Couldn’t find the Enterprise Organization Container

Was working on my Wave 15 lab materials early this morning when my Exchange 2013′s IIS just crashed on me. Which resulted I need to rebuild the whole Exchange Virtual machine (too bothersome to troubleshoot as I was running short of time). So as quickly as possible, I’ve wipe out the Operating System disk and recreate a differencing disk (the beauty of Hyper-V, saves me plenty of time of copying a sysprep VHD )

Once the machine is booted, I’d attempted to rebuild the Exchange by using the /m:RecoverServer cmdlet but failed as I’ve accidentally wiped the Databases File as well (sheessh). So I’d to re-run the entire installation process. However, any obstacle had “bestowed” upon me when the Setup detects that the Exchange was previously installed with Exchange and didn’t allow me to proceed with it.

So my next step to quickly resolve this matter (please don’t do this in the production!):

• Run ADSIedit
• Anchor to the Services under the Configuration Container (CN=Configuration, DC=Domain, DC=com)
• Locate & delete every single object within Microsoft Exchange & Microsoft Exchange Autodiscover

Next reboot the machine and re-run the installer; another problem hit me.

Run the pre-requisites check, a bunch of permissions issues was thrown, namely that my account wasn’t part of the Organization Management Security Group & Enterprise Admin Security Group although the account is still intact with those groups. Hence I decided to re-run Prepare Schema & Prepare AD just to confirm. This time, a different error was thrown, from the Exchange Setup Log, this was capture:

[ERROR] Setup encountered a problem while validating the state of Active Directory: Couldn’t Find the Enterprise Organization container

And after searching a bit, I found an article which helped: Duplicate Microsoft Exchange System Objects container exists in Active Directory. Within the ADUC, I’d deleted the entire container Microsoft Exchange System Objects

Walla, once it’s deleted, the Setup can now proceed. :p

Updated [24th April 2013, 3.30PM]

OK, it seems that the above clean-up wasn’t sufficient and I was forced to start from scratch. It appears that someone has already blogged about it and I came to notice that this is not a supported method for Exchange clean-up: Exchange Clean-up

However, I hope it proves useful for those out there seeking for information and help

Error in Lync Archiving Report

Last week, I’d was instructed to draw out some Archived conversation for auditing purposes and while accessing the Lync Archiving Report, an error was thrown to me when running the query:

An error has occurred during report processing. (rsProcessingAborted). Cannot create a connection to the data source “DataSource1″. (rsErrorOpeningConnection) A Network-related or instance-specific error occurred while establishing a connection to SQL Server. The Server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: Name pipe Provider, error: 40 – Could not open a connection to SQL Server)

After affirming the followings are functioning:

• SQL Server Services (Archiving Instance Name) is running
• SQL Database is remotely accessible using the SQL Management Server
• SQL Services listening on port 1433

I’d to check the SQL Reporting configuration.

From the top of the web page, anchor onto Lync Archiving Report, in which the page will bring you into the SQL Server Reporting Services:

Move the mouse cursor over to the Lync Archiving Report > Select Manage to open up the Configuration Page

 

To solve this issue, change the parameters under the custom data source:

Data Source=SQLServerFQDN\Instance;Initial Catalog=LCSLog

Run the Test Connection to confirm the configuration and click on Apply. Go back to the Archiving Query page and there should be output on the Archived Messages

 

Updating Lync Server 2013 with Cumulative Update 1 (CU1)

As most of us had been waiting for the release of Lync Server 2013 CU1′s release, it was officially available for download on February (close to a month back). Some may have updated the system and some may be still puzzling what would be the correct method, I’ve compile a step-by-step guide (for reference purposes only) to update CU1 on a Enterprise Edition Pool (EE) Server:

Step 1: Download the updates where you may refer from here. I suggest that to download the entire installer and let Lync Server 2013 detects the requires updates. If your Lync Server doesn’t allow direct Internet access, then you’ll need to download the components based on the server roles that has been deployed. In this guide, it is assumed that the Lync Server 2013 that will be deploying the CU1 has Internet access.

Step 2: Starting from the Pool Server, execute the CU1 Installer and click on the Install Updates

Wait for the Installer to execute and updates the Lync System

When prompt for reboot, click on Yes

Step 3: Once the system is back online, it is time to update the backend database. As I do not have any mirrored database configured within my environment, the only command that needs to be execute are as follows:

Install-CsDatabase -ConfiguredDatabases -SqlServerFqdn SQL.Domain.com -Verbose

Step 4: Update the CMS Server by running the cmdlet:

Install-CsDatabase -CentralManagementDatabase -SqlServerFqdn CMS.Domain.com -SqlInstanceName InstanceName -Verbose

Step 5: Commit the changes to the Topology builder:

Enable-CsTopology

Step 6: Once the Topology has been updated and publish. Run the following command to ensure that the changes are propagated across all of the server roles:

Get-CSManagementStoreReplicationStatus -CentralManagementStoreStatus

Repeat Step 1 – Step 5 applying CU1 on the other server roles as well:

Under the Access Edge Server, run the same CU Server Update Installer and select Install Updates

Upon completion, the Access Edge services will be automatically restarted

Lync Server 2013 Updates (February 2013)

What a great day to start! Good news for those whom have been waiting for Lync 2013 Cumulative Updates especially on the Mobility features. Catch up with the Lync Server 2013 Conference Keynote on why is it so exciting.

Here’s the bunch of goody packs has been release by Microsoft for Lync Server 2013 Engineering team:

Cumulative Updates & Administrative Tools

Lync Server 2013, February 2013 CU1

Lync Server 2013 Resource Kit Tools

Lync Server 2013 Debugging Tools

Lync Server 2013 Whiteboard Archiving Viewer

Lync Server 2013 Persistent Chat Resource Kit

Designing & Planning Tools

Lync Server 2013 Planning Tool

Lync Server 2013 Capacity Calculator

Lync Connectivity Analyzer – 32-bit & 64-bit

Development

Lync Server 2013 SDK

Lync Server 2013 Persistent Chat SDK

Unified Communications Managed API (UCMA) 4.0

Client

Lync Basic 2013 (Communicator) – 32-bit & 64-bit (with Additional Language support)

Lync VDI 2013 Plugin – 32-bit & 64-bit (with Additional Language support)

Wondering the difference between Lync 2013 VS Lync Basic, here a very good article from Doug Deitterick’s Blog and Client Comparison @ Microsoft TechNet

Lync Conference 2013 – Day 1

Yesterday was A very meaningful day for all Lync folks – the Lync Conference 2013 @ San Diego, the one and very first Lync Conference since it reached its GA. And my presence here for the past 24 hours, things are getting pretty very exciting: close to 1,000 attendees which consists of partners such as Platronics, Jabra, AudioCodes, Sonus, HP, Aspects, partners, customers and MVPs all around the world from all around the world came together to witness the new era of Real Time Communication!

Here’s a few key highlight on the sessions that I’ve attended throughout the day:

KEYNOTE
If I ought to describe using a single word: LEGENDARY! The keynote was started by Giovanni Mezgav, the General Manager for Lync, followed by Tony Bates to share how the communication has change the world, how ideas are exchange digitally and how it has benefit individuals and businesses across the globe.

The session was been brought to the next climax, with Lync demonstration by Derek Burney: from the native Workstations running on the latest Windows 8 and Mac Book, to smart phones running on Windows Phone 8, Android and iPhone, and to tablets! Microsoft Surface and iPad. The workload demonstrated, is not just the mere Instant Message, but the long waited Lync Mobile 2013, where the click to join meeting function, with full capabilities of voice, audio & even sharing of presentation decks! Lastly, the showcase on Lync and Skype federation before passing back to Tony to wrap up the session.

COMMON QUESTIONS & CONCERNS ON LYNC VOICE
After a quick break, I’ve attended a session about Common Questions & Concerns about Lync Voice hosted by Aamer Kalem. The room was full by the time I got in and it was an interesting session where he cleared the air of the audience which are still in doubt of Lync in its Enterprise Voice capability. During this session, Aamer had shared a very good statement about voice Voice is not PBX, Dial tone is PBX – which means that Lync is a PBX that supports the most native dial tone technology in order to transmits voice!

STARTING WITH LYNC CUSTOM APPLICATION: WHERE TO BEGIN
At the next session on building custom apps on Lync, the speakers – Albert Kooiman & Marty Parker had shared the 7 steps of identifying the gaps in business and patching those missing puzzles using Communication.

LYNC NETWORK DIAGNOSTIC
To end the day, a track about Lync Network Diagnostic was a fantastic session where a new Lync API that trace and identify network losses throughout the network (e.g. Routers, switches, Access Points & etc). Compared to the traditional Monitoring, it only provides an overview that of a session that might be broken or loss but doesn’t specifies the root caused. The API is still under development and currently 2 partners are undergoing the TAP program: NetSocket & Aruba. The partners are ran a quick demo by showing a loss of a call, where the log is capable of tracing down to the network device and equipment that causes the call to be dropped. Aruba has even demonstrated that its network wireless controller is capable of running the QoS by load balancing the workloads, which simply separating video and/or voice calls to different access point, which is controlled by the Wireless Controller.

KEY TAKE AWAY

1. Skype as a consumer application would be able federate with Lync which will be offically announced soon.
2. Lync Mobile 2013 will be officially available at the Microsoft Store this Friday (22nd Feb 2013)
3. Lync Mobile 2013 supports VoIP, Audio & Video all via a single button away!
4. The environment challenges and feedbacks from customers have pushed Microsoft to further develop tools that allows in depth network data to be gathered and analyze.
5. Lync & business applications works great together to achieve greater unified communication and collaboration

Tips & Tricks when Installing Lync Server 2013 on Windows Server 2012

I notice there’re plenty of published articles available on the Internet when it comes to the basic deployment of Lync Server 2013. However, in my recent attempt to install Lync Server 2013 on Windows Server 2012, I suppose another article to support those deployment maybe useful during the preparation stage.

Preparing the Back-end Server running on SQL Server 2012

As there isn’t much of information when it comes to installing the Back-end Database Server in Lync Server 2013. The installation is basically pretty straight forward – just following the wizard and you’ll get there I won’t be covering the details about the installation but I’ll share some of the ‘incidents’ that I’ve encountered during the installation of it.

SQL Server 2012 basically requires .NET Framework 3.5, so if this option has not been selected, the system will indicate that the component is missing and basically terminates the installation – after the running through the entire installation wizard. When attempting to install the .NET Framework 3.5 via the Server Manager, you’ll like received an error if the system that you intend to install is not connected to the Internet:

Therefore, the easiest way to get .NET Framework 3.5 installed is to use mount the Windows Server 2012 installation CD/DVD and execute the following command with PowerShell:

Install-WindowsFeature –name NET-Framework-Core –source D:\sources\sxs

Preparing the Front-End Server

Though TechNet provides a very good guidance on preparing the Lync Server roles at this chapter on Additional Software Requirements. Some of the components are not emphasized for Windows Server 2012 which may be easily missed out. If you’ve encounter the similar error as below:

Make sure you’ve the following components Enabled & Installed from the Server Manager:

• Windows Identity Foundation 3.5
• Media Foundation
• HTTP Activation, this can be located under .NET Framework 4.5 Features > WCF Services

The rest of the components and dependencies will be automatically added upon selecting the components.

I’ll try to add more contents along the way…

 

File Store Sharing & NTFS Permission on Lync Server 2013

In one of my recent encounter during the Lync 2013 TAP deployments, changes that has been made from the Topology Builder doesn’t seem to be replicating to the rest of the server roles – I had two (2) Front-End Pool servers & one (1) Access Edge. From the event logs, it seems that the CMS was having issues in accessing the File Store to retrieve the changes that has been made. It seems that the sharing & NTFS permission somehow got ‘broken’

Therefore, I’m documenting the changes of the File Store from the moment it has been created and accessed during the installation of Lync Server 2013:

First of all, ensure that the File Store has been shared:

Under the Advance Sharing, ensure the at least the following accounts has been granted for the provisioning of File Store. Of course, make sure the account that you intend to carry out the deployment of Lync has been included within the Domain Admins Security Group.

Under the NTFS Permission, grant the Domain Admins group with Full Control access:

Upon publishing the Topology Builder, access back the Properties of the File Store and notice that the additional Permission for Lync has been automatically added with Read & Change rights assigned to the File Store folder

• RTCHSUniversalServices
• RTComponentUniverisalServices
• RTCUniversalServerAdmins
• RTCUniversalConfigReplicator

The NTFS Security permissions remains the same and no modifications are required

Hope this information maybe useful for those whom encountered the same problem as I’d

Unable to Federate after changing the FQDN of Lync Access Edge

After bearing a very unique Access Edge FQDN since Office Communications Server 2007/R2, I’ve decide to standard the FQDN to the “standard industry practice”, which resulted that my Federation & PIC can no longer work. All federation contacts was showing Updating at the first few seconds before turning into Presence Unknown

During the incident, remote access from the external side (Internet) was working well as all my organization users were still able to get connected and make sure of all workloads that is being deployed (Online Meeting, Voice, Content Sharing & etc.) When running the OCS Test Connectivity Tool all results shows as the Big Green Checkmark (my favorite ) but the federation still doesn’t show up.

After digging up and down for almost an hour, discovered that there was an Event Error logged from the Access Edge:

The certificate received from the remote server was issued by an untrusted certificate authority. Because of this, none of the data contained in the certificate can be validated. The SSL connection request has failed. The attached data contains the server certificate.

When running the Lync Logging Tool from the Access Edge Server, an error was captured

Federation-Lync-Logging

In the trace, it seems that the other party had been rejecting the federation request from my end. Resolution to this was I’d to check my FQDNs and SRV…..and guess what I’ve found out: my DNS provider had forgot to update the Autodiscover SRV to the latest FQDN which I’d inform.

A Lync (ring) away solved the issue after restarting the Access Edge Service by issuing a Stop-CSWindowsService & Start-CSWindowsService. I sign-out and sign-in back to my Lync Communicator and all of the federated contact starts to shows its correct Presence!

Unable to Expand Distribution Groups

**Just notice that I’d an unpublish post (was saved under draft for some reason) and I’m now officially republishing it.

On a recent deployment, a customer of mine had file a complaint that they were not able to expand the distribution group within the Lync Client. So when I search through the distribution groups within the Active Directory, the object does exist; from Exchange, the emails are distributed correctly.

So I decided to look it from the Lync Server; from the Event Viewer, an event was logged:

An unhandled exception was encountered in Service service.

Exception Details. System.Exception: Multiple enteries found for Group@domain.com at Microsoft.LiveServer.ThrowSoapFault(Exception.E) at Microsoft.LiveServer.DLExpansion.Service.QueryADGetDistributionListInfo(string mail, DirectorySearcherdSearcher) ….

With this information, I did a quick search on the same SMTP address that notice that another ‘group’ existing with the same SMTP address – it was actually the Security Group that causes the conflict when searching for the distribution group. Resolution to this was to modify the SMTP addresses at the Security Group and restart the Front-End Service.

I’d to make sure that the Address Book Service rebuilds the correct information and the users were able to download the latest update – with that, the mystery has been solved. *Whew*

Considerations When Upgrading/Migrating from OCS 2007 R2 to Lync Server 2010/2013 [Updated 14/10/2012]

Had recently ran an upgrade from OCS 2007 R2 to Lync Server 2013 Technical Preview and stumble into a couple of ‘problems’. With these experience, I hope that it can be useful to those whom are undergoing the same activity as well:

1. Make a FULL backup on the existing infrastructure – Active Directory, System State, SQL, OCS 2007 R2 and etc.
2. Update the existing OCS 2007 R2 or Lync Server 2010 with the latest Cumulative Updates
3. On the base operating system that would be installed with Lync Server 2013, make sure you install all updates as well
4. If the OCS 2007 R2 is integrated with Voice Mail features from Exchange 2010 (I’ve not tested on Exchange 2007 so far), make sure the platform is on the latest Service Pack 2 with its Cumulative updates as well
5. Next clean-up any settings that is not used/not optimized at OCS 2007 R2 before running the merge topology
6. Once confirm that these changes has no impact to the enviroment, then only proceed with the migration/upgrade that you intended to.

Here’re a errors and resolutions during the process of upgrading:

Problem 1: Error Merging OCS 2007 R2 Topology

Under OCS 2007 R2 Console, enter the Global Configurations (Right Click Forest > Global Properties > General). Make sure the SIP domains that you’ve entered matches the ones at Lync Server 2010/2013. If not, remove them from OCS 2007 R2 or add those SIP domains into the Lync Server 2010/2013 via the topology builder.

Problem 2: Failure [0xC3EC79F2] Mediation server cannot be deactivated as it is being referenced by one or more phone routes.

Resolution: If you’ve imported/migrated all of the call routes previously, make sure that you’ve also a backup copy of the .RTDA file which can be exported using the Enterprise Route Helper. Delete all routes and proceed to deactivate the mediation Server and the process should be successful.

Problem 3: Failure [0xC3EC7A3E] There are still conference directories associated with this pool when attempting to remove pool. Please move the conferences before removing the pool.

And if you’ve used the Force option, you’ll get an error while publishing the updated copy via Topology Builder:

Error: An error occurred: “System.InvalidOperationException” “Cannot publish topology changes. Conferences still exist on one or more deleted services.”

Resolution: Delete the Conferencing Directory from the Lync Server 2013 PowerShell cmdlet, to do so, launch the Lync Management Shell and type the followings:

Locate the Conferencing Directory ID (in numeric number) that is hosted in the OCS 2007 R2 Pool Server:

> Get-CSConferenceDirectory

After identifying the number, execute the following command:

>Remove-CSConferenceDirectory -identity #

Problem 4: Deactivating & Clean-up the Front-End Pool in Sequence

Note: Saved the Front-end Server for the last!!

1. A/V Conferencing Server
2. Web Conferencing Server
3. Web Components Server
4. Application Sharing Server
5. Response Group Service
6. Conferencing Attendant
7. Conferencing Announcement Service
8. Outside Voice Control
9. Application Host

If you decide to go against the ‘flow’ you’ll received an error message:

Failure [0xC3EC7A2E] There are still applications activated for this Office Communications Server 2007 R2, Application Host. Use LcsCmd.exe with /force switch to force task execution.

My recommendations: Please follow the sequence as suggested.

Problem 5: Unable to make remote PSTN calls due to dedicated Network for Voice (Mediation <-> Media Gateway)

To give a better clarity to the problem stated above, here’s my recent experience:

Site A

• Subnet 192.168.0.1/24
• Lync Servers and Media Gateways are residing at the same network subnet
• Site-to-Site VPN with Site B, allowing 192.168.1.x/24 traffic to route to this local site

Site B

• Network Subnet of 192.168.1.x/24
• Lync Servers are residing on the 192.168.1.x network while the second Network Interface of the Mediation and Media Gateway is residing on a seperate network – 10.0.0.x/24
• Site-to-Site VPN with Site A, allowing 192.168.0.x/24 traffic to route to the local site

After transiting to Lync Server 2013, both sites were only able to make local outbound PSTN but not cross sites. After investigating, I realized that the whenever Site B attempts to make a cross site outbound PSTN call, the network trace shows that the 10.0.0.x/24 segment wasn’t able to reach to the 192.168.0.x/24 network segment and eventually receives a request timeout. Resolution to this was Site B’s Media Gateway segment had to move into the same subnet as the rest of the Lync Servers which is 192.168.1.x/24 segment.

During the Office Communications Server 2007 R2 days, it is recommended to have the Voice Network (http://technet.microsoft.com/en-us/library/dd441140(v=office.13).aspx) and Mediation Servers are the first point of contact should a PSTN call is required. The importance of having this consideration in mind is if you’re infrastructure is spread across different counteries and each country has 1 Mediation and 1 Media Gateway. When switching to Lync Server 2013, you if intend to take advantage on Media Bypass you may want to move the Media Gateway to the same network subnet where the Lync Servers are placed, another main reason to do this is to ensure the Media Gateway network routing between different sites can be successful.

PS: I’ll keep building this list as my notes all went missing after upgrading to Office 2013 Technical Preview