ERROR During Setup /mode:RecoverServer – The internal transport certificate for the local server was damaged or missing in Active Directory. The problem has been fixed…

MS Exchange

I was at a customer site who was validating the DR doc for recovering a hub transport server. They had a copy of the production DC in a test lab and had reset the Hub transport computer account in AD. Running Setup.Com /Mode:RecoverServer failed with the following error.

[ERROR] The internal transport certificate for the local server was damaged or missing in Active Directory. The problem has been fixed. However, if you have existing Edge Subscriptions, you must subscribe all Edge Transport servers again by using the New-EdgeSubscription cmdlet in the Shell.

The issue was that the production network has edge subscriptions whereas it was missing in the lab. As part of the Exchange recovery step, it attempts to re-encrypt the credentials used for edge synchronization process and as the old certificate used for encrypting is missing, it throws the error message.

Though the error says that the problem has been fixed, running setup /m:recoverserver again throws the same error message Winking smile

The solution is to delete the information about about the edge sync credentials used from the Hub transport server. In order to do that, I used ADSIEdit and navigated to Configuration partition –> Services -> Microsoft Exchange –> Org Name –> Administrative Groups –> Exchange Administrative Group (FYDIBOHF23SPDLT) –> Servers –> Hub Server –> right click “properties”.

msExchEdgeSyncCredential

Remove the values for “msExchEdgeSyncCredential” and run the recovery setup again. That solved the issue.

Delete msExchEdgeSyncCredential values

Other Popular Articles


MS Exchange

Scripting Agent Initialization Failed: “File is not found” Error During Exchange 2016 Setup

MS Exchange

EAC Access While Co-Existing Exchange 2013 With 2010

MS Exchange

Delete All Calendar Entries In An Exchange 2010 Mailbox

15 thoughts on “ERROR During Setup /mode:RecoverServer – The internal transport certificate for the local server was damaged or missing in Active Directory. The problem has been fixed…”

  1. Came across this issue today while recovering an Exchange 2016 CU22. Just don’t understand how this is not yet fixed by Microsoft. In any case, thanks a million!

    Reply
  2. Thank you for this.
    It worked when restoring an Exchange 2019 production server its production environment, but where the Edge certificate wasn’t the default one.

    Reply
  3. Hey,

    I’m trying to recover ex2k10 server withCAS/HUB roles that crashed few months back and it throws the same error.

    Where do i delete these attributes from ADSIEdit?- The server on which Recovery is performed i assume and should i delete all vaues for EdgeSubscription for that?

    Please advise.

    Reply
  4. This looks helpful. However when retrying the installation, I get the following error:

    A Setup failure previously occurred while installing the HubTransport role. Either run Setup again for just this role, or remove the role using Control Panel.

    I cannot unistall the role as it says some controls are not valid. How do I complete the installation?

    Reply

Leave a Comment