Understanding the Right Tool for Microsoft Exchange 2019 Edge Transport Troubleshooting
Test‑EdgeSynchronization: Normal Mode vs FullCompareMode
In Exchange environments that use an Edge
Transport server, EdgeSync plays a critical role in ensuring accurate and
secure mail flow. Administrators frequently use the Test-EdgeSynchronization
cmdlet to validate EdgeSync health.
However, confusion often arises around the
difference between Normal mode and FullCompareMode. This document
explains how both modes work, what they test internally, and when each should
be used.
What Is EdgeSync?
EdgeSync is the process by which Mailbox
servers push configuration and recipient routing data to the Edge Transport
server.
Important characteristics:
- Edge servers do not join Active Directory
- Data is stored locally in AD Lightweight Directory Services
(AD LDS)
- Synchronization occurs over secure LDAP (TCP port 50636)
EdgeSync consists of two synchronization
cycles:
- Configuration synchronization –
runs every 1 minute
- Recipient synchronization – runs
every 5 minutes
Test‑EdgeSynchronization (Normal Mode)
Normal mode is a health and connectivity
validation test.
It answers the question:
“Can EdgeSync run successfully?”
PowerShell Command
Test-EdgeSynchronization
What Normal Mode Checks
- Edge subscription existence
- Secure LDAP connectivity to Edge (TCP 50636)
- Certificate‑based authentication
- Ability to execute:
- Configuration synchronization
- Recipient synchronization
What Normal Mode Does NOT Check
- No comparison between Active Directory and Edge AD LDS
- No validation of recipient or connector data accuracy
- No detection of silent data drift
✅ Normal mode
can return Success even when Edge data is incomplete or incorrect.
When to Use Normal Mode
Use Normal mode for:
- Daily or routine health checks
- After restarting Exchange transport services
- After firewall or certificate changes
- After creating or renewing an Edge subscription
- Validations during business hours
It is fast, low‑impact, and safe to run
frequently.
Test‑EdgeSynchronization –
FullCompareMode
FullCompareMode is a deep integrity
validation test.
It answers the question:
“Is EdgeSync data correct and in sync
with Active Directory?”
PowerShell Command
Test-EdgeSynchronization -FullCompareMode
What FullCompareMode Checks
Everything in Normal mode plus:
- Object‑by‑object comparison between:
- Active Directory (Mailbox server)
- AD LDS (Edge server)
- Attribute‑by‑attribute validation of:
- Accepted domains
- Send connectors
- Mail‑enabled users, contacts, and groups
- ProxyAddresses
- TargetAddress and routing attributes
FullCompareMode detects:
- Missing recipients on Edge
- Orphaned or stale objects
- Attribute mismatches affecting mail routing
This mode is essential for troubleshooting
issues such as:
- 550 5.1.1 Unknown Recipient
- Hybrid mail routing inconsistencies
- Post‑recovery EdgeSync validation
Normal Mode vs FullCompareMode – Key
Differences
Normal Mode
- Confirms EdgeSync can run
- Verifies connectivity and trust
- Does not validate data correctness
- Fast and production‑safe
FullCompareMode
- Confirms EdgeSync data accuracy
- Detects silent routing issues
- Resource‑intensive
- Best used during off‑hours
Best Practices
- Use Normal mode for routine validation
- Use FullCompareMode when:
- Mail flow issues persist
- EdgeSync errors were recently fixed
- Bulk directory changes were made
- Avoid running FullCompareMode frequently in large environments
Final Takeaway
- Normal mode answers:
“Is EdgeSync operational?” - FullCompareMode answers:
“Is EdgeSync correct?”
Both are critical — but they serve different
purposes.
Test‑EdgeSynchronization: Normal Mode vs
FullCompareMode
Comparison Table
|
Category |
Normal Mode |
FullCompareMode |
|
PowerShell Command |
Test-EdgeSynchronization |
Test-EdgeSynchronization -FullCompareMode |
|
Primary Purpose |
Validates EdgeSync health and
connectivity |
Validates EdgeSync data accuracy and
consistency |
|
Type of Check |
Operational health check |
Deep integrity and correctness check |
|
Edge Subscription Validation |
Yes |
Yes |
|
LDAP Connectivity (TCP 50636) |
Yes |
Yes |
|
Certificate Trust Validation |
Yes |
Yes |
|
Configuration Sync Validation |
Yes |
Yes |
|
Recipient Sync Validation |
Yes |
Yes |
|
Object-by-Object Comparison |
No |
Yes |
|
Attribute-by-Attribute Comparison |
No |
Yes |
|
Accepted Domains Validation |
Basic presence |
Full comparison with AD |
|
Send Connector Validation |
Sync success only |
Full attribute comparison |
|
Mail-Enabled Users / Contacts |
Sync success only |
Full object comparison |
|
ProxyAddresses Validation |
No |
Yes |
|
TargetAddress / Routing Attributes |
No |
Yes |
|
Detects Silent Data Drift |
No |
Yes |
|
Detects Missing Recipients on Edge |
No |
Yes |
|
Typical Use Case |
Routine health checks and post-change
validation |
Troubleshooting mail flow or routing
issues |
|
Performance Impact |
Low |
Medium to High |
|
Execution Time |
Fast (seconds) |
Slow (can take minutes in large orgs) |
|
Safe During Business Hours |
Yes |
Not recommended |
|
Recommended Frequency |
Regular / Daily |
Only when required |
|
Typical Scenario |
“Is EdgeSync running?” |
“Why is mail flow still broken?” |
Comments
Post a Comment