Maxim_Kazmin - Fotolia

Why won't the Exchange 2013 Edge Transport Server install?

We have a Client Access Server and Mailbox Server on Exchange 2013 and we want to install an Edge Transport role on another machine. I joined the Edge Server to the domain and installed Active Directory Lightweight Directory Services, but still can't finalize the installation.

You have met two prerequisites for deploying the Exchange Server 2013 Edge Transport role -- having Active Directory...

Lightweight Directory Services and a separate server from the Client Access Server and Mailbox Server roles. Because you can't finalize the Edge Transport Server role installation, the most likely cause is you haven't met all the prerequisites.

Before diving into all the prerequisites for this installation, let's look at the domain to which you joined the Edge Server. The Exchange 2013 Edge Transport Server role should be placed in a perimeter network. As a general rule, you don't want machines in the perimeter network to be joined to an internal Active Directory domain. Place the Edge Transport server in the perimeter or DMZ network, instead of on the internal network.

Here's a full list of requirements for deploying an Exchange 2013 Edge Transport Server role:

  • Windows Server 2008 R2 with SP1 or higher;
  • Microsoft .NET Framework 4.5.2;
  • Windows Management Framework 4.0;
  • Exchange supports having an Edge Transport Server joined to a domain, but it could pose a security threat if the server becomes compromised.
    Microsoft Unified Communications Managed API 4.0, core runtime 64 bit;
  • DNS suffix for the internal domain appended to Edge Transport Server role's computer name;
  • Configure the Edge Transport Server role to use DNS to resolve internal Exchange servers; configure internal Exchange servers to use DNS to resolve the name of the Edge Transport servers;
  • Ensure the account used for setup is a member of local administrators group; and
  • Firewall(s) must be configured to allow the following Internet ports:
    • External: Inbound/Outbound SMTP port 25/TCP
    • External: Inbound/Outbound SMTP ports 25/TCP and 2525/TCP
    • External: Inbound/Outbound DNS port 53/TCP and 53/UDP
    • Local to Edge server LDAP port 50389/TCP
    • Internal: Outbound Secure LDAP port 50636TCP

Verify that you have met all the prerequisites to determine what is halting the Exchange 2013 Edge Transport Server installation. After the Edge Transport role installation is complete, additional configurations, such as creating an Edge subscription, are needed to deploy Edge-Sync between the Edge Transport server and internal Exchange 2013 servers.

Next Steps

Why fewer Exchange 2013 server roles are better

Methods for rebuilding the Edge Transport Server role

The role of server roles in an Exchange 2013 upgrade

Is Exchange 2013 as protected as it could be?

Dig Deeper on Exchange Server setup and troubleshooting