• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 4012
  • Last Modified:

Problems enabling users in Lync 2010

I'm on my second iteration of installing Lync 2010 in our office.  The first go around went south when I (I think) screwed up some naming conventions.  Fortunately I had not gone live with it but HAD enabled myself as a Lync user.

I've reinstalled and at least the services are starting fine.  However, I am unable to enable myself and the other two domain admins.  When I try to enable myself in the Lync control panel, I get the following error:

"Retrieve 'Lync Server User' returned warnings: 'RegistrarPool' with identity '1014961664' assigned to 'sip:adamsmith@domain.com' has been removed from configuration store."

When I run the "get-csuser" cmdlet I get the following result:

<<<begin paste>>>



Identity               : CN=Adam Smith,CN=Users,DC=domain,DC=com
VoicePolicy            :
ConferencingPolicy     :
PresencePolicy         :
DialPlan               :
LocationPolicy         :
ClientPolicy           :
ClientVersionPolicy    :
ArchivingPolicy        :
PinPolicy              :
ExternalAccessPolicy   :
HostedVoiceMail        :
HostedVoicemailPolicy  :
HostingProvider        : SRV:
RegistrarPool          : 1014961664
Enabled                : True
SipAddress             : sip:adamsmith@comain.com
LineURI                :
EnterpriseVoiceEnabled : False
HomeServer             : CN=Lc Services,CN=Microsoft,CN=1:1,CN=Pools,CN=RTC Ser
                         vice,CN=Services,CN=Configuration,DC=domain,DC=com
DisplayName            : Adam Smith
SamAccountName         : adam

Identity               : CN=Bob Thomas,CN=Users,DC=domain,DC=com
VoicePolicy            :
ConferencingPolicy     :
PresencePolicy         :
DialPlan               :
LocationPolicy         :
ClientPolicy           :
ClientVersionPolicy    :
ArchivingPolicy        :
PinPolicy              :
ExternalAccessPolicy   :
HostedVoiceMail        :
HostedVoicemailPolicy  :
HostingProvider        :
RegistrarPool          :
Enabled                : True
SipAddress             : sip:Bob Thomas@domain.com
LineURI                :
EnterpriseVoiceEnabled : True
HomeServer             : CN=LC Services,CN=Microsoft,CN=pool1,CN=Pools,CN=RTC S
                         ervice,CN=Services,CN=Configuration,DC=domain,DC=c
                         om
DisplayName            : Bob Thomas
SamAccountName         : bobt

Identity               : CN=Charlie Uncle,CN=Users,DC=domain,DC=com
VoicePolicy            :
ConferencingPolicy     :
PresencePolicy         :
DialPlan               :
LocationPolicy         :
ClientPolicy           :
ClientVersionPolicy    :
ArchivingPolicy        :
PinPolicy              :
ExternalAccessPolicy   :
HostedVoiceMail        :
HostedVoicemailPolicy  :
HostingProvider        :
RegistrarPool          :
Enabled                : True
SipAddress             : sip:charlieuncle@domain.com
LineURI                :
EnterpriseVoiceEnabled : False
HomeServer             : CN=LC Services,CN=Microsoft,CN=pool1,CN=Pools,CN=RTC S
                         ervice,CN=Services,CN=Configuration,DC=domain,DC=c
                         om
DisplayName            : Charlie Uncle
SamAccountName         : charlie



<<<end paste>>>

Any ideas?
1
fcummins
Asked:
fcummins
  • 8
  • 5
1 Solution
 
149CFCommented:
I'm not a Lync expert, but offering a suggestion.  You may have to remove the Lync meta from the first installation, or at least the pool information from the users.  We migrated from LCS 2005 to Lync.  To do so, we had to remove all users from the LCS pools before they could be imported.  

What happens if you make a new domain account and attempt to add it to Lync?
0
 
fcumminsAuthor Commented:
I can add current a/d users with the exception of the 3 above and I can create new a/d users and add them.  It is just the 3 above I have issues with.  With mine (adam smith), I get the error I detailed.  With the other 2, they don't even show up when I do a search for them in the Lync Enable Users UI.

Thanks.
0
 
fcumminsAuthor Commented:
So i now know that the issue has to do with the two users (Bob and Charlie) being Legacy users on the prior Lync system.  However, the Lync FE and/or the FE pool (pool1) they were attached to is no longer in existence.  Therefore the move-cslegacy user cmdlet continues to error out.

Any thoughts on how to rectify this?

(Note - while this may be PART of the issues with my "Adam Smith" account, it's by no means the only issue . . . I don't think . . . ah, I have no clue . . . )
0
Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

 
149CFCommented:
If you run adsiedit, connect to the Configuration naming context, and then browse down to Configuration > Services > RTC Service.  Is the old Lync server listed there? If so, you should delete it.  

The solution may involve using adsiedit to remove meta from the User objects, but unfortunately, I cannot point you to the necessary meta fields.
0
 
fcumminsAuthor Commented:
If you don't mind, can you clarify?  Do you mean run it on the Lync Svr?  On the DC?

Actually, I've run it on both but am unsure of where in RTC Service I need to look.  Do you mind expounding?

Thank you.
0
 
149CFCommented:
My appologies, I told you wrong. You can run ADSI Edit from any domain PC, it should connect to the FSMO by default, I think.

The location I specified is for OCS.  For Lync in my environment, it is here:
Connect to Default Naming Context > domain root > System > Microsoft > RTC Service

Under here you can see the listed Pools.  I have 2 pools listed, as my topology has the Lync server on one host (pool 1:1) and then the Archive and Monitor on another host (pool 1:2). You should be able to verify your topology here.

Next, go to your user object using the same Default Naming Conext.  Jump down to Users (or your user OU) > (any other OU that hosts your account) > your user object.  right click your user object and select properties.  Scroll down to the msRTCSIP-PrimaryHomeServer attribute.  

Here is my value: CN=Lc Services,CN=Microsoft,CN=1:1,CN=Pools,CN=RTC Service,CN=Microsoft,CN=System,DC=MyDomain,DC=net

The CN=1:1 represents my Lync server.  This is the value that I think may be suspect in your environment.
0
 
fcumminsAuthor Commented:
149cf, thanks for the help.  I'm wondering now if I have bigger issues as when I go to:

DNC > dr > System

I have no "Microsoft" CN - just a "MicrosoftDNS" which I'm pretty sure you're not referring to.

That being said, I've "skipped" to the 2nd step (to only view) and compared one of the faulty accounts (Bob Thomas) with a "working" account (David Victor) and see that the value for the CN between "Microsoft" and "Pools" ARE different.  The value for DV is "1:1", the value for BT is "pool1".  Can I simply edit that and all will be right in my world?
0
 
149CFCommented:
You can try to edit it.  I would recommend editing one of your working test accounts to "pool1" and see if it duplicates your problem.  Then edit that account back to "1:1" and see if it fixes the problem.  I hate to hose up a production object.

I'm also worried about why you don't have a Microsoft>RTC Service object.  This may indicate that your schema is not properly updated or replicated for Lync.  

Check this article on how to install and to check the schema: http://technet.microsoft.com/en-us/library/gg412729.aspx

Cheers.
0
 
fcumminsAuthor Commented:
Ok, re: the missing Microsoft>RTC Service . . . it WAS in Configuration - I just didn't look correctly I guess.  And for "Pools" I show 2 - your "1:1" as well as a "pool1".

Also, I verified the Schema using the article you referenced and have the correct upper and lower limit values so the schema replicated fine (which, after finding the RTC Service, I assumed was the case.)

Am going to create a dummy user, enable them (which will put them in the correct pool, I believe) then go in and change to see what happens.  Unless you think I shouldn't.

Again, thank you for the help - I really appreciate it.
0
 
149CFCommented:
Also, look in your Lync console, under topology, how many pools or servers are listed? If its only one, then your "pool1" may just be an orphaned pool. I would not delete anything if you get your few "bad" user accounts to work.

Cheers
0
 
fcumminsAuthor Commented:
Just one pool is listed.  Working on the dummy account now.

Thanks.
0
 
fcumminsAuthor Commented:
Awesome!!!  Thanks, 149CF!!!!  Between your help and this article:

http://terenceluk.blogspot.com/2011/04/attempting-to-enable-user-for-microsoft.html

I was able to remove Bob and Charlie from the legacy pool.  Once they were removed, I was able to add them to the correct pool with a little tweaking (they were domain admins so I had to do the "include inheritable permissions . . . " fix [http://uctechi.blogspot.com/2011/02/insufficient-access-rights-to-enable.html]- not exactly best practices, should've done it in the shell) was able to add them.  Also somehow managed to get mine (Adam Smith) fixed and enabled as well.

Again, I greatly appreciate the help.
0
 
fcumminsAuthor Commented:
Thanks again!
0

Featured Post

Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

  • 8
  • 5
Tackle projects and never again get stuck behind a technical roadblock.
Join Now