fcummins
asked on
Problems enabling users in Lync 2010
I'm on my second iteration of installing Lync 2010 in our office. The first go around went south when I (I think) screwed up some naming conventions. Fortunately I had not gone live with it but HAD enabled myself as a Lync user.
I've reinstalled and at least the services are starting fine. However, I am unable to enable myself and the other two domain admins. When I try to enable myself in the Lync control panel, I get the following error:
"Retrieve 'Lync Server User' returned warnings: 'RegistrarPool' with identity '1014961664' assigned to 'sip:adamsmith@domain.com' has been removed from configuration store."
When I run the "get-csuser" cmdlet I get the following result:
<<<begin paste>>>
Identity : CN=Adam Smith,CN=Users,DC=domain,D C=com
VoicePolicy :
ConferencingPolicy :
PresencePolicy :
DialPlan :
LocationPolicy :
ClientPolicy :
ClientVersionPolicy :
ArchivingPolicy :
PinPolicy :
ExternalAccessPolicy :
HostedVoiceMail :
HostedVoicemailPolicy :
HostingProvider : SRV:
RegistrarPool : 1014961664
Enabled : True
SipAddress : sip:adamsmith@comain.com
LineURI :
EnterpriseVoiceEnabled : False
HomeServer : CN=Lc Services,CN=Microsoft,CN=1 :1,CN=Pool s,CN=RTC Ser
vice,CN=Services,CN=Config uration,DC =domain,DC =com
DisplayName : Adam Smith
SamAccountName : adam
Identity : CN=Bob Thomas,CN=Users,DC=domain, DC=com
VoicePolicy :
ConferencingPolicy :
PresencePolicy :
DialPlan :
LocationPolicy :
ClientPolicy :
ClientVersionPolicy :
ArchivingPolicy :
PinPolicy :
ExternalAccessPolicy :
HostedVoiceMail :
HostedVoicemailPolicy :
HostingProvider :
RegistrarPool :
Enabled : True
SipAddress : sip:Bob Thomas@domain.com
LineURI :
EnterpriseVoiceEnabled : True
HomeServer : CN=LC Services,CN=Microsoft,CN=p ool1,CN=Po ols,CN=RTC S
ervice,CN=Services,CN=Conf iguration, DC=domain, DC=c
om
DisplayName : Bob Thomas
SamAccountName : bobt
Identity : CN=Charlie Uncle,CN=Users,DC=domain,D C=com
VoicePolicy :
ConferencingPolicy :
PresencePolicy :
DialPlan :
LocationPolicy :
ClientPolicy :
ClientVersionPolicy :
ArchivingPolicy :
PinPolicy :
ExternalAccessPolicy :
HostedVoiceMail :
HostedVoicemailPolicy :
HostingProvider :
RegistrarPool :
Enabled : True
SipAddress : sip:charlieuncle@domain.co m
LineURI :
EnterpriseVoiceEnabled : False
HomeServer : CN=LC Services,CN=Microsoft,CN=p ool1,CN=Po ols,CN=RTC S
ervice,CN=Services,CN=Conf iguration, DC=domain, DC=c
om
DisplayName : Charlie Uncle
SamAccountName : charlie
<<<end paste>>>
Any ideas?
I've reinstalled and at least the services are starting fine. However, I am unable to enable myself and the other two domain admins. When I try to enable myself in the Lync control panel, I get the following error:
"Retrieve 'Lync Server User' returned warnings: 'RegistrarPool' with identity '1014961664' assigned to 'sip:adamsmith@domain.com'
When I run the "get-csuser" cmdlet I get the following result:
<<<begin paste>>>
Identity : CN=Adam Smith,CN=Users,DC=domain,D
VoicePolicy :
ConferencingPolicy :
PresencePolicy :
DialPlan :
LocationPolicy :
ClientPolicy :
ClientVersionPolicy :
ArchivingPolicy :
PinPolicy :
ExternalAccessPolicy :
HostedVoiceMail :
HostedVoicemailPolicy :
HostingProvider : SRV:
RegistrarPool : 1014961664
Enabled : True
SipAddress : sip:adamsmith@comain.com
LineURI :
EnterpriseVoiceEnabled : False
HomeServer : CN=Lc Services,CN=Microsoft,CN=1
vice,CN=Services,CN=Config
DisplayName : Adam Smith
SamAccountName : adam
Identity : CN=Bob Thomas,CN=Users,DC=domain,
VoicePolicy :
ConferencingPolicy :
PresencePolicy :
DialPlan :
LocationPolicy :
ClientPolicy :
ClientVersionPolicy :
ArchivingPolicy :
PinPolicy :
ExternalAccessPolicy :
HostedVoiceMail :
HostedVoicemailPolicy :
HostingProvider :
RegistrarPool :
Enabled : True
SipAddress : sip:Bob Thomas@domain.com
LineURI :
EnterpriseVoiceEnabled : True
HomeServer : CN=LC Services,CN=Microsoft,CN=p
ervice,CN=Services,CN=Conf
om
DisplayName : Bob Thomas
SamAccountName : bobt
Identity : CN=Charlie Uncle,CN=Users,DC=domain,D
VoicePolicy :
ConferencingPolicy :
PresencePolicy :
DialPlan :
LocationPolicy :
ClientPolicy :
ClientVersionPolicy :
ArchivingPolicy :
PinPolicy :
ExternalAccessPolicy :
HostedVoiceMail :
HostedVoicemailPolicy :
HostingProvider :
RegistrarPool :
Enabled : True
SipAddress : sip:charlieuncle@domain.co
LineURI :
EnterpriseVoiceEnabled : False
HomeServer : CN=LC Services,CN=Microsoft,CN=p
ervice,CN=Services,CN=Conf
om
DisplayName : Charlie Uncle
SamAccountName : charlie
<<<end paste>>>
Any ideas?
ASKER
I can add current a/d users with the exception of the 3 above and I can create new a/d users and add them. It is just the 3 above I have issues with. With mine (adam smith), I get the error I detailed. With the other 2, they don't even show up when I do a search for them in the Lync Enable Users UI.
Thanks.
Thanks.
ASKER
So i now know that the issue has to do with the two users (Bob and Charlie) being Legacy users on the prior Lync system. However, the Lync FE and/or the FE pool (pool1) they were attached to is no longer in existence. Therefore the move-cslegacy user cmdlet continues to error out.
Any thoughts on how to rectify this?
(Note - while this may be PART of the issues with my "Adam Smith" account, it's by no means the only issue . . . I don't think . . . ah, I have no clue . . . )
Any thoughts on how to rectify this?
(Note - while this may be PART of the issues with my "Adam Smith" account, it's by no means the only issue . . . I don't think . . . ah, I have no clue . . . )
If you run adsiedit, connect to the Configuration naming context, and then browse down to Configuration > Services > RTC Service. Is the old Lync server listed there? If so, you should delete it.
The solution may involve using adsiedit to remove meta from the User objects, but unfortunately, I cannot point you to the necessary meta fields.
The solution may involve using adsiedit to remove meta from the User objects, but unfortunately, I cannot point you to the necessary meta fields.
ASKER
If you don't mind, can you clarify? Do you mean run it on the Lync Svr? On the DC?
Actually, I've run it on both but am unsure of where in RTC Service I need to look. Do you mind expounding?
Thank you.
Actually, I've run it on both but am unsure of where in RTC Service I need to look. Do you mind expounding?
Thank you.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
149cf, thanks for the help. I'm wondering now if I have bigger issues as when I go to:
DNC > dr > System
I have no "Microsoft" CN - just a "MicrosoftDNS" which I'm pretty sure you're not referring to.
That being said, I've "skipped" to the 2nd step (to only view) and compared one of the faulty accounts (Bob Thomas) with a "working" account (David Victor) and see that the value for the CN between "Microsoft" and "Pools" ARE different. The value for DV is "1:1", the value for BT is "pool1". Can I simply edit that and all will be right in my world?
DNC > dr > System
I have no "Microsoft" CN - just a "MicrosoftDNS" which I'm pretty sure you're not referring to.
That being said, I've "skipped" to the 2nd step (to only view) and compared one of the faulty accounts (Bob Thomas) with a "working" account (David Victor) and see that the value for the CN between "Microsoft" and "Pools" ARE different. The value for DV is "1:1", the value for BT is "pool1". Can I simply edit that and all will be right in my world?
You can try to edit it. I would recommend editing one of your working test accounts to "pool1" and see if it duplicates your problem. Then edit that account back to "1:1" and see if it fixes the problem. I hate to hose up a production object.
I'm also worried about why you don't have a Microsoft>RTC Service object. This may indicate that your schema is not properly updated or replicated for Lync.
Check this article on how to install and to check the schema: http://technet.microsoft.com/en-us/library/gg412729.aspx
Cheers.
I'm also worried about why you don't have a Microsoft>RTC Service object. This may indicate that your schema is not properly updated or replicated for Lync.
Check this article on how to install and to check the schema: http://technet.microsoft.com/en-us/library/gg412729.aspx
Cheers.
ASKER
Ok, re: the missing Microsoft>RTC Service . . . it WAS in Configuration - I just didn't look correctly I guess. And for "Pools" I show 2 - your "1:1" as well as a "pool1".
Also, I verified the Schema using the article you referenced and have the correct upper and lower limit values so the schema replicated fine (which, after finding the RTC Service, I assumed was the case.)
Am going to create a dummy user, enable them (which will put them in the correct pool, I believe) then go in and change to see what happens. Unless you think I shouldn't.
Again, thank you for the help - I really appreciate it.
Also, I verified the Schema using the article you referenced and have the correct upper and lower limit values so the schema replicated fine (which, after finding the RTC Service, I assumed was the case.)
Am going to create a dummy user, enable them (which will put them in the correct pool, I believe) then go in and change to see what happens. Unless you think I shouldn't.
Again, thank you for the help - I really appreciate it.
Also, look in your Lync console, under topology, how many pools or servers are listed? If its only one, then your "pool1" may just be an orphaned pool. I would not delete anything if you get your few "bad" user accounts to work.
Cheers
Cheers
ASKER
Just one pool is listed. Working on the dummy account now.
Thanks.
Thanks.
ASKER
Awesome!!! Thanks, 149CF!!!! Between your help and this article:
http://terenceluk.blogspot.com/2011/04/attempting-to-enable-user-for-microsoft.html
I was able to remove Bob and Charlie from the legacy pool. Once they were removed, I was able to add them to the correct pool with a little tweaking (they were domain admins so I had to do the "include inheritable permissions . . . " fix [http://uctechi.blogspot.com/2011/02/insufficient-access-rights-to-enable.html]- not exactly best practices, should've done it in the shell) was able to add them. Also somehow managed to get mine (Adam Smith) fixed and enabled as well.
Again, I greatly appreciate the help.
http://terenceluk.blogspot.com/2011/04/attempting-to-enable-user-for-microsoft.html
I was able to remove Bob and Charlie from the legacy pool. Once they were removed, I was able to add them to the correct pool with a little tweaking (they were domain admins so I had to do the "include inheritable permissions . . . " fix [http://uctechi.blogspot.com/2011/02/insufficient-access-rights-to-enable.html]- not exactly best practices, should've done it in the shell) was able to add them. Also somehow managed to get mine (Adam Smith) fixed and enabled as well.
Again, I greatly appreciate the help.
ASKER
Thanks again!
What happens if you make a new domain account and attempt to add it to Lync?