it to Personal certificates of the local computer account on Exchange 2010 SP3 server.

After the certificate import MSExchangeServiceHost service started to run normally.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s