Why do I see 'Unable to check revocation because the revocation server was offline'?

Similar Messages

• Certificate issues Active Directory Certificate Services could not process request 3699 due to an error: The revocation function was unable to check revocation because the revocation server was offline. 0x80092013

  Hi,
  We have some problems with our Root CA. I can se a lot of failed requests. with the event id 22: in the logs. The description is: Active Directory Certificate Services could not process request 3686 due to an error: The revocation function was unable to
  check revocation because the revocation server was offline. 0x80092013 (-2146885613).  The request was for CN=xxxxx.ourdomain.com.  Additional information: Error Verifying Request Signature or Signing Certificate
  A couple of months ago we decomissioned one of our old 2003 DCs and it looks like this server might have had something to do with the CA structure but I am not sure whether this was in use or not since I could find the role but I wasn't able to see any existing
  configuration.
  Let's say that this server was previously responsible for the certificates and was the server that should have revoked the old certs, what can I do know to try and correct the problem?
  Thank you for your help
  //Cris

  hello,
  let me recap first:
  you see these errors on a ROOT CA. so it seems like the ROOT CA is also operating as an ISSUING CA. Some clients try to issue a new certificate from the ROOT CA and this fails with your error mentioned.
  do you say that you had a PREVIOUS CA which you decomissioned, and you now have a brand NEW CA, that was built as a clean install? When you decommissioned the PREVIOUS CA, that was your design decision to don't bother with the current certificates that it
  issued and which are still valid, right?
  The error says, that the REQUEST signature cannot be validated. REQUESTs are signed either by itself (self-signed) or if they are renewal requests, they would be signed with the previous certificate which the client tries to renew. The self-signed REQUESTs
  do not contain CRL paths at all.
  So this implies to me as these requests that are failing are renewal requests. Renewal requests would contain CRL paths of the previous certificates that are nearing their expiration.
  As there are many such REQUEST and failures, it probably means that the clients use AUTOENROLLMENT, which tries to renew their current, but shortly expiring, certificates during (by default) their last 6 weeks of lifetime.
  As you decommissioned your PREVIOUS CA, it does not issue CRL anymore and the current certificates cannot be checked for validity.
  Thus, if the renewal tries to renew them by using the NEW CA, your NEW CA cannot validate CRL of the PREVIOUS CA and will not issue new certificates.
  But it would not issue new certificates anyway even if it was able to verify the PREVIOUS CA's CRL, as it seems your NEW CA is completely brand new, without being restored from the PREVIOUS CA's database. Right?
  So simply don't bother :-) As long as it was your design to decommission the PREVIOUS CA without bothering with its already issued certificates.
  The current certificates which autoenrollment tries to renew cannot be checked for validity. They will also slowly expire over the next 6 weeks or so. After that, autoenrollment will ask your NEW CA to issue a brand new certificate without trying to renew.
  Just a clean self-signed REQUEST.
  That will succeed.
  You can also verify this by trying to issue a certificate on an affected machine manually from Certificates MMC.
  ondrej.

• Subordinate certification authority can't start ADCS service: The revocation function was unable to check revocation because the revocation server was offline. 0x80092013 (-2146885613 CRYPT_E_REVOCATION_OFFLINE).

  Hi
  I have 1 rootCA and 1 subordinate CA. I removed one of the locations to publish CRL and after that the ADCS service can't start. I get the warning first:
  Revocation status for a certificate in the chain for CA certificate 2 for siu-SRVDC01-CA could not be verified because a server is currently unavailable.  The revocation function was unable to check revocation because the revocation server was offline.
  0x80092013 (-2146885613 CRYPT_E_REVOCATION_OFFLINE).
  And then the error:
  Active Directory Certificate Services did not start: Could not load or verify the current CA certificate.  siu-SRVDC01-CA The revocation function was unable to check revocation because the revocation server was offline. 0x80092013 (-2146885613 CRYPT_E_REVOCATION_OFFLINE).
  I've read many threads with similar problems but I can't find the solution. The CDP is online. I've run "certutil -url cert.cer" to verify the CDP and AIA and everything is fine. But the service is still not starting.
  See this command too:
  C:\>certutil -verify -urlfetch subCADC01.cer
  Issuer:
      CN=siu-SRVDC02-CA
      DC=siu
      DC=domain
    Name Hash(sha1): 152a7c43f186d9179c1c3256d3a1a0af4a9df892
    Name Hash(md5): b409e417a38bbe04b5800512bd94efac
  Subject:
      CN=siu-SRVDC01-CA
      DC=siu
      DC=domain
    Name Hash(sha1): 5ee421b84c3b18ff134cf2e42226853d78d3409b
    Name Hash(md5): e1a454692361733e45dad374dc14cae3
  Cert Serial Number: 1e0000022c707c76c0a27b315700000000022c
  dwFlags = CA_VERIFY_FLAGS_CONSOLE_TRACE (0x20000000)
  dwFlags = CA_VERIFY_FLAGS_DUMP_CHAIN (0x40000000)
  ChainFlags = CERT_CHAIN_REVOCATION_CHECK_CHAIN_EXCLUDE_ROOT (0x40000000)
  HCCE_LOCAL_MACHINE
  CERT_CHAIN_POLICY_BASE
  -------- CERT_CHAIN_CONTEXT --------
  ChainContext.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
  ChainContext.dwRevocationFreshnessTime: 1 Hours, 2 Minutes, 16 Seconds
  SimpleChain.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
  SimpleChain.dwRevocationFreshnessTime: 1 Hours, 2 Minutes, 16 Seconds
  CertContext[0][0]: dwInfoStatus=102 dwErrorStatus=0
    Issuer: CN=siu-SRVDC02-CA, DC=siu, DC=domain
    NotBefore: 19.03.2015 11:18
    NotAfter: 19.03.2017 11:28
    Subject: CN=siu-SRVDC01-CA, DC=siu, DC=domain
    Serial: 1e0000022c707c76c0a27b315700000000022c
    Template: SubCA
    a1a8a95464c5b586da6e9b304142d59fc5a22ae0
    Element.dwInfoStatus = CERT_TRUST_HAS_KEY_MATCH_ISSUER (0x2)
    Element.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
    ----------------  Certificate AIA  ----------------
    Verified "Certificate (0)" Time: 0
      [0.0] http://wwwca/CertEnroll/srvdc02.siu.domain_siu-SRVDC02-CA.crt
    ----------------  Certificate CDP  ----------------
    Verified "Base CRL (26)" Time: 0
      [0.0] http://sharepoint.siu.no:8088/siu-SRVDC02-CA.crl
    ----------------  Base CRL CDP  ----------------
    No URLs "None" Time: 0
    ----------------  Certificate OCSP  ----------------
    No URLs "None" Time: 0
      CRL 26:
      Issuer: CN=siu-SRVDC02-CA, DC=siu, DC=domain
      ThisUpdate: 19.03.2015 11:10
      NextUpdate: 15.09.2015 23:30
      e2ee543a68214f9b99dda2e9f58b1ddfc34429d1
  CertContext[0][1]: dwInfoStatus=10c dwErrorStatus=0
    Issuer: CN=siu-SRVDC02-CA, DC=siu, DC=domain
    NotBefore: 23.09.2011 13:00
    NotAfter: 23.09.2021 13:10
    Subject: CN=siu-SRVDC02-CA, DC=siu, DC=domain
    Serial: 60fc459ebdefa5b646a081b0c21c259d
    4ea8bb95b0038c69a83c939e8a54f892cd0b5056
    Element.dwInfoStatus = CERT_TRUST_HAS_NAME_MATCH_ISSUER (0x4)
    Element.dwInfoStatus = CERT_TRUST_IS_SELF_SIGNED (0x8)
    Element.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
    ----------------  Certificate AIA  ----------------
    No URLs "None" Time: 0
    ----------------  Certificate CDP  ----------------
    No URLs "None" Time: 0
    ----------------  Certificate OCSP  ----------------
    No URLs "None" Time: 0
  Exclude leaf cert:
    691f7e42f5c4a86d03b7225bf7303369ef6dcc7e
  Full chain:
    17e5b9477a1736c33dc0ff245e7b06de5b958c4c
  Verified Issuance Policies: None
  Verified Application Policies: All
  Cert is a CA certificate
  Leaf certificate revocation check passed
  CertUtil: -verify command completed successfully.
  Any clue?

  It looks like it is trying to get the CRL using LDAP. It is quite strange since no ldap entry is on the subordinate CA,
  only an HTTP address:
            <CertificateRevocationList location="TvoCache" url="ldap:///CN=siu-SRVDC02-CA,CN=srvdc02,CN=CDP,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=siu,DC=domain?certificateRevocationList?base?objectClass=cRLDistributionPoint"
  fileRef="DEEB557897A9FEA217DF83D95BF24CA54051B1CF.crl" issuerName="siu-SRVDC02-CA" />
              <CertificateRevocationList deltaCRL="true" location="TvoCache" url="ldap:///CN=siu-SRVDC02-CA,CN=srvdc02,CN=CDP,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=siu,DC=domain?deltaRevocationList?base?objectClass=cRLDistributionPoint" 
  I have checked that object using adsi Edit and the permissions seem ok. Also there is a value on both attributes: certificateRevocationList and deltaRevocationList.
  This problem happened after I removed the LDAP entry for the "CRL Distribution point" from the sub CA properties. Should I add back the LDAP entry?
  Log Name:      Microsoft-Windows-CAPI2/Operational
  Source:        Microsoft-Windows-CAPI2
  Date:          19.03.2015 14:42:07
  Event ID:      11
  Task Category: Build Chain
  Level:         Error
  Keywords:      Path Discovery,Path Validation
  User:          SYSTEM
  Computer:      srvdc01.siu.domain
  Description:
  For more details for this event, please refer to the "Details" section
  Event Xml:
  <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
    <System>
      <Provider Name="Microsoft-Windows-CAPI2" Guid="{5bbca4a8-b209-48dc-a8c7-b23d3e5216fb}" />
      <EventID>11</EventID>
      <Version>0</Version>
      <Level>2</Level>
      <Task>11</Task>
      <Opcode>2</Opcode>
      <Keywords>0x4000000000000003</Keywords>
      <TimeCreated SystemTime="2015-03-19T13:42:07.481533500Z" />
      <EventRecordID>131</EventRecordID>
      <Correlation />
      <Execution ProcessID="6288" ThreadID="5472" />
      <Channel>Microsoft-Windows-CAPI2/Operational</Channel>
      <Computer>srvdc01.siu.domain</Computer>
      <Security UserID="S-1-5-18" />
    </System>
    <UserData>
      <CertGetCertificateChain>
        <Certificate fileRef="E02AA2C59FD54241309B6EDA86B5C56454A9A8A1.cer" subjectName="siu-SRVDC01-CA" />
        <ExtendedKeyUsage />
        <Flags value="40000000" CERT_CHAIN_REVOCATION_CHECK_CHAIN_EXCLUDE_ROOT="true" />
        <ChainEngineInfo context="machine" />
        <CertificateChain chainRef="{60B61582-1C3C-4B58-AE8C-70278ADEE402}" revocationFreshnessTime="P2DT21H13M20S">
          <TrustStatus>
            <ErrorStatus value="1000040" CERT_TRUST_REVOCATION_STATUS_UNKNOWN="true" CERT_TRUST_IS_OFFLINE_REVOCATION="true" />
            <InfoStatus value="100" CERT_TRUST_HAS_PREFERRED_ISSUER="true" />
          </TrustStatus>
          <ChainElement>
            <Certificate fileRef="E02AA2C59FD54241309B6EDA86B5C56454A9A8A1.cer" subjectName="siu-SRVDC01-CA" />
            <SignatureAlgorithm oid="1.2.840.113549.1.1.5" hashName="SHA1" publicKeyName="RSA" />
            <PublicKeyAlgorithm oid="1.2.840.113549.1.1.1" publicKeyName="RSA" publicKeyLength="2048" />
            <TrustStatus>
              <ErrorStatus value="1000040" CERT_TRUST_REVOCATION_STATUS_UNKNOWN="true" CERT_TRUST_IS_OFFLINE_REVOCATION="true" />
              <InfoStatus value="102" CERT_TRUST_HAS_KEY_MATCH_ISSUER="true" CERT_TRUST_HAS_PREFERRED_ISSUER="true" />
            </TrustStatus>
            <ApplicationUsage any="true" />
            <IssuanceUsage />
            <RevocationInfo freshnessTime="P2DT21H13M20S">
              <RevocationResult value="80092013">The revocation function was unable to check revocation because the revocation server was offline.</RevocationResult>
              <StrongSignProperties signHash="RSA/SHA1" issuerPublicKeyLength="2048" />
              <DeltaStrongSignProperties signHash="RSA/SHA1" issuerPublicKeyLength="2048" />
              <CertificateRevocationList location="TvoCache" url="ldap:///CN=siu-SRVDC02-CA,CN=srvdc02,CN=CDP,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=siu,DC=domain?certificateRevocationList?base?objectClass=cRLDistributionPoint"
  fileRef="DEEB557897A9FEA217DF83D95BF24CA54051B1CF.crl" issuerName="siu-SRVDC02-CA" />
              <CertificateRevocationList deltaCRL="true" location="TvoCache" url="ldap:///CN=siu-SRVDC02-CA,CN=srvdc02,CN=CDP,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=siu,DC=domain?deltaRevocationList?base?objectClass=cRLDistributionPoint"
  fileRef="58A2CDBC7A238DDD76EEFEDE354A04596F5AED71.crl" issuerName="siu-SRVDC02-CA" />
            </RevocationInfo>
          </ChainElement>
          <ChainElement>
            <Certificate fileRef="56500BCD92F8548A9E933CA8698C03B095BBA84E.cer" subjectName="siu-SRVDC02-CA" />
            <SignatureAlgorithm oid="1.2.840.113549.1.1.5" hashName="SHA1" publicKeyName="RSA" />
            <PublicKeyAlgorithm oid="1.2.840.113549.1.1.1" publicKeyName="RSA" publicKeyLength="2048" />
            <TrustStatus>
              <ErrorStatus value="0" />
              <InfoStatus value="10C" CERT_TRUST_HAS_NAME_MATCH_ISSUER="true" CERT_TRUST_IS_SELF_SIGNED="true" CERT_TRUST_HAS_PREFERRED_ISSUER="true" />
            </TrustStatus>
            <ApplicationUsage any="true" />
            <IssuanceUsage any="true" />
          </ChainElement>
        </CertificateChain>
        <EventAuxInfo ProcessName="certsrv.exe" />
        <CorrelationAuxInfo TaskId="{54E4FCD3-E70A-4024-BB81-6A053EAACE21}" SeqNumber="9" />
        <Result value="80092013">The revocation function was unable to check revocation because the revocation server was offline.</Result>
      </CertGetCertificateChain>
    </UserData>
  </Event>

• IPhone 6 is unable to send email because the sender address was rejected by the server

  When I try to send emails from my Microsoft Outlook for Mac, I get a message that says "Unable to Send Email.  A copy has been placed in your Outbox.  The sender address was rejected by the server."  I've checked all the settings (it is a POP account).  I've deleted and re-installed.  Any suggestions??

  Please see this article on setting up an email account using the shaw mail server.
  https://community.shaw.ca/docs/DOC-2181
  Good luck Friend.

• Hi - when I check for available downloads I get the message "unable to  check for downloads the network connection was lost" this isn't a network problem as I can download directly (just cannot check for downloads) on any of my Mac's PLEASE HELP!!

  Hi - I have had this problem since the last update to OSX 10.9
  I cannot check for downloads as I constantly get the error message - nothing seems to work (including contacting apple support) - grateful for the help of any genius out there!
  thank you (and happy new year)

  Launch iTunes on your computer.
  From the menu bar click iTunes > Preferences then select the Advanced tab.
  Click Reset warnings and Reset cache
  Click OK.
  Restart your computer, launch iTunes.
  Click Store > Check for Available Downloads...

• Unable to access calendar, because the calendar server is not running.

  Hello everyone.
  I'm new in posts (not in read them) and I need some help.
  This subject message appears when I try to access my iCal on Wiki Page.
  We have here 2 Intel xServers, one with Web and features and other with Gateway and network management.
  My Web Service, has Wiki, Blog, Calendar enable services, all up and running normally without errors, but the iCal I can't access showing that error on page.
  I Installed the Mac OS Server Snow Leopard from the begin (formatting...), configured all things and ok.
  But since starts the calendar was with that error.
  The server is updated to 10.6.6.
  I will really appreciate to be helped. Thanks from now!
  Here is an iCal Log:
  45:13-0200 [-] [caldav-8015] [-] [calendarserver.tap.caldav.CalDAVServiceMaker#info] Setting up root resource: <class 'calendarserver.provision.root.RootResource'>
  2011-01-14 10:45:13-0200 [-] [caldav-8015] [-] [calendarserver.tap.caldav.CalDAVServiceMaker#info] Setting up time zone service resource: <class 'twistedcaldav.static.TimezoneServiceFile'>
  2011-01-14 10:45:13-0200 [-] [caldav-8015] [-] [calendarserver.tap.caldav.CalDAVServiceMaker#info] Setting up WebCalendar resource: /usr/share/collaboration
  2011-01-14 10:45:13-0200 [-] [caldav-8015] [-] [calendarserver.tap.caldav.CalDAVServiceMaker#info] Setting up WebAdmin resource
  2011-01-14 10:45:13-0200 [-] [caldav-8015] [-] [calendarserver.tap.caldav.CalDAVServiceMaker#info] Setting up Timezone Cache
  2011-01-14 10:45:13-0200 [-] [caldav-8015] [-] [calendarserver.tap.caldav.CalDAVServiceMaker#info] Configuring authentication wrapper
  2011-01-14 10:45:13-0200 [-] [caldav-8015] [-] [calendarserver.tap.caldav.CalDAVServiceMaker#info] Setting up service
  2011-01-14 10:45:13-0200 [-] [caldav-8015] [-] [calendarserver.tap.caldav.CalDAVServiceMaker#info] Logging via AF_UNIX: /var/run/caldavd.sock
  2011-01-14 10:45:13-0200 [-] [caldav-8015] [-] [calendarserver.tap.caldav.CalDAVServiceMaker#info] Configuring log observer: <twistedcaldav.accesslog.AMPCommonAccessLoggingObserver object at 0x1021b0b50>
  2011-01-14 10:45:13-0200 [-] [caldav-8015] [-] [calendarserver.tap.caldav.CalDAVServiceMaker#info] Adding SSL server at 127.0.0.1:8450
  2011-01-14 10:45:13-0200 [-] [caldav-8016] [-] [calendarserver.tap.caldav.CalDAVServiceMaker#info] Redirecting HTTP port 127.0.0.1:8016 to HTTPS port 127.0.0.1:8443
  2011-01-14 10:45:13-0200 [-] [caldav-8016] [-] twext.web2.channel.http.HTTP503LoggingFactory starting on 8451
  2011-01-14 10:45:13-0200 [-] [caldav-8016] [-] twisted.web2.channel.http.HTTPFactory starting on 8016
  2011-01-14 10:45:13-0200 [-] [caldav-8016] [-] set uid/gid 93/93
  2011-01-14 10:45:13-0200 [twistedcaldav.accesslog.AMPLoggingFactory] AMPLoggingProtocol connection established (HOST:UNIXSocket('/var/run/caldavd.sock') PEER:UNIXSocket(''))
  2011-01-14 10:45:13-0200 [-] [caldav-8016] [-] AMP connection established (HOST:UNIXSocket(None) PEER:UNIXSocket('/var/run/caldavd.sock'))
  2011-01-14 10:45:13-0200 [-] [caldav-8012] [-] [calendarserver.tap.caldav.CalDAVServiceMaker#info] Configuring SudoDirectoryService with file: /etc/caldavd/sudoers.plist
  2011-01-14 10:45:13-0200 [-] [caldav-8009] [-] [calendarserver.tap.caldav.CalDAVServiceMaker#info] Redirecting HTTP port 127.0.0.1:8009 to HTTPS port 127.0.0.1:8443
  2011-01-14 10:45:13-0200 [-] [caldav-8012] [-] [calendarserver.tap.caldav.CalDAVServiceMaker#info] Configuring authentication for realm: /Search
  2011-01-14 10:45:13-0200 [-] [caldav-8012] [-] [calendarserver.tap.caldav.CalDAVServiceMaker#info] Setting up scheme: wiki
  2011-01-14 10:45:13-0200 [-] [caldav-8012] [-] [calendarserver.tap.caldav.CalDAVServiceMaker#info] Setting up scheme: digest
  2011-01-14 10:45:13-0200 [-] [caldav-8012] [-] [calendarserver.tap.caldav.CalDAVServiceMaker#info] Setting up document root at: /Users/dincaoadm/Desktop/test
  2011-01-14 10:45:13-0200 [-] [caldav-8012] [-] [calendarserver.tap.caldav.CalDAVServiceMaker#info] Setting up principal collection: <class 'twistedcaldav.directory.principal.DirectoryPrincipalProvisioningResource'>
  2011-01-14 10:45:13-0200 [-] [caldav-8012] [-] [calendarserver.tap.caldav.CalDAVServiceMaker#info] Setting up calendar collection: <class 'twistedcaldav.static.CalendarHomeProvisioningFile'>
  2011-01-14 10:45:13-0200 [-] [caldav-8009] [-] twext.web2.channel.http.HTTP503LoggingFactory starting on 8444
  2011-01-14 10:45:13-0200 [-] [caldav-8009] [-] twisted.web2.channel.http.HTTPFactory starting on 8009
  2011-01-14 10:45:13-0200 [-] [caldav-8012] [-] [calendarserver.tap.caldav.CalDAVServiceMaker#info] Setting up root resource: <class 'calendarserver.provision.root.RootResource'>
  2011-01-14 10:45:13-0200 [-] [caldav-8009] [-] set uid/gid 93/93
  2011-01-14 10:45:13-0200 [-] [caldav-8009] [-] AMP connection established (HOST:UNIXSocket(None) PEER:UNIXSocket('/var/run/caldavd.sock'))
  2011-01-14 10:45:13-0200 [twistedcaldav.accesslog.AMPLoggingFactory] AMPLoggingProtocol connection established (HOST:UNIXSocket('/var/run/caldavd.sock') PEER:UNIXSocket(''))
  2011-01-14 10:45:13-0200 [-] [caldav-8012] [-] [calendarserver.tap.caldav.CalDAVServiceMaker#info] Setting up time zone service resource: <class 'twistedcaldav.static.TimezoneServiceFile'>
  2011-01-14 10:45:13-0200 [-] [caldav-8012] [-] [calendarserver.tap.caldav.CalDAVServiceMaker#info] Setting up WebCalendar resource: /usr/share/collaboration
  2011-01-14 10:45:13-0200 [-] [caldav-8012] [-] [calendarserver.tap.caldav.CalDAVServiceMaker#info] Setting up WebAdmin resource
  2011-01-14 10:45:13-0200 [-] [caldav-8012] [-] [calendarserver.tap.caldav.CalDAVServiceMaker#info] Setting up Timezone Cache
  2011-01-14 10:45:13-0200 [-] [caldav-8012] [-] [calendarserver.tap.caldav.CalDAVServiceMaker#info] Configuring authentication wrapper
  2011-01-14 10:45:13-0200 [-] [caldav-8012] [-] [calendarserver.tap.caldav.CalDAVServiceMaker#info] Setting up service
  2011-01-14 10:45:13-0200 [-] [caldav-8012] [-] [calendarserver.tap.caldav.CalDAVServiceMaker#info] Logging via AF_UNIX: /var/run/caldavd.sock
  2011-01-14 10:45:13-0200 [-] [caldav-8012] [-] [calendarserver.tap.caldav.CalDAVServiceMaker#info] Configuring log observer: <twistedcaldav.accesslog.AMPCommonAccessLoggingObserver object at 0x1021b0b50>
  2011-01-14 10:45:13-0200 [-] [caldav-8012] [-] [calendarserver.tap.caldav.CalDAVServiceMaker#info] Adding SSL server at 127.0.0.1:8447
  2011-01-14 10:45:13-0200 [-] [caldav-8013] [-] [calendarserver.tap.caldav.CalDAVServiceMaker#info] Redirecting HTTP port 127.0.0.1:8013 to HTTPS port 127.0.0.1:8443
  2011-01-14 10:45:13-0200 [-] [caldav-8013] [-] twext.web2.channel.http.HTTP503LoggingFactory starting on 8448
  2011-01-14 10:45:13-0200 [-] [caldav-8013] [-] twisted.web2.channel.http.HTTPFactory starting on 8013
  2011-01-14 10:45:13-0200 [-] [caldav-8013] [-] set uid/gid 93/93
  2011-01-14 10:45:13-0200 [twistedcaldav.accesslog.AMPLoggingFactory] AMPLoggingProtocol connection established (HOST:UNIXSocket('/var/run/caldavd.sock') PEER:UNIXSocket(''))
  2011-01-14 10:45:13-0200 [-] [caldav-8013] [-] AMP connection established (HOST:UNIXSocket(None) PEER:UNIXSocket('/var/run/caldavd.sock'))
  2011-01-14 10:45:13-0200 [-] [caldav-8010] [-] [calendarserver.tap.caldav.CalDAVServiceMaker#info] Redirecting HTTP port 127.0.0.1:8010 to HTTPS port 127.0.0.1:8443
  2011-01-14 10:45:13-0200 [-] [caldav-8010] [-] twext.web2.channel.http.HTTP503LoggingFactory starting on 8445
  2011-01-14 10:45:13-0200 [-] [caldav-8010] [-] twisted.web2.channel.http.HTTPFactory starting on 8010
  2011-01-14 10:45:13-0200 [-] [caldav-8010] [-] set uid/gid 93/93
  2011-01-14 10:45:13-0200 [twistedcaldav.accesslog.AMPLoggingFactory] AMPLoggingProtocol connection established (HOST:UNIXSocket('/var/run/caldavd.sock') PEER:UNIXSocket(''))
  2011-01-14 10:45:13-0200 [-] [caldav-8010] [-] AMP connection established (HOST:UNIXSocket(None) PEER:UNIXSocket('/var/run/caldavd.sock'))
  2011-01-14 10:45:13-0200 [-] [caldav-8015] [-] [calendarserver.tap.caldav.CalDAVServiceMaker#info] Redirecting HTTP port 127.0.0.1:8015 to HTTPS port 127.0.0.1:8443
  2011-01-14 10:45:13-0200 [-] [caldav-8015] [-] twext.web2.channel.http.HTTP503LoggingFactory starting on 8450
  2011-01-14 10:45:13-0200 [-] [caldav-8015] [-] twisted.web2.channel.http.HTTPFactory starting on 8015
  2011-01-14 10:45:13-0200 [-] [caldav-8015] [-] set uid/gid 93/93
  2011-01-14 10:45:13-0200 [twistedcaldav.accesslog.AMPLoggingFactory] AMPLoggingProtocol connection established (HOST:UNIXSocket('/var/run/caldavd.sock') PEER:UNIXSocket(''))
  2011-01-14 10:45:13-0200 [-] [caldav-8015] [-] AMP connection established (HOST:UNIXSocket(None) PEER:UNIXSocket('/var/run/caldavd.sock'))
  2011-01-14 10:45:13-0200 [-] [caldav-8012] [-] [calendarserver.tap.caldav.CalDAVServiceMaker#info] Redirecting HTTP port 127.0.0.1:8012 to HTTPS port 127.0.0.1:8443
  2011-01-14 10:45:13-0200 [-] [caldav-8012] [-] twext.web2.channel.http.HTTP503LoggingFactory starting on 8447
  2011-01-14 10:45:13-0200 [-] [caldav-8012] [-] twisted.web2.channel.http.HTTPFactory starting on 8012
  2011-01-14 10:45:13-0200 [-] [caldav-8012] [-] set uid/gid 93/93
  2011-01-14 10:45:13-0200 [twistedcaldav.accesslog.AMPLoggingFactory] AMPLoggingProtocol connection established (HOST:UNIXSocket('/var/run/caldavd.sock') PEER:UNIXSocket(''))
  2011-01-14 10:45:13-0200 [-] [caldav-8012] [-] AMP connection established (HOST:UNIXSocket(None) PEER:UNIXSocket('/var/run/caldavd.sock'))
  2011-01-14 10:45:13-0200 [-] [caldav-8014] [-] [calendarserver.tap.caldav.CalDAVServiceMaker#info] Redirecting HTTP port 127.0.0.1:8014 to HTTPS port 127.0.0.1:8443
  2011-01-14 10:45:13-0200 [-] [caldav-8014] [-] twext.web2.channel.http.HTTP503LoggingFactory starting on 8449
  2011-01-14 10:45:13-0200 [-] [caldav-8014] [-] twisted.web2.channel.http.HTTPFactory starting on 8014
  2011-01-14 10:45:13-0200 [-] [caldav-8014] [-] set uid/gid 93/93
  2011-01-14 10:45:13-0200 [twistedcaldav.accesslog.AMPLoggingFactory] AMPLoggingProtocol connection established (HOST:UNIXSocket('/var/run/caldavd.sock') PEER:UNIXSocket(''))
  2011-01-14 10:45:13-0200 [-] [caldav-8014] [-] AMP connection established (HOST:UNIXSocket(None) PEER:UNIXSocket('/var/run/caldavd.sock'))
  2011-01-14 10:45:13-0200 [-] [caldav-8011] [-] [calendarserver.tap.caldav.CalDAVServiceMaker#info] Redirecting HTTP port 127.0.0.1:8011 to HTTPS port 127.0.0.1:8443
  2011-01-14 10:45:13-0200 [-] [caldav-8011] [-] twext.web2.channel.http.HTTP503LoggingFactory starting on 8446
  2011-01-14 10:45:13-0200 [-] [caldav-8011] [-] twisted.web2.channel.http.HTTPFactory starting on 8011
  2011-01-14 10:45:13-0200 [-] [caldav-8011] [-] set uid/gid 93/93
  2011-01-14 10:45:13-0200 [twistedcaldav.accesslog.AMPLoggingFactory] AMPLoggingProtocol connection established (HOST:UNIXSocket('/var/run/caldavd.sock') PEER:UNIXSocket(''))
  2011-01-14 10:45:13-0200 [-] [caldav-8011] [-] AMP connection established (HOST:UNIXSocket(None) PEER:UNIXSocket('/var/run/caldavd.sock'))

  Hi,
  Note this is a 10.5 forum and so 10.6 problems may not correspond.
  However, I noted the following log entry:
  http://calendarserver.tap.caldav.CalDAVServiceMaker#info Setting up document root at: /Users/dincaoadm/Desktop/test
  For collaboration service with wikis, the document root should be located at /Library/CalendarServer/Documents
  Which leads me to suspect your iCalServer is not setup correctly for wiki/calendar service.
  Before selecting calendar service in the web setup ensure the iCalServer service is running correctly.
  HTH,
  Harry

• HT4623 I have an apple 3GS phone .I connected to iTunes while updating from 4.1 version, after the updation has been completed it's coming unable to activate iPhone because. the activation server is temporarily unavailable.I connected to iTunes but its no

  My iPhone cannot be activated can u tell me the reason.

  Has the device ever been hacked or jailbroken?

• Exchange 2010 - The certificate status could not be determined because the revocation check failed.

  I have tried everything I have found online to get my DigiCert to work.
  I have exported the cert and imported it into my child domains and they look perfect.
  It is just my parent domain having issues.
  netsh winhttp show proxy
  does show my correct proxy server for http and https and port 8080
  I have tried name, FQDN and IP address.
  In the Bypass-list I have tried none, *.domain.com, and a list of all domains and child domains in my forest.
  I have flushed the cache
  certutil -urlcache crl delete
  certutil -urlcache ocsp delete
  and rebooted the Exchange 2010 (Windows 2008 R2) server
  No matter what, I still see in my Server Configuration for the parent domain's DigiCert cert the message
  The certificate status could not be determined because the revocation check failed.
  with a red X on the left hand icon.  Again, Child domains all say "The certificate is valid for Exchange Server usage."
  Note: In spite of having the red X, I was able to assign via EMS the services.
  Webmail works fine.  Outlook Anywhere fails... I suspect it is due to my red X problem.
  Suggestions?
  Thanks in Advance
  Jim.
  Jim.

  I have contacted DigiCert and they said the cert is working per their utility, hence the problem is outside the scope of their support.
  I have followed, several times, http://support.microsoft.com/kb/979694
  http://www.digicert.com/help/  reports all is well.
  The DigiCertUtil.exe reports all is well and happy.
  I have run
  netsh winhttp set proxy proxy-server="http=myproxy:8080;https=myproxy:8080" bypass-list="*.mydomain.com"
  Current WinHTTP proxy settings:
      Proxy Server(s) :  http=myproxy:8080;https=myproxy:8080
      Bypass List     :  *.mydomain.com
  I have flushed the cache using the commands
  certutil -urlcache crl delete
  certutil -urlcache ocsp delete
   I still see in my Server Configuration for the parent domain's DigiCert cert the message
  "The certificate status could not be determined because the revocation check failed."
  with a red X on the left hand certificate icon. 
  To verify the cert via command line:
  certutil -verify -urlfetch c:\mail_domain_com.cer
  LoadCert(Cert) returned ASN1 bad tag value met. 0x8009310b (ASN: 267)
  CertUtil: -verify command FAILED: 0x8009310b (ASN: 267)
  CertUtil: ASN1 bad tag value met.
  I suspect this is why I cannot get Outlook Anywhere to connect.
  Child domains show a happy certificate icon. Parent domain does not.
  Still scratching my head.
  Thanks all!
  Jim.

• HT3275 Why does Time Machine say it's unable to back up because the disk is full -- even tho it's supposed to delete the oldest backups when that happens?

  I'm running OS 10.6.8 on an imac from around 2011.  I back up with Time Machine to an external hard drive that has about 500 GB.  Until now, I've had no problemsm, or at least that's what I thought.  But today I'm getting a message every hour saying "Time machine is unable to back up because the disk is full."  It IS full, but Time Machine is supposed to delete the oldest backups when that happens, and keep deleting them in order.
  Anyway, when I opened up my backup disk I discovered backups from February and most of March, nothing in April and nothing in May.
  I'm a little freaked.
  Does anybody know why that would happen and what to do about it?
  Thanks in advance.

  Hello, I don't use TM, but...
  Have you looked through Pondini's extensive TM help site?
  http://Pondini.org/TM/FAQ.html
  http://pondini.org/TM/Troubleshooting.html
  Can't imagine something not being covered there.

• The project cannot be checked out because the server is in read-only mode.

  Receiving the message "The project cannot be checked out because the server is in read-only mode." when a project manager is trying to access a project. He is a backup PM, and I'm wondering if that's why he is getting the message (since he is
  not the Owner or Status Manager of the project he is trying to access). We are using SharePoint permissions in Project Server 2013.

  Hi,
  I have a solution that might work for you, please follow steps below:
  1) Go to your project schedule, make a small modification to any task on schedule and 'Publish' the project.
  2) While your project is being published and saved, open another window 
  Server Settings -> Manage Queue Jobs
  3) Here you can view the progress of your current Project Publishing update, check if all goes smooth and your project is published successfully without indicating any errors :
   ( to view any error look at the last column of
  table on Manage Queue Job page)
  4) Also in your Project window see if the project is published and not saved as Draft.
  Basically this will give you a fair idea of your project being published or not.
  Regards

• Unable to evaluate expression because the code is optimized or a native frame is on top of the call stack.

  Hi,
  I am trying to run a long running process, by redirecting to the LongRunningView using the code below. But its throwing exception Can anyone please help
  string strCurrentUrl = SPUtility.OriginalServerRelativeRequestPath;
  strCurrentUrl = strCurrentUrl + "?ListName=" + strListName;
  ////Initiates the Excel Import
  if (ObjdtExcel != null && ObjdtExcel.Rows.Count > 0)
  ExcelImportJob objJob = new ExcelImportJob(strTabName, ObjdtExcel, strFileExt, SPContext.Current.Site.ID, SPContext.Current.Web.ID, strWorkflow, strListName);
  objJob.Title = "Excel Import Job";
  //// Redirect the user to another page when finished.
  objJob.RedirectWhenFinished = false;
  //// Specify if the user can cancel this.
  objJob.UserCanCancel = false;
  //// Specify the refresh rate of the job, here, the page polls every 5 seconds for completion.
  objJob.MillisecondsToWaitForFinish = 15000;
  //// Finally, start the job on a web.
  objJob.Start(SPContext.Current.Web);
  string strUrl = string.Format("{0}?JobId={1}&Source={2}", PROGRESS_PAGE_URL, objJob.JobId, strCurrentUrl);
  SPUtility.Redirect(strUrl, SPRedirectFlags.Default, HttpContext.Current);
  The exception being "Unable to evaluate expression because the code is optimized or a native frame is on top of the call stack."
  Arjun Menon U.K

  Hi Arjun,
  Any update?
  Best regards,
  Patrick
  Patrick Liang
  TechNet Community Support

• I have Hello screen after i slide to set up gel language options after select English , Egypt it request to connect with WI FI after connect start to activate my IPhone after that it unable to activated because the activation server is unavailable

  I have Hello screen after i slide to set up gel language options after select English , Egypt it request to connect with WI FI after connect start to activate my IPhone after that it unable to activated because the activation server is unavailable and request to connect to itunes and no activate.

  4 possible causes of that message:
  1] Activation server is actually down. Very rare occurrence, but it does happen.
  When it does occur, down time is very short. Solution - try again.
  2] Your firewall or antivirus are blocking the connection. Solution - temporarily
  deactivate your firewall or antivirus until the update completes.
  3] Computer being used for the activation has previously been used to jailbreak
  an iOS device. Solution - use a computer that has not been used to jailbreak an
  iOs device.
  4] Your iPhone is jailbroken. Google may provide some direction. Be advised the jailbreak
  may have made changes that will prevent the iPhone from successfully activating.
  Terms of Use for this forum prohibit discussion of jailbroken iPhones.

• Computer crashed. But i saved my PSD every like 30 seconds.. Now i open my file it says "Unable to complete request because the file is not compatible with this version of Photoshop"

  So my friend posted a funny pic in her christmas outfit and I thought it would be fun to turn it into a fake Christmas Movie poster..
  Anyways.. My computer crashed.. "It does that sometimes" I re-opened my PSD and it says "Unable to complete request because the file is not compatible with this version of Photoshop"
  Anyway to recover ANY of the file?
  Here is the file im having trouble with. You can download it here if you are interested in taking a look: http://portalpacific.net/movieposter.psd
  Thanks for any help! Happy New years designers!

  PortalPacific wrote:
  …Here is the file im having trouble with. You can download it here if you are interested in taking a look:  …http://portalpacific.net/movieposter.psd
  I downloaded it and looked at it.  Even Graphic Converter can't recover any pixels or meaningful data, just some general information:
  In my experience, if GraphicConverter can't open it, nothing will.
  Your file is toast  Sorry.

• BEA-149505  -The administration server was unable to establish JMX Connect.

  hello
  Getting the following error, trying to access the weblogic admin server ( Linux x86-64 RHL50) after a fresh install.
  BEA-149505 The administration server was unable to establish JMX Connectivity with the managedServer at the JMX Service URL of <none > URL in the AdminServer LogiI
  1. what steps and configuration files do I need to access to add the url
  I will like to add that the node manager and the cluster screen were NOT configured during the configuration, since this is NOT an OIM configuration
  2. if you have any tips please let me know
  r.

  faisal
  thank for your feedback. I added this in my startup script, but I was NOT able to get the web access to work and when I shot it down, there was an error.
  Here is the startup script, Please show me when to place the scripts
  #!/bin/sh
  # WARNING: This file is created by the Configuration Wizard.
  # Any changes to this script may be lost when adding extensions to this configuration.
  # --- Start Functions ---
  stopAll()
  # We separate the stop commands into a function so we are able to use the trap command in Unix (calling a function) to stop these services
  if [ "X${ALREADY_STOPPED}" != "X" ] ; then
  exit
  fi
  # STOP DERBY (only if we started it)
  if [ "${DERBY_FLAG}" = "true" ] ; then
  echo "Stopping Derby server..."
  ${WL_HOME}/common/derby/bin/stopNetworkServer.sh >"${DOMAIN_HOME}/derbyShutdown.log" 2>&1
  echo "Derby server stopped."
  fi
  ALREADY_STOPPED="true"
  # --- End Functions ---
  # This script is used to start WebLogic Server for this domain.
  # To create your own start script for your domain, you can initialize the
  # environment by calling @USERDOMAINHOME/setDomainEnv.
  # setDomainEnv initializes or calls commEnv to initialize the following variables:
  # BEA_HOME - The BEA home directory of your WebLogic installation.
  # JAVA_HOME - Location of the version of Java used to start WebLogic
  # Server.
  # JAVA_VENDOR - Vendor of the JVM (i.e. BEA, HP, IBM, Sun, etc.)
  # PATH - JDK and WebLogic directories are added to system path.
  # WEBLOGIC_CLASSPATH
  # - Classpath needed to start WebLogic Server.
  # PATCH_CLASSPATH - Classpath used for patches
  # PATCH_LIBPATH - Library path used for patches
  # PATCH_PATH - Path used for patches
  # WEBLOGIC_EXTENSION_DIRS - Extension dirs for WebLogic classpath patch
  "/erasdevapp/weblogic/user_projects/domains/base_domain/bin/startWebLogic
  umask 037
  # Call setDomainEnv here.
  DOMAIN_HOME="/erasdevapp/weblogic/user_projects/domains/base_domain"
  . ${DOMAIN_HOME}/bin/setDomainEnv.sh $*
  SAVE_JAVA_OPTIONS="${JAVA_OPTIONS}"
  SAVE_CLASSPATH="${CLASSPATH}"
  # Start Derby
  DERBY_DEBUG_LEVEL="0"
  if [ "${DERBY_FLAG}" = "true" ] ; then
  ${WL_HOME}/common/derby/bin/startNetworkServer.sh >"${DOMAIN_HOME}/derby.log" 2>&1
  fi
  JAVA_OPTIONS="${SAVE_JAVA_OPTIONS}"
  SAVE_JAVA_OPTIONS=""
  CLASSPATH="${SAVE_CLASSPATH}"
  SAVE_CLASSPATH=""
  trap 'stopAll' 1 2 3 15
  if [ "${PRODUCTION_MODE}" = "true" ] ; then
  WLS_DISPLAY_MODE="Production"
  WLS_DISPLAY_MODE="Production"
  else
  WLS_DISPLAY_MODE="Development"
  fi
  if [ "${WLS_USER}" != "" ] ; then
  JAVA_OPTIONS="${JAVA_OPTIONS} -Dweblogic.management.username=${WLS_USER}"
  fi
  if [ "${WLS_PW}" != "" ] ; then
  JAVA_OPTIONS="${JAVA_OPTIONS} -Dweblogic.management.password=${WLS_PW}"
  fi
  if [ "${MEDREC_WEBLOGIC_CLASSPATH}" != "" ] ; then
  if [ "${CLASSPATH}" != "" ] ; then
  CLASSPATH="${CLASSPATH}${CLASSPATHSEP}${MEDREC_WEBLOGIC_CLASSPATH}"
  else
  CLASSPATH="${MEDREC_WEBLOGIC_CLASSPATH}"
  fi
  fi
  echo "."
  echo "."
  echo "JAVA Memory arguments: ${MEM_ARGS}"
  echo "."
  echo "WLS Start Mode=${WLS_DISPLAY_MODE}"
  echo "."
  echo "CLASSPATH=${CLASSPATH}"
  echo "."
  echo "PATH=${PATH}"
  echo "."
  echo "***************************************************"
  echo "* To start WebLogic Server, use a username and *"
  echo "* password assigned to an admin-level user. For *"
  echo "* server administration, use the WebLogic Server *"
  echo "* console at http://hostname:port/console *"
  echo "***************************************************"
  # CLASS CACHING
  if [ "${CLASS_CACHE}" = "true" ] ; then
  echo "Class caching enabled..."
  JAVA_OPTIONS="${JAVA_OPTIONS} -Dlaunch.main.class=${SERVER_CLASS} -Dlaunch.class.path="${CLASSPATH}" -Dlaunch.complete=weblogic.store.internal.LockManagerImpl -cp ${WL_HOME}/server/lib/pcl2.jar"
  export JAVA_OPTIONS
  SERVER_CLASS="com.oracle.classloader.launch.Launcher"
  fi
  # START WEBLOGIC
  echo "starting weblogic with Java version:"
  ${JAVA_HOME}/bin/java ${JAVA_VM} -version
  if [ "${WLS_REDIRECT_LOG}" = "" ] ; then
  echo "Starting WLS with line:"
  echo "${JAVA_HOME}/bin/java ${JAVA_VM} ${MEM_ARGS} -Dweblogic.Name=${SERVER_NAME} -Djava.security.policy=${WL_HOME}/server/lib/weblogic.policy ${JAVA_OPTIONS} ${PROXY_SETTINGS} ${SERVER_CLASS}"
  ${JAVA_HOME}/bin/java ${JAVA_VM} ${MEM_ARGS} -Dweblogic.Name=${SERVER_NAME} -Djava.security.policy=${WL_HOME}/server/lib/weblogic.policy ${JAVA_OPTIONS} ${PROXY_SETTINGS} ${SERVER_CLASS}
  else
  echo "Redirecting output from WLS window to ${WLS_REDIRECT_LOG}"
  ${JAVA_HOME}/bin/java ${JAVA_VM} ${MEM_ARGS} -Dweblogic.Name=${SERVER_NAME} -Djava.security.policy=${WL_HOME}/server/lib/weblogic.policy ${JAVA_OPTIONS} ${PROXY_SETTINGS} ${SERVER_CLASS} >"${WLS_REDIRECT_LOG}" 2>&1
  fi
  stopAll
  popd
  # Exit this script only if we have been told to exit.
  if [ "${doExitFlag}" = "true" ] ; then
  exit
  fi

• Memory gates checking failed because the free memory is less than 5% of total memory

  ·         Business
  Goal: Achieve a stable environment
  ·         Repro
  Steps: n/a
  ·         Expected
  Results: I expect the MSCRM Async services to use a relatively static amount of RAM
  ·         Actual
  Results: Over the weekend, the memory hit critical mass and CRM failed
  ·         Environment:
   Windows Server 2008, SQL Server 2008, CRM 2013 On Premise - both on the same box, Email Router is installed on the same box. We have not yet applied either of the two new UR for 2013.
  I'm currently experiencing a memory leak in our production environment. I will fill out the details shortly.
  Here's the error:
  Log Name:      Application
  Source:        System.ServiceModel 4.0.0.0
  Date:          4/20/2014 11:39:14 PM
  Event ID:      3
  Task Category: WebHost
  Level:         Error
  Keywords:      Classic
  User:          NETWORK SERVICE
  Computer:      server.domain.com
  Description:
  WebHost failed to process a request.
  Sender Information: System.ServiceModel.ServiceHostingEnvironment+HostingManager/58366981
  Exception: System.ServiceModel.ServiceActivationException: The service '/VisualWorkplace/XRMServices/2011/Organization.svc' cannot be activated due to an exception during compilation. 
  The exception message is:Memory gates checking failed because the free memory (1240145920 bytes) is less than
  5% of total memory.  As a result, the service will not be available for incoming requests.  To resolve this, either reduce the load on the machine or adjust the value of minFreeMemoryPercentageToActivateService on the serviceHostingEnvironment config
  element.. ---> System.InsufficientMemoryException: Memory gates checking failed because the free memory (1240145920 bytes) is less than 5% of total memory.  As a result, the service will not be available for incoming requests.  To resolve
  this, either reduce the load on the machine or adjust the value of minFreeMemoryPercentageToActivateService on the serviceHostingEnvironment config element.
     at System.ServiceModel.Activation.ServiceMemoryGates.Check(Int32 minFreeMemoryPercentage, Boolean throwOnLowMemory, UInt64& availableMemoryBytes)
     at System.ServiceModel.ServiceHostingEnvironment.HostingManager.CheckMemoryCloseIdleServices(EventTraceActivity eventTraceActivity)
     at System.ServiceModel.ServiceHostingEnvironment.HostingManager.EnsureServiceAvailable(String normalizedVirtualPath, EventTraceActivity eventTraceActivity)
  We just recently increased the available memory from 8GB to 24GB to help ensure that there is enough memory. This error never happened on CRM v4. According to the resource monitor, SQL is only reserving 20.7GB of RAM and there is 694MB of RAM in Standby.
  The main Async service is using 660MB and the maintenance Async service is using 265MB.
  To resolve the issue temporarily, I restarted both Async services this morning. Shortly after everything came back, they were holding fairly steady around 350MB and 200MB. It's been six hours since then.
  The last time I spoke with Microsoft about a similar problem, they suggested increasing the amount of RAM.

  It became more and more of a problem. It was impacting the users in a more subtle way at first. You couldn't configure the CRM for Outlook client. After a while, they couldn't use CRM in Outlook at all and users reporting not being able to complete phone
  call activities. I opened a ticket with MS and they suggested the same as Wilson Lou did. The organization error had nothing to do with the creep on the async services usage of RAM. It was indeed caused by SQL stealing all of the memory. Limiting the max usage
  to 24GB RAM has resolved that error. 
  My Async processes are still using a LOT of RAM, but now that I have more than enough RAM, it doesn't seem to be a problem anymore. They are currently using about 700MB RAM each.
  Also, I have upgraded to SP1, UR2.
  Eric Hula - CRM Administrator