Lync Server 2013 dropping global catalog in forest

I have an interesting issue. My Lync 2013 Server is connected to an AD network running at 2012. All my Lync 2013 clients can connect without issue, all the inherent Lync capabilities are functional (except desktop sharing, but that is another question for
later), and I get no general errors from my server.
However, when I go to administer to the system through PowerShell, or the Lync Command Console, I get the error:
"Cannot find any global catalog in the forest "xxxxx.yyy""
Therefore I cannot manage the server very well, if at all. Here is the real kicker. If I reboot the server, everything works great and I get no errors running admin powershell commands, or executing the Lync Command Console. This connectivity seems to work
for random lengths of time from 1-6 hours or so before "losing" the global catalog again.
Any thoughts on what is happening here?

We are using Standard Edition, and the deployment wizard will not complete when I am getting this error message. However, it works fine when I reboot the Lync Server system and it "reconnects" with the global catalog.
What I can't figure out is why it is "losing"the catalog, or really even where to start looking. Is that an Active Directory issue (Sites or other issue)? Is it a networking issue with DNS?
When the server "loses" the global catalog Lync clients still function normally, I can ping the server (by IP, FQDN, and machine name) from another system. Lync continues to communicate with Exchange and archive conversations, etc.. It just won't
run Lync powershell commands for admin, and the Lync Management Control Panelwon't recognize any login. It gives out a error stating "The application cannot verify your credentials" message.
This makes me think there is an issue with AD, but not sure where to start since users are not affected at all. Could there be a replication issue or something?

Similar Messages

Utilizing SQL Server as Lync Server 2013 backend and monitoring in different forest

Hello,
We are in process of deploying the Lync Server 2013 infrastructure enterprise pool, have a query regarding Lync Backend server.
Can we use a SQL server in all together different forest as backend for Lync 2013 topology, there is a two-way forest trust between the forests?

You can do if you can communicate the back-end server successfully. But it is not supported.
Please check the supported Active Directory topologies at
http://technet.microsoft.com/en-us/library/gg398173.aspx
Lisa Zheng
TechNet Community Support

Could not find any available Global Catalog in forest when running RemoteMailbox cmdlet

My current Exchange environment is a hybrid configuration of Office 365, Exchange 2013 hybrid, and Exchange 2007 on-premise.
I have a script responsible for enabling remote mailboxes and assigning O365 licenses to a list of users; essentially provisioning users an O365 mailbox. This script runs every hour through a defined scheduled task in the Task Scheduler.
The script is proven to work but will intermittently throw an error on some days: "Could not find any available Global Catalog in forest root.xyz.com"
Here are the nuances of the error when it does occur:
It will only throw the error when the script is run via scheduled task - the script will work fine if executed from the command line
The error occurs when "Enable-RemoteMailbox" or "Get-RemoteMailbox" is called.
The same error will occur with ANY script that calls "Enable-RemoteMailbox" or "Get-RemoteMailbox" and is ran via scheduled task - even when the RemoteMailbox cmdlet was the only line in the script
Here is the output and error when Get-RemoteMailbox -verbose is ran:
VERBOSE: [15:49:52.474 GMT] Get-RemoteMailbox : Active Directory session
settings for 'Get-RemoteMailbox' are: View Entire Forest: 'True',
VERBOSE: [15:49:52.489 GMT]
Get-RemoteMailbox : Runspace context: Executing
user: ,
Executing user organization: ,
Current organization: ,
RBAC-enabled:Disabled.
VERBOSE: [15:49:52.489 GMT] Get-RemoteMailbox : Beginning processing
VERBOSE: [15:49:52.521 GMT] Get-RemoteMailbox : Current ScopeSet is: {
Recipient Read Scope: {{, }},
Recipient Write Scopes: {{, }}, Configuration Read Scope: {{, }},
Configuration Write Scope(s): {{, }, },
Exclusive Recipient Scope(s): {},
Exclusive Configuration Scope(s): {} }
VERBOSE: [15:49:52.521 GMT] Get-RemoteMailbox : Resolved current organization: .
VERBOSE: [15:49:52.521 GMT] Get-RemoteMailbox : Searching objects "abose" of type "ADUser" under the root "$null".
VERBOSE: [15:49:52.536 GMT] Get-RemoteMailbox : Previous operation run on global catalog server 'evw-xyzdc-p02.ad.xyz.com'.
Get-RemoteMailbox : Could not find any available Global Catalog in forest root.xyz.com.
At C:\IDM_In\Scripts\MinimalTest.ps1:42 char:14
+ $abose = Get-RemoteMailbox 'abose' -verbose
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [Get-RemoteMailbox], ADTransientException
+ FullyQualifiedErrorId : E421EF0B,Microsoft.Exchange.Management.RecipientTasks.GetRemoteMailbox
VERBOSE: [15:49:52.567 GMT] Get-RemoteMailbox : Ending processing
What could be the cause of this intermittent error?
Thanks for any help

looks to me permission error as when you are running it via a schedule task is is not able to call exchange shell/ commands {confirm this} where as when you running this manually looks to me you open exchange shell, may be as admin also and then running
the script.
schedule task process is not able to get the permission..
MARK AS USEFUL/ANSWER IF IT DID
Thanks
Happiness Always
Jatin

Lync Server 2013 - CSAdForest Fails

I am attempting to install a new fresh install of Lync 2013.I receive the following error when trying to run prepare current forest.
> Prepare Forest
Enable-CSAdForest -Verbose -Confirm:$false -Report "C:\Users\admin\AppData\Local\Temp\Enable-CSAdForest-[2014_08_26][20_08_20].html"
Creating new log file "C:\Users\admin\AppData\Local\Temp\Enable-CSAdForest-64e5e013-c161-448f-af8e-f617a276c3ec.xml".
Enable the Active Directory forest to host Lync Server 2013 deployments.
Prepare Forest Active Directory settings execution failed on an unrecoverable error.
Creating new log file "C:\Users\admin\AppData\Local\Temp\Enable-CSAdForest-[2014_08_26][20_08_20].html".
WARNING: Enable-CSAdForest failed.
WARNING: Detailed results can be found at "C:\Users\admin\AppData\Local\Temp\Enable-CSAdForest-[2014_08_26][20_08_20].html".
Command execution failed: Length of the access control list exceed the allowed maximum.
I found one other thread
here, but it didn't give a resolution. Any help would be much appreciated.
Thanks!

Hi,
This issue may cause of Invalid access control entries (ACEs) for CN=RTC Service
Try to do the following path to solve the issue:
Click Start, click Run, type ldp, and then click OK.
In the LDP console, click the Connection menu, click Connect, type domain controller name, and then click OK.
On the Connection menu, click Bind, type the credentials of the domain administrator, and then click OK.
On the View menu, click Tree.
In the tree view interface, for BaseDN drop-down list, select the appropriate domain context, such as " CN=Configuration,DC=office,DC=contoso,DC=com," and then click OK.
Under CN=Configuration,DC=<domainname>,DC=com, locate to the object CN=Services, CN=Configuration,DC=office,DC=contoso,DC=com"
Under CN=Services, CN=Configuration,DC=office,DC=contoso,DC=com", locate to the object "CN=RTC Service,CN=Services,CN=Configuration,DC=office,DC=contoso,DC=com".
Right-click the object in step 7, click Advanced, select Security Descriptor, make sure that the SACL option and the "Text dump" option are unchecked and then click OK.
This will open a new window with security descriptor details
In the middle pane of the Security descriptor Window, select and delete all the access control entries (ACEs) that have “\0ADEL:” at the end in the Trustee column. Multiple ACEs can be selected and then click Delete ACE to delete them.
Close the security descriptor as soon as you delete the corresponding ACE's
Close the LDP console.
Then prepare Forest again.
Best Regards,
Eason Huang
Eason Huang
TechNet Community Support

Backing Up and Restoring Lync Server 2013/OCS 2007 R2 Co-existence Environment

Hello
I am seeking tips on how to build a replica of a Lync 2013/OCS 2007 R2 production pilot Co-existence environment in a test lab.
Lync 2013 is a standard Edition Pool
OCS 2007 R2 is an Enterprise Pool
Here is what I think...Is this feasible ? appreciate any other idea
1. Get Active Directory to Test Environment
For OCS 2007 R2 Servers
2. Use LCScmd on OCS 2007 R2 Servers to backup Global\Pool\Computer specific settings
3. Backup OCS 2007 R2 on Backend SQL Database
4. Restore data from steps 2 and 3 to equivalent servers created and prepared in test environment
For Lync 2013 SE Servers
5. Use the Lync 2013 Backup and Restore Process to bring up Lync Server 2013 into the test environment
http://technet.microsoft.com/en-us/library/hh202192.aspx
David

That should do it, as you said you'll need Active Directory as well so these accounts line up with something.
It may be easiest to restore into your virtual environment using virtual snapshots or Windows backups and fixing any corruption that may have occurred by restoring what you've backed up.
Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question please click "Mark As Answer".
SWC Unified Communications

RPC server is unavailable. (Exception from HRESULT: 0x800706BA) Lync Server 2013 Mirroring Configuration

Hi,
I am trying to Configure Mirroring in Lync server 2013, when in am selecting Install Database in Topology builder im able to install the Database in Principal but failing while installing the Mirroring following the detail.
▼ Install-CsMirrorDatabase Failed
└ Connection: Data Source=BPDBLSQWMV01.domain.com\IMPRINCIPAL;Failover Partner=BPDBLSQWMV02.domain.com\IMMIRROR;Initial Catalog=xds;Integrated Security=True 23-01-2014 22:53:34
└ ▼ InstallMirrorDatabaseCmdlet.StartMirroring 23-01-2014 22:53:34 Failed
└ Error: The RPC server is unavailable. (Exception from HRESULT: 0x800706BA)
▼ Details
└ Type: COMException
└ ▼ Stack Trace
└ at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode, IntPtr errorInfo)
at System.Management.ManagementScope.InitializeGuts(Object o)
at System.Management.ManagementScope.Initialize()
at Microsoft.Rtc.Management.Deployment.MirrorUtils.GetSqlServerAccount(String server, String instanceName)
at Microsoft.Rtc.Management.Deployment.TopologyParser.PopulateDatabasesForSqlInstance(ISqlInstance sqlInstance)
at Microsoft.Rtc.Management.Deployment.TopologyParser.FindDatabasesForMachine(IMachine machine)
at Microsoft.Rtc.Management.Deployment.TopologyParser.FindDatabasesForFqdn()
at Microsoft.Rtc.Management.Deployment.TopologyParser.GetDbListToMirror()
at Microsoft.Rtc.Management.Deployment.TopologyParser.get_DbInfoList()
at Microsoft.Rtc.Management.Deployment.InstallMirrorDatabaseCmdlet.StartMirroring()
at Microsoft.Rtc.Management.Internal.Utilities.LogWriter.InvokeAndLog(Action action)
23-01-2014 22:54:16 Error
└ Error: An error occurred: "System.Runtime.InteropServices.COMException" "The RPC server is unavailable. (Exception from HRESULT: 0x800706BA)" 23-01-2014 22:54:16 Error
Firewall is turned off and can able to configure Mirroring Manually in SQL Server by creating a test database.
▼ Install-CsMirrorDatabase Failed
└ Connection: Data Source=BPDBLSQWMV01.domain.com\IMPRINCIPAL;Failover Partner=BPDBLSQWMV02.domain.com\IMMIRROR;Initial Catalog=xds;Integrated Security=True 23-01-2014 22:53:34
└ ▼ InstallMirrorDatabaseCmdlet.StartMirroring 23-01-2014 22:53:34 Failed
└ Error: The RPC server is unavailable. (Exception from HRESULT: 0x800706BA)
▼ Details
└ Type: COMException
└ ▼ Stack Trace
└ at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode, IntPtr errorInfo)
at System.Management.ManagementScope.InitializeGuts(Object o)
at System.Management.ManagementScope.Initialize()
at Microsoft.Rtc.Management.Deployment.MirrorUtils.GetSqlServerAccount(String server, String instanceName)
at Microsoft.Rtc.Management.Deployment.TopologyParser.PopulateDatabasesForSqlInstance(ISqlInstance sqlInstance)
at Microsoft.Rtc.Management.Deployment.TopologyParser.FindDatabasesForMachine(IMachine machine)
at Microsoft.Rtc.Management.Deployment.TopologyParser.FindDatabasesForFqdn()
at Microsoft.Rtc.Management.Deployment.TopologyParser.GetDbListToMirror()
at Microsoft.Rtc.Management.Deployment.TopologyParser.get_DbInfoList()
at Microsoft.Rtc.Management.Deployment.InstallMirrorDatabaseCmdlet.StartMirroring()
at Microsoft.Rtc.Management.Internal.Utilities.LogWriter.InvokeAndLog(Action action)
23-01-2014 22:54:16 Error
└ Error: An error occurred: "System.Runtime.InteropServices.COMException" "The RPC server is unavailable. (Exception from HRESULT: 0x800706BA)" 23-01-2014 22:54:16 Error

"The RPC server is unavailable. (Exception from HRESULT: 0x800706BA)" error may occurs.There can be a few reasons for this error:
It was an issue with RPC ports, verify Firewall opened the full range and Try to run setup completed.
The remote computer is blocked by the firewall.
Solution: Open the Group Policy Object Editor snap-in (gpedit.msc) to edit the Group Policy object (GPO) that is used to manage Windows Firewall settings in your organization. Open
Computer Configuration, open Administrative Templates, open
Network, open Network Connections, open Windows Firewall, and then open either
Domain Profile or Standard Profile, depending on which profile you want to configure. Enable the following exception: "Allow Remote Administration Exception" and "Allow File and Printer Sharing Exception".
Host name or IP address is wrong or the remote computer is shutdown.
Solution: Verify correct host name or IP address.
The "TCP/IP NetBIOS Helper" service isn't running.
Solution: Verity that "TCP/IP NetBIOS Helper" is running and set to auto start after restart.
The "Remote Procedure Call (RPC)" service is not running on the remote computer.
Solution: Verity that "Remote Procedure Call (RPC)" is running and set to auto start after restart and.
The "Windows Management Instrumentation" service is not running on the remote computer.
Solution: Verity that "Windows Management Instrumentation" is running and set to auto start after restart.
Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question, please click "Mark As Answer"

What port number for Desktop Sharing using in Lync Server 2013 and Lync Online

Dear All,
My environment using Lync Server 2013 and Lync online on Office 365. I don't want my user using Desktop Sharing feature. then I need to know what port number for Desktop Sharing using in Lync Server 2013 and Lync Online.
I will deny this port on personal firewall each client.
Thank you for your advise.

Hi,
I'm not sure you'd be able to do this with ports without impacting other application sharing features such as Q&A, Whiteboard, Poll etc - I'm pretty sure they all come under the same umbrella of ClientAppSharing.
Ordinarily you would create or modify your conferencing policy to restrict sharing to single programs only using a cmdlet similar to below;
Set-CsConferencingPolicy -Identity "Global" -EnableAppDesktopSharing SingleApplication
This would disable desktop sharing but enable users to continue sharing other single programs. If you want to remove that functionality too, then replace the 'SingleApplication' parameter with 'None'. Then users won't be able to share any programs either.
This is the correct way to do it as the icons will be greyed out for the users. Doing it your way, they would still be able to click them, and it would throw an error - this will lead to a lot more support calls and people assuming a service is broken.
I hope that helps some.
Kind regards
Ben

Configuring Lync Server 2013 to be a partner Application for Exchange 2013

Hello Guys,
I just want to share my experience while configuring Lync server 2013 to be a partner Application for exchange 2013 sever.
As mentioned on technet you need to run Configure-EnterprisePartnerApplication.ps1 script that ships with Exchange 2013.
But when I tried to run the script as described on the technet article, I found it always fails with " the accepted domain is not valid"
I have checked my accepted domains many times and i found that there's no issues with my configured accepted domain.
So I started to review the script to find the issue and I found that the script was configured as below
$acceptedDomains = Get-AcceptedDomain ;
if ($acceptedDomains -eq $null)
WriteError ("There is no accepted domain so user can not be created.")
$acceptedDomain = $acceptedDomains[0].Name;
if($UseDomainController -eq $true)
$user = New-MailUser -Name $username -DomainController $DomainController -ExternalEmailAddress $username@$acceptedDomain;
set-mailuser -Identity $user.Identity -HiddenFromAddressListsEnabled $true -DomainController $DomainController
else
$user = New-MailUser -Name $username -ExternalEmailAddress $username@$acceptedDomain;
set-mailuser -Identity $user.Identity -HiddenFromAddressListsEnabled $true;
which is totally wrong as below:
firstly it makes $AcceptedDomain variable to equal the Name of the accepted domain.
Not all customers configure the name of the Accepted Domain to be the Domain Name.
Secondly it makes $AcceptedDomain variable to equal the name of the first Accepted Domain.
The first domain may be not the default Accepted Domain.
So I have configured the script as below
$acceptedDomains = Get-AcceptedDomain | ? {$_.Default -eq "True"} ;
if ($acceptedDomains -eq $null)
WriteError ("There is no accepted domain so user can not be created.")
$acceptedDomain = $acceptedDomains.DomainName;
if($UseDomainController -eq $true)
$user = New-MailUser -Name $username -DomainController $DomainController -ExternalEmailAddress $username@$acceptedDomain;
set-mailuser -Identity $user.Identity -HiddenFromAddressListsEnabled $true -DomainController $DomainController
else
$user = New-MailUser -Name $username -ExternalEmailAddress $username@$acceptedDomain;
set-mailuser -Identity $user.Identity -HiddenFromAddressListsEnabled $true;
I hope This help.
Thanks
Ahmed Fouad

Hi,
This is helpful, thanks for sharing.
Best regards,
Belinda Ma
TechNet Community Support

Persistent Chat (Lync Server 2013) with Lync 2010 Group Chat

I have successfully deployed Lync Server 2013 and both 2013 and 2010 desktop clients connect and function as expected.
The problem is with Persistent Chat. It works perfectly with the 2013 desktop client but - whilst 2010 Group Chat connects - I receive the error message "The [LOGON_DOMAIN] is not available". No chat rooms are available and I am unable to search.
I have been unable to locate anything on the web which discusses the problem.
I do not know whether this makes a difference but the 2010 clients use terminals rather than dedicated workstations.
Can anyone shed any light on what the problem may be?

Have you created a CsPersistentChatEndpoint to allow the Group Chat client (2010) to connect to Persistent
Chat server? Please take a look at: http://technet.microsoft.com/en-us/library/jj204901.aspx
Please mark posts as answers/helpful if it answers your question.
Blog
Lync Validator - Used to assist in the validation and documentation of Lync Server 2013.

Office Web Apps server / Lync server 2013

Hi I have installed a Lync 2013 Server and Office Web Apps Server. Configured Lync topology, Office Web Apps farm and certificates.
However when i start the services i get this error message in the log saying Office Web Apps discovery failed.
Event ID: 41033
Description:
Office Web Apps Server (WAC) discovery failed, PowerPoint content is disabled.
Attempted Office Web Apps Server discovery Url:
Received error message: Invalid Uri syntax for WAC configuration
The number of retries: 1,
Cause: Office Web Apps Server may be unavailable or network connectivity may have been compromised.
Resolution:
Check HTTPS connectivity from this box to the Office Web Apps Server deployment using the discovery Url.
I can access the OWAS server Url from Lync Server
Connecting to the HTTPS discovery URL is working fine, and brings up the XML-page (after i click "show all content").
The two servers are located on the same internal network, DNS resolves fine both ways, and no firewall rules blocks any connections between the two. Can anyone please help me figure this out?
Only identical problem found online is here (Invalid Uri syntax for WAC configuration):
http://blogs.technet.com/b/dodeitte/archive/2012/09/10/office-web-apps-server-amp-lync-server-2013.aspx
He resolved the problem by assigning a new OAuthTokenIssuer certificate. This however did not fix the problem in my case.
Regards
Sverre A. Veel

Hi,
In addition, please make sure you have restarted front end and office web apps server after reissuing the certificate.
Kent Huang
TechNet Community Support

Unable to start Lync 2013 FE service on one of the pooled server, error "The evaluation period for Microsoft Lync Server 2013 has expired"

Team,
Unable to start FE service on one of the FE server, 2 Enterprise lync 2013 pool one FE in each pool, only following error in event vrw,
Log Name: Lync Server
Source: LS Server
Date: 12/30/2013 12:10:55 PM
Event ID: 12290
Task Category: (1000)
Level: Error
Keywords: Classic
User: N/A
Computer: ACS465-BH102.me.ykgw.net
Description:
The evaluation period has expired.
The evaluation period for Microsoft Lync Server 2013 has expired. Please upgrade from the evaluation version to the fully licensed version of the product. Look at help for Setup.exe to learn how to upgrade from evaluation version to the licensed version.
Cause: The evaluation period for Microsoft Lync Server 2013 has expired.
Resolution:
Please upgrade from the evaluation version to the licensed version of the product. Look at help for Setup.exe to learn how to upgrade from evaluation version to the licensed version.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="LS Server" />
<EventID Qualifiers="50152">12290</EventID>
<Level>2</Level>
<Task>1000</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2013-12-30T09:10:55.000000000Z" />
<EventRecordID>73953</EventRecordID>
<Channel>Lync Server</Channel>
<Computer>ACS465-BH102.me.ykgw.net</Computer>
<Security />
</System>
<EventData>
</EventData>
</Event>
Log Name: System
Source: Schannel
Date: 12/30/2013 12:13:36 PM
Event ID: 36888
Task Category: None
Level: Error
Keywords:
User: SYSTEM
Computer: ACS465-BH102.me.ykgw.net
Description:
The following fatal alert was generated: 10. The internal error state is 1203.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Schannel" Guid="{1F678132-5938-4686-9FDC-C8FF68F15C85}" />
<EventID>36888</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x8000000000000000</Keywords>
<TimeCreated SystemTime="2013-12-30T09:13:36.779033200Z" />
<EventRecordID>83985</EventRecordID>
<Correlation />
<Execution ProcessID="556" ThreadID="3668" />
<Channel>System</Channel>
<Computer>ACS465-BH102.me.ykgw.net</Computer>
<Security UserID="S-1-5-18" />
</System>
<EventData>
<Data Name="AlertDesc">10</Data>
<Data Name="ErrorState">1203</Data>
</EventData>
</Event>
Server is already on Full version, ran Reset-CsPoolRegistrarState
for fillrest as wel as serviceret
Followed below as well,
http://social.technet.microsoft.com/Forums/lync/en-US/2a7e27ce-2dea-4e37-91ea-1ed42e110198/issue-updating-from-eval-to-volume-licenses?forum=ocsplanningdeployment
Currently done failover to another pool and users can login,
however i cant get the front end service on this server.Any pointers would be appreciated.
Praveen | MCSE Messaging 2003

rit, the command is not doing the trick since its already full version,
PS C:\Users\lyncadmin> Get-CsServerVersion
Microsoft Lync Server 2013 (5.0.8308.0): Volume license key installed.
only one server in one pool, total two pools.
Lync 2013 is on Win 2008 R2, and the event in system im inclining to since i have tried all,
Log Name: System
Source: Schannel
Date: 12/30/2013 9:26:34 AM
Event ID: 36888
Task Category: None
Level: Error
Keywords:
User: SYSTEM
Computer: ACS465-BH102.me.ykgw.net
Description:
The following fatal alert was generated: 10. The internal error state is 1203.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Schannel" Guid="{1F678132-5938-4686-9FDC-C8FF68F15C85}" />
<EventID>36888</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x8000000000000000</Keywords>
<TimeCreated SystemTime="2013-12-30T06:26:34.877077500Z" />
<EventRecordID>64911</EventRecordID>
<Correlation />
<Execution ProcessID="556" ThreadID="620" />
<Channel>System</Channel>
<Computer>ACS465-BH102.me.ykgw.net</Computer>
<Security UserID="S-1-5-18" />
</System>
<EventData>
<Data Name="AlertDesc">10</Data>
<Data Name="ErrorState">1203</Data>
</EventData>
</Event>
Praveen | MCSE Messaging 2003

Please help me resolve the Lync server 2013 deployment error: "An error occurred while applying SQL script for the feature BackendStore."

I am getting an error in "Step 2 - Setup or Remove Lync Server Components" of "Install or Update Lync Server System" step.
"An error occured while applying SQL script for the feature BackendStore. For details, see the log file...."
Additionally, all previous steps such as: Prepare Active Directory, Prepare first Standard Edition server, Install Administrative Tools, Create and publish topology are done without any errors. The user that I used to setup the Lync server is member of:
Administrators
CSAdministrator
Domain Admins
Domain Users
Enterprise Admins
Group Policy Creator Owners
RTCComponentUniversalServices
RTCHSUniversalServices
RTCUniversalConfigReplicator
RTCUniversalServerAdmins
Schema Admins
I have tried to re-install all the things and started to setup a new one many times but the same error still occurred. Please see the log below and give me any ideas/solutions to tackle this problem.
****Creating DbSetupInstance for 'Microsoft.Rtc.Common.Data.BlobStore'****
Initializing DbSetupBase
Parsing parameters...
Found Parameter: SqlServer Value lync.lctbu.com\rtc.
Found Parameter: SqlFilePath Value C:\Program Files\Common Files\Microsoft Lync Server 2013\DbSetup.
Found Parameter: Publisheracct Value LCTBU\RTCHSUniversalServices;RTC Server Local Group;RTC Local Administrators;LCTBU\RTCUniversalServerAdmins.
Found Parameter: Replicatoracct Value LCTBU\RTCHSUniversalServices;RTC Server Local Group.
Found Parameter: Consumeracct Value LCTBU\RTCHSUniversalServices;RTC Server Local Group;RTC Local Read-only Administrators;LCTBU\RTCUniversalReadOnlyAdmins.
Found Parameter: DbPath Value D:\CsData\BackendStore\rtc\DbPath.
Found Parameter: LogPath Value D:\CsData\BackendStore\rtc\LogPath.
Found Parameter: Role Value master.
Trying to connect to Sql Server lync.lctbu.com\rtc. using windows authentication...
Sql version: Major: 11, Minor: 0, Build 2100.
Sql version is acceptable.
Validating parameters...
DbName rtcxds validated.
SqlFilePath C:\Program Files\Common Files\Microsoft Lync Server 2013\DbSetup validated.
DbFileBase rtcxds validated.
DbPath D:\CsData\BackendStore\rtc\DbPath validated.
Effective database Path: \\lync.lctbu.com\D$\CsData\BackendStore\rtc\DbPath.
LogPath D:\CsData\BackendStore\rtc\LogPath validated.
Effective Log Path: \\lync.lctbu.com\D$\CsData\BackendStore\rtc\LogPath.
Checking state for database rtcxds.
Checking state for database rtcxds.
State of database rtcxds is detached.
Attaching database rtcxds from Data Path \\lync.lctbu.com\D$\CsData\BackendStore\rtc\DbPath, Log Path \\lync.lctbu.com\D$\CsData\BackendStore\rtc\LogPath.
The operation failed because of missing file '\\lync.lctbu.com\D$\CsData\BackendStore\rtc\DbPath\rtcxds.mdf'
Attaching database failed because one of the files not found. The database will be created.
State of database rtcxds is DbState_DoesNotExist.
Creating database rtcxds from scratch. Data File Path = D:\CsData\BackendStore\rtc\DbPath, Log File Path= D:\CsData\BackendStore\rtc\LogPath.
Clean installing database rtcxds.
Timeout expired. The timeout period elapsed prior to completion of the operation or the server is not responding.
****Creating DbSetupInstance for 'Microsoft.Rtc.Common.Data.RtcSharedDatabase'****
Initializing DbSetupBase
Parsing parameters...
Found Parameter: SqlServer Value lync.lctbu.com\rtc.
Found Parameter: SqlFilePath Value C:\Program Files\Common Files\Microsoft Lync Server 2013\DbSetup.
Found Parameter: Serveracct Value LCTBU\RTCHSUniversalServices;RTC Server Local Group.
Found Parameter: DbPath Value D:\CsData\BackendStore\rtc\DbPath.
Found Parameter: LogPath Value D:\CsData\BackendStore\rtc\LogPath.
Trying to connect to Sql Server lync.lctbu.com\rtc. using windows authentication...
Sql version: Major: 11, Minor: 0, Build 2100.
Sql version is acceptable.
Validating parameters...
DbName rtcshared validated.
SqlFilePath C:\Program Files\Common Files\Microsoft Lync Server 2013\DbSetup validated.
DbFileBase rtcshared validated.
DbPath D:\CsData\BackendStore\rtc\DbPath validated.
Effective database Path: \\lync.lctbu.com\D$\CsData\BackendStore\rtc\DbPath.
LogPath D:\CsData\BackendStore\rtc\LogPath validated.
Effective Log Path: \\lync.lctbu.com\D$\CsData\BackendStore\rtc\LogPath.
Checking state for database rtcshared.
Reading database version for database rtcshared.
Database version for database rtcshared - Schema Version5, Sproc Version 0, Update Version 1.
Thanks and Regards,
Thanh Le

Thanks Lạc
Phạm 2
I Had similar issue i end up uninstalling and reinstallting but same issue, then i change the drive but same issue. It was I/O issue. After adjusting my I/O it fix our issue and installation went on without any issue.
If any one using KVM here is detail article
We just give this option cache=‘writeback
using this article http://www.ducea.com/2011/07/06/howto-improve-io-performance-for-kvm-guests/ and http://itscblog.tamu.edu/improve-disk-io-performance-in-kvm/ this fix my issue thanks

How do I enforce "Show My Picture" instead of "Hide My Picture" in Lync Server 2013?

I was scouring TechNet and the web for a script that could perform the same task as one that I previously used for Lync 2010.
In Lync 2010, we had already used Lync policy to enforce that only the Active Directory photo could be used. One thing that we couldn't set via policy however was the ability to complete remove the "Hide My Picture" option in Lync 2010 client.
This left users with the ability to freely switch between showing the Corporate photo or no photo. I did eventually find and make use of script that constantly checked for this setting switch, then switched all users back to the desired "Show My Picture"
setting. I don't recall who wrote it, but it's easy to find on technet. As we started to move more and more users to our Lync 2013 enterprise pool, I noted that even though the script was running, the setting seemed to be changeable. A closer look revealed
that the script didn't function correctly against SQL for our 2013 pool.
I took the concept and applied it to Lync Server 2013 after studying the differences in Userdata. In Lync 2013, because UserData is in .zip, you need to convert it to 2010 format XML to use logic intended for Lync 2010. My script will extract 2013 data,
convert it to 2010, query for users who are set to "Hide My Picture" and then export any guilty users to an edited2010 XML. The script then converts this to 2013 Format .zip, and uploads the data for these users only. I chose to use Update-CSUserData
insted of Import-CSUserData as this avoids having to restart my Front End. I then use a scheduled task on my Front End server which runs this script every hour.
Please note: You can use this script, but I guarantee nothing about it's functionality, and I am not responsible for how you positively/negatively use it. You should always test things in a Lab Environment. Furthermore, this script was run on a relatively
smaller Enterprise system in which we are by default set to "Show My Picture" and already assigned as part of our user policy the ForceADPhoto attribute. This means that running the script is less intensive on my FE than say on a FE with 10,000 users
where none of the users were set to "Show My Picture". Please keep this in mind when planning to execute against your FE. You may want to edit my script and insert the -UserFilter or -WhatIf in the Export-CsUserData UpDate-CsUserData.
Anyways, I hope this solves the similar issue for many of you Lync 2013 administrators. Please feel free to share my work with others if it does, and also give this post some good feedback and/or mark my post as the answer to your problem.
Alas, here's the script (save it as a .ps1 , i.e. ForceShowMyPicture.ps1)
#Lync 2013 ForceShowMyPicture - Compiled by Octavio A. Serpa (Octavio-Admin on TechNet)
# Import Lync Module
Import-Module “C:\Program Files\Common Files\Microsoft Lync Server 2013\Modules\Lync\Lync.psd1"
###Variables To Set
#This variable is a folder where files will be temporarily written
$folderPath = “C:\Lync2013Scripts\Export”
#This is the FQDN of the pool in which the users you want to target reside
$poolFQDN = “<lyncpool.domain.local>”
###Done
#Message Out
Write-Host -ForegroundColor YELLOW “CHECKING THAT TEMP EXPORT FOLDER PATH EXISTS"
If (-not (Test-Path "$folderPath" -pathType container))
"ERROR: Your Export Directory doesn't exist!"
Exit
Write-Host -ForegroundColor Green “TEMP EXPORT FOLDER DOES EXIST"
Write-Host -ForegroundColor YELLOW “PRE-CLEANING OLD EXPORT/IMPORT FILES"
If (Test-Path "$folderPath\Lync2013UserData.zip") { Remove-Item "$folderPath\Lync2013UserData.zip" }
If (Test-Path "$folderPath\Lync2010UserData.xml") { Remove-Item "$folderPath\Lync2010UserData.xml" }
If (Test-Path "$folderPath\Lync2010EditedUserData.xml") { Remove-Item "$folderPath\Lync2010EditedUserData.xml" }
If (Test-Path "$folderPath\Lync2013EditedUserData.zip") { Remove-Item "$folderPath\Lync2013EditedUserData.zip" }
Write-Host -ForegroundColor Green “PRE-CLEANING COMPLETED SUCCESSFULLY"
#Message Out
Write-Host -ForegroundColor YELLOW “EXPORTING LYNC 2013 POOL USER DATA”
Export-CsUserData -PoolFqdn $poolFQDN -FileName $folderPath\Lync2013UserData.zip
Write-Host -ForegroundColor Green “EXPORT COMPLETED SUCCESSFULLY"
#Message Out
Write-Host -ForegroundColor YELLOW “CONVERTING LYNC 2013 USER DATA TO 2010 FORMAT”
Convert-CsUserData -InputFile "$folderPath\Lync2013UserData.Zip" -OutputFile "$folderPath\Lync2010UserData.xml" -TargetVersion Lync2010
Write-Host -ForegroundColor Green “CONVERSION COMPLETED SUCCESSFULLY"
#Message Out
Write-Host -ForegroundColor YELLOW “CHECKING THAT FORMAT CONVERSION WAS SUCCESSFUL AND .XML EXISTS”
If (-not (Test-Path "$folderPath\Lync2010UserData.xml" -pathType leaf))
"ERROR: Verify that $folderPath is writable!"
Exit
Write-Host -ForegroundColor Green “CONVERSION COMPLETED SUCCESSFULLY"
#Message Out
Write-Host -ForegroundColor YELLOW “LOADING XML”
$d = [xml] (Get-Content "$folderPath\Lync2010UserData.xml")
Write-Host -ForegroundColor Green “XML LOADING COMPLETED SUCCESSFULLY"
#Message Out
Write-Host -ForegroundColor YELLOW “CORRECTING AD PHOTO SETTING”
$changes = 0
$lastProcessedUser = $null
foreach ($hr in $d.HomedResources.HomedResource)
$found = 0
foreach ($c in $hr.Containers.Container)
  foreach ($p in $c.Publication)
   If ($p.CategoryName -eq 'contactCard' -and $p.InstanceNum -eq 6 -and $p.Data.contactCard.displayADPhoto -eq 'false')
    If ($hr.UserAtHost -ne $lastProcessedUser)
     "$($hr.UserAtHost) reset"
     $lastProcessedUser = $hr.UserAtHost
    $p.Data.contactCard.displayADPhoto = 'true'
    $p.Version = (([int] $p.Version) + 1).ToString()
    $p.PrevPubTime = $p.LastPubTime
    $p.LastPubTime = (Get-Date -Format s).ToString()
    $found = 1
    $changes++
If ($found -eq 0) { [Void]$d.HomedResources.RemoveChild($hr) }
Write-Host -ForegroundColor Green “AD PHOTO SETTING CORRECTIONS COMPLETED SUCCESSFULLY"
#Message Out
Write-Host -ForegroundColor YELLOW “Changes: $changes"
If ($changes -ne 0)
#Message Out
Write-Host -ForegroundColor YELLOW “RE-SAVING XML”
$d.Save("$folderPath\Lync2010EditedUserData.xml")
#Message Out
Write-Host -ForegroundColor YELLOW “CONVERTING LYNC 2010 .XML BACK TO 2013 .ZIP FORMAT"
Convert-CsUserData -InputFile "$folderPath\Lync2010EditedUserData.xml" -OutputFile "$folderPath\Lync2013EditedUserData.zip" -TargetVersion Current
#Message Out
Write-Host -ForegroundColor Green “CONVERSION BACK TO 2013 .ZIP FORMAT SUCCESSFUL"
#Message Out
Write-Host -ForegroundColor YELLOW “IMPORTING LYNC 2013 POOL DATA FOR CORRECTED USERS”
Update-CsUserData -FileName $folderPath\Lync2013EditedUserData.zip -Confirm:$false -Verbose
Write-Host -ForegroundColor Green “IMPORT COMPLETED SUCCESSFULLY"
Write-Host -ForegroundColor YELLOW “STARTING POST-IMPORT-CLEANUP OF EXPORT/IMPORT FILES"
If (Test-Path "$folderPath\Lync2013UserData.zip") { Remove-Item "$folderPath\Lync2013UserData.zip" }
If (Test-Path "$folderPath\Lync2010UserData.xml") { Remove-Item "$folderPath\Lync2010UserData.xml" }
If (Test-Path "$folderPath\Lync2010EditedUserData.xml") { Remove-Item "$folderPath\Lync2010EditedUserData.xml" }
If (Test-Path "$folderPath\Lync2013EditedUserData.zip") { Remove-Item "$folderPath\Lync2013EditedUserData.zip" }
Write-Host -ForegroundColor Green “POST-IMPORT-CLEANUP COMPLETED"
#Message Out
Write-Host -ForegroundColor Green “AD PHOTO SETTING SUCCESSFULLY UPDATED"

When I try to run this I get the follow error. Any thoughts?
Update-CsUserData : Unable to cast COM object of type 'System.__ComObject' to interface type
'Microsoft.Rtc.Interop.User.ICsUserManagement'. This operation failed because the QueryInterface call on
the COM component for the interface with IID '{D5ADD966-BDC3-4A8F-BFE8-6A59A9F74CB2}' failed due to the
following error: Class not registered (Exception from HRESULT: 0x80040154 (REGDB_E_CLASSNOTREG)).
At C:\Lync2013Scripts\ForceDisplayPhoto.ps1:113 char:1
+ Update-CsUserData -FileName $folderPath\Lync2013EditedUserData.zip -Confirm:$fal ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: ([email protected]:String) [Update-CsUserData], Invalid
   CastException
    + FullyQualifiedErrorId : Microsoft.Rtc.Management.AD.Cmdlets.ImportOcsUserDataCmdlet

Lync HP 4120 Sign in problems with Lync Server 2013

Hi, this is my second request for help, this with more information...
I`ll ready install the follow infrastructure: (I change the name of my organization for contoso)
Lync Server 2013 Installation with Enterprise mode with 1 front end : Pool: lync.contoso.com Front End: lyncfe01.contoso.com Back End: lyncsql01.contoso.com
I`ll ready install a PKI infrastructure with two tiers, the root offline and the subordnate ac.contoso.com
This with the defailt algorithm configuration RSA SHA1
My phones are HP 4120
In the Front End Server i configured the SCHANNEL registers:
EnableSessionTicket in 2
Send..etc in 0
Ok, the installation is ok, services are OK, Client login trough PC its OK, PSTN Configuration... (I can make a phonecall with the lync client of Office 365)
Commnd Checks:
When i run the command Test-CsPhoneBootstrap -PhoneOrExt 12345 -PIN 123456 -TargetFqdn lync.contoso.com
The result is:
Target Fqdn : lync.contoso.com
Target Uri : https://lync.contoso.com:443/CertProv/CertProvisioningService.svc
Result : Success
Latency : 00:00:09.0559615
Error Message :
Diagnosis :
When i run the command Test-CsPhoneBootstrap -PhoneOrExt 12345 -PIN 123456 for
check the DHCP the result is:
Target Fqdn : lync.contoso.com
Target Uri : https://lync.contoso.com:443/CertProv/CertProvisioningService.svc
Result : Success
Latency : 00:00:09.0559615
Error Message :
Diagnosis :
When i run the follow command
PS C:\Users\Administrator> $cred = Get-Credential
cmdlet Get-Credential at command pipeline position 1
Supply values for the following parameters:
Credential
PS C:\Users\Administrator> Test-CsClientAuth -TargetFqdn lync.contoso.com -UserSipAddress "sip:[email protected]" -UserCredential $cred
I got this:
Target Fqdn : lync.contoso.com
Target Uri : https://lync.contoso.com:443/CertProv/CertProvisioningService.svc
Result : Success
Latency : 00:00:00.3431783
Error Message :
Diagnosis :
But.. when i use the same command but i remove the -targetFqdn for check the Dhcp i got this:
VERBOSE: Workflow Instance Id 'bca95636-af7b-4b0a-b43d-dba259294b2d', started.
VERBOSE: Command line executed is 'Test-CsClientAuth -UserSipAddress "sip:[email protected]" -UserCredential $cred
-Verbose'.
Target Fqdn :
Target Uri :
Result : Failure
Latency : 00:00:00
Error Message : 10060, A connection attempt failed because the connected party did not properly respond after a period
of time, or established connection failed because connected host has failed to respond 194.90.8.20:5061
Inner Exception:A connection attempt failed because the connected party did not properly respond after
a period of time, or established connection failed because connected host has failed to respond
194.90.8.20:5061
Diagnosis :
VERBOSE: Workflow 'Microsoft.Rtc.SyntheticTransactions.Workflows.STClientAuthWorkflow' started.
Workflow 'Microsoft.Rtc.SyntheticTransactions.Workflows.STClientAuthWorkflow' completed in '5.62E-05' seconds.
Target web service Url not provided. Will have to extract it from authentication challenge.
An exception 'Unable to establish a connection.' occurred during Workflow
Microsoft.Rtc.SyntheticTransactions.Workflows.STClientAuthWorkflow execution.
Exception Call Stack: at Microsoft.Rtc.Signaling.SipAsyncResult`1.ThrowIfFailed()
at Microsoft.Rtc.Signaling.Helper.EndAsyncOperation[T](Object owner, IAsyncResult result)
at Microsoft.Rtc.SyntheticTransactions.Activities.GetSTSUriActivity.InternalExecute(ActivityExecutionContext
executionContext)
at Microsoft.Rtc.SyntheticTransactions.Activities.SyntheticTransactionsActivity.Execute(ActivityExecutionContext
executionContext)
at System.Workflow.ComponentModel.ActivityExecutor`1.Execute(T activity, ActivityExecutionContext executionContext)
at System.Workflow.ComponentModel.ActivityExecutorOperation.Run(IWorkflowCoreRuntime workflowCoreRuntime)
at System.Workflow.Runtime.Scheduler.Run()
at System.Net.Sockets.Socket.EndConnect(IAsyncResult asyncResult)
at Microsoft.Rtc.Internal.Sip.TcpTransport.OnConnected(Object arg)
'GetSTSUri' activity started.
Starting STS Uri Discovery...
ERROR getting STS Uri.
'UnRegister' activity started.
'UnRegister' activity completed in '3.12E-05' seconds.
VERBOSE: Workflow Instance ID 'bca95636-af7b-4b0a-b43d-dba259294b2d' completed.
VERBOSE: Workflow run-time (sec): 126.0548512.
The Real Problem is that my Lync HP 4120 Phone can't make a sign in, not from USB cable loging, nor with PIN authentification
When I try to make a login with the USB cable, I set the user and password and the phone says "Connecting to Lync".. "Downloading a certificate" ... "Installing certificate"... "Downloading Certificate"...
"Installing Certificate".. forever
When I try to make a login with PIN Authentification, the phone first displays the following:
Account used is not authorized, Please Contact your support team and then shows this:
An Account matching this phone number cannot be found. Please contact your support team.
The Pin authentification is enable
In the Lync Server Enable Kerberos Authentification, Enable Integrated Windows Authentification and Enable Certificate Authentification are enable
This is the configuration from DHCP
Starting Discovery ...
Sending Packet (Size: 284, Network Adapter: xx.xx.xx.xx, Attempt Type: Broadcast only)
--Begin Packet--
DHCP: INFORM (xid=130EA7FA)
DHCP: Op Code (op) = 1
DHCP: Hardware Type (htype) = 6
DHCP: Hops (hops) = 0
DHCP: Transaction ID (xid) = 319727610
DHCP: Seconds (secs) = 0
DHCP: Flags (flags) = 0000
DHCP: Client IP Address (ciaddr) = Xx.xx.xx.xx
DHCP: Your IP Address (yiaddr) = 0.0.0.0
DHCP: Server IP Address (siaddr) = 0.0.0.0
DHCP: Relay IP Address (giaddr) = 0.0.0.0
DHCP: Client HW Address (chaddr) = FC15B4###--End Packet--
Received Packet
Sender:xx.xx.xx.xx:67, Size:363
--Begin Packet--
DHCP: ACK (xid=130EA7FA)
DHCP: Op Code (op) = 1
DHCP: Hardware Type (htype) = 6
DHCP: Hops (hops) = 0
DHCP: Transaction ID (xid) = 319727610
DHCP: Seconds (secs) = 0
DHCP: Flags (flags) = 0000
DHCP: Client IP Address (ciaddr) = xx.xx.xx.xx
DHCP: Your IP Address (yiaddr) = 0.0.0.0
DHCP: Server IP Address (siaddr) = 0.0.0.0
DHCP: Relay IP Address (giaddr) = 0.0.0.0
DHCP: Client HW Address (chaddr) = FC15B4100289
DHCP: Server Host Name (sname) =
DHCP: Boot File Name (file) =
DHCP: Magic Cookie = 99.130.83.99
DHCP: Option Field
DHCP: DHCP MESSAGE TYPE( 53) = (Length: 1) DHCP ACK
DHCP: Server Identifier( 54) = (Length: 4) XX.XX.XX.XX
DHCP: Client Identifier( 61) = (Length: 0) ()
DHCP: SIP Server( 120) = (Length: 17) enc:0 lync.contoso.com (00046C796E6306756E69736F6E026D7800)
DHCP: Host Name( 12) = (Length: 0)
DHCP: Vendor Identifier( 60) = (Length: 0)
DHCP: Param Req List( 55) = (Length: 0) 0 0
DHCP: Vendor Info( 43) = (Length: 86) MS-UC-Clienthttpslync.contoso.com443%/CertProv/CertProvisioningService.svcÜNAP (010C4D532D55432D436C69656E7402056874747073030E6C796E632E756E69736F6E2E6D78040334343305252F4365727450726F762F4365727450726F766973696F6E696E67536572766963652E737663DC034E4150)
DHCP: End of this option field
--End Packet--
Result: Success
DHCP Server : xx.xx.x.xx.
SIP Server FQDN : lync.contoso.com
Certificate Provisioning Service URL : https://lync.contoso.com:443/CertProv/CertProvisioningService.svc
thanks for all, hope somebody can help me with this problem.. i am going crazy...

Hi, i connected the Lync Phone to another switch and i update the firmware to the newest firmware and i got the same problem..
The lync phone download the certificate but cant install it and the still the same error with the SIP login
An Account matching this phone number cannot be found. Please contact your support team.

The Director role is optional in Lync Server 2013 - could anyone please explain why the director server has lost its importance??

Could anyone please explain why the director has been removed from spotlight as it had much importance in LYNC 2010 and now being an optional role in LYNC server 2013.[any call flows regarding director servers would be much useful]

Hi SJ Praveen,
A Director is a server running Lync Server 2013 that authenticates user requests, but does not home any user accounts. Lync 2013 Front End servers have the same registrar service and functionality
as the Director.
The Director isn't providing any special functionality. If the Director goes down, all pools would become inaccessible when the clients queried DNS for the SRV record until an administrator
makes a manual internal DNS change that points users to a Front End pool to handle the sign-in request from Lync clients. Microsoft has made the Director functionality relevant for organizations that have specific security requirements, such as allowing all
external users to register to a specific internal server instead of the Front End servers. This server role is merely optional and not needed for most Lync Server 2013 deployments.
Best regards,
Eric

Lync Server 2013 dropping global catalog in forest

Similar Messages

Maybe you are looking for