Lync 2013 Edge - Windows Standard 2012 - Set-CSCertificate gives me "The buffer supplied to a function was too small."

Similar Messages

• Set up Search Service App For SharePoint server 2013 on Windows server 2012 R2 not working

  Hi all,
  I installed SharePoint server 2013 on Windows  server 2012 R2 using VirtualBox.  I created a DC(domain controller) server with a domain set up on one VM and it has SQL server 2012 SP1 installed. Then SharePoint 2013 on another VM was set up to access
  the DC server.  Everything seems working except Search Service App which cannot be sucessfully set up. Creation process for Search service app says Successful and 4 search databases were created and look fine. But when I navigate to search service app
  admin page, it gives error info:
  System status:  The search service is not able to connect to the machine that hosts the administration component. Verify that the administration component '386f2cd6-47ca-4b3a-aeb5-d9116772ef16' in search application 'Search Service Application 1' is in
  a good state and try again.
  Search Application Topology:  Unable to retrieve topology component health states. This may be because the admin component is not up and running.
  From event viewer, I see following errors:
  (1) Error From source: SharePoint Server
  Application Server Administration job failed for service instance  Microsoft.Office.Server.Search.Administration.SearchServiceInstance
  (b7c72eb8-cbaf-435e-b4c9-963cb6e4e745).
  Reason: The object you are trying to create already exists. Try again using a different name.  
  Technical Support Details:
  System.Runtime.InteropServices.COMException (0x80040D02): The object you are trying to create already exists. Try again using a different name.  
     at Microsoft.Office.Server.Search.Administration.SearchServiceInstance.Synchronize()
     at Microsoft.Office.Server.Administration.ApplicationServerJob.ProvisionLocalSharedServiceInstances(Boolean
  isAdministrationServiceJob)
  (2) Error From source: SharePoint Server Search
  Could not access the Search database. A generic error occurred while trying to access the database to obtain the schema version info.
  Context: Application '386f2cd6-47ca-4b3a-aeb5-d9116772ef16'
  (3) Warning from source: SharePoint Server Search
  A database error occurred. Source: .Net SqlClient Data Provider Code: 8169 occurred 0 time(s) Description:  Error ordinal: 1 Message:
  Conversion failed when converting from a character string to uniqueidentifier., Class: 16, Number: 8169, State: 2    at
  System.Data.SqlClient.SqlConnection.OnError(SqlException exception, Boolean breakConnection, Action`1 wrapCloseInAction)
  (4) Error From source: SharePoint Server
  Application Server Administration job failed for service instance Microsoft.Office.Server.Search.Administration.SearchServiceInstance
  (b7c72eb8-cbaf-435e-b4c9-963cb6e4e745).
  Reason: The gatherer application could not be mounted because the search administration database schema version does not match the expected backwards compatibility schema version. The database might not have been upgraded.  
  Technical Support Details:
  System.Runtime.InteropServices.COMException (0xC0041235): The gatherer application could not be mounted because the search administration database schema version does not match the expected backwards compatibility schema version. The database might not have
  been upgraded.  
  Since separate DC server and SharePoint server do not work, I installed SharePoint 2013 on DC server ( so DC server has everything on it now ) but it gives exactly same result. Later I installed SharePoint 2013 SP1 and still have the same problem with Search
  Service app. I spent two weeks tried all suggestions available from Web and Google but SharePoint Search Service simply does not work. Config and other databases work but why Search Service has this issue seemingly related to search DB.
  Could anybody please help out? You deserve a top SharePoint consultant award if you could find a solution. I am so frustrated and so tired by this issue.    This seems also to be a SP set up issue.
  Thanks a lot.

  Using new Search Service App wizard to create SSA is always a success. I could delete existing SSA and recreate it and no problem. It says successful but when I open Search Admin page from CA, it gives me errors as mentioned.
  Now I used the following PS script for creating SSA from Max Mercher, but it stays at the last setps in following script:
  Add-PsSnapin Microsoft.SharePoint.PowerShell -ErrorAction SilentlyContinue
  $IndexLocation = "C:\Search"  #Location must be empty, will be deleted during the process!
  $SearchAppPoolName = "SSAPool"
  $SearchAppPoolAccountName = "mydomain\admin"
  $SearchServiceName = "SSA"
  $SearchServiceProxyName = "SSA Proxy"
  $DatabaseServer = "W12R2DC1"
  $DatabaseName = "SSA"
  $spAppPool = Get-SPServiceApplicationPool -Identity $SearchAppPoolName -ErrorAction SilentlyContinue
  if (!$spAppPool)
   $spAppPool = New-SPServiceApplicationPool -Name $SearchAppPoolName -Account $SearchAppPoolAccountName -Verbose
  $ServiceApplication = Get-SPEnterpriseSearchServiceApplication -Identity $SearchServiceName -ErrorAction SilentlyContinue
  if (!$ServiceApplication)
  # process stays at the following step forever, already one hour now.  
  $ServiceApplication = New-SPEnterpriseSearchServiceApplication -Name $SearchServiceName -ApplicationPool $spAppPool.Name -DatabaseServer  $DatabaseServer -DatabaseName $DatabaseName
  Account mydomain\admin is an farm managed account, domain admin account, in WG_ADMIN role, It is in all SQL server roles and is DBO. I see search DBs are already on SQL server. From Event viewer, I got following errors in sequence:
  (1) Crawler:Content Plugin under source Crawler:Content Plugin 
  Content Plugin can not be initialized - list of CSS addresses is not set.
  (2) Warning for SharePoint Server Search
  A database error occurred. Source: .Net SqlClient Data Provider Code: 8169 occurred 0 time(s) Description:  Error ordinal: 1 Message: Conversion failed when converting from a character string to uniqueidentifier., Class: 16, Number: 8169, State: 2   
  at System.Data.SqlClient.SqlConnection.OnError(SqlException exception, Boolean breakConnection, Action`1 wrapCloseInAction)
  (3) Error for SharePoint Server Search
  Could not access the Search database. A generic error occurred while trying to access the database to obtain the schema version info.
  Context: Application 'cbc5a055-996b-44a7-9cbc-404322f9cfdf'
  (4) Error for SharePoint Server
  Application Server Administration job failed for service instance Microsoft.Office.Server.Search.Administration.SearchServiceInstance (b7c72eb8-cbaf-435e-b4c9-963cb6e4e745).
  Reason: The gatherer application could not be mounted because the search administration database schema version does not match the expected backwards compatibility schema version. The database might not have been upgraded. 
  (5) Error Shared Services for SharePoint Server Search 
  Application Server Administration job failed for service instance Microsoft.Office.Server.Search.Administration.SearchServiceInstance (b7c72eb8-cbaf-435e-b4c9-963cb6e4e745).
  Reason: The object you are trying to create already exists. Try again using a different name. 
  Technical Support Details:
  System.Runtime.InteropServices.COMException (0x80040D02): The object you are trying to create already exists. Try again using a different name. 
     at Microsoft.Office.Server.Search.Administration.SearchServiceInstance.Synchronize()
     at Microsoft.Office.Server.Administration.ApplicationServerJob.ProvisionLocalSharedServiceInstances(Boolean isAdministrationServiceJob
  Above errors keep being generated. Last step for SSA creation stay there forever.  Any clue what is really going on?  Thanks.

• Is it ok to install Exchange 2013 on Windows Server 2012 Standard?

  Hello everyone,
  I'd like to know if it is ok/safe to install Exchange Server 2013 on Windows Server 2012 Standard?
  As I started doing some research and noticed a page where Microsoft states they don't recommend running Exchange on Server 2012 Standard, and recommend making 2 different servers one for Active Directory and another for Exchange.
  On that page they also listed some features that wouldn't work in case of Exchange is running on Server 2012. And that it may put a larger data load if setup this way.
  I am hoping someone knowledgeable can explain and tell me if it is safe to use such setup or if it is better to use something like SBS 2011 Standard instead, which has Exchange included?
  Has anyone installed Exchange 2013 on Server 2012 Standard successfully and used it for more then several months without problems?
  Also just to give an idea on my background, I've been in IT field fairly long but haven't really updated to newer versions much and mainly used SBS 2003 and 2008 only with a few clients so haven't used 2008 too much.
  Thanks in advance.

  Few things to note.
  There is
  NO SBS in 2012
  All you need is a Std edition of Windows for Exchange 2013, as there is no difference in features between Std and Datacenter as far as Exchange is concerned.
  For 10 users, you can have one box with both AD and Exchange. It is not MS recommeded, but it IS supported.
  Rajith Enchiparambil |
  http://www.howexchangeworks.com |

• Lync 2013 Edge Server Issues

  Forgive me if this question sounds rather "entry level", I have never worked with Lync and this project was handed to me by my boss, who hasn't worked with Lync either.
  I have been reading various posts and forum messages until I went cross eyed about setting up Lync 2013 Edge server correctly.  I am still running into some questions and issues with the Access, Web, and A/V services starting.  Here is my main
  question, and below is my setup. 
  Question:
  Is there a need for both an external and internal nic card IF all three external IP's for the external services are programmed at the firewall and router to go directly to 1 internal IP address?
  Setup:
  Currently I have 1 FE-Standard server that also acts as the Mediation Server, and 1 Edge Server both of which are virtual and running Server 2012.  Originally I did have 2 network cards setup, as all other documentation suggested, 1 external and 1 internal. 
  However my boss, who setup the DNS/Firewall entries stated to remove the External Card since the external address that was setup for the 3 services was routed to 1 internal address. The Access Services, Web Services, and A/V services are all running on three
  separate ports with their own unique FQDN- 443, 444, and 445.  The cert that was deployed is a wild card cert from GoDaddy, this has been used by other servers that point inside and outside without issues.  
  Issues and Errors Messages:
  I have run into a few different issues and error messages from the Event Viewer:
  System
  Provider
  [ Name]
  LS Protocol Stack
  EventID
  14352
  [ Qualifiers]
  50153
  Level
  2
  Task
  1001
  Keywords
  0x80000000000000
  TimeCreated
  [ SystemTime]
  2013-09-09T15:44:51.000000000Z
  EventRecordID
  2885
  Channel
  Lync Server
  Computer
  edgesvr01
  Security
  EventData
  0xC3E93C0A
  SIP_E_STACK_TRANSPORT_FAILED
  System
  Provider
  [ Name]
  LS Server
  EventID
  12303
  [ Qualifiers]
  50152
  Level
  2
  Task
  1000
  Keywords
  0x80000000000000
  TimeCreated
  [ SystemTime]
  2013-09-09T15:44:51.000000000Z
  EventRecordID
  2884
  Channel
  Lync Server
  Computer
  edgesvr01
  Security
  EventData
  80072741
  The requested address is not valid in its context.
  System
  Provider
  [ Name]
  LS Protocol Stack
  EventID
  14336
  [ Qualifiers]
  50153
  Level
  2
  Task
  1001
  Keywords
  0x80000000000000
  TimeCreated
  [ SystemTime]
  2013-09-09T15:44:51.000000000Z
  EventRecordID
  2883
  Channel
  Lync Server
  Computer
  edgesvr01
  Security
  EventData
  TLS
  external IP address that is now used now
  5061
  Please help, I am at a loss as to where to go from here.

  Thanks for the quick responses. 
  I have re-enabled the external NIC.  All services are running now.  When I ran the Remote Connectivity tester this was the outcome.
  Testing remote connectivity for user: username@domain... to the Microsoft Lync server.
   Specified remote connectivity test(s) to Microsoft Lync server failed. See details below for specific failure reasons.
  Test Steps
  Attempting to resolve the host name lync.metisconnect.com in DNS.
   The host name resolved successfully.
  Additional Details
   IP addresses returned: xxx.xxx.xxx.xxx (external address)
  Testing TCP port 443 on host: host fqdn to ensure it's listening and open.
   The port was opened successfully.
  Testing the SSL certificate to make sure it's valid.
   The certificate passed all validation requirements.
  Test Steps
  The Microsoft Connectivity Analyzer is attempting to obtain the SSL certificate from remote server host fqdn on port 443.
   The Microsoft Connectivity Analyzer successfully obtained the remote SSL certificate.
  Additional Details
   Remote Certificate Subject: CN=*.ourdomain.com, OU=Domain Control Validated, Issuer: SERIALNUMBER=######, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona,
  C=US.
  Validating the certificate name.
   The certificate name was validated successfully.
  Additional Details
   The host name that was found, lync.metisconnect.com, is a wildcard certificate match for common name *.ourdomain.com.
  Certificate trust is being validated.
   The certificate is trusted and all certificates are present in the chain.
  Test Steps
  The Microsoft Connectivity Analyzer is attempting to build certificate chains for certificate CN=*.ourdomain.com, OU=Domain Control Validated.
   One or more certificate chains were constructed successfully.
  Additional Details
   A total of 1 chains were built. The highest quality chain ends in root certificate OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US.
  Analyzing the certificate chains for compatibility problems with versions of Windows.
   Potential compatibility problems were identified with some versions of Windows.
  Additional Details
   The Microsoft Connectivity Analyzer can only validate the certificate chain using the Root Certificate Update functionality from Windows Update. Your certificate may not be trusted on Windows if the "Update Root Certificates" feature isn't enabled.
  Testing the certificate date to confirm the certificate is valid.
   Date validation passed. The certificate hasn't expired.
  Additional Details
   The certificate is valid. NotBefore = 7/31/2013 4:02:03 PM, NotAfter = 7/31/2014 4:02:03 PM
  Testing remote connectivity for user username@domain to the Microsoft Lync server.
   Specified remote connectivity test(s) to Microsoft Lync server failed. See details below for specific failure reasons.
    Tell me more about this issue and how to resolve it
  Additional Details
   Couldn't sign in. Error: Error Message: Operation failed because the network connection was not available..
  Error Type: ConnectionFailureException.
  External calls from a 3g/4g data connection are not connecting when using the Lync call feature to an internal users Lync Client.  Outcome is: Connecting Call and No Audio.  Then call ends.

• Lync 2013 Edge Server

  I have a few questions on setting up a Lync 2013 Edge Server.  Let me give a little background into what is going on.  My comapny currently still has the old Communicator server(1 user left to migrate to Lync!) and a Lync 2013 that is all setup
  and functional.  Our current Lync environment is only internal, since we do not have a Edge Server setup.  That is what I am task to work on now.  I have read alot of guides on how to build this server, where it needs to be placed in the DMZ,
  and what is needed for it. 
  First question - Is there a hardware spec needed for this server?
  Second question - I read that 3 public ip are needed.   What are they needed for?  So I can explain to our network guys why I need this.
  Third question - Does it matter if the Edge server is on the domain or not?  I read it shouldnt be.  I dont think it will be an issue either way for me, but its easier to manage if on the domain.
  Fourth question - Should I finish my Communicator server decom before worrying about the Edge server? 
  Final question - is there a guide on how to get rid of the Communicator Server Connections to our Lync Server?
  Thanks in advance.

  First question - Is there a hardware spec needed for this server?
  Second question - I read that 3 public ip are needed.   What are they needed for?  So I can explain to our network guys why I need this.
  Third question - Does it matter if the Edge server is on the domain or not?  I read it shouldnt be.  I dont think it will be an issue either way for me, but its easier to manage if on the domain.
  Fourth question - Should I finish my Communicator server decom before worrying about the Edge server? 
  Final question - is there a guide on how to get rid of the Communicator Server Connections to our Lync Server?
  First question- HW spec  https://technet.microsoft.com/en-us/library/gg398835.aspx
  For your reference, my edge servers happen to have 40 GB ram and 2x'E5-2690 2.9GHz' ... they don't have to be physical ... can be virtual however.
  Second - 3 IP's are recommended ... it makes it easier because you can use standard ports as opposed to straying from 443 etc. ... and it makes troubleshooting easier.  All three of the edge services include a 443 requirement - and, with SSL you can't
  just share that socket on a single IP - so, lucky service gets 443.  Also, you can segregate the traffic and see exactly what is happening.  If you only had 1 IP - many scenarios in Lync would not work (e.g., I'm at a hotel and yoru AV port is not
  allowed through the firewall). 
  Here is a wonderful reference - https://blogs.perficient.com/microsoft/2012/12/lync-scaled-consolidated-edge-public-ip-addresses/
  Third - it is recommened that it is NOT domain joined - however, it's ok that it is.  Mine IS domain joined because I have a domain in my DMZ and it assists with management (etc.) and may be required for yoru security.  Your call.  IMO, if
  you have a domain , join it.  Why not?
  RE: OCS - there is a migration path from OCS 2007 R2 to Lync 2013 as per https://technet.microsoft.com/en-us/library/gg425764.aspx   and several documents on the Internet that show the process for those who need to do so.   It's not trivial.
  Another interesting link:  http://blogs.technet.com/b/saleesh_nv/archive/2014/04/24/lync-2013-tri-co-existance.aspx

• Lync 2013 Edge & Web proxy

  Hi Everyone
  I'm having a little trouble getting my head around the setup for Lync external access.
  I have setup an ADFS server, Lync 2013 server(works internally), 2012 web proxy server(doing nothing) and an edge server(currently doing nothing).
  My understanding is that the Edge and Web proxy server are in "parallel", I.E, they both face the WAN as they perform different tasks.
  The problem I have is that I'm unsure how to map everything correctly, I also don't understand how an external Lync client will get it's config. If my domain setup is:
  something.domain.internal, and I would like to register a DNS entry externally as something.domain.external. How do I map those correctly via the web proxy and edge server? Sending the request via the firewall is easy enough, however I'm unsure how I'm supposed
  to define them on my servers. Is the Lync server supposed to know about the external URL? Or does it not care?

  Hi,
  The Edge Servers run the services that allow external access to IM and presence, conferencing, audio/video, and other media services. You can also configure the Edge Server to federate with other Lync Server and other XMPP deployments.
  Lync Server uses the reverse proxy to publish a number of features, such as conferencing meetings, conference join locations, the address book, distribution list expansion, downloading meeting content, device updates, Mobility services, and more. Any reverse
  proxy that can meet the requirements for publishing the necessary resource locations can be used.
  You just need to define the Edge information in topology builder and publish it. Then configure the server as defined in topology and install local configuration store, setup Lync components and assign certificate. Here is a topology that
  using private IP addresses and NAT.
  http://technet.microsoft.com/en-us/library/gg399001.aspx
  Here are other resource how to publish Lync Server web services
  http://blogs.technet.com/b/dodeitte/archive/2013/10/29/how-to-publish-lync-server-2013-web-services-with-windows-server-2012-r2-web-application-proxy.aspx
  https://social.technet.microsoft.com/wiki/contents/articles/9807.how-to-configure-forefront-tmg-2010-as-reverse-proxy-for-lync-server-2010.aspx
  Kent Huang
  TechNet Community Support

• Do we need License for Lync 2013 Edge server?

  Hello Team,
  We are currently running Lync 2013 Standard Edition Server. We are planning to enable users for External access and planning to deploly Lync 2013 edge server.
  1. Do we need License for Lync 2013 Edge server?
  2. Any other client licenses needed?
  Please advise.

  Hi,
  No you don't required any additional License in order to install Lync Edge server. the only license required at OS level i mean windows server licence in terms of Lync concern you don't require any additional License   
  check this 
  https://products.office.com/en-us/lync/microsoft-lync-licensing-overview-lync-for-multiple-users
  http://lyncuc.blogspot.in/2013/02/lync-2013-licensing-guide-how-to.html
  And for client also you don't require any additional license with your existing client license will work for externally as well
  Whenever you see a helpful reply, click on Vote As Helpful & click on Mark As Answer if a post answers your question.

• Install sharepoint 2013 on Windows server 2012, Microsoft Identity Extensions issue !!!!!!!!!

  Sharepoint 2013 comes with prerequisitesinstaller.exe to install the software required for the actual Sharepoint installation.
  I 've installed Windows server 2012 in the R2 edition as well as Standard edition, but installing the prerequisites ends with an issue for the Microsoft Identity Extensions (MIE) on both versions (screenshot).
  The 2012 R2 server has been updated with all latest files by executing Windows update.
  In case of the Server 2012 R2,  MIE is already installed , but somehow the Sharepoint installation is missing something.
  I al;so tried removing default install to let prerequisiteinstaller.exe to install it's own version, but that did not help.
  When I skip the prerequisites remaining items, the Sharepoint installation stops directly , requesting the missing items.
  I've tried several Sharepoint server installation files, including the 180 days free version.
  Screenshots will be uploaded after my account has been checked......

  Hi Jay,
  Installing SharePoint Server 2013 on a computer that is running Windows Server 2012 R2 could lead to unexpected behavior, therefore, Microsoft does not support SharePoint Server 2013 in Windows Server 2012 R2.
  SharePoint Server 2013 with Service Pack 1 and SharePoint Foundation 2013 with Service Pack 1 will offer support for Windows Server 2012 R2.
  Refer to:
  SharePoint 2013 Support for Windows Server 2012 R2
  In addition, as Dave suggested, for the sharepoint server issue, please post in the dedicated forum for a better response.
  Best Regards,
  Anna Wang
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

• Not able to inistall Sharepoint 2013 on windows server 2012 r2

  Hi ,
  I am trying to install Sharepoint enterprise 2013 on windows 2012 r2. In very early stage i got issue when i ran prerequisite installer. 
  As we all know in this case we need to install prerequisite manually. I downloaded all the prerequisite and installed them manually. I have enabled all web and application role. then followed below link and installed all the prerequisite 
  http://iouchkov.wordpress.com/2013/10/19/how-to-install-sharepoint-2013-on-windows-server-2012-r2/
  SQL Server 2008 R2 SP1 Native
  Client 
  Microsoft
  WCF Data Services 5.0 
  Microsoft Information Protection
  and Control Client (MSIPC)
  Microsoft Sync Framework Runtime
  v1.0 SP1 (x64) 
  Windows
  Identity Extensions 
  Windows
  Identity Foundation (KB974405) 
  Windows
  Server AppFabric
  CU
  1 for AppFabric 1.1 (KB2671763)
  All got installed correctly on server validated from control panel then i restarted the server and Ran  SharePoint Set up
  But still facing issue attached in form of image
  Please help me on this.
  kirtesh

  Hi kirtesh,
  According to your description, my understanding is that you got an error when you ran prerequisite installer.
  Please make sure the Windows Server Features and Role services are enabled in your SharePoint server.
  Start > All Programs > Administrative Tools > Server Manager->Add Roles and Features:
  i. Application Server
  ii. File Services
  iii. Web Server (IIS)
  Best Regards,
  Wendy
  Wendy Li
  TechNet Community Support

• Lync 2013 Edge server compatibility with Lyn 2010 Front end Pool

  Hi All,
  Technet article (http://technet.microsoft.com/en-us/library/jj688121.aspx) says the following:
  If your legacy Lync Server 2010 Edge Server is configured to use the same FQDN for the Access Edge service, Web Conferencing Edge service, and the A/V Edge service, the procedures in this section are not supported. If the
  legacy Edge services are configured to use the same FQDN, you must first migrate all your users from Lync Server 2010 to Lync Server 2013, then decommission the Lync Server 2010 Edge Server before enabling federation on the Lync Server 2013 Edge Server.
  Can you tell me why it is you have to change the External Lync Web services URL during a migration to Lync 2013 from Lync 2010. What purpose does this serve?
  Also can you clarify this and explain why this is required, why would you have to migrate all of your users, would a Lync 2013 Edge not talk to a Lync 2010 front-end?
  Any help would be much appreciated. MANY THANKS.

  Thank you very much for all your inputs.
  We still have few questions:
  Questions:
  Can you tell me if Lync 2010 users will be able to login using mobility if we repoint the reverse proxy (TMG) web services publishing rule to the Lync 2013 server? Remember both systems Lync 2010 and 2013 are using the same web
  services URL so they will both end up at the Lync 2013 server. Alternatively if not we will migrate all users to 2013, this is not a problem
  In addition to this I cannot find anything that states how Exchange UM will operate when you are running from a backup pool and the exchange UM contacts are not available because they are homed on the server that is down. This
  configuration is 2 x standard edition servers pool paired. How can we make sure Exchange voice mail works during a pool failover?
  Call Park is not clear to me I read the following:
  Lync Server 2013 provides new disaster recovery mechanisms in the form of failover and failback processes. These failover and failback processes support recovery of Call Park functionality by allowing
  users who are homed in the primary pool to leverage the Call Park application of the backup pool when an outage occurs in the primary pool. Support for disaster recovery of the Call Park application is enabled as part of the configuration and deployment of
  paired Front End pools.
   Is this saying we need to deploy Call Park in the DR pool and use a different range of orbit numbers, or can we use the same range in the DR pool?
  Further, I can see that Common Area Phones will be fine as they will log into the DR pool automatically. Response Groups need to be exported and imported to the DR pool. Incidentally these did not migrate well at all and have
  caused us a big headache!
  Any inputs will be greatly appreciated. Thanks again for all of your time.

• Lync 2013 edge-no reverse proxy question

  I deployed lync 2013 edge server and no reverse proxy yet.I am trying to connect from my windows 7 machine with no luck and I can see a top reset on the firewall,my question is is reverse proxy required for the normal client to connect and do basic IM?
  Plz confirm.thx

  *****Update**********
  now when i am trying to test connevity using microsoft connecvitry analyer i am getting error realted to the external certifictare stating that " certificate couldn't be validated because SSL negotiation
  wasn't successful. This could have occurred as a result of a network error or because of a problem with the certificate installation." with UC troubleshotter i am getting the same.any idea?
  PS certificate is from Digi
  cert and i have checked the installation with thier tool and all was green
  regards
  The certificate couldn't be validated because SSL negotiation wasn't successful. This could have occurred as a result of a network error or because of a problem with the certificate installation.
  The certificate couldn't be validated because SSL negotiation wasn't successful. This could have occurred as a result of a network error or because of a problem with the certificate installation.
  The certificate couldn't be validated because SSL negotiation wasn't successful. This could have occurred as a result of a network error or because of a problem with the certificate installation.
  The certificate couldn't be validated because SSL negotiation wasn't successful. This could have occurred as a result of a network error or because of a problem with the certificate installation.
  The certificate couldn't be validated because SSL negotiation wasn't successful. This could have occurred as a result of a network error or because of a problem with the certificate installation.
  The certificate couldn't be validated because SSL negotiation wasn't successful. This could have occurred as a result of a network error or because of a problem with the certificate installation.
  The certificate couldn't be validated because SSL negotiation wasn't successful. This could have occurred as a result of a network error or because of a problem with the certificate installation.
  The certificate couldn't be validated because SSL negotiation wasn't successful. This could have occurred as a result of a network error or because of a problem with
  the certificate installation.

• Lync 2013 Edge Server Deployment

  We have already deployed 5 Frontend Server (1 Standard Server and 1 Pool with 4 FE Servers) and one Edge Server some Days ago. Now we are trying to Setup another Lync 2013 Edge Server and get stucked.
  When we try to Import the Configuration File, which we had exported from a Frontend Server (export-Csconfiguration..) we get the following error:
        Cannot open database "xds" requested by the loging
  We can publish the topology on the Frontend Server without Errors.
  We have already deinstalled all the lync and SQL componentes and tried again  - no success
  Best regards
  Bueschu
  Bueschu

  On reviewing the error and confirming the backup service was started, in order to resolve the issue the following actions were performed.
  1. In the Lync Topology Builder remove the front end resiliency settings that were previously applied and publish the topology.
  2. Connect to each front end server that comprises the pool pairing and run step two of the deployment wizard, by performing this the replicator and backup services will be removed and essentially the pairing will be broken.
  3. In the topology Builder re-apply the resiliency settings and publish the topology in order to recreate the pairing.
  4. Connect to each front end server that comprises the pool pairing and run step two of the deployment wizard, by performing this the replicator and backup services will be added again. Once the deployment wizard is completed, ensure the
  backup services are started on each front end and ensure the Invoke-CSBackupServiceSync PowerShell commands are run as per the "What to do next" information.
  5. In the Lync Server Mangement Shell run the "Get-CsBackupServiceStatus -PoolFqdn yourpool.domain.local" and ensure the services is operating in a normal state for both front end servers.
  That's it, the deployment wizard and associated xds database access error should now be cleared.
  Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question, please click "Mark As Answer"

• Lync 2013 Edge replication not working

  hi, I have a Lync 2013 Edge replication issue - it is simply not working.
  UpToDate           : False
  ReplicaFqdn        : LyncEdge.contoso.com
  I have already checked the following:
  1) telnet from FEP servers to the Edge sever on port 4443 is working
  2) Certificates are installed correctly - Lync Federation, Voice/Video to Skype, Lync Mobile is all working fine.
  3) Replication traffic checking showing the following error in XDS logs:
  (000000000126DB35)[FileTransferTask(11, 9/03/2015 2:44:24 PM): {TASK_NOT_STARTED, fromReplica, [lyncedge.contoso.com, HttpsWebService, 4443], 0}] Failed to copy files from replica. Exception: [System.ServiceModel.Security.MessageSecurityException: The HTTP
  request was forbidden with client authentication scheme 'Anonymous'. ---> System.Net.WebException: The remote server returned an error: (403) Forbidden.
     at System.Net.HttpWebRequest.GetResponse()
     at System.ServiceModel.Channels.HttpChannelFactory.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout)
     --- End of inner exception stack trace ---
  Server stack trace:
     at System.ServiceModel.Channels.HttpChannelUtilities.ValidateAuthentication(HttpWebRequest request, HttpWebResponse response, WebException responseException, HttpChannelFactory factory)
     at System.ServiceModel.Channels.HttpChannelUtilities.ValidateRequestReplyResponse(HttpWebRequest request, HttpWebResponse response, HttpChannelFactory factory, WebException responseException, ChannelBinding channelBinding)
     at System.ServiceModel.Channels.HttpChannelFactory.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout)
     at System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout)
     at System.ServiceModel.Dispatcher.RequestChannelBinder.Request(Message message, TimeSpan timeout)
     at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
     at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
     at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
  Exception rethrown at [0]:
     at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
     at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
     at Microsoft.Rtc.Xds.Replication.Common.IReplicationWebService.DownloadFiles(String senderFqdn, String sourceDirPath, String tempDirPath)
     at Microsoft.Rtc.Xds.Replication.FileTransfer.FileTransferTask.CopyFilesFromReplicaUsingWcf(String fromDir, String tmpDir, String toDir)]
  I have checked certificate stores: there are only 34 certificates in the Root folder and the SendTrustedIssuerList reg. key has been configured, which did not solve the issue.
  Any idea how to troubleshoot this or possible root causes?

  Try Test-CsComputer on the Frontend Servers and the Edge Servers. This should check Windows Firewall exceptions are correct. Then check permissions on your Lync fileshare. You can also try to reinstall CMS Database with the following command (user must be
  memeber of CsAdministrator group and sysadmin group of SQL Server)
  Install-CsDatabase -CentralManagementDatabase -SqlServerFqdn CMS.FQDN 
  -SqlInstanceName DBInstance -Verbose

• Lync 2013 edge server request certificates

  I am deploying Lync 2013 edge server, how to get the certificate request file[certificate
  signing request (CSR)] on setp 3: Reques,install or Assign Certficates. 
  i need your help!
  Thanks!

  Agree with Jason.
  On the Certificate Request File page, type the full path and file name to which the request is to be saved.
  After you get Certificate Request File, you need to submit this file to your CA (by email or other method supported by your organization for your enterprise CA) and, when you receive the response file, copy the new certificate to this computer so that it
  is available for import.
  Check how to set up certificates for the internal edge interface at
  http://technet.microsoft.com/en-us/library/gg412750.aspx.
  Check how to set up certificates for the external edge interface
  http://technet.microsoft.com/en-us/library/gg398409.aspx.
  Lisa Zheng
  TechNet Community Support

• Lync 2013 Edge DNS config understanding

  Hey guys,
  I just set up our Lync 2013 frontend server, which is running fine internally. The Edge is runing as well, but I still have to do the port forwardings in the firewall and the external DNS configuration. But I got an understanding issue.
  I followed these instructions. "Edge server IP as specified in setup wizard" is very clear, but what exactly is meant with "Lync
  Reverse Proxy IP"
  Just to explain a bit the infrastructure, we got a Sophos UTM as firewall. In total we have attached 4 external IPs to the Sophos. For sure the external IP's on the FW are NATed to the 192.168.50.X of the external Edge interface.
  80.123.250.160 sip.mydomain.com
  80.123.250.161
  webconf.mydomain.com
  80.123.250.162 av.mydomain.com
  80.123.250.163 mail.mydomain.com and general stuff
  So if I understand it correct, it should just be one
  of the IP's which are connected to the FW, so I could just take the 80.123.250.160 or am I missing something?
  Thanks in advance.
  Kind regards,
  Chris

  The Lync Reverse Proxy IP refers to a reverse proxy such as IIS ARR
  http://blogs.technet.com/b/nexthop/archive/2013/02/19/using-iis-arr-as-a-reverse-proxy-for-lync-server-2013.aspx that is a separate server than the Edge server and cannot be collocated on the Edge server.  It proxies web traffic to the external web
  services FQDN, and simple URLs on your Front End server from the Internet.
  If you only have 4 IPs, but are using a reverse proxy to NAT traffic to mail.mydomain.com, you could potentially also use this same reverse proxy but you'll need either a wildcard certificate or a certificate that includes all the names you'll need for the
  SAN. If you're not using a reverse proxy and instead are directly transferring traffic to mail.mydomain.com, I'd suggest setting up an IIS ARR server for this purpose and using the same reverse proxy to transfer all traffic.
  If that's not possible, you may have to use a single external IP for your edge (.160) and use another (.161) for your Lync reverse proxy.
  Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question please click "Mark As Answer".
  SWC Unified Communications
  This forum post is based upon my personal experience and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.