Hi all.
I've run into an issue with New-MoveRequest which I'm hoping someone here has come across before. I've outlined the technical environment in other posts, so I won't go into as much depth here, but to save digging up those old posts, here's a quick overview before asking the question.
We're migrating from Sun Java Messaging, however we can't do this directly from SJM to Exchange 2010. Instead, we have a new forest in between that hosts both Exchange 2003 SP2 and Exchange 2010. The process for moving a mailbox looks like this:
Sun JM -> Exchange 2003 (via the 2003 Migration Wizard over IMAP; Migration domain) -> Exchange 2010 (Migration domain) -> Exchange 2010 (Test domain)
Obviously, if we can get this to work in the Test domain, then that would be swapped around for the production domain at implementation time. It's not the migration model I had hoped for, but because the Microsoft Transporter Suite cannot talk to Sun JM version 6 (well, it can, but it's also covered in a previous post as to why it isn't fully working) I can't just have a single installation of Exchange 2007 SP2 in the migration domain.
I've been able to successfully run the Prepare-MoveRequest PS script, but when I try to use the EMC to execute a remote mailbox move, I get the below error. Some of the wording implies there's an issue with the certificate on the Migration domain Exchange 2010 server, which makes sense given that it only has its self-issued certificate available for use. I'm not sure that this is the actual root cause of the fault or not, which is why I'm posting here looking for advice. If it is the root cause, then is there a work-around, or am I stuck with having to install a PKI infrastructure such as Certificate Services to make some kind of progress?
Cheers,
Lain
Summary: 1 item(s). 0 succeeded, 1 failed.
Elapsed time: 00:00:41
username1
Failed
Error:
Service 'net.tcp://excsrv01.test.university.edu.au/Microsoft.Exchange.MailboxReplicationService' encountered an exception. Error: The call to 'https://excsrv01.migration.university.edu.au/EWS/mrsproxy.svc' failed. Error details: Could not establish trust relationship for the SSL/TLS secure channel with authority 'excsrv01.migration.university.edu.au'. --> The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. --> The remote certificate is invalid according to the validation procedure..
Exception details: MailboxReplicationTransientException (80004005): The call to 'https://excsrv01.migration.university.edu.au/EWS/mrsproxy.svc' failed. Error details: Could not establish trust relationship for the SSL/TLS secure channel with authority 'excsrv01.migration.university.edu.au'. --> The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. --> The remote certificate is invalid according to the validation procedure..
Exception details: SecurityNegotiationException (80004005): Could not establish trust relationship for the SSL/TLS secure channel with authority 'excsrv01.migration.university.edu.au'.
Exception details: WebException (80004005): The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.
Exception details: AuthenticationException (80004005): The remote certificate is invalid according to the validation procedure.
Exchange Management Shell command attempted:
'd87987d5-1d4e-416d-aafd-4755b7ed4029' | New-MoveRequest -RemoteHostName 'excsrv01.migration.university.edu.au' -Remote -RemoteCredential 'System.Management.Automation.PSCredential' -TargetDeliveryDomain 'test.university.edu.au'
Elapsed Time: 00:00:41