Applies to: Exchange Server 2007 SP2, Exchange Server 2007 SP1, Exchange Server 2007 Topic Last Modified: 2006-11-09
This topic provides information about how to subscribe the Edge Transport server to the Microsoft Exchange Server organization. The Edge Subscription process is the procedure that an administrator follows to establish an Edge Subscription for an Edge Transport server. You subscribe an Edge Transport server to an Active Directory directory service site to associate the Edge Transport server with the Exchange organization. After the Edge Transport server is subscribed, the Microsoft Exchange EdgeSync service periodically replicates recipient and configuration data from Active Directory to the Active Directory Application Mode (ADAM) instance on a computer that has the Edge Transport server role installed.
The Microsoft Exchange EdgeSync service is the data synchronization service that runs on a Hub Transport server. The Microsoft Exchange EdgeSync service that is running on the Hub Transport servers in the Active Directory site to which the Edge Transport server is subscribed periodically performs one-way replication of recipient and configuration data to ADAM. The Microsoft Exchange EdgeSync service copies only the information that is required for the Edge Transport server to perform anti-spam configuration tasks, and information about the Send connector configuration that is required to enable mail flow between the Exchange 2007 organization's Hub Transport servers and the Internet through one or more Edge Transport servers. The Microsoft Exchange EdgeSync service performs scheduled updates so that the information in ADAM remains current.
You must create an Edge Subscription if you use the recipient lookup feature or safelist aggregation. These features run on the Edge Transport server. Creating an Edge Subscription reduces the administration that is performed in the perimeter network by letting you perform needed configuration on the Hub Transport server role and then write that information to the Edge Transport server.
When an Edge Transport server is subscribed to an Active Directory site, the following connectors are created by the Microsoft Exchange EdgeSync service:
When data is sent to ADAM from Active Directory, it is sent over an encrypted channel using a Secure Lightweight Directory Access Protocol (Secure LDAP) connection. Additionally, the Safe Senders lists and recipient information is hashed to protect the data. The Secure LDAP connection is secured by the ADAM credentials stored in the Edge subscription file. The Microsoft Exchange EdgeSync service replicates the following data from Active Directory to ADAM:
Before you can establish replication to ADAM from an Active Directory site, you must create the Edge Subscription file on the Edge Transport server role. You must create a separate Edge Subscription file for each Edge Transport server that is subscribed to the Exchange organization. To configure an Edge Subscription, follow these steps:
When an Edge Transport server is subscribed to an Active Directory site, all the Hub Transport servers that are installed in that Active Directory site at that time can participate in the EdgeSync process. If one of those servers is removed, the Microsoft Exchange EdgeSync service that is running on the remaining Hub Transport servers continues the data synchronization process. However, if new Hub Transport servers are installed in the Active Directory site, they will not participate in the EdgeSync process. To enable those Hub Transport servers to participate in the EdgeSync process, you must remove the Edge Subscription from both the subscribed Edge Transport server and the subscribed Active Directory site and then re-create the Edge Subscription.
For more information, see the following topics: