File Transfer Agent cannot send/get replication data to Replica Replicator on Edge

skype-for-businessThe sympthom is that on Skype for Business Front End Server you see Event ID 1046 LS File Transfer Agent Service in the Event Log:

Skype for Business Server 2015, File Transfer Agent cannot send replication data to Replica Replicator on Edge

Skype for Business Server 2015, File Transfer Agent cannot get replication status from Replica Replicator Agent on Edge
Edge machine: EDGENAME
Exception: System.ServiceModel.Security.MessageSecurityException: The HTTP request was forbidden with client authentication scheme ‘Anonymous’. —> System.Net.WebException: The remote server returned an error: (403) Forbidden.
at System.Net.HttpWebRequest.GetResponse()
at System.ServiceModel.Channels.HttpChannelFactory1.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout)
— End of inner exception stack trace —
Server stack trace:
at System.ServiceModel.Channels.HttpChannelUtilities.ValidateAuthentication(HttpWebRequest request, HttpWebResponse response, WebException responseException, HttpChannelFactory
1 factory)

Cause: Service may be unavailable or Network connectivity may have been compromised.
Verify that Replica Replicator Agent service is running on the Edge machine, network connectivity is available and TLS is configured correctly. For details, see

On the Edge Server you may see Event ID 3045 and message:

The Replication synthetic transaction has not been updated in a significant time period.

Possible causes:

  1.  Ensure that all needed certificates are in place on Edge Server in the same way as described here
  2. Check that service is running and listening on port:

https://<Edge FQDN>:4443/replicationwebservice

3. Ensure that Intermediate Certificates are not present in Trusted Root. If they are – remove them and execute:

4. if all above did not help change Authentication Trusted Mode of Schannel:

  • Open Regedit as Administrator
  • Go to HKLM\SYSTEM\CurrentControlSet\Control\Security\Providers\SCHANNEL
  • Right click and add the DWORD key. Name it ClientAuthTrustMode
  • Set the value of the DWORD to 2
  • Restart the server

ClientAuthTrustMode Event ID Event ID 1047Check that it is working:

Run the following command line to invoke the replication between the servers


Wait a couple of minutes and check the status of the replication again using the PowerShell command line



Want me to do this for you? Drop me a line: itgalaxyzzz {at} gmail [dot] com