After finishing from deploying the First Enterprise Edition pool, I went through a problem while deploying a standard edition server in a remote site location.
I Started by checking the user account permissions for which I am running the task, and I could verify that my user has the required permissions, since it was member of Local Administrators Group on the Server Machine on which I am running the installation.
Moreover I have verified that my Server Machine Computer Account is Member of RTCUniversalServerAdmins (Membership of this group is required for Read Access to the Central Management Database).
At this point I have concluded that most probably the problem is not related to the existing Lync configuration especially since I have already successfully deployed, one Enterprise Edition pool , also defined all required items and parameters for the standard Edition Server in the Lync topology and have also been able to successfully publish my topology.
So I went and double checked the network settings on the Server machine and everything was configured properly, DNS settings where set correctly the primary DNS pointing to the domain controller in the same Active Directory Site Site-B where the server is located and the alternate DNS pointing to the domain controller In the Remote Active Directory Site-A which is the main site where the Enterprise Pool has been already deployed. DNS resolution for the domain and various entries, was successful.
At this time I decided to have a look on the Lync configuration from Active Directory perspective and launch ADSI edit while connecting to the configuration partition on both Domain controllers, and try to compare the configuration to check if Active Directory configuration was successfully replicated, between both sites domain controllers, but the result was also good all the settings where the same on both Domain controllers, so the problem is not at this level, I was relying also on the fact that I have already deployed the first pool at site-A .
Then I went back to the lync deployment wizard and launch it once again, this time I select the “Active Directory Preparation” task, to find out that there’s also an error at this level. Below is a snapshot.
Ok situation is getting hot! J, and now at least I know my problem is located on this level, for the first glance I thought it is a permission issue, but this time I was sure that my account has all the required permissions,
Member of schema admins Group
the Schema Master is available and contactable, and also the schema registry modification is enabled on the Schema Master.
That’s really nice, I have all the above information, but till now I don’t have a clue about the reason why this is happening.
So in order to narrow down the issue, I went and run Get-CsAdServerSchema from the Lync Management shell, I knew that I will get an error but this time I got more information with the error. Specifically the error was:
“Get-CsAdServerSchema : Command execution failed: cannot find any global catalogs in forest L2013.ptg”
That’s Nice! Now I have narrowed down the reason, and we have a clue about what is going on, even though the error was clear enough and points to the exact problem, what is would be the result when running “Get-CSManagementConnection” PowerShell command from the Lync management shell. And indeed as expected the results shows the exact same error, below is a snapshot
Alright so the problem is that Lync can’t locate a Global Catalog in the AD Forest, but I can also confirm that I have at least one GC per AD site, I can also confirm that both GC Servers are available, so let’s try to query the Gcs in the forest manually from the Standard Edition Server machine.
I did that by running the following command from the command prompt or from PowerShell, (it works on both) “dsquery server –forest –isgc“.
The results were good! That’s weird no? I said to myself ok the Gcs are available but maybe not responding to a query request so let’s try to query an AD group manually, by running dsquery group –name “ADGroupNAme” –server <GCServerName>.
Below are the results of a query for AD Group Domain Users
Interesting!, now I can confirm the Global catalogs are available and responding to query requests, but this doesn’t not make sense! I am confused if everything seems fine why I am getting these errors from the Lync deployment wizard?
At this point I decided to go back to the start, I usually do that when I face such situation where nothing seems logic. So to the beginning, I launched the deployment wizard again, and wait for checking the deployment state to find the first change, magically Active Directory preparation task now shows as complete.
Additional I went and installed the local configuration store by retrieving the configuration from the lync topology! OMG what happened, I was in the process of troubleshooting the issue and writing this article at the same time! And I didn’t change any configuration yet, I just run a query against the Global Catalogs, would this introduce any changes to the environment? I don’t believe so.
Although nothgin has changed I was able to deploy the Lync Standard edition in the remote site, now I can also get Active Directory State, also the Management Database Connection state.
Moral of the story
- Lync powershell provides useful troubleshooting information, that are not often provided by the Graphical interface.
- While deploying Lync always make sure that Active Directory is healthy, especially connection to global catalogs because although Lync server 2013 highly depends on SQL, considerable configuration and dependcies to active directory are still required for Lync to function properly.
Always go back to the basics when everything else fails J