Lync Server 2013 - Edge Certificate Problem

Hi,
A few days ago, we have discover that the Edge server of Lync 2013 has failed in replicating the store from Lync Front-End server.
From the Event Viewer, I get the below event logged.
And the details
============================================================================================
TLS outgoing connection failures.
Over the past 2 minutes, Lync Server has experienced TLS outgoing connection failures 20 time(s). The error code of the last failure is 0x80090322(SEC_E_WRONG_PRINCIPAL) while trying to connect
to the server "lyncedge.xxx.yyy" at address [xxx.xxx.xxx.xxx:5061], and the display name in the peer certificate is "Unavailable".
Cause: Most often a problem with the peer certificate or perhaps the host name (DNS) record used to reach the peer server. Target principal name is incorrect means that the peer certificate does
not contain the name that the local server used to connect. Certificate root not trusted error means that the peer certificate was issued by a remote CA that is not trusted by the local machine.
Resolution:
Check that the address and port matches the FQDN used to connect, and that the peer certificate contains this FQDN somewhere in its subject or SAN fields. If the FQDN refers to a DNS load balanced
pool then check that all addresses returned by DNS refer to a server in the same pool. For untrusted root errors, ensure that the remote CA certificate chain is installed locally. If you have already installed the remote CA certificate chain, then try rebooting
the local machine.
============================================================================================
Kindly advice if anyone have come across this issue ?

Hi,
I managed to resolve the issue. I have added a DWORD of ClientAuthTrustedMode with Value 2 below
HKey_Local_Machine\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL
Once the Lync Edge restarted, the replication kicks in without error.
Thanks all

Similar Messages

Lync Server 2013 Edge - Unknown error (0x80131500) TlsFailureException

I am setting up Lync Server for the first time, and currently have everything working ok on the local LAN and even have it integrated successfully with Exchange. However, I am having massive amounts of trouble setting up a Lync Edge server to allow external
access.
I have a wildcard certificate applied to the external interface and a certificate issued from my local CA for the internal interface, and in the Lync Control Panel on the FE server, i have a green check next to Replication, so I know that the FE and Edge
are talking to each other successfully.
However, when testing the Edge server for external connectivity using exRCA, I get the following error:
"Couldn't sign in. Error: Error Message: Unknown error (0x80131500).
Error Type: TlsFailureException."
I have looked all over the TechNet forums and the web for a possible solution, but I am coming up with none.
Any idea what could be causing this? Thanks in advance for any help,
Matthew

Hi Matt
Unfortunately, the Edge does not support wildcard certificate.
Only on the reserve proxy which is used to publish the Web Services (Meet, dial, lyncws, lyncautodiscover)
If a post is helpful, please take a second to hit the green arrow on the left, or mark as answer, thanks.
Jean-Philippe Breton | Senior Microsoft Consultant | MCTS, MCITP, MCT, Lync MVP

Lync Server 2013 Edge Server NetBios name resolution

We are working on a lync deployment in a very secure environment where we have Lync edge server deployed, in order to enable ports and traffic between the remote users and the edge servers and vice-versa there is a security vulnerability scan done that has
shown NetBios name resolution a security threat.
I just wanted to know if there is any guidence on NetBios name resolution for Lync Edge Servers. Can we disable NetBios services on the edge servers and what could be the possible issues if any?

My 2 cents worth..
The Edge server is best suited as a non domain member, all communication with the Edge Server both from the Lync Front Ends and the clients is by means of the DNS name. There are no Lync related services (from my knowledge) that require\use NetBIOS when
communication from or to the Edge Servers. I have disabled NetBIOS on Edge just recently for similar reasons and am yet to be notified of any issues.
Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question, please click "Mark As Answer"
Lync Sorted blog

Lync 2013 Edge Certificates

We are planning to deploy 2 lync 2013 edge servers with F5 HLB. Can we deploy internal Certificates on LYNC 2013 Edge servers ( SIP, WebConf, and AV) and deploy external wild card certificate (Public CA) on F5 external interface, so the external users
can be validated on F5 with public certificate and F5 can trust Edge servers in DMZ?
Is this solution works or do we need only public certificates on Edge servers?
Tek-Nerd

Hi Tek-Nerd,
Agree with others.
I’m afraid that if you use wild card certificate on F5, the external users might not be able to access the Lync Server.
From
https://technet.microsoft.com/en-us/library/gg398692.aspx
“Microsoft Lync Server 2013 uses certificates to mutually authenticate other servers and to encrypt data from server
to server and server to client. Certificates require name matching of the domain name system (DNS) records associated with the servers and the subject name (SN) and subject alternative name (SAN) on the certificate. To successfully map servers, DNS records
and certificate entries, you must carefully plan your intended server fully qualified domain names as registered in DNS and the SN and SAN entries on the certificate.”
Best regards,
Eric
Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact [email protected]

The Lync Server Access Edge service not starting (ipconfig / certificate problem?)

hey guys,
I am trying to install lync server 2010 for the first time. After installing everying i have a problem on the edge server, the Lync Server Access Edge services doesn't want to start and is giving specific error:
The Lync Server Access Edge service terminated with service-specific error %%-2146762480.
i have searched in the forums, i only read that it might have something to do with the ip config or the certificates, but i have no idea what exactly.
I have the following servers:
sql server (domain member)
Archive server (domain member)
Monitoring server (domain member)
and the edge server (not a domain member)
this edge server has two nics, one with a internal address and one with a public address.
for the internet side i used an internal AD CA for a certificate, for the external side i used a go daddy certificate.
does anyone has any idea? i am happy to provide additional information.
thx, JW

Hey Tim,
thanks for helping me. I am using one IP address externally. And if i understand correctly i am using port 443, 444 and 5061 (as suggested automatically by the topology builder)
internally i used an internal CA and external i used a godaddy multidomein certificate, as we are planning to use multiple domains on it. i used the wizard from the setup. i ran a request. In the wizard i see then the follwing Subject names and
subject alternate names:
sip.domain1.xx
webconf.domain1.xx
and then in the next screen i can check other domains, so i checked also the other domains:
domain2.xx
domain3.xx
domain4.xx
domain1.xx (also the first domain is here and i checked it to be sure)
while i was gathering this information i noticed that the certificate wizard says that the external ede certifciate status = invalid. So there is my problem mostlikely. Although i do not understand why it is invalid.
So when using 1 ip address externally you will need to change the ports in your topology.
Under Edge Pools - > Right click your edge pool and click edit, down near the bottom make sure "Enable seperate FQDN and ip address for web etc...) is UNCHECKED.
the first FQDN, sip.domain.com port 443(TLS), the other 2 for webconf and av just change the port numbers. so when you request your 2 certs the only names will be the pool FQDN and sip.domain and your other sip domains. on your router/gateway open the 3
ports you selected from Outbound -> Inbound. for your external DNS sip.domain -> external IP address going to your firewall/gateway.
note that your edge server is not on the domain so you will need to edit your hosts file and add your frontend pool/server internal ip address and FQDN server name.
When you get "invalid" for the certificate what cert is it? the internal CA or GoDaddy?

Lync HP 4120 Sign in problems with Lync Server 2013

Hi, this is my second request for help, this with more information...
I`ll ready install the follow infrastructure: (I change the name of my organization for contoso)
Lync Server 2013 Installation with Enterprise mode with 1 front end : Pool: lync.contoso.com Front End: lyncfe01.contoso.com Back End: lyncsql01.contoso.com
I`ll ready install a PKI infrastructure with two tiers, the root offline and the subordnate ac.contoso.com
This with the defailt algorithm configuration RSA SHA1
My phones are HP 4120
In the Front End Server i configured the SCHANNEL registers:
EnableSessionTicket in 2
Send..etc in 0
Ok, the installation is ok, services are OK, Client login trough PC its OK, PSTN Configuration... (I can make a phonecall with the lync client of Office 365)
Commnd Checks:
When i run the command Test-CsPhoneBootstrap -PhoneOrExt 12345 -PIN 123456 -TargetFqdn lync.contoso.com
The result is:
Target Fqdn : lync.contoso.com
Target Uri : https://lync.contoso.com:443/CertProv/CertProvisioningService.svc
Result : Success
Latency : 00:00:09.0559615
Error Message :
Diagnosis :
When i run the command Test-CsPhoneBootstrap -PhoneOrExt 12345 -PIN 123456 for
check the DHCP the result is:
Target Fqdn : lync.contoso.com
Target Uri : https://lync.contoso.com:443/CertProv/CertProvisioningService.svc
Result : Success
Latency : 00:00:09.0559615
Error Message :
Diagnosis :
When i run the follow command
PS C:\Users\Administrator> $cred = Get-Credential
cmdlet Get-Credential at command pipeline position 1
Supply values for the following parameters:
Credential
PS C:\Users\Administrator> Test-CsClientAuth -TargetFqdn lync.contoso.com -UserSipAddress "sip:[email protected]" -UserCredential $cred
I got this:
Target Fqdn : lync.contoso.com
Target Uri : https://lync.contoso.com:443/CertProv/CertProvisioningService.svc
Result : Success
Latency : 00:00:00.3431783
Error Message :
Diagnosis :
But.. when i use the same command but i remove the -targetFqdn for check the Dhcp i got this:
VERBOSE: Workflow Instance Id 'bca95636-af7b-4b0a-b43d-dba259294b2d', started.
VERBOSE: Command line executed is 'Test-CsClientAuth -UserSipAddress "sip:[email protected]" -UserCredential $cred
-Verbose'.
Target Fqdn :
Target Uri :
Result : Failure
Latency : 00:00:00
Error Message : 10060, A connection attempt failed because the connected party did not properly respond after a period
of time, or established connection failed because connected host has failed to respond 194.90.8.20:5061
Inner Exception:A connection attempt failed because the connected party did not properly respond after
a period of time, or established connection failed because connected host has failed to respond
194.90.8.20:5061
Diagnosis :
VERBOSE: Workflow 'Microsoft.Rtc.SyntheticTransactions.Workflows.STClientAuthWorkflow' started.
Workflow 'Microsoft.Rtc.SyntheticTransactions.Workflows.STClientAuthWorkflow' completed in '5.62E-05' seconds.
Target web service Url not provided. Will have to extract it from authentication challenge.
An exception 'Unable to establish a connection.' occurred during Workflow
Microsoft.Rtc.SyntheticTransactions.Workflows.STClientAuthWorkflow execution.
Exception Call Stack: at Microsoft.Rtc.Signaling.SipAsyncResult`1.ThrowIfFailed()
at Microsoft.Rtc.Signaling.Helper.EndAsyncOperation[T](Object owner, IAsyncResult result)
at Microsoft.Rtc.SyntheticTransactions.Activities.GetSTSUriActivity.InternalExecute(ActivityExecutionContext
executionContext)
at Microsoft.Rtc.SyntheticTransactions.Activities.SyntheticTransactionsActivity.Execute(ActivityExecutionContext
executionContext)
at System.Workflow.ComponentModel.ActivityExecutor`1.Execute(T activity, ActivityExecutionContext executionContext)
at System.Workflow.ComponentModel.ActivityExecutorOperation.Run(IWorkflowCoreRuntime workflowCoreRuntime)
at System.Workflow.Runtime.Scheduler.Run()
at System.Net.Sockets.Socket.EndConnect(IAsyncResult asyncResult)
at Microsoft.Rtc.Internal.Sip.TcpTransport.OnConnected(Object arg)
'GetSTSUri' activity started.
Starting STS Uri Discovery...
ERROR getting STS Uri.
'UnRegister' activity started.
'UnRegister' activity completed in '3.12E-05' seconds.
VERBOSE: Workflow Instance ID 'bca95636-af7b-4b0a-b43d-dba259294b2d' completed.
VERBOSE: Workflow run-time (sec): 126.0548512.
The Real Problem is that my Lync HP 4120 Phone can't make a sign in, not from USB cable loging, nor with PIN authentification
When I try to make a login with the USB cable, I set the user and password and the phone says "Connecting to Lync".. "Downloading a certificate" ... "Installing certificate"... "Downloading Certificate"...
"Installing Certificate".. forever
When I try to make a login with PIN Authentification, the phone first displays the following:
Account used is not authorized, Please Contact your support team and then shows this:
An Account matching this phone number cannot be found. Please contact your support team.
The Pin authentification is enable
In the Lync Server Enable Kerberos Authentification, Enable Integrated Windows Authentification and Enable Certificate Authentification are enable
This is the configuration from DHCP
Starting Discovery ...
Sending Packet (Size: 284, Network Adapter: xx.xx.xx.xx, Attempt Type: Broadcast only)
--Begin Packet--
DHCP: INFORM (xid=130EA7FA)
DHCP: Op Code (op) = 1
DHCP: Hardware Type (htype) = 6
DHCP: Hops (hops) = 0
DHCP: Transaction ID (xid) = 319727610
DHCP: Seconds (secs) = 0
DHCP: Flags (flags) = 0000
DHCP: Client IP Address (ciaddr) = Xx.xx.xx.xx
DHCP: Your IP Address (yiaddr) = 0.0.0.0
DHCP: Server IP Address (siaddr) = 0.0.0.0
DHCP: Relay IP Address (giaddr) = 0.0.0.0
DHCP: Client HW Address (chaddr) = FC15B4###--End Packet--
Received Packet
Sender:xx.xx.xx.xx:67, Size:363
--Begin Packet--
DHCP: ACK (xid=130EA7FA)
DHCP: Op Code (op) = 1
DHCP: Hardware Type (htype) = 6
DHCP: Hops (hops) = 0
DHCP: Transaction ID (xid) = 319727610
DHCP: Seconds (secs) = 0
DHCP: Flags (flags) = 0000
DHCP: Client IP Address (ciaddr) = xx.xx.xx.xx
DHCP: Your IP Address (yiaddr) = 0.0.0.0
DHCP: Server IP Address (siaddr) = 0.0.0.0
DHCP: Relay IP Address (giaddr) = 0.0.0.0
DHCP: Client HW Address (chaddr) = FC15B4100289
DHCP: Server Host Name (sname) =
DHCP: Boot File Name (file) =
DHCP: Magic Cookie = 99.130.83.99
DHCP: Option Field
DHCP: DHCP MESSAGE TYPE( 53) = (Length: 1) DHCP ACK
DHCP: Server Identifier( 54) = (Length: 4) XX.XX.XX.XX
DHCP: Client Identifier( 61) = (Length: 0) ()
DHCP: SIP Server( 120) = (Length: 17) enc:0 lync.contoso.com (00046C796E6306756E69736F6E026D7800)
DHCP: Host Name( 12) = (Length: 0)
DHCP: Vendor Identifier( 60) = (Length: 0)
DHCP: Param Req List( 55) = (Length: 0) 0 0
DHCP: Vendor Info( 43) = (Length: 86) MS-UC-Clienthttpslync.contoso.com443%/CertProv/CertProvisioningService.svcÜNAP (010C4D532D55432D436C69656E7402056874747073030E6C796E632E756E69736F6E2E6D78040334343305252F4365727450726F762F4365727450726F766973696F6E696E67536572766963652E737663DC034E4150)
DHCP: End of this option field
--End Packet--
Result: Success
DHCP Server : xx.xx.x.xx.
SIP Server FQDN : lync.contoso.com
Certificate Provisioning Service URL : https://lync.contoso.com:443/CertProv/CertProvisioningService.svc
thanks for all, hope somebody can help me with this problem.. i am going crazy...

Hi, i connected the Lync Phone to another switch and i update the firmware to the newest firmware and i got the same problem..
The lync phone download the certificate but cant install it and the still the same error with the SIP login
An Account matching this phone number cannot be found. Please contact your support team.

2 Problems using lync client andriod conncet to lync server 2013 ( contacts status is Presence Unkhown)

Hello Everybody
I have installed lync server 2013 in my lab . Everything is ok . but internal mobile client in my LAN can not work with lync !
I installed lync server 2013.
I create 2 DNS record to lync-server : lyncdiscoverinternal and lyncdiscover.
clients on PC (windows) work and everything is ok . when user use Anroid phone , cleint connect to lync server and list connnact list .BUT when Send IM to contact or start video call come this error :
" Failed to process the server response.Please try again . if the problem persists,contact your support team."
This is first problem. Another problem is the contact list for every user status is "Presence Unkhown" !
No online , No Offline and all of contact status "Presence Unkhown" !
If i had to config mobility in in lync server 2013 ? or mobility service built-in in lync server 2013 ?
please help me .

Hi Meysam Halvaei,
As Thamara mentioned, you need to deploy reverse proxy.
Lync 2013 mobility clients are using a separate dedicated Ucwa parameter the URL is the same web services location as provided by the
External/Ucwa parameter.
You need to have a look at the following diagram.
The Lync 2013 mobile client will need to connect with the external web services. The way Lync is designed this communication is always established using HTTPS/TCP 443, so the traffic
will need to pass through a reverse proxy or similar service that will take this communication and forward it to the server hosting the external web services, now using port 4443 instead.
Best regards,
Eric

Office Web Apps server / Lync server 2013

Hi I have installed a Lync 2013 Server and Office Web Apps Server. Configured Lync topology, Office Web Apps farm and certificates.
However when i start the services i get this error message in the log saying Office Web Apps discovery failed.
Event ID: 41033
Description:
Office Web Apps Server (WAC) discovery failed, PowerPoint content is disabled.
Attempted Office Web Apps Server discovery Url:
Received error message: Invalid Uri syntax for WAC configuration
The number of retries: 1,
Cause: Office Web Apps Server may be unavailable or network connectivity may have been compromised.
Resolution:
Check HTTPS connectivity from this box to the Office Web Apps Server deployment using the discovery Url.
I can access the OWAS server Url from Lync Server
Connecting to the HTTPS discovery URL is working fine, and brings up the XML-page (after i click "show all content").
The two servers are located on the same internal network, DNS resolves fine both ways, and no firewall rules blocks any connections between the two. Can anyone please help me figure this out?
Only identical problem found online is here (Invalid Uri syntax for WAC configuration):
http://blogs.technet.com/b/dodeitte/archive/2012/09/10/office-web-apps-server-amp-lync-server-2013.aspx
He resolved the problem by assigning a new OAuthTokenIssuer certificate. This however did not fix the problem in my case.
Regards
Sverre A. Veel

Hi,
In addition, please make sure you have restarted front end and office web apps server after reissuing the certificate.
Kent Huang
TechNet Community Support

Microsoft Lync Server 2013 Control Panel "Navigation to the webpage was canceled"

i'm facing this issue on the last 2 days.My Lync server 2013 was seted up a month ago and everything went fine on the installation.
Lync server 2013 on Windows 2008R2 SP1.
I could login to the Control Panel (using domain administrator credentials), create users (including myself) manage clients etc.
i didn't login to Lync server for at least a week, beacause i didin't have any other user to add. When time came to add a new user to Lync, i got this error whenever i try to open Control Panel.
i didn't change anything during this time, so i'm really confused by this.
i've checked everything from the start and all seem to be in place.
i also can't open the admin page from the local host as i get an error
HTTP error 403.4 - Fobidden.
i tried also to create new certificates for Lync server, but issue remains.
Also, any solutions i've read for this problem doesn't work as everything is placed correct as other users suggest.
Can anyone please help me further?
Cheers,
Elias

Ok I had the same problem, I missconfigured the admin simple url in topology builder (TB) which I fixed. Also the default certificate in the FE server did not have a SAN entry for the "admin" simple url (which was an error).
So I corrected the admin address in TB republised it, redid step two on the FE, reissued adn replaced the old cert. The new cert had the corrected admin simple url. Checked IIS on the server and made sure that the internal web server had the
right certificate, restarted IIS.
The default Lync control pannel still did not come up, I rebooted the server, the closest I got was being prompt for my credential which it did not accept.
Finally control pannel came up with https://localhost/cscp but I got prompted becuase of a certificate missmatch:
but it still worked!!! Very very wierd. I have not changed CA servers. I am interested about why this happened....
[email protected] BK
Bob Krangle

List of CA is empty -- lync server 2013 installation

hello all,
I have a probleme , i'am installing lync server 2013 , at the part "certificate request" i see that the list to select one is empty.
i go under IIS=>server certificate and same thing=> nothing.
do I have to install some features maybe???
do you have a solution for me? i am using Win Server 2012
B.R

http://blogs.technet.com/b/xdot509/archive/2012/10/24/installing-a-two-tier-pki-hierarchy-in-windows-server-2012-part-ii-installing-a-root-certification-authority-with-the-gui.aspx

Persistent Chat (Lync Server 2013) with Lync 2010 Group Chat

I have successfully deployed Lync Server 2013 and both 2013 and 2010 desktop clients connect and function as expected.
The problem is with Persistent Chat. It works perfectly with the 2013 desktop client but - whilst 2010 Group Chat connects - I receive the error message "The [LOGON_DOMAIN] is not available". No chat rooms are available and I am unable to search.
I have been unable to locate anything on the web which discusses the problem.
I do not know whether this makes a difference but the 2010 clients use terminals rather than dedicated workstations.
Can anyone shed any light on what the problem may be?

Have you created a CsPersistentChatEndpoint to allow the Group Chat client (2010) to connect to Persistent
Chat server? Please take a look at: http://technet.microsoft.com/en-us/library/jj204901.aspx
Please mark posts as answers/helpful if it answers your question.
Blog
Lync Validator - Used to assist in the validation and documentation of Lync Server 2013.

Please help me resolve the Lync server 2013 deployment error: "An error occurred while applying SQL script for the feature BackendStore."

I am getting an error in "Step 2 - Setup or Remove Lync Server Components" of "Install or Update Lync Server System" step.
"An error occured while applying SQL script for the feature BackendStore. For details, see the log file...."
Additionally, all previous steps such as: Prepare Active Directory, Prepare first Standard Edition server, Install Administrative Tools, Create and publish topology are done without any errors. The user that I used to setup the Lync server is member of:
Administrators
CSAdministrator
Domain Admins
Domain Users
Enterprise Admins
Group Policy Creator Owners
RTCComponentUniversalServices
RTCHSUniversalServices
RTCUniversalConfigReplicator
RTCUniversalServerAdmins
Schema Admins
I have tried to re-install all the things and started to setup a new one many times but the same error still occurred. Please see the log below and give me any ideas/solutions to tackle this problem.
****Creating DbSetupInstance for 'Microsoft.Rtc.Common.Data.BlobStore'****
Initializing DbSetupBase
Parsing parameters...
Found Parameter: SqlServer Value lync.lctbu.com\rtc.
Found Parameter: SqlFilePath Value C:\Program Files\Common Files\Microsoft Lync Server 2013\DbSetup.
Found Parameter: Publisheracct Value LCTBU\RTCHSUniversalServices;RTC Server Local Group;RTC Local Administrators;LCTBU\RTCUniversalServerAdmins.
Found Parameter: Replicatoracct Value LCTBU\RTCHSUniversalServices;RTC Server Local Group.
Found Parameter: Consumeracct Value LCTBU\RTCHSUniversalServices;RTC Server Local Group;RTC Local Read-only Administrators;LCTBU\RTCUniversalReadOnlyAdmins.
Found Parameter: DbPath Value D:\CsData\BackendStore\rtc\DbPath.
Found Parameter: LogPath Value D:\CsData\BackendStore\rtc\LogPath.
Found Parameter: Role Value master.
Trying to connect to Sql Server lync.lctbu.com\rtc. using windows authentication...
Sql version: Major: 11, Minor: 0, Build 2100.
Sql version is acceptable.
Validating parameters...
DbName rtcxds validated.
SqlFilePath C:\Program Files\Common Files\Microsoft Lync Server 2013\DbSetup validated.
DbFileBase rtcxds validated.
DbPath D:\CsData\BackendStore\rtc\DbPath validated.
Effective database Path: \\lync.lctbu.com\D$\CsData\BackendStore\rtc\DbPath.
LogPath D:\CsData\BackendStore\rtc\LogPath validated.
Effective Log Path: \\lync.lctbu.com\D$\CsData\BackendStore\rtc\LogPath.
Checking state for database rtcxds.
Checking state for database rtcxds.
State of database rtcxds is detached.
Attaching database rtcxds from Data Path \\lync.lctbu.com\D$\CsData\BackendStore\rtc\DbPath, Log Path \\lync.lctbu.com\D$\CsData\BackendStore\rtc\LogPath.
The operation failed because of missing file '\\lync.lctbu.com\D$\CsData\BackendStore\rtc\DbPath\rtcxds.mdf'
Attaching database failed because one of the files not found. The database will be created.
State of database rtcxds is DbState_DoesNotExist.
Creating database rtcxds from scratch. Data File Path = D:\CsData\BackendStore\rtc\DbPath, Log File Path= D:\CsData\BackendStore\rtc\LogPath.
Clean installing database rtcxds.
Timeout expired. The timeout period elapsed prior to completion of the operation or the server is not responding.
****Creating DbSetupInstance for 'Microsoft.Rtc.Common.Data.RtcSharedDatabase'****
Initializing DbSetupBase
Parsing parameters...
Found Parameter: SqlServer Value lync.lctbu.com\rtc.
Found Parameter: SqlFilePath Value C:\Program Files\Common Files\Microsoft Lync Server 2013\DbSetup.
Found Parameter: Serveracct Value LCTBU\RTCHSUniversalServices;RTC Server Local Group.
Found Parameter: DbPath Value D:\CsData\BackendStore\rtc\DbPath.
Found Parameter: LogPath Value D:\CsData\BackendStore\rtc\LogPath.
Trying to connect to Sql Server lync.lctbu.com\rtc. using windows authentication...
Sql version: Major: 11, Minor: 0, Build 2100.
Sql version is acceptable.
Validating parameters...
DbName rtcshared validated.
SqlFilePath C:\Program Files\Common Files\Microsoft Lync Server 2013\DbSetup validated.
DbFileBase rtcshared validated.
DbPath D:\CsData\BackendStore\rtc\DbPath validated.
Effective database Path: \\lync.lctbu.com\D$\CsData\BackendStore\rtc\DbPath.
LogPath D:\CsData\BackendStore\rtc\LogPath validated.
Effective Log Path: \\lync.lctbu.com\D$\CsData\BackendStore\rtc\LogPath.
Checking state for database rtcshared.
Reading database version for database rtcshared.
Database version for database rtcshared - Schema Version5, Sproc Version 0, Update Version 1.
Thanks and Regards,
Thanh Le

Thanks Lạc
Phạm 2
I Had similar issue i end up uninstalling and reinstallting but same issue, then i change the drive but same issue. It was I/O issue. After adjusting my I/O it fix our issue and installation went on without any issue.
If any one using KVM here is detail article
We just give this option cache=‘writeback
using this article http://www.ducea.com/2011/07/06/howto-improve-io-performance-for-kvm-guests/ and http://itscblog.tamu.edu/improve-disk-io-performance-in-kvm/ this fix my issue thanks

How do I enforce "Show My Picture" instead of "Hide My Picture" in Lync Server 2013?

I was scouring TechNet and the web for a script that could perform the same task as one that I previously used for Lync 2010.
In Lync 2010, we had already used Lync policy to enforce that only the Active Directory photo could be used. One thing that we couldn't set via policy however was the ability to complete remove the "Hide My Picture" option in Lync 2010 client.
This left users with the ability to freely switch between showing the Corporate photo or no photo. I did eventually find and make use of script that constantly checked for this setting switch, then switched all users back to the desired "Show My Picture"
setting. I don't recall who wrote it, but it's easy to find on technet. As we started to move more and more users to our Lync 2013 enterprise pool, I noted that even though the script was running, the setting seemed to be changeable. A closer look revealed
that the script didn't function correctly against SQL for our 2013 pool.
I took the concept and applied it to Lync Server 2013 after studying the differences in Userdata. In Lync 2013, because UserData is in .zip, you need to convert it to 2010 format XML to use logic intended for Lync 2010. My script will extract 2013 data,
convert it to 2010, query for users who are set to "Hide My Picture" and then export any guilty users to an edited2010 XML. The script then converts this to 2013 Format .zip, and uploads the data for these users only. I chose to use Update-CSUserData
insted of Import-CSUserData as this avoids having to restart my Front End. I then use a scheduled task on my Front End server which runs this script every hour.
Please note: You can use this script, but I guarantee nothing about it's functionality, and I am not responsible for how you positively/negatively use it. You should always test things in a Lab Environment. Furthermore, this script was run on a relatively
smaller Enterprise system in which we are by default set to "Show My Picture" and already assigned as part of our user policy the ForceADPhoto attribute. This means that running the script is less intensive on my FE than say on a FE with 10,000 users
where none of the users were set to "Show My Picture". Please keep this in mind when planning to execute against your FE. You may want to edit my script and insert the -UserFilter or -WhatIf in the Export-CsUserData UpDate-CsUserData.
Anyways, I hope this solves the similar issue for many of you Lync 2013 administrators. Please feel free to share my work with others if it does, and also give this post some good feedback and/or mark my post as the answer to your problem.
Alas, here's the script (save it as a .ps1 , i.e. ForceShowMyPicture.ps1)
#Lync 2013 ForceShowMyPicture - Compiled by Octavio A. Serpa (Octavio-Admin on TechNet)
# Import Lync Module
Import-Module “C:\Program Files\Common Files\Microsoft Lync Server 2013\Modules\Lync\Lync.psd1"
###Variables To Set
#This variable is a folder where files will be temporarily written
$folderPath = “C:\Lync2013Scripts\Export”
#This is the FQDN of the pool in which the users you want to target reside
$poolFQDN = “<lyncpool.domain.local>”
###Done
#Message Out
Write-Host -ForegroundColor YELLOW “CHECKING THAT TEMP EXPORT FOLDER PATH EXISTS"
If (-not (Test-Path "$folderPath" -pathType container))
"ERROR: Your Export Directory doesn't exist!"
Exit
Write-Host -ForegroundColor Green “TEMP EXPORT FOLDER DOES EXIST"
Write-Host -ForegroundColor YELLOW “PRE-CLEANING OLD EXPORT/IMPORT FILES"
If (Test-Path "$folderPath\Lync2013UserData.zip") { Remove-Item "$folderPath\Lync2013UserData.zip" }
If (Test-Path "$folderPath\Lync2010UserData.xml") { Remove-Item "$folderPath\Lync2010UserData.xml" }
If (Test-Path "$folderPath\Lync2010EditedUserData.xml") { Remove-Item "$folderPath\Lync2010EditedUserData.xml" }
If (Test-Path "$folderPath\Lync2013EditedUserData.zip") { Remove-Item "$folderPath\Lync2013EditedUserData.zip" }
Write-Host -ForegroundColor Green “PRE-CLEANING COMPLETED SUCCESSFULLY"
#Message Out
Write-Host -ForegroundColor YELLOW “EXPORTING LYNC 2013 POOL USER DATA”
Export-CsUserData -PoolFqdn $poolFQDN -FileName $folderPath\Lync2013UserData.zip
Write-Host -ForegroundColor Green “EXPORT COMPLETED SUCCESSFULLY"
#Message Out
Write-Host -ForegroundColor YELLOW “CONVERTING LYNC 2013 USER DATA TO 2010 FORMAT”
Convert-CsUserData -InputFile "$folderPath\Lync2013UserData.Zip" -OutputFile "$folderPath\Lync2010UserData.xml" -TargetVersion Lync2010
Write-Host -ForegroundColor Green “CONVERSION COMPLETED SUCCESSFULLY"
#Message Out
Write-Host -ForegroundColor YELLOW “CHECKING THAT FORMAT CONVERSION WAS SUCCESSFUL AND .XML EXISTS”
If (-not (Test-Path "$folderPath\Lync2010UserData.xml" -pathType leaf))
"ERROR: Verify that $folderPath is writable!"
Exit
Write-Host -ForegroundColor Green “CONVERSION COMPLETED SUCCESSFULLY"
#Message Out
Write-Host -ForegroundColor YELLOW “LOADING XML”
$d = [xml] (Get-Content "$folderPath\Lync2010UserData.xml")
Write-Host -ForegroundColor Green “XML LOADING COMPLETED SUCCESSFULLY"
#Message Out
Write-Host -ForegroundColor YELLOW “CORRECTING AD PHOTO SETTING”
$changes = 0
$lastProcessedUser = $null
foreach ($hr in $d.HomedResources.HomedResource)
$found = 0
foreach ($c in $hr.Containers.Container)
  foreach ($p in $c.Publication)
   If ($p.CategoryName -eq 'contactCard' -and $p.InstanceNum -eq 6 -and $p.Data.contactCard.displayADPhoto -eq 'false')
    If ($hr.UserAtHost -ne $lastProcessedUser)
     "$($hr.UserAtHost) reset"
     $lastProcessedUser = $hr.UserAtHost
    $p.Data.contactCard.displayADPhoto = 'true'
    $p.Version = (([int] $p.Version) + 1).ToString()
    $p.PrevPubTime = $p.LastPubTime
    $p.LastPubTime = (Get-Date -Format s).ToString()
    $found = 1
    $changes++
If ($found -eq 0) { [Void]$d.HomedResources.RemoveChild($hr) }
Write-Host -ForegroundColor Green “AD PHOTO SETTING CORRECTIONS COMPLETED SUCCESSFULLY"
#Message Out
Write-Host -ForegroundColor YELLOW “Changes: $changes"
If ($changes -ne 0)
#Message Out
Write-Host -ForegroundColor YELLOW “RE-SAVING XML”
$d.Save("$folderPath\Lync2010EditedUserData.xml")
#Message Out
Write-Host -ForegroundColor YELLOW “CONVERTING LYNC 2010 .XML BACK TO 2013 .ZIP FORMAT"
Convert-CsUserData -InputFile "$folderPath\Lync2010EditedUserData.xml" -OutputFile "$folderPath\Lync2013EditedUserData.zip" -TargetVersion Current
#Message Out
Write-Host -ForegroundColor Green “CONVERSION BACK TO 2013 .ZIP FORMAT SUCCESSFUL"
#Message Out
Write-Host -ForegroundColor YELLOW “IMPORTING LYNC 2013 POOL DATA FOR CORRECTED USERS”
Update-CsUserData -FileName $folderPath\Lync2013EditedUserData.zip -Confirm:$false -Verbose
Write-Host -ForegroundColor Green “IMPORT COMPLETED SUCCESSFULLY"
Write-Host -ForegroundColor YELLOW “STARTING POST-IMPORT-CLEANUP OF EXPORT/IMPORT FILES"
If (Test-Path "$folderPath\Lync2013UserData.zip") { Remove-Item "$folderPath\Lync2013UserData.zip" }
If (Test-Path "$folderPath\Lync2010UserData.xml") { Remove-Item "$folderPath\Lync2010UserData.xml" }
If (Test-Path "$folderPath\Lync2010EditedUserData.xml") { Remove-Item "$folderPath\Lync2010EditedUserData.xml" }
If (Test-Path "$folderPath\Lync2013EditedUserData.zip") { Remove-Item "$folderPath\Lync2013EditedUserData.zip" }
Write-Host -ForegroundColor Green “POST-IMPORT-CLEANUP COMPLETED"
#Message Out
Write-Host -ForegroundColor Green “AD PHOTO SETTING SUCCESSFULLY UPDATED"

When I try to run this I get the follow error. Any thoughts?
Update-CsUserData : Unable to cast COM object of type 'System.__ComObject' to interface type
'Microsoft.Rtc.Interop.User.ICsUserManagement'. This operation failed because the QueryInterface call on
the COM component for the interface with IID '{D5ADD966-BDC3-4A8F-BFE8-6A59A9F74CB2}' failed due to the
following error: Class not registered (Exception from HRESULT: 0x80040154 (REGDB_E_CLASSNOTREG)).
At C:\Lync2013Scripts\ForceDisplayPhoto.ps1:113 char:1
+ Update-CsUserData -FileName $folderPath\Lync2013EditedUserData.zip -Confirm:$fal ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: ([email protected]:String) [Update-CsUserData], Invalid
   CastException
    + FullyQualifiedErrorId : Microsoft.Rtc.Management.AD.Cmdlets.ImportOcsUserDataCmdlet

Lync Server 2013 Installation Error

Hello,
I am using my AD in Windows Azure VMs. I created new VM of A3 (4 cores, 7 GB Memory) Windows Server 2012 R2, Port 1433 MSSQL added, made it a member of Domain and planned to install first Lync Server 2013 on it.
In "Setup or Remove Lync Server Components" of "Install or Update Lync Server System", got an Red Coloured text "An error
occurred while applying SQL script for the feature BackendStore."
I have not enabled monitoring and archiving server in topology builder. I added "Network Service" and assign "Full Control" in Security Permissions of "C:\CsData" and "C:\LyncShare".
I executed the SQL Setup Wizard and upgraded any instance to 2012.
Please guide.
Thanks, Divyaprakash Koli

Is the Lync deployment in Azure as well? If so please check this
blog by Guy Bachar. Look for "Houston, we have a problem"
Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question, please click "Mark As Answer"
Lync Sorted blog

Lync Server 2013 Standard Deployment: Cannot Open Service Control Manager...

Hi
thanks for any advice.I've just install Lync 2013 Standard as the steps in Technet,When I publish the topology,meet the error as listed.
****Creating DbSetupInstance for 'Microsoft.Rtc.Common.Data.XdsDatabase'****
Initializing DbSetupBase
Parsing parameters...
Found Parameter: SqlServer Value lync2012ek.ek2012.net\rtc.
Found Parameter: SqlFilePath Value C:\Program Files\Common Files\Microsoft Lync Server 2013\DbSetup.
Found Parameter: Publisheracct Value EK2012\RTCUniversalServerAdmins.
Found Parameter: Replicatoracct Value EK2012\RTCUniversalConfigReplicator.
Found Parameter: Consumeracct EK2012\RTCUniversalReadOnlyAdmins.
Found Parameter: Role Value master.
Trying to connect to Sql Server lync2012ek.ek2012.net\rtc. using windows authentication...
Exception Stack:
Type: System.InvalidOperationException, Message: Cannot open Service Control Manager on computer 'lync2012ek.ek2012.net'. This operation might require other privileges.
Type: System.ComponentModel.Win32Exception, Message: Access is denied.
best regards,
George
George Guo

please verify your computer name while you creating FQDN pool FQDN of Server name
example
computer name
is server1
domain name is abc.ae
so,
your FQDN pool name will be server1.abc.ae
problem solved :)

Lync Server 2013 - Edge Certificate Problem

Similar Messages

Maybe you are looking for