Step-by-step Microsoft Lync 2010 Consolidated Standard Server Install Guide
As many of you may well know the long awaited public release candidate RTM of Microsoft Lync 2010 (previously Communications Server ‘14’) is now available for download. This major new release offers a radical difference to the previous architecture and unlike its predecessors (Communications Server 2007 R1/2 and to a certain degree Live Communications Server 2005) offers a streamlined and consolidated deployment, great for smaller scale implementations which are not overly abundant to date.
This guide (update: video version now available here) will run through a consolidated standard edition install (without voice gateway integration, I’ll try and come back to this later), whereby all roles will be deployed on a single virtual machine except monitoring, archiving and edge roles – yes this is a supported scenario!
So first off I’ll run you through some high-level preparation steps/assumptions:
- I’ve already installed a fresh copy of Windows 2008 R2 Standard on a Hyper-V 2008 R2 host, as this is a lab install I have only allocated 2gb of VM RAM (not supported in production) and a 72gb VM fixed disk (single partition) – strangely during the install should you choose to install on a secondary partition i.e. D: rather than C: most of the program files and database(s) end up on C:
- Apply all Windows Updates, probably goes without saying, right?
- Add to your domain (the installation will fail when attempting to deploy on a DC – see comments below) and login as domain admin or equivalent
- Within this guide I have Active Directory Certificate Services deployed for certificate generation
- Now the prerequisites (based upon a Windows 2008 R2 install, 2008 x64 is supported, but unless your organisation has licensing constraints I would strongly recommend you go down the R2 route)
- Add RSAT (only AD DS and AD LDS Tools are required) from within features in Server Manager (used for performing remote schema updates etc.) this will also prompt you to add the .NET Framework 3.5 feature, you must accept this
- Add IIS, this is made easier by running this command line:
ServerManagerCmd.exe -Install Web-Server Web-Http-Redirect Web-Scripting-Tools Web-Windows-Auth Web-Client-Auth Web-Asp-Net Web-Log-Libraries Web-Http-Tracing Web-Basic-Auth
- Finally, install Silverlight from here (required to execute the Lync Server UI or Lync Server Control Panel)
Once this is done you should be good to follow the installer from here on in!
Upon inserting (or mounting) your Lync RC ISO Internet Explorer will present the following options (left is server and right the client x32/x64 editions included).
The first thing you’ll see upon execution is a prompt asking you to install Microsoft Visual C++ 2008 Redistributable, click yes to install.
A few minutes later the following dialogue will appear. Given my single partition setup, I choose to accept the default installation directory.
Now you will be presented with a familiar looking wizard that will guide you through the install process. In my case I have already completed the Active Directory preparation steps and provided you are logged in with a Domain Admin or equivalent account and your AD is in good shape this should complete without a hitch (it did in my case!). As per the installation steps, once this is completed add your chosen admin account to the newly created CSAdministrator group.
Head back to the main deployment wizard screen and select the option to Prepare first Standard Edition Server (top right hand option). This will install a copy of SQL 2008 Express, Lync Server core installation files and create an RTC database – let this take its course and once complete you’ll be presented with the following dialogue.
Next install the Topology Builder via the main deployment screen, when this completes you gain a green tick to signify a successful install. Now the fun stuff, we need to define our topology by launching the topology builder via the start menu, as explained earlier Lync offers a difference in architecture to OCS 2007 and the Central Management Store (CMS) is no exception. The CMS is a SQL database where you publish your chosen topology, this takes away the dependency for Lync to require the AD for configuration purposes and is required to complete the installation.
Upon launching the Topology Builder we are presented with three options, choose New Topology (see below).
A dialogue will ask you to choose a save file/location, I’m going to accept the default location and call the file MyTopology.tbxml. Next you are asked for your primary SIP domain, I’ll be using my test AD domain for this Jacobs.local (see below).
You may notice that should you choose to input anything with invalid formatting, you’ll be asked to correct the problem and a RED square box will identify the bad string. Click next, I didn’t choose to add any additional SIP domains. Next give your site a name, I’ll use MyLab (see below).
Next site details, mine are below.
And with this completed you are prompted to open the New Front End Wizard, leave this checked. Here you’ll need to define the New Front End pool.
First of all we need to input the pool’s FQDN, in my case it will be lync.jacobs.local (Lync is the name of my server). I’ll also be opting for the Standard Edition Server Topology (they’ll be no high availability and an additional SQL Express instance, this will host the user and application store and will be installed automatically upon publishing the policy).
We are now going to select the features required and therefore destined to be collocated, I’ll be installing Conferencing (without Dial-in, I’m not going for PSTN voice integration for this lab setup), Enterprise Voice and Call Admission Control.
I’ll choose to collocate the Mediation Server (it will be redundant for now, given my choice to hang fire on voice integration).
Given my single server approach and lack of any need to archive, monitor or federate within my lab, I’ll choose to not select any additional server roles within the next screen.
I don’t need to define my SQL store as my Standard Edition will perform the SQL Express installation automatically.
Now we’ll need to create a file share, create it locally and ensure the account you are currently using to run the topology builder has read/write access to this folder. I’ll call my folder and share name “LyncShare”.
The next screen will ask you for an external URL, if you have a public facing FQDN for this server, it goes here. On the next screen (specify PSTN gateways, click finish, if you, like me are not configuring PSTN integration). You will now be taken back to the main topology builder screen, where you can view a detailed summary of your chosen setup. Click edit properties on the top right (below New Central Site) as you will need to add a few final tweaks.
First, you need to add an administrative URL, in my case https://admin.jacobs.local and select the front end server to install your CMS on (all things being equal you should have one option here, your previously specified pool FQDN).
You are all set to publish your topology! To do so select this option from the right hand side of the main topology builder screen.
If you followed the guide correctly validation should succeed, click next on the publish topology wizard.
Accept the front end pool default by clicking next.
Next the Central Management Store is created. When the wizard completes a text based to-do list can be presented with remaining tasks, you’ll need to create three DNS A records for the simple URLs specified – these should be directed to the IP address of your Lync Server (I won’t cover this). I will cover the final install step – the server components install.
To finish your server installation you need to head back to the Lync Server Deployment Wizard, now accessible via the start menu. Choose Install or Update Lync Server System to continue.
Choose step 1 to install a local CMS and choose the option to retrieve directly from the CMS.
Upon completion, click finish.
Choose step 2 to install Lync Server Components.
You may be asked to restart, should this occur click finish and manually restart your server. After logging back in re-execute the deployment wizard and click step 2 from within Install or Update Lync Server System for the second time, it will automatically resume from where it left off. With this complete, click finish.
Step 3 is where certificates are requested and assigned to the server and both internal/external web services. Click request (see below).
The following dialogue will be presented, choose to send the request immediately to an online certificate authority (this will submit via AD Certificate Services).
Select your local CA via the detected server list, click next until you see the option to specify a friendly name, I’ll use Lync.
Choose friendly organisation names, country, state/city and click next. You now need to configure and accept subject alternate names (SAN) – this is where a single certificate can handle multiple common names or domain names. In my case I’ll accept my locally configured SIP domain. You can add additional names where you have a public facing FQDN, click finish to execute certificate commands. The assign the requested certificates (see below).
Upon completion the following screen will be presented.
Gentlemen start your services, or just click step 4! If you want to verify everything went A okay there is an option to launch services.msc. Looking good!
Let’s launch the Lync Server Control Panel via the start menu and enable a test user, provided you installed Silverlight and you’re A records resolve – in my case, admin.jacobs.local you should be asked to authenticate with your CSAdministrator admin details.
Within top actions enable a user for Lync Server. (see below)
Finally you will need to create a SRV DNS record for your new Lync Server, without this your Lync client will be unable to locate the server location. To create, access your DNS manager and right click the Forward Lookup Zone for your SIP FQDN. Then click other new records and Service Location (SRV), complete using your own server settings as per the illustration below.
All things being equal you should now be able to install and login with your Lync client by using the corresponding sign-in address, give yourself a pat on the back!
Very nice, and timely, thanks. Was wondering how low I could go w/RAM on a VM.
Strangely enough, when it get to the Prerequisite it failed with “Prerequisiteinstallation failed: SqlExpressRTC”.
Forgot to mention that I’m running on W2k8R2 and trying to install the Standard Server version.
Hi Michael,
Explain to me your steps to-date, I’ll try to shed some light on this.
Adam
I have the same issue as Michael, I stepped through all the prereqs then I get the sqlExpress error. I’ve installed on a DC and didn’t touch any local admin membership or anything. Running the installer as administrator acc.
Can you paste the error log. Also have you got a local Firewall enabled?
I am also having same issue while running Prepare single satndard edition server
Checking prerequisite SqlExpressRtc…installing…failure code -2068578304 , tried restarting and running command manual still saame error
Same question as above, can you send full logging information.
Ta
FYI – installation logs are located within temp directory (for the user executing the installation). To access this directly type %temp% via start -> run
Thanks for the guide.
Looking forward for the PSTN gateway integration part.
I am hitting the same problem also, here is my SQL setup logfile:-
09/15/2010 14:06:37.527 ======================================================================
09/15/2010 14:06:37.589 Setup launched
09/15/2010 14:06:37.652 Attempting to determine media source
09/15/2010 14:06:37.699 Media source value not specified on command line argument.
09/15/2010 14:06:37.761 Setup is launched from media directly so default the value to the current folder.
09/15/2010 14:06:37.808 Media source: c:\9c0bf6fcbedf8d105d414c109d\
09/15/2010 14:06:37.870 Attempt to determine media layout based on file ‘c:\9c0bf6fcbedf8d105d414c109d\mediainfo.xml’.
09/15/2010 14:06:38.480 Media layout is detected as: Core
09/15/2010 14:06:38.527 Media LCID is detected as: 1033
09/15/2010 14:06:38.574 Media is a slipstream package
09/15/2010 14:06:38.652 Only patch related actions can run patch setup.exe, so continuing to run setup.exe from media.
09/15/2010 14:06:38.699 Current running setup.exe full path: c:\9c0bf6fcbedf8d105d414c109d\setup.exe
09/15/2010 14:06:38.745 Media setup.exe file version detected: 2007.100.2531.23
09/15/2010 14:06:38.777 Locally installed setup.exe full path: c:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Release\setup.exe
09/15/2010 14:06:38.870 Local setup.exe file version detected: 2007.100.2531.23
09/15/2010 14:06:38.902 Local setup.exe version 2007.100.2531.23 is equal or greater than media version 2007.100.2531.23, so re-launching setup.exe from local
09/15/2010 14:06:38.949 Media source: c:\9c0bf6fcbedf8d105d414c109d\
09/15/2010 14:06:38.980 Install media path: c:\9c0bf6fcbedf8d105d414c109d\x64\setup\
09/15/2010 14:06:39.027 Media layout: Core
09/15/2010 14:06:39.058 Attempting to get execution timestamp
09/15/2010 14:06:39.105 Timestamp: 20100915_140637
09/15/2010 14:06:39.136 Attempting to launch local setup.exe
09/15/2010 14:06:39.183 Attempting to launch process c:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Release\setup.exe
09/15/2010 14:09:47.917 Process returned exit code: 0x84B40000
09/15/2010 14:09:48.089 Local setup.exe returned exit code: 0x84B40000
09/15/2010 14:09:48.167 Setup closed with exit code: 0x84C40013
09/15/2010 14:09:48.199 ======================================================================
Question, are you installing this directly from the installation media or mounted ISO? In my case I mounted the ISO within Hyper-V and executed the install via the corresponding VM CD-ROM drive.
An error of this nature points towards a missing setup file, which could be due to extracting the ISO locally perhaps?
Sorry one last question to the folks having issues, are you instaling this directly upon a domain controller?
I am using VMware ESX server and have mounted the ISO rather than extract it. I am trying to install on the domain controller.
Thanks,
Si
This could well be the problem, from what I understand there are issues installing an unattended version of SQL 2008 Express on a DC – can you try to create a 2008 R2 member server and let me know how that goes?
That did the trick, I had to install Lync Server on a member server.
Thanks.
No worries, thanks for letting me/us know!
UC, I’m trying to install LS on a DC under Hyper-V with the ISO mounted. I might try what you suggested and get back to you.
Question – what happen if you install the Express manually? Will this work?
Hey,
When I publish Topology I get this error:
The existing topology (what existing topology I ask!) identifies stglyncfe\rtc as the central management store, but the topology that you are trying to publish indentifies stglyncfe.stg.local\rtc as the central management store. The central management stores must match before the topology can be published.
Thing is I have no idea where stglyncfe\rtc has been set as the store. I thought it had to be the FQDN and that has been what I am using every time I am asked.
If I use just the machine name stglyncfe in the topology builder I can publish the topology successfully. However after running Install Lync Server Components get the following lines at the bottom of the log:
no databases discovered, skipping install-CsDatabase
no roles discovered, skipping install-CsComputer
I assume this is because the FQDN I have set in topology builder of stglyncfe does not match the FQDN of the machine stglyncfe.stg.local so therefore the installer thinks that no components are require to be installed on the machine.
Any ideas people? This is getting frustrating!
Thanks!!
Andrew
Hi Andrew,
Is this the first time you have installed Lync RC or CS’14’ betas? There may be a previous configuration store location configured within AD. Alternatively there is an inconsistency in your server or pool FQDNs. To remove a previously configured store location run the following command within the Lync Management Shell “Remove-CsConfigurationStoreLocation”
Let me know how you get on.
Adam
@Michael
Just to be sure I understand, is your Hyper-V host a DC or is your Hyper-V guest which you are performing the installation within a DC?
Adam
Excellent got it up and running and also added an edge server for remote IM and Federation. Works a treat. Only question I have is whats happened to meet now – live meeting?
Thanks for the great article
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=1772a5ad-9688-4861-8387-ec30411bf455&displayLang=en#QuickDetails
Microsoft Lync 2010 Attendee (RC) – Admin Level Install
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=68A3CA04-A058-4E47-98EA-9E9AF7EBD6E3
Microsoft Lync 2010 Attendee (RC) – User Level Install – for users who dont have lync 2010 installed
thanks! this helps a lot.
@Ken
my test vm lab is: a WIN 2K3 VM as DC, WIN 2K8 R2 STD to install LS 2010, going to install exchange tmr.
when I try to enable a user for LS, seems it must have a exchange installed? even for simple test?
thanks.
When I try to publish the topology I receive this error.
Error: An error occurred: “System.UnauthorizedAccessException” “Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))”
Any Ideas?
@spence
I found the problem for this error. The computer name was wrong… oops….
My guest is the DC and the host is just a standalone server running Hyper-V.
You don’t have to have exchange installed (I’m going on OCS 2007). Just select the sip on proxyaddress.
Anybody any idea why I would get a this error while publishing a topology:
Error: An error occurred: “System.UnauthorizedAccessException” “Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))”
And the event viewer shows:
SSPI handshake failed with error code 0x8009030c while establishing a connection with integrated security; the connection has been closed. [CLIENT:
Actually found out why: I should have used the server FQDN for the CMS server setting in the Topology Builder, not the DNS alias.
Hi Michael,
As stated within the guide, a DC installation is not supported and is the root cause for your error.
– Adam
I installed Lync2010 today and am having an issue adding me as a user. I can find myself as a legacy user that is enabled but cannot assign myself to a pool or get the lync client to connect.
Are there any instructions when doing a side-by-side install with ocs 2007 r2. When I run forest prep it finds the existing rtc groups and fails. This is a single forest/domain install. Any help is appreciated.
I figured out the issue with adding me as a user. I am now a user for Lync and remvoed my legacy settings.
The issue now is that the clinet will not conenct. It says there is a problem withthe sevrer. If I change the connection from automatic to the IP then it comes back with a certificate error.
I am trying to install Lync Server on a member server and I am also having same issue while running Prepare single satndard edition server
Checking prerequisite SqlExpressRtc…installing…failure code -2068578304 , tried restarting and running command manual still saame error
Thanks Adam. I got it working now on a member server. It make sense that it cannot run on a DC.
Thanks again.
I changed from automatic to the server name and it works. Any thoughts on why auto wont work? I checked DNS and everything looks good.
This is nice, thank you. Do you have any info on how to connect a standard SIP phone to Lync 2010? (Siemens Gigaset IP phone, NOKIA mobile phone with SIP)
Hi Marcus.
So far as I am aware OCS & Lync will only allow integration with certified devices (with the exception of the SNOM 300 (basic functionality and an update is required), whilst the underlying protocol for voice transport is SIP, additional messaging is transported i.e. presence etc. Of course you can use third party translation (Google will asist here). The other choice is to put a soft PBX in-line as your gateway – i.e. Asterisk, remember RCC is still a supported scenario with Lync – although Asterisk isn’t an approved gateway/PBX.
– Adam
Hi Adam,
That was what I was afraid of, so the talk about Lync 2010 totally replacing an existing IP-PBX is not true, if you don’t want to invest in 500$ ip phones for everybody of course. It would be nice to be able to use the ones you already have. Maybe in the next version.
Error: An error occurred: “System.UnauthorizedAccessException” “Access is denied. (Exception from HRESULT: 0×80070005 (E_ACCESSDENIED))”
I had the same error :
We need to use the Name of the server which is registered in Active directory.
Using a DNS name does not work.
Great Article! I was wondering if you could point me to any Microsoft documentation regarding the supportability for the database server specficications for Lync? We would like to do an Enterprise consolidated deployment and wondered if a dedicated SQL instances is still a requirement for Lync as it is in OCS 2007 R2? Would any Step by Step article exists for an Enterprise deployment? Any help would be appreciated.
Thank You
Hi, Adam:
What are the migration requirements for Lync? Can we come side-by-side from LCS 2005 like we can to OCS 2007, or do we need to step through OCS 2007 to Lync 2010?
I followed to the T..but when i get to the step 3 installing certificates…its grayed out..and below it says Not Available: Local machine not present in local configuration store…anyhone have any ideas?
Hi, thanks so much for this. i just want to ask a few questions on how i am going to go about merging the Lync with an existing OCS 2007 R2 setup. My lab environment already has an existing Active Directory running on a Windows 2008 R2 Server. Exchange 2010 running. OCS 2007 R2 running on Windows 2008 SP2. My current OCS does beyond IM, Audio/Video conferencing, telephony integration Exchange 2010 UM and with some VOIP phones (SNOM phones to be precise). So i could do my voice mail, play on phone and also call extensions of users in my dial plan. After reading your blog, i installed Lync 2010 into the same environment. Installation completed pretty well and i now at the point of merging the OCS 2007 R2 with it and still hope to do all my stuff. Please can you shed some light on how i can achieve this.
@Mike T
From what I can tell side-by-side migrations are recommended/supported and the upgrade path is OCS 2007 R1/R2 to Lync 2010.
@Adam
Have you deployed an enterprise CA within your domain?
@Jummiet
Have you taken a look at the merge functionality within the topology builder? (a good starting point)
I am unable to do a search in the directory for users to enable. anyone else strike this problem. Its a member server and I am logged in with RTCUseradmins, RTCServer admin and domain admins groups priv.
Hello All,
question for you. My setup ran smoothly. One one problem when I try to connect to the Lync Server Management console I get an access denied even though I added the current user to CSAdministrator group. Any idea?
Thanks in advance
@Joe
Try initiating the step via “Top Actions” -> Enable users for Lync Server. In my own experience this process is slightly misleading.
Adam
@Giuseppe
Is your domain correct, is the account a member of CSUserAdministrator, CSServerAdministrator & CSAdministrator?
– Adam
Hello Adam,
yes domain correct and the account is member of the groups you highlighted. The only difference is tha FQDN of pool is different from FQDN of the server in which it is installed…As a matter of fact when I try to start Lync Server control panel the authentication pop up asks me do you want to connect to FQDN of pool? 🙁
Any idea?
Thank you in advance
giuseppe
THANK YOU for this post – helpful!!
Any recommendations on getting RCC to work with Lync? I had RCC working with OCS 2007. I can give more details if desired.
Hello. And great article.
Does Lync support Wildcard certificates ?
Or do we have to use multiple SAN og multiple certificates?
@Tommy Evensen
Hi Tommy, thanks for the positive feedback! I’m not aware of any wildcard SSL support at this time, but I can say that SAN is the recommended route for public/private certificate provision.
Whilst wildcard certs are cheaper, they are commonly considered as a compromise in security (if one sub domain is breached then then a complete cert revoke is necessary). My recommendation would be to find a widely accepted CA with competitive SAN rates.
Adam
My installation failed at Install Local Configuration Store. Error message:
Error returned while installing OcsCore.msi(Feature_LocalMgmtStore), code 1603.
What could be wrong?
Great article, followed it through and now all set up, thanks for taking the time to put this together.
I am using a wild card cert for my lync server. I had to regenerate the key after creating the request on the lync server. Once I did this it is working fine. Very much appreciate the article.
PK
@Shawn
Is SQL running, check the service is started
hey adam, nice article, i have follwoed this and a few other guides and am pretty close, but keep getting denied upon login, exact error from client is:
Lync was unable to sign in, please verify your credentials.
This is the SIP trace log: (well an exerpt) it’s pretty long..
“TL_WARN(TF_COMPONENT) [0]0908.1170::10/27/2010-15:45:48.017.000001d0 (SIPStack,SIPRouterInbound::ResumeInternal:SIPRouterInbound.h(258))( 2653693274 )( 0000000005B3F698 ) Exit – delete router on error 0xC3E93D81(SIPPROXY_E_AUTHENTICATION_LEG)
TL_ERROR(TF_SECURITY) [0]0908.1BE8::10/27/2010-15:45:48.047.000001d1 (SIPStack,SIPAdminLog::WriteSecurityEvent:SIPAdminLog.cpp(424))$$begin_record
LogType: security
Text: Failed to validate user credentials
Result-Code: 0x8009030e
SIP-Start-Line: REGISTER sip:ashridge.local SIP/2.0
SIP-Call-ID: 33cbe9aabe794c7e8d9283076976d84e
SIP-CSeq: 2 REGISTER
I also see this alot:
Result-Code: 0xc3e93ec3 SIP_E_AUTH_UNAUTHORIZED
TL_WARN(TF_COMPONENT) [0]0908.10B8::10/27/2010-15:42:30.727.00000195 (SIPStack,SIPRouterInbound::ResumeInternal:SIPRouterInbound.h(258))( 3533484508 )( 0000000005B406A8 ) Exit – delete router on error 0xC3E93D81(SIPPROXY_E_AUTHENTICATION_LEG)
I’m assuming it’s moaning about the proxy but not sure what it doesn’t like, Do you have any ideas?
Setup:
server 2008 r2
Lync standard ed, 1 server, no directors or monitoring or edge/reverse proxy servers
isa 2006
standard dc issued cert
no errors in setup
G
@gareth
Is your client machine a domain member? Is it using AD DNS servers? Have you completed the DNS entry step within the guide?
great job to see this walkthrough step by step with images, will be grat to see the same kind of nice job for an Enterprise topology using SQL server
Great article and everything working fine except for remote users. They can use IM and see contacts etc but voice will not work
I have opend all ports on the external Ip and forwarded to the server but it still wont work.
Any ideas
I am unable to add any users. It fails with an Active Directory operation failed on “DC Name”. You cannot retry this operation: “Insufficient access rights to perform this operation.
I am logged in as a domain admin and have tried adding myself and a regular user. Not sure what to check…
Thanks
I was able to get the message to go away by enabling Inherit from Parent within the AD advanced security properties. Unfortunately several minutes later, my user disappeared from link and now it will read every other user except me. Not sure what happened..
@Peter
Have you followed this MS documention for Edge deployment? http://technet.microsoft.com/en-us/library/gg413051.aspx
I have successfully installed system Lync2010. But when Login Lync server Control panel by user administrator domain. and getting error as below
Unauthorized: Access is denied due to a role-based access control (RBAC) authorization failure.
You do not have permission to view this application using the credentials that you provided.
Contact your support team to add your account into appropriate security group (s) for Lync Server administrators. Wait until the new role assignments take effect, and then try again.
Why donot administrator domain login?
Thanks
Thanks Adam, I have set remote access etc but i dont think i understand the setup.
Do i have to setup a separate EDGE server or can I use the server that I setup Lync on. Is edge server a different product?
Kid regards
Peter
@Adam [I’m a UC Blog]
@Peter
Hi Peter, I’d recommend you deploy an edge server, yes. Before you do anything install the Lync planning tool, using this very straight forward application you can input your site topology and a supported Lync landscape will be designed – you can even use the resultant xml to kick start the setup within the Lync topology builder!
@Tuan. Bui Cong
Is your admin account a member of the CSAdministrator group?
thank you for your efforts but actually iam facing problem when start publish topology and the error is :
Error: Script failed (code “ERROR_NEED_MAJOR_UPGRADE_USE_IMP_EXP”) when installing “CentralMgmtStore” on “lyncsrvr.lync.com\rtc”.
Running script: C:\Windows\system32\cscript.exe //Nologo “C:\Program Files\Common Files\Microsoft Lync Server 2010\DbSetup\xdssetup.wsf” /dbexists /sqlserver:lyncsrvr.lync.com\rtc /publisheracct:LYNC\RTCUniversalServerAdmins /replicatoracct:LYNC\RTCUniversalConfigReplicator /consumeracct:LYNC\RTCUniversalReadOnlyAdmins /role:master /verbose
—————
Installed SQL Server 2005 Backward Compatibility version is 8.05.2312
Connecting to SQL Server on lyncsrvr.lync.com\rtc
SqlMajorVersion : 10
SqlMinorVersion : 0
SqlBuildNo : 2531
SQL version is acceptable: 10.0.2531.0
Default database data file path is c:\Program Files\Microsoft SQL Server\MSSQL10.RTC\MSSQL\Data
Default database data file path is c:\Program Files\Microsoft SQL Server\MSSQL10.RTC\MSSQL\Data
Default database log file path is c:\Program Files\Microsoft SQL Server\MSSQL10.RTC\MSSQL\Data
Opened database xds
Db schema version is 0
Db sproc version is 0
Database exists, but needs to be installed with /clean.
—————
Exit code: ERROR_DATABASE_REQUIRES_CLEAN (-25)
When running /dbexists, non-zero exit codes are not necessarily errors
—————
Running script: C:\Windows\system32\cscript.exe //Nologo “C:\Program Files\Common Files\Microsoft Lync Server 2010\DbSetup\xdssetup.wsf” /sqlserver:lyncsrvr.lync.com\rtc /publisheracct:LYNC\RTCUniversalServerAdmins /replicatoracct:LYNC\RTCUniversalConfigReplicator /consumeracct:LYNC\RTCUniversalReadOnlyAdmins /dbpath:C:\CsData\CentralMgmtStore\rtc\dbpath /logpath:C:\CsData\CentralMgmtStore\rtc\logpath /role:master /verbose
—————
Installed SQL Server 2005 Backward Compatibility version is 8.05.2312
Connecting to SQL Server on lyncsrvr.lync.com\rtc
SqlMajorVersion : 10
SqlMinorVersion : 0
SqlBuildNo : 2531
SQL version is acceptable: 10.0.2531.0
Opened database xds
Db schema version is 0
Db sproc version is 0
(Major upgrade of database required.)
Due to schema changes this database cannot be re-used. It must be dropped and a new one created.
To preserve data, you must use this product’s backup/export restore/import solution. Examine the product documentation for instructions.
—————
Exit code: ERROR_NEED_MAJOR_UPGRADE_USE_IMP_EXP (-50)
—————
Does this shed any light? http://social.technet.microsoft.com/Forums/en/ocsplanningdeployment/thread/8cb950c4-a34b-41fc-8dd3-bc1ffc49cb08
@Doug
Did you had RCC working with Asterisk?!
I am looking for a good Lync Edge Server test lab scenario….
Setup has run successfully but now I can’t get any users added. When leaving it on search it returns no results when I put in a users name. When I flip it over to LDAP search it kicks back… Active Directory Operation failed on “my domain controller”. You Cannot retry this operation: “The search filer is invalid”
I have seen this occur, it may be related to security settings related to the users you are trying to add…right click the user -> properties -> security -> advanced -> include inheritable permissions from the object’s parent. let me know if this works?
I’m now able to add users, except those that are/were on the LCS2005 server. I do not want to perform a migration since I only have 20 LCS05 users. I just want to remove or clean the AD users of 05 and start new in Lync. Thoughts?
Can you use ADUC and select the ‘Delete Live Communications Users’ action? This should deactivate the user in LCS and delete the database information. It will not remove the AD user object itself. A fellow Lync MVP has made this recommendation here (I wouldn’t want to take credit for this!)
Hi There,
Lync Enterprise deployed successfully, excepted that I am not able to to enable any user to Lync from Lync Control Panel.
While trying to select a user from AD, either from a normal search or LDAP, still nothing presented.
Any help would be really appreciated.
Thank you
Hi,
I am trying host a lync2010 server. I have bought a windows 2008 X64 server on amazon EC2. How do I configure my active directory in this case?
Hi,
I want to use Lync, SharePoint en Exchange together for the company.
My qeustion is what is the best way to do it?
Ty
Hi!
Please follow a recent post here
– Adam
A standard Active Directory implementation will suffice, also include certificate services for pain-free certification generation during the link setup. Be aware that you cannot deploy Lync on a Domain Controller.
– Adam
Hi,
Wow a very broad question – let me ask ask you a question first, what challenges do you forsee? Also are you committed to an on-premise deployment?
– Adam
dear Adam
what is the function of Mediation server and how we can do configuration for Mediation server
The mediation server or service (as this can now be consolidated in Lync) handles VoIP traffic between Lync and a media gateway. Initial configuration is setup within the topology builder and the finer detail such as call routing and trunk information can be carried out within the Lync Control Panel or by using PowerShell. I hope this helps?
I got everthing installed. I was able to connect a few users, but when I try to send an IM message. I am not able to…I get ” could not be found and this message was not delivered:
testing
and I know he is logged in. I logged him in my self.
please advise.
Hi Ankur, out of interest are either lcinet running a personal firewall? If so try disabling…
– Adam
@Adam [I’m a UC Blog]
Adam, both personal firewalls are off. Both are using Windows 7 Ulimate edition. Some machines I also get this error (when connecting) … “there was a problem verifiying certifcate from server”
So, all roles can be consolidated onto one server? From what i read on your site it looks that way, but i wanted to be sure. Thanks
Hi Mitchell, the following roles can be collated:
Back-end database (required)
A/V Conferencing Server
Mediation Server
Monitoring Server
For more information on this subject read this TechNet documentation here
I hope this helps!
– Adam
It helps a ton. Thanks
Getting this while trying to deploy the topology.
Error: An error occurred: “Microsoft.Rtc.Management.Deployment.DeploymentException” “Cannot determine where to install database files because Windows Management Instrumentation on the database server is unavailable from your computer or user account. To continue, you can resolve this issue, or you can specify where you want to install the files.”
Tried using SQL server defaults and it threw errors as well:
Error: An error occurred: “Microsoft.Rtc.Common.Data.SqlConnectionException” “A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: SQL Network Interfaces, error: 26 – Error Locating Server/Instance Specified)”
Any ideas?
Hi Mitchell,
This may be due to an incorrectly set FQDN within the topology builder, is the SQL server set to “server.domain.com”? (obviously substitute the contents within the inverted commas with the name of your Lync server details).
– Adam
@Ankur Desai
Hi Ankur,
Sounds like a cert issues – how are you managing your certificates? If you are using a Windows CA is it trusted? This is usually handled automatically where your client machines are domain members (via group policy)
– Adam
Hi,
Is it possible or supported to use Lync in the Small Business Server 2008 environment? I am wondering if there will be issues with the CSAdministrator being held in the SBSUsers container. I have tried the Lync 2010 Standard install on a separate box but am running into issues with the control panel. The internal website does not start unless I stop the default website the LS-SE box. Then the Lync Internal Website bangs against something and will not run.
Hi Adam,
where can I found the LYNC Client?
best regards
Richard
@Eugene Palmer
OK, I have the control panel working, but cannot get Lync clients to login. If I use automatic login I get a server unavailable, but if I specify the server manually I get a certificate error. DNS is setup and I can ping and nslookup the ls-se server.
This is in the SBS08 Exchange 2007 SP2 environment.
Do any of the Exchange UM settings have anything to do with Lync?
Thanks for any help or insight.
Hi Richard, if you downloaded the trial you need to register to download the Lync client separately – this statement can be found on the Microsoft Lync Eval page –
I hope this helps?
Hi Eugene,
A few ideas…did you create the manaual SRV record within your DNS? Did you certificate deployment complete successfully?
– Adam
@Adam [I’m a UC Blog]
Yes to both. However, I am not sure about the ports. I have used a couple different presentations incudling yours and http://blog.schertz.name/2010/09/lync2010rc-deployment-part2/ as well as the partner Lab. Is it 5060 or 5061 or 5068 for the srv record, I have it at 5061. Also, is it TCP or TLS? My client has TLS ghosted out. Does the local client firewall (Norton Business) need an exception?
Thanks Again
SRV details can be found here Try disabling the Firewall completely prior to rule configuration.
– Adam
@Adam [I’m a UC Blog]
Hi,
Yes, I see the SRV config, what I am not sure of is the client config. Rules config? for the client? I do not see where that is. Shouldn’t the client be using TCP rather than TLS? The Firewall appears to have learned Lync as it has rules in place for communicator.exe, UcMapi64.exe and ocpubmgr.exe Disabling it did not allow the connection to work.
Thanks again for your help.
Hi Eugene, the client uses your SRV DNS record to locate the server. Upon the authentication with the server enable features are actived within the client – there is of course a .adm file for pushing out Active Directory policies – this is another matter. Question, is your client’s DNS servers set to the server where the SRV records are created – perhaps try an NSLOOKUP to verify.
– Adam
@Adam [I’m a UC Blog]
NSLookup shows the correct DNS server (The SBS08 box)
nslookup ls-se
server sbs08.xxxx.local
192.168.168.10
name ls-se.xxxx.local
192.168.168.3
Hi Adam,
thank you for help. I’ve found the download Link.
Now I’ve a new Problem. I can sign in to Lync Server in my Test Domain. If I want to connect with the Client from another Domain I’ve the error”There was a problem verifying the certificate from the Server”. In the connection Setting I’ve put in the FQDN from my Lync Server in my test Domain
Best regards
Richard
Hi Eugene – anything in the Lync server event log? Tried running a trace?
– Adam
Hi Richard, have you installed the root certificate authority?
– Adam
@Adam [I’m a UC Blog]
Hi,
I am able to sign in now with the client after changing the topology to be entirely .local and rebuiling the cert., I had some .com mixed in there thinking I could test it from the outside at some point. That will have to wait. Now I can’t seem to get the CX600 phone to connect to the desktop over USB, it errors on the sign-in. Hmm. What I am really going to do is print out and read the hundreds of pages of planning and deployment guides. I rahter wish there was something closer to your site in print form, but I’ll keep testing things as I go. Thanks Again.
Hi Adam,
I’ve installed the AD Cerificate Services on my Test DC and make the request as you described
Richard
Does it work now?
Thanks so much for these instructions. I was able to get Lync successfully working. I ran into the same issue with the root cert and had to import it. Also I think the DNS has to be updateable?? Maybe I am wrong. But in any case, your instructions were invaluable in getting my test environment functioning!
Thanks for the feedback Jake.
– Adam
Hello Adam i am getting this error shared resourse error (ACL) when I try to install lync 2010 in a windows 2008 r2 machine, when is activating new roles, i hope you can help me
entered the dns records. but I can not logon automatically.
Is your client’s DNS set to the server with the “entered DNS”?
Can you give me more information on this issue?
login OK with manual configuration. Ok dns configuration with a record and srv record. yes client’s dns and server’s dns is same
is the client computer a domain member/logged on with domain account (and an account with Lync enabled)
hımm
I have a hurry. dns records updated and automatic login ok 🙂
Thanks Adam…
hi Adam
how i can manage users photos and assign policies and rules and import etc
Sweet step by step guide. It was very helpful in setting up my lab. I’m running into an issue where Enable Users for Lync Server (under Top Actions) is grayed out. Edit or Move users is also grayed out. I can’t click them. Also, if I go to the users tab, enable users is grayed out there. I suspect this has to do with a prveious deployment of OCS in our lab, but I’m not sure how or why it would affect enabling users for Lync. Any ideas?
Thanks Josiah – pay attention to this note within the guide,
As noted in your follow-up comment I’m glad you figured this out.
One well documented and supported method can be found via the Exchange Team Blog here
Hi,
Thanks for this great post.
I have configured the lync server as you have mentioned on amazon EC2. I am able to make 1-1 audio calls if the two users are in same network (say my home network). However, I am not able to do the following things:
1) Make conference call with 3 or more users
2) Make calls to any one who is not in same network(my home network and my friend’s home network).
Can you please tell me how to make this happen and how to debug by installation.
Thanks a lot.
Abhinav
Hi All,
I have situation here.
1) I have set up Lync 2010 server and working fine (labsetup)
2) Windows password expired and I have changed the password.
3) After restaring the system I am not able to open the Lync 2010 control panel.( Its asking username and password , after entering the same its giving unauthorized user)
could anyone help, due to this my testing stopped.
Regards,
_Subba Rao CH.
Thanks for your feedback Abhinav, the Amazon sounds like an interesting setup. Regarding your issues, I could try to help with a little more troubleshooting information. However I would strongly recommend posting this on the Microsoft Lync TechNet Forum – here
Hi Subba, presumably you have tried connecting with your previous password – this might be an A/D replication issue? Alternatively you could try creating a new account and add to the “CSAdministrator” group.
– Adam
@Subba Rao CH
Hi Subba, i’m troubled by the same problem. Have you fixed it?
Ok so I am not getting this. I think the install is pretty buggy so far. I went through the installation but without AV Conferencing and Mediation collocated roles checked initially. I went up through step 2 Setup or Remove Lync Server components and all the necessary components were installed. However, I decided to go back and enabled AV Conferencing and the Mediation roles by checking the boxes under the pool. Afterwards it gave me a notepad saying to re-run Step 2, presumably so it can detect the new roles and install the components for AV Conferencing and Mediation. However, when I run through step two, it doesn’t find the new roles and the components are not installed. And yes I have published the new topology where I checked the boxes for AV Conferencing and Mediation. My pool sip.company.com shows up under the A/V Conferencing pools and Mediation pools node but it doesn’t really give me many options. Any ideas?
By the sounds of it you took the right steps to add the additional roles, given the scenario I’d probably suggest you perform a clean install and re-start the Lync deployment process.
I have re-installed two servers three times each now because this install is extremely buggy. It is most definitely not a self-repairing process and is probably the worst install of an MS product I have seen to date. Some examples: Web Components installation errors because of an IIS config issue in the background, fix issue with IIS, setup will no longer detect role and thus doesn’t install web components. SQL Express crashes during install because it extracts an autorun.inf which a lot of AV programs are configured to block, button now greyed out, can’t finish the install. Ran setup on a server that already had setup installed and even though the server was explicitly defined in the topology, it uninstalled all roles and would not re-detect any new roles, even after removing and re-adding to the topology.
Do you know if the Setup portion is looking at the local copy of the CMS? Offhand, it kind of looks like the local CMS is not getting updated with what is in the topology when you re-publish.
The problem I was having is because, as I said previously, the local replicas of the CMS on each server were out of sync with the master CMS. When you run the server installs, Step 1 downloads a copy of the CMS for the local store but doesn’t actually set up replication just yet for it. I then ran Step 2 which configured components on the servers using the local copy of the CMS to determine roles. After Step 2 was when I decided I should probably also install the AV Conferencing, Mediation Server roles. So I went back, updated the topology, republished, and ran Step 2 again which never found any new roles. At this point the master CMS had the correct topology but the local copy was stuck on the old one as you can’t re-run Step 1.
Long story short, once you publish a topology and perform Step 1 on a server, you must complete Steps 2-4 before you can update the topology again or the local replicas will never get the new topology and thus Step 2 will never see the new roles. The lesson learned is make sure your topology is correct the first time or you won’t be able to change it until after you complete the initial install.
Hi PeanutButter,
I would agree that this installation process is a break from the norm, but personally speaking I found this new concept quite logical (once I got my head around it of course!) I would also say that unlike other installation procedures it doesn’t take incorrect topology designs kindly, which from what I can tell has been your experience. If you follow the guide, in the order recommended, you shouldn’t experience any of these issues. Regarding CMS location, this is determined via the topology you publish – SQL store location.
Remember this installation is built around the idea that you are deploying a PBX, where in some cases a resilient/AD independant configuration is neccessary or alterntively where therer is no AD at all i.e. an Edge Server.
– Adam
Hello, I am testing Lync server on win2008, got just about everything running. I am able to login in to Lync server with two IDs but they do ont see one another? Search fails. Probably something I am missing, any help would be appreciated. Thank you
I seem to have figured it out. I did not realize that I needed to search groups at first. Thank you
Hi Adam
i will start implementation of Lync 2010 Server with high availability solution as the following:
1- 2 Front End Server enterprise coallocated mediation , AV
2- 2 Backend Sql 2008 R2 Std server
3- 2 director servers
4- 1 Edge Server
5- 1 Monitor server
so i need you advice to plan the steps of configuration or if you have any document can support
your cooperation will be highly appreciated
Hi Hussam,
Your best bet would be the Lync Server all-in-one offline .chm file, available here. The existing Communications Server (HA) white paper is yet to be updated to reflect Lync, although I suspect it will be at some point.
I hope this helps?
– Adam
I managed to get logged in but still can not see the other lync enabled users. Is there something I missed? I do not have Exchange on this site I am using the Standard Edition just to test PC-to-PC communications.
Check out my guide for enabling users here
– Adam
For some reason they were enabled, and it was taking forever for them to show in the directory. It took a few hours for it to initially show users. It did start working. Thanks for the great blog!
Pleasure Brent, glad to hear it!
– Adam
I am having an issue where the ApplicationServer service in the topology panel is stuck “Retrieving”. Has anyone seen this before?
Thanks!
Hi, great post but i get stuck on step 2 : Setup or remove Lync Server components.
I’m trying to install on a fresh 2008R2 server but i get this message:
Host name: srv-lync.******.local
WARNING! Host not found in topology. All roles will be uninstalled.
I have checked dns,ip and network connections.
Tips anyone
Hi, Thank you very much for this. I was wondering if you could please help with what I think must be a VERY common problem. I have gone through the documentation out there but cannot find any where you have only one firewall and are deploying an edge server. I have though of the below configurations, would any of these work? Could please help shed some light on this?
Internet——-Firewall——-TMG———LAN
¦
(DMZ)Edge—————LAN
Or
Internet——-Firewall——-TMG———LAN
Edge
Or
Internet——-Firewall——————-LAN
¦
(DMZ)Edge—————LAN
TMG—————-LAN
Another question I have is the DNS configuration where the internal domain is different from the external domain. Our external DNS providers don’t support srv records, is this required?
Thank you for your help.
Hi Deon,
Firstly the Firewall query, so far as I am aware the only working (and supported method) is where you place you edge server within your 1st tier DMZ – see this reference architecture. Your second firewall could (and should) be put to good use here.
Secondly the DNS, so far as I can tell automatic logon (both internally and externally) must utilise SRV DNS records, see here for more on this.
Just out of interest have you considered the creation of a new domain and hosting this on your own DNS server? Just an option…
– Adam
Hi Adam,
Can I work with the local based certificate created by the Lync server?
when trying to start the front-end I’m getting error in the event log:
Lync Server machine FQDN cannot be located in the default certificate.
Machine FQDN: ‘lync.lab.co.il’.
Cause: This is a configuration problem.
Resolution:
Make sure the default certificate matches the machine FQDN.
When looking on the certificated I see it was issued by CN=WMSvc-LYNC
what am I doing wrong?
Thanks
Rafi
Hi there,
You’ll need to use an Enterprise CA, so far as I know self-signed certificates will not work. The Enterprise CA role can be easily deployed via Service Manager on Windows 2008.
– Adam
Thanks Adam – passed it!
Can you please explain the last stage is it on server or client side and how to add it
“Finally you will need to create a SRV DNS record for your new Lync Server”
Hi- Sorry – wrong question.. How do you do that step on the DNS – can’t find where is the SRV-DNS
found it.
when running the client I get “there was a problem verifying the certificate from the server”
can I configure the system to work without tls? (lab)
do I need to get certificate from external source and not from the CA installed on the server?
thanks..
So are you using a CA or self-signed?
– Adam
yes
CA that runs on the same server as Lync (as my Enterprise CA) but I understand that because it is not connected to external source that sign the certificate (?) I need to “email the public key to your users and have them install it or do this via Active Directory Group Policy”
how do I do that?
Hi Adam,
Thank you very much for such a good detailed installation steps. I have finished the isntallation and everything working fine, except ‘Meet Now’ Conferencing. I am getting a message ‘The Conferencing Service did not respond. Please wait and try againg later’. The Conferencing service is running in services mmc. Can you please help on this. What could be wrong
If the client computers are domain member than the default group policy will push the CA’s certificate. Alternatively you can install manually by connecting to https://ca_servername/certsrv.
– Adam
Hi Sharief,
Thanks for the feedback, have you got any Firewalls running between your client PC and the Server? Alternatively an errors seen in the Server event log?
– Adam
I have the exact same error. I’m starting to think it’s a certificate issue. I’m using a self-signed certificate on the server without a CA and have this problem. I manually import the certificate on the test client machine and am able to login. Everything functions properly including A/V, IM, and Sharing between single users. But anytime I try to create a conference it gives me this error. I ran the TopologyValidator and it fails at the Group IM and AV-Conference portions with the following error: [ErrorCode=3098,Source=LyncServ.lynctest.com,Reason=No MCU Factory Available Microsoft.Rtc.Signaling.DiagnosticHeader]
This problem is driving me insane because it’s the only thing that is preventing this test environment from working…
Hi Phil,
This could be a resolution issue, do you have any Firewalls enabled? Can you access your meeting URL with any issues (typically https://meet.server.local/)
– Adam
Yes, I can reach that webpage just fine. I just get an error that reads incorrect meeting number. I’m still looking into it but it’s really odd.
Hi Adam
While doing my installation of lync using your great step by step guide I am getting an error message after the reboot on step 2 of the Lync deployement wizzard
Error is :
checking prerequisite MSSpeech_SR_pt_BR_TELE…installing failure code 1603
prerequisite installation failed: MSSpeech_SR_pt_BR_TELE
I appreciate you taking the time to help me out but I re-installed everything from scratch and now nothing works. Services refuse to start in this latest deployment, no errors it just comes up and shuts down. This Lync server is driving me up a wall. I’m thinking this lack of valid cert is hurting me on the deployment. I’m thinking that if I go the CA route I may be able to resolve some of my issues.
I have same issue. It worked very well in this morning, but after I restard my server, share desktop doesn’t work and other share funtion too.
**feel free to correct me if I am wrong**
The above was my problem. The solution for me was a combination of things:
1) Running a Certificate Authority on the test Domain Controller helped. Instead of doing what I was doing and just creating a self signed certificate on the Lync server itself.
2) The client machine has to be a part of the test domain, otherwise it will not take your certificate.I tried having a machine not on the domain accept the certificate in many ways but the login kept failing due to the certificate. Once I added it to the Domain everything worked. Logged in as one of my test users and it auto signed in to Lync right away. Starting a conference worked perfectly as well.
This whole ordeal really pissed me off but now that it’s working I have a certain sense of satisfaction. Thanks for taking a look Adam.
Hi Phil,
I really appreciate you posting your root cause on this. As you can see running an Entperprise CA is the way to go! P.S. You can run your client machine off-domain without certificate issues, this can be achieved via a manually CA root authority cert import.
– Adam
Hi Joe, have you looked into the install log – could it be a space issue?
– Adam
Hi Adam,
Looks like the ISO file I have downloaded from Technet website got corrupt at some point. Got the same issue with Lync installation with my VMWARE Lync lab machines at work.I have deleted the msi file from Lync cache speech directory. Unistalled it from the ADD REMOVE programme and copied a new speech language msi file from another source Lync istalltion ISO file to the cache directory and was able to complete step 2 and finish your step by step guide.
Got a hint on how to do so from the following thread.
http://social.technet.microsoft.com/Forums/en-US/ocsplanningdeployment/thread/dddc96fd-3c61-4a3f-8b33-647e46e22cb5
Thanks,
Joe
checking prerequisite MSSpeech_SR_pt_BR_TELE…installing failure code 1603
prerequisite installation failed:
MSSpeech_SR_pt_BR_TELE
The thread that actually gave me the solution for the error above.
http://social.technet.microsoft.com/Forums/en-US/ocsplanningdeployment/thread/d91d6fc4-8177-4628-839b-800eb14c1313
Thanks Adam
Hi,
Thanks for the great tutorial. I’m now looking for more of a tutorial on how it works externally i.e. what ports to open, how it authenticates for users not on the same domain & really a best practice guide
Regards,
Mark.
Hi Mark, thanks for your feedback. Have you read this Microsoft document – “Microsoft Lync Server 2010 Edge Server Deployment Guide ”
– Adam
Great post with excellent instructions I was able to breeze right through this without any issues.
Thanks.
Hi!
Great article!
But I’m having issue with certificates. Certificate wizard windows is empty? What I’m missing, any help would be appreciated.
Thanks for the feedback, question for you. Have you configured an Enterprise Certificate Authority?
– Adam
Yes I have, but it seams, that I something missing in CA config…
Are you performing the install on a domain joined server (where group policy is applied)?
Yes. CA is on Windows server 2008, but Lync I’m installing on Win 2008 R2 server.
Shouldn’t be an issue, but check your group policy issue being applied. Try access the web enrollment via https://servername.fqdn/certsrv do you get any security errors?
I was asked for conditionals, but can’t connect with domain admin. (401 – Unauthorized: Access is denied due to invalid credentials.)
Also I’m trying to clear topology followed by this article http://ucmadeeasy.wordpress.com/2010/11/09/lync-server-2010-active-directory-references-and-how-to-remove-them/, cause when I’m trying to publish new topology I’m getting Error: An error occurred: “System.InvalidOperationException” “Cluster ID is not consistent with current deployment.”
Sounds like a CA permissions issue, Randy’s article should fix the “System.InvalidOperationException” error!
– Adam
Adam,
i installed lync server 2010,anythings is installed and all when well. But when i opened the control panel, i got the error. the name on the sevurity cert. is invalid or does not match the name of the site. I checked and they are the same, what do i have to do to get cert. error to stop. please help thanks
Hi Ramy,
Have you tried connecting with both the server name and FQDN – the cert may be registered to one but not the other?
– Adam
Hey Adam,
This is too good info. Thanks for sharing.
i need steps to install “LYNC IM CLIENT” on windows7. Where can i found the LYNC IM CLIENT .msi or software ? to install ?
Evaluation versions of the Lync client can be found here.
– Adam
Hey Adam,
I would install Lync an all Steps works good. If I want to Publish my Topolgie its evver break with “ERROR_INVALID_ACCOUNT (-20). My Server is Domain Member and I log in as DomainName\Administrator. What can I do???
Thanks Richard
Is your administrator account a member of the CSAdministrator group?
– Adam
Hi Adam,
i’ve start the installation again. After Prepare Directory (Complete) I log off the Dom Admin grate the Membership to CSAdministrator gruop log on as DomAdmin take the next step prepare first Standard Edition Server (Complete). Now I’ve installed the Topologie Builder and greate the topologie. If I published the Topologie I’ve the same Error as yesterday.
LOGFILE
Global.SqlDmo.Logins.Add failed for AIMDOM\RTCUniversalConfigReplicator
—————
Exit code: ERROR_INVALID_ACCOUNT (-20)
Thanks
Richard
Q. for you, how did you build your Lync Server OS? Any chance the SID information is screwy?
Hi Adam,
I’ve installed Server 2008R2 on VMWare Server without any changes. Last Year Installed a Lync also with your Steplist on VMware and it runs
No worries, I presume you have come across this post on TechNet – does this throw up any ideas?
– Adam
Adam,
your post is crystal clear, i just gone through each and every bits as sown in the entire documnet believe me my lync set up is up and working in just 3hrs. thank you so much for your input and your time
Shashi Kumar
Bangalore India
Hi There – thanks for the above step-by-step install guide! got me through the whole process pretty easy – however, when i come to launch the control panel it tells me navifation to the admin page was unsuccessful please enter the admin address for your lync server – i did, still didnt work – i created 3 A records in my DNS Server of my domain, pointing to the IP address of my lynch server… what am i doing wrong?
Cheers
Robert
EMEA
Hi Robert,
Glad to hear the guide work out (for the most part). From your client computer do the A records (DNS) resolve for you, i.e. can you ping admin.server.domain? Also does this issue occur when you connect to the Lync Server Control Panel locally? (via the server)
– Adam
Hi Adam,
Thank you very much for such a good detailed step by step installation. I’ve finished the installation with everything working fine, except remote voice access. I exported the appropriate certs from the CA, installed it in the remote PC, added records in hosts file to point my declared domain, and IM, remote share etc work fine except from voice. I take drop calls as a result. Is there any way to bypass the EDGE server role, in the implementation. All the correct UDP-TCP voice ports are opened. I don’t want to try the VPN sollution. Anyone any idea?
Hi Adam,
Sorry for my big break, but there was too much other things to do. Now my lync is runing. I take a new installation from Server 2008R2 without any updates and patches and lync is running pretty.
richard
Hi Jim,
As I am sure you are aware this scenario is not supported by Microsoft (although I’m all ears should you get it working!) – although I doubt you will. VPN is the best method, as an IP address is issued for the local subnet where Lync and the associated Active Directory/DNS Servers are located.
Sorry, Adam
I’ve followed the guide verbatim and I’m getting “cannot sign into Lync: Cannot sign in because the server is temporarily unavailable.” DNS is setup correctly, there are no errors in the event viewer on the client although I do have logging setup on the lync client. I’ve tried manually and automatic connections with the same result.
I’ve used the following procedure to ensure DNS is setup properly:
1. open nslookup
2. set q=SRV
3. _sipinternaltls._tcp.
3b. previous should return IP and port (by default 5061) to your pool.
Any suggestions?
I also noticed I have far fewer services on the new lync server than what you list in your tutorial. I have – “Audio Test, Server File Transfer Agent, Server Front end, Im conferencing, Master replicator Agent, replica replicator agent.
Is this an issue?
Hi Phil,
On the login page (located within the Lync client) try setting to manual configuration and inputting the internal name for your Lync server.
– Adam
Is that all the deployed Lync services?
@Adam [I’m a UC Blog]
Yes those are all the services that show installed on the server. When I log into the lync admin however everything shows green.
@Adam [I’m a UC Blog]
I’ve tried that, I get the same error.
Great write up!
Any ideas on how to RCC to existing CME 8.5?
Thanks.
Hey Adam
Ive gotten to the part where i add users as outlined in
http://imaucblog.com/archive/2010/12/03/step-by-step-guide-how-do-i-add-users-within-the-lync-server-2010-control-panel/
and this is what i get:
“specified sip domain is not valid”
Any ideas?
Hi Jason, during your Lync installation did the domain pre/schema updates complete successfully?
– Adam
Thanks for the feedback John, sorry I can’t help regarding the Cisco deployment. Although I would recommend posting this question in the forums. There are a number of other fellow MVPs that have experience with Cisco, I’m certain they’ll pick it up…
– Adam
Hi Phil,
I have reviewed a number of your subsequent comments and I’d reccomend with this many errors you start clean, something went incorrectly during the install.
I’m certain that if you follow the guide verbatim you shouldn’t experience these issues next time.
All the best, Adam.
Some errors i have in the event viewer:
Lync Server Archiving Agent failed to create a local administration queue for acknowledgements.
Errors accessing SQL server.
There were problems accessing SQL server:
Connection: Data Source=(local)\rtc;Initial Catalog=cpsdyn;Integrated Security=True
Message: A transport-level error has occurred when sending the request to the server. (provider: Shared Memory Provider, error: 0 – No process is on the other end of the pipe.)
Error code: -2146232060
Error number: 233
Cause: The server lost the connection to the backend database.
Resolution:
Check if SQL backend is running and accepts connections from Call Park Service.
Cannot update active Match Making server because SQL Server does not respond.
The service failed to register an active Match Making because of a failure to connect to the SQL Server (local)\rtc.
Exception: System.Data.SqlClient.SqlException – A transport-level error has occurred when sending the request to the server. (provider: Shared Memory Provider, error: 0 – No process is on the other end of the pipe.)
Inner Exception: ~
Cause: The server lost the connection to the backend database.
Resolution:
Make sure the machine has connectivity to the backend SQL Server.
I can see that there is something wrong with the connection to my sql sever but havent been able to figure how to correct it?
Hi
I have a problem and not sure how to resolve it, I want to install this on a Server that is already running Microsoft SQL Server 2008 R2, I do not want SQL express, and I have paid for version of SQL that is doing stuff for BES too, how do I get around this problem of it wanting to install the dependency?
Thanks
When attempting to complete step 2 on the Setup Lync Server components I get this error:
Checking prerequisite JSharp…prerequisite satisfied.
Checking prerequisite Wmf2008…prerequisite satisfied.
Checking prerequisite Wmf2008R2…installing…failure code 3
Prerequisite installation failed: Wmf2008R2
Any ideas? This is with a new install as you recommended.
found the solution, actually on this same blog, thanks!
Script failed (code “ERROR_NEED_MAJOR_UPGRADE_USE_IMP_EXP”) when installing “CentralMgmtStore
I follow the LS_Deploy_SE.doc instructions, and never create the RTC instance in SQL, there are no policies, permission according to the documentation, and allways repeat the same error. Can you help me. Thanks.
Hi Pablo,
Have you reviewed this post – does it shed any light on the issue you are experiencing?
– Adam
Hi Phil,
Please refer to this recent announcement regarding the support for SQL 2008 R2 for Lync Server 2010 – here
– Adam
Hi Jason,
Sorry for not getting back to you sooner (I was on vacation), if this is a still issue…read on. Whilst looking into this issue I came across a post here that seems to be similar, perhaps this might be of assistance? (this blog is in German, but the illustrations help!)
– Adam
i have the error saying that my lync server is unavailable after i tried connecting to the server
@Phil
What was the resolution, Phil. I too am recieving the same error 3.
Hi Jamie,
This is probably in relation to SP1 for Windows Server 2008 R2, refer to this post here
– Adam
Hi Mike,
Can you be more specific?
– Adam
Thank you Adam, that solved my problem
Thank you for the great guide! Was a life saver when trying to install Lync 2010 server. Very straight forward and easy to follow!
This was a great write up. I initially ran into problems but after scratching the whole thing and starting over but going much slower, everything installed without errors and my test clients connected to the server. I do have a question though: Will a PolyCom CX5000 work with Lync 2010 Standard?
Glad to hear you got there in the end Mike, I’d definately suggest taking your time – the Lync installation introduces some new Microsoft setup wizard principles.
Regarding the CX5000 (previously known as RoundTable device) this does work with Lync. Although I am yet to personally test it, my understanding is that it works with both the Lync Client and Live Meeting.
I hope this helps?
– Adam
Is there anyway to do the standard edition installation, but still use a separate back-end SQL box instead of using SQL Express? Or do I have to install the enterprise edition?
Sorry nope.
Taken from TechNet:
By default, the SQL Server Express back-end database is collocated on the Standard Edition server. You cannot move it to a separate computer. You cannot collocate other databases on the Standard Edition server.
This is an excellent write up. I got my server up and running the same day.
Question:
Is it possible to communicate with another domain (seperate forest) running OCS 2007 R2, without setting up an edge server? There is a VPN between the two domains.
one more prerequisites needs to be added
ServerManagerCmd.exe -install MSMQ-Services
When deploying the Monitoring and Archiving roles, yes. This is not specified within the guide’s deployment. 🙂
– Adam
Thanks Marc, I’m not sure this is possible/supported – this should hopefully clear up any doubts http://technet.microsoft.com/en-us/library/dd441359(office.13).aspx
– Adam
When creating the Service Location at the very end, should the “Host offering this service:” be the fqdn of the lync server, or of the lync pool you created?
Hi there,
It should be the FQDN of your Lync Front End Server.
– Adam
Alright, thats what I had. Thanks. Would you be able to help in the way of, everything is working fine, except when I try to start a conversation with multiple users?
Thanks,
Jesse
All Lync Services running, Windows Firewall disabled? Any error logs that you could provide would be great.
– Adam
Correct. All services are running and firewall is disabled. The multiple user conversation is the only functionality not working. I get a banner at the top, “A server error occurred. Please contact your support team.” and in the conversation box it says, “when contacting your support team, reference error ID 51024 (source ID 242).” I looked around in appdata and program files and did not see any logs. Could you point me in the direction of where said logs may exist? Also, there is nothing showing up in event viewer when the error occurs either.
Thanks again,
Jesse
Most Communicator or Lync errors are only displayed in the client specific logs. First you need to enable the logging, this is within the clients general settings, in Windows 7 logs can be found at %userprofile%\Tracing
– Adam
Thanks Adam, To give you a little more info. I have an enterprise build with all roles on a single server except for the SQL backend. No Edge Server. The error from when I tried to initiate a multiple user IM is:
05/23/2011|10:29:52.559 1208:8E4 INFO :: End of Data Received – 10.1.0.38:5061 (To Local Address: 10.0.0.131:51334) 4024 bytes
05/23/2011|10:29:52.559 1208:8E4 TRACE :: CSIPMessageCollator::AsyncProcessSipMsg – [0x0936AA80]
05/23/2011|10:29:52.559 1208:8E4 TRACE :: CSIPTransportLayerNotify::OnRecv – [0x0936AA80]
05/23/2011|10:29:52.559 1208:8E4 TRACE :: CSIPTransportLayerNotify::OnRecv – [0x09486FE0]
05/23/2011|10:29:52.688 1208:8E4 ERROR :: SIP_URL::ParseUrlParams invalid char H found when trying to parse params
05/23/2011|10:29:52.688 1208:8E4 ERROR :: SIP_URL::ParseUrlBase ParseSipUrlParams failed 80004005
05/23/2011|10:29:52.688 1208:8E4 ERROR :: SIP_URL::InternalInitialize ParseSipUrl(sip:Joe Heller) failed 80ee0012
05/23/2011|10:29:52.688 1208:8E4 ERROR :: SIP_URL::ParseUrlParams invalid char H found when trying to parse params
05/23/2011|10:29:52.688 1208:8E4 ERROR :: SIP_URL::ParseUrlBase ParseSipUrlParams failed 80004005
Hey Adam, thanks for all the help. I was eventually able to solve my problem. I followed this article: http://social.microsoft.com/Forums/en-US/commmunicatorim/thread/512bccc3-d624-4b11-91c1-5d52aca3c195 and enabled my cert for all purposes. Then I ran a windows update and restarted the server and all is working fine.
Thanks again,
Jesse
Very usefull! Thanks!
Thanks Jesse – cheers for sharing!
– Adam
Anyone know of a step by step guide for the Lync Server 2010 Enterprise Edition? My Standard setup went smoothly but more than likley we’re going to purchase the the Enterprise Edition. Thanks again for the above steps, they were more than helpful!
Hi Vince,
This guide looks fairly comprehensive.
– Adam
Vince, I did an Enterprise Install with all roles on a single server except the SQL backend. I used Adam’s and http://smartbserver.net/2010/12/lync-on-member/ to do my install that was very similar to the Standard, just entering the FQDN of my SQL box. I did not install an Edge server though either.
I am having an issue on Step 2 Setup or REmove Lync Server Components. I get an ACL error when trying to execute this.
Executing PowerShell command: Enable-CSComputer -Confirm:$false -Verbose -Report “C:\Users\administrator.RCAC\AppData\Local\Temp\2\Enable-CSComputer-[2011_06_07][15_42_40].html”
Access control list (ACL) share failed.,Microsoft.Rtc.Management.Deployment.ActivateMachineCmdlet
Any ideas?
Thanks
Hi Dan,
What is the error reported in the log file? (refer to the report referenced within the PowerShell command)
– Adam
Adam thanks for the response and thanks for this guide. I checked the log and it was mentioning a permission error on the share that the process was supposed to create, I had to manually create the share and modify the permission but all seems to be working. Finished the install and added a few users, now just testing. Thanks again@Adam [I’m a UC Blog]
Glad to hear it Dan 🙂
– Adam
I have prepared lync standard server which is working fine from my internal network. Now i want my users who are on internet to connect on to it. Kindly let me know appart from natting my lync server what other steps will i have to do so users from internet will be able to connect to my lync server
Hi Amit,
You have two options are this point.
1. Deploy a corporate VPN, pros on this include security and ease of deployment (you may already have a solution in place).
2. Deploy a Lync Edge Server, this will allow VPN-less access to Lync services and the capability to federate and conduct “Live Meetings” with external organisations.
For a good guide on Lync Server Edge deployment I’d recommend you check out OCSGuy’s post here
– Adam
Hi Adam,
Thanks for your suggestion i will do it on VPN as its simpler and secure. i have one more query. My lync server is on 172.26.x.x IP serise and I want to change IP serise to 192.168.x.x network. simply changing the IP of Lync server will work or will i have to do any other steps.
as per my assumpsion everything should fine as Lync works on DNS and i will add the DNS entries also. Kindly let me know your suggestion
Hi Amit,
Off the top of my head providing DNS updates take effect you should have no issues.
– Adam
Hi Guys, just completed and setting up successfully on Lync but wondering why Front End unable to start service which is i found in event error appeared as below
The Lync Server Front-End service terminated with service-specific error %%-1008193023
Hi Aladdin,
This may be a certificate issue, how are you creating your certs?
– Adam
Hi Guys,
I am facing a similar issue with Lync Server. I have completed the installation of the Lync server and all the services are up except the “Lync Server Front End” , i have uninstalled the Security Update KB974571, restarted my Server but still the service is giving the same error “The Lync Server Front-End service terminated with service-specific error 3286842403 (0xC3E93C23).” . The following is the complete error detail.
–
7024
0
2
0
0
0x80000000000000
102904
System
XXXXXXXX
–
Lync Server Front-End
3286842403 (0xC3E93C23)
Can you please help me with this?
Thanks and Regards,
Vimod
Hi Vimod,
Did you follow the recommendations within your MS forum request? here http://social.technet.microsoft.com/Forums/en-US/ocsplanningdeployment/thread/f9a6bec5-9ae8-4ed6-9d16-e7b54c20d2d8/
– Adam
Hey Adam, I’m now getting an error on my Lync client. In the lower right hand corner of the client window, there is a red X and when I click for details i get “Lync cannot connect to the Exchange Server. Please try signing out and signing back in. Outlook contact and calender information will be unavailable until the connection is restored.” I have signed out and back in multiple times. If I pull up my configuration information, I believe I have found the reason why. For MAPI Information, I have, “A separate sign in was required to connect to Outlook, but the sing-in dialog box was canceled or closed….” MAPI Unvailable. On our client machines that are working, it says MAPI OK. Im not sure how the two are related since what refers to Outlook sign in and the other says it can’t connect to the Exchange server itself. I would guess the Lync client signs into Outlook and then uses Outlooks connection to Exchange somehow (assuming these two are actually related). Any ideas on what I should do. Also, EWS not deployed.
Thanks,
Jesse
Command execution failed: Filename: \\?\E:\apps\Microsoft Lync Server 2010\Web Components\Internal Website\web.config
Error: The configuration section ‘system.webServer/rewrite/rules’ cannot be read because it is missing a section declaration
I get this error when trying to stand up a lync 2010 server in our lab. Very basic config of 2008 r2 with exchange 2010 loaded. did a standard install and this error comes up during the install. I looked in the interal website directory and there is no file called web.config. Thoughts?
Hi Brian,
Have you looked in the setup logs for more detailed information?
– Adam
Hi Jesse,
Two things, you’ll need EWS for certain Lync services to function (see here for more in this). Secondly is your client computer domain joined?
– Adam
Hi all,
i have a error when publish topology (error when create central management store), i show lync log:
Running script: C:\Windows\system32\cscript.exe //Nologo “C:\Program Files\Common Files\Microsoft Lync Server 2010\DbSetup\xdssetup.wsf” /dbexists /sqlserver:localhost\lync /publisheracct:mydomain\RTCUniversalServerAdmins /replicatoracct:mydomain\RTCUniversalConfigReplicator /consumeracct:mydomain\RTCUniversalReadOnlyAdmins /role:master /verbose
—————
Failed to create SQLDMO.SQLServer object (
name: RangeError
description: Could not locate automation class named “SQLDMO.SQLServer”.
number: -2147352567
message: Could not locate automation class named “SQLDMO.SQLServer”.
)
—————
Exit code: ERROR_SQL_DMO_UNAVAILABLE (-52)
When running /dbexists, non-zero exit codes are not necessarily errors
—————
Running script: C:\Windows\system32\cscript.exe //Nologo “C:\Program Files\Common Files\Microsoft Lync Server 2010\DbSetup\xdssetup.wsf” /sqlserver:localhost\lync /publisheracct:VIETTELRD\RTCUniversalServerAdmins /replicatoracct:VIETTELRD\RTCUniversalConfigReplicator /consumeracct:VIETTELRD\RTCUniversalReadOnlyAdmins /dbpath:E:\CsData\CentralMgmtStore\lync\dbpath /logpath:E:\CsData\CentralMgmtStore\lync\logpath /role:master /verbose
—————
Failed to create SQLDMO.SQLServer object (
name: RangeError
description: Could not locate automation class named “SQLDMO.SQLServer”.
number: -2147352567
message: Could not locate automation class named “SQLDMO.SQLServer”.
)
—————
Exit code: ERROR_SQL_DMO_UNAVAILABLE (-52)
—————
can you help me solve this problem ?
Thanks all
Hi,
Try changing your SQL server name within topology builder to an FQDN.
– Adam
Dear Adam,
Thanks i solved my problem.
-VietND @Adam [I’m a UC Blog]
I want to deploy Lync for demos, without connecting to a phone system, it will be a closed network. I want users to be able to do IM, video calls and voice calls between clients without having to have a phone system connected. What components of Lync do I need to install for this functionality only?
Hi Richard,
Follow my Lync Server consolidated install guide and you’ll be all set! 🙂
– Adam
@Dan
What is the path that you created it to?
I am getting Installing OcsCore.msi (Feature_LocalMgmtStore)…Failure code 1603
Error returned while installing OcsCore.msi (Feature_LocalMgmtStore) Code 1603.
Running as administrator (logged on as Admin and right clicked on Wizard and did run as admin) on Windows 2008 R2 on VM.
any suggestions?
Hi Michael,
Have you checked the installation log file?
– Adam
How can I give sysadmin rights through Server Management Shell ?
Or how can I assign sysadmin role to the Domain administrator. As I used all installation of the Lync 2010 server as the Domain administrator.
Add the user to the CSAdministrator group, although this is not recommended. Use another account and promote to CSAdministrator rights.
– Adam
Just installed Lync Server and created a user for myself. When trying to log in with client, I get “Cannot sign in because the server is temporarily unavailable.”
Just a random something that looks suspicious: Lync Server Control Panel > Topology > Server Application: “Retrieve “Server Application” returned warnings. Get-CsServerApplication : A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections.”
I have not explored much further. Help appreciated.
at last i could install lync 2010 in my lab… thanks a lot.
Hi Austin,
Are all the Lync services started (including SQL)
– Adam
Finally got Lync installed on a VM but couldnot install on a physical server that is hosting SolarWinds products. Did find out that if you install Lync and later uninstall and try to install again you run into numerous issues. I found that reinstalling the OS (though painful) cleared the issues. This is actually easier than trying to fix the errors. Some of which like the 1603 error are not easy to fix.
Thanks for sharing this Michael. 🙂
– Adam
Hey Adam, all Lync services are running. I had to start Application Sharing service manually, even though it was set to automatic. I think I had to do this with Audio Test Service last time. But everything else is starting automatically.
As for services starting with “SQL…” there is an SQL Active Directory Helper Service that is disabled. SQL Server (RTC) and SQL Server (RTCLOCAL) are both running and automatic, but SQL Server Agent (RTC) and SQL Server Agent (RTCLOCAL) are disabled. Then SQL Server Browser and SQL Server VSS Writer are started/automatic.
Both RTC and RTCLOCAL databases should be started.
– Adam
Sounds more like it!
– Adam
I got the server up and running but i am having a problem with what i would assume is the Edge server. I am unable to connect from the outside world. Great install guide. Not to ask for too much, but have you done one for the edge server and the monitoring and archiving servers too?
Glad to hear your server is up and running. I have not written any Lync Edge Server guides – primarily because there are others out there that I would be unable to better! I’d recommend Kevin’s guide here
Good luck!
– Adam
I also had a problem connecting to Lync Server 2010 using the Lync Client
– with the automatic config : error message about server not found
– with the IP : error message about certificate error.
The reason for the certificate error was not actually a certificate problem at all. It turns out that a user must be added to a Registrar Pool before it can connect to the Lync Server using the Lync Client.
If the user you are attempting to login as is not added to a pool you may get that certificate error among other error messages(as I did) : this is really confusing.
You can add a user to a Registrar Pool by using the Lync Server Control Panel : Users/Action/Move selected user to the pool…
or by using the Lync Server Management Shell :
Enable-CsUser -Identity “User Name” -RegistrarPool “Name.of.your.server” -SipAddressType SamAccountName -SipDomain domain.local
Hope it helps !
H thnsk for good guide
i do get a problem with Lync Control panel then i try to start it
“Navigation to the webpage was canceled” and the servies dont start all
any ideas
ps, running it on a wmvare
regards Tommy
Hi Tommy,
Which services are not started? Also have you completed the DNS steps? If you need additional information on this follow my written guide
– Adam
Hi Adam
i Actually moved Active Directory Certificate Services from a old server to the lync server.
and after no problem with certficate or the services,
but how do i do if we gonne user our public ex domain.uk?
Hey guys,
I have a problem with Publishing my Topology, and while i’ve googled all around, I can’t seem to find the answer anywhere, and what Microsoft recommends is not working.
I am getting the following error:
Exception of type ‘Microsoft.Rtc.Management.Deployment.DeploymentException’ was thrown.
When I create a Central Management Store, these errors go crazy in the wizard.
When I view the logs, I get this:
Error: An error occurred: “Microsoft.Rtc.Common.Data.SqlConnectionException” “A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: SQL Network Interfaces, error: 26 – Error Locating Server/Instance Specified)”
I have checked all firewalls and settings for SQL, and it all is fine; and should be going through without a problem.
Any insight on this problem? Thanks for anything in advance.
Tyler
Hi Tommy,
You have two options here, either a) purchase a UCC cert from a public certificate authority or b) load your CA root cert into your trusted root authorities – I’d recommend against this unless you are running within a lab environment.
I hope this helps?
– Adam
Hi Tyler,
Presumably you have followed this KB to no avail?
– Adam
Adam,
Yeah I did. None of it worked. We tried another route, but the problem was Forefront Identity Manager. We had to manually create an instance in SQL for FIM2010 to host on Port80, and when Lync went to create an instance in SQL when publishing the topology, it errored out because everything was manually defined in the server and was using the same Port as FIM. All we did was just wipe everything and use Lync over 2 servers, and configure FIM2010 on another. We were just trying to save space by running 2 services on 1 server, because all we were using them for was PRS in Forefront, and the IM service on Lync. Didnt know it would bring down the whole thing! I’m currently installing Lync to another server so we’ll see what it does now.
Tyler
Thanks for sharing Tyler. FYI – Anti-Virus and Lync don’t play nice together, I’d advise against an installation on your Lync servers.
– Adam
Yes Thanks ,
One more think you should add Lync Edge Server deployment.
I have done installation as per your blog and its working very good. But now i need to give the access to our external users those who are not in domain.
Thanks |
Amit Sharma
Hi,
I get the error:
No active Address Book web service backend data partition
Cause: First sync has not happened yet since deployment or database schema update
Resolution:
Wait for first Address Book synchronization pass to complete and verify event no longer occurs.
I run the command: Update-CsAddressBook -verbose
But still users cannot find each other from the lync client.
Thanks for your help
I am the last phase of the installation of Lync but i have an error :”Prerequisite not satisfied: This product cannot be installed on a DC”
can you help me plz
Hi Mirra,
Presumably you are installing Lync Server on a domain controller, this is not support (or achievable either).
– Adam
Hi Amit,
The are some other great blog posts that cover this, one I am familiar with is on OCSGuy’s blog here
– Adam
Hi Okan,
I’d suggest you refer to a post on Jeff Schertz’ blog here
– Adam
hello,
i have a problem when i try to “install or update the component of the lync server ” , it generate an error when he try to create a data base : “error_create_db (-4) ”
–>microsoft.rtc.management.deployment.installdatabasecmdlet
plz can you help me
thnks …
Have a look through this great checklist provided by Matt Mc Gillen.
– Adam
Hello Adam,
Can you give me more information on “The Lync Server Front-End service terminated with service-specific error %%-1008124830.”
I did removal & reassignment of certificate ,still i am getting the same error.
Hi Kanch,
This is likely to be related to a certificate problem, are you using a Windows Server CA or other?
– Adam
Hello friends.
it is about three weeks that i am trying to install lync server bt i got error with the
error returned while installing Webcomponents.msi(feature_webcomponents_commonfiles), code 1620 please cosult log at c:\users\administrator.VOIP\AppData\local\Temp\add-webcomponents.msi-feature_webcomponents_commonfiles—-
i search alot in google in forums bt i got the message that the lync2010 is crpt. so please any of you can help me i will post this and my email address if any one of you face this problem and solved so please tell me.
thanks friends.
I have installed Lync and it appears to work correctly but now need to create a director poool. When I publish the updated topology I get:
Error: An error occurred: “Microsoft.Rtc.Management.ADConnect.ADOperationException” “Active Directory operation failed on “DC Name”. You cannot retry this operation: “Access is denied
00000005: SecErr: DSID-03152492, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0
Any ideas on what the solution is?
Thanks
Gary
Sorted it. Found this http://www.itexperience.net/logon-to-owa-results-in-problem-4003-insuff_access_rights/ which takes abot exchange but I followed what it said about the username I was using. Logged out and back in and I was able to publish the topology without a problem.
Why can’t Lync 2010 be installed on a DC?
And if you can’t install it on a DC, how possibly can you configure active directory? Or does Lync need to be installed on a different system that is a member of the domain?
Hi Roy, it’s not supported, the installation prevents it and not to mention a bad idea! You’ll need to create a member server within your existing Active Directory.
– Adam
Thanks for sharing Gary, this is typically a problem within administrator accounts.
– Adam
What do you mean with a member server? Isn’t that just a system that has joined the domain?
I’ve managed to get through most steps, but it fails when publishing the topology with this error:
Installed SQL Server 2005 Backward Compatibility version is 8.05.2312
Connecting to SQL Server on lync.roy.local\rtc
SqlMajorVersion : 10
SqlMinorVersion : 0
SqlBuildNo : 2531
SQL version is acceptable: 10.0.2531.0
Default database data file path is c:\Program Files\Microsoft SQL Server\MSSQL10.RTC\MSSQL\Data
Default database data file path is c:\Program Files\Microsoft SQL Server\MSSQL10.RTC\MSSQL\Data
Default database log file path is c:\Program Files\Microsoft SQL Server\MSSQL10.RTC\MSSQL\Data
Opened database xds
Db schema version is 0
Db sproc version is 0
Database exists, but needs to be installed with /clean.
—————
Exit code: ERROR_DATABASE_REQUIRES_CLEAN (-25)
When running /dbexists, non-zero exit codes are not necessarily errors
—————
What does it mean, and how do I fix this? Thanks in advance 😉
Correct, a domain-joined Windows Server 🙂
– Adam
Hi Roy,
I’d recommend that you try Jeff’s solution here
– Adam
I’ve managed to fix the problem. My virtual server on which I was installing Lync was cloned from a different system, and therefore caused some kind of conflict. I’ve installed a fresh copy of Windows Server (if you clone a system, use Sysprep directly after booting and check the Generalize option).
If you are using Windows Server 2008 R2, use the following PowerShell command to install the IIS features:
Import-Module ServerManager
Add-WindowsFeature Web-Static-Content,Web-Default-Doc,Web-Dir-Browsing,Web-Http-Errors,Web-Http-Redirect,Web-Asp-Net,Web-Http-Logging,Web-Log-Libraries,Web-Request-Monitor,Web-Http-Tracing,Web-Windows-Auth,Web-Client-Auth,Web-Filtering,Web-Stat-Compression,Web-Mgmt-Console,Web-Scripting-Tools
During the deployment I received an error that it can’t install Wmf2008R2, I used this workaround:
%systemroot%\system32\dism.exe /online /add-package /packagepath:%windir%\servicing\Packages\Microsoft-Windows-Media-Format-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.mum /ignorecheck
Thanks for the help 🙂
How does this integrate with the e-mail (server) and does it work with only MS Exchange Server?
Hi Frank,
Lync integrates with Exchange only (for Voicemail, call history and scheduling) – Jeff Schertz has a great guide here
– Adam
We are a purely Novell shop and we use GroupWise in e-directory but we also have Active Directory. We are trying to setup Lync 2010 in Active Directory but the challenge is our e-mail system. What would you suggest, do we need to completely get rid of GroupWise in order to move forward or is there a way around this?
Hi Frank,
You can always deploy Lync without Exchange, but you’ll miss out on Exchange UM functionality. Do you have an existing PBX/voicemail system?
– Adam
I am trying to setup Lync with the new IPad/IPhone app. I have read a lot of things that are running me in a circle. Have you created a guide or how to on setting up the lync environment to accept connectivity from the IPad/IPhone app?
I certainly have, check it out here
Hi Adam,
When I try to Extend the schema before installin Lync 2010, Iget this error code
“Error: Upload C:\Program Files\Microsoft Lync Server 2010\Deployment\Setup\ExternalSchema.ldf fails. The exit code is “5”.”
Any Ideas? any other ways of extending the Schema?
@Frank
I restarted the system and it worked!
Thanks
Can’t been an old fashioned reboot! 😉
– Adam
Hey i just wanted to say thanks. I don’t know what I would have done without this. This is a complex deployment.
Hi Adam
thanks fora great guide again 🙂
can we run lync 2010 standard edition without edge server? and if not? why then?
Regards
Tommy
Thanks for the feedback Tommy. You can absolutely run a Lync SE Server without Edge Services, this configuration is not uncommon where Lync is being piloted or in certain scenarios where the exposure of certain services is not permitted without the use of a corporate VPN.
But you WILL miss out on some really great capabilities, such as:
Lync client access without corporate VPN
Federation with other organisations (incorporating Presence, Instant Messaging, Lync-to-Lync calling, Video calling and Desktop Sharing)
Public-facing web conferencing
Communication with public networks like MSN Messenger, Yahoo, AIM and Gmail (PIC & XMPP)
Push notifications for iOS and Windows Phone 7 Lync Mobile clients
I hope this helps!
– Adam
I’ve followed your very useful guide, but now I’m stuck because I can’t login in the lync control panel or with the url https://admin.name.local … I’ve a DC which runs sbs2011, and a small server with 2008 R2 which is running lynch.
While trying to log with as a domain administrator (or as a user with those privileg) I get the error that I’m not authorized – access denied due to RBAC . User not authorized..
I’ve published the topology with success, tell if you need more information.
PS: it’s a simple architecture server, for a small company.
Txs for any help
-Matteo
– solved, I followed the advice on this guide http://social.technet.microsoft.com/Forums/pl-PL/ocsplanningdeployment/thread/1d746cb1-92d0-4913-b21d-6a55f6386705 , searching for the CSAdministrator group
I configured my Lync 2010 system as per your instructions and it worked perfectly on a Hyper V virtual server running on 4GB and dual core 1.3ghz, other than requiring a few reboots along the way to allow my server to install updates.
I am going to configure it to allow external access and droid access next.
Excellent write up, thanks for all your hard work
Regards
Mike
Pleasure Mike, thanks for the feedback.
– Adam
Just installed my first lync server? thanks to your post it just worked out fine after a few problems with topology builder.
regards
Koen
Very useful mate! Thank you very much!
Hi Guys,
Just wondering if anyone knows if you cna deploy AD FS proxy onthe sam emachine as the Lync Edge Server to allow connectivity to Office 365 for on premises voice support, plus single Sign On for users?
I can find a lot of info on AD FS (and Single Sign On) and I can find a lot about Hybrid Voice for Lync, but not both together, which should have hit the public domain by now….
Cheers,
Alex B
Everything worked out perfectly. The only thing i’m missing is an Edge server so i can access it from outside my private network, but it was extremely fun to setup.
I appreciate you taking the time to write this. If only there was similar guide on System Center Configuration manager that were as easy to follow!
Thanks
Jack.