how to clean your server of Old Active Directory Lync AD references in the RTC service when Removing the Last 2010 pool fails to publish in the lync

Untitled

Article Summary: This article provides information on “how to clean your server of Old or incorrect Lync AD references in the RTC service.

This issue most likely comes up when you are trying to remove lync 2010 from the Lync 2013 Deployments. Before you go down this path, you want to check for User Objects, which my be the most sinister, in how they may not show up in your queries. Disabled user objects, Old OCS objects (migrated to Lync 2010), and contact objects ate included in this list. In order to get the full list of these, run and review this shell command:

get-csuser | ft SipAddress,Registrarpool >C:\output.csv.

If the user has a sip address and or a registered pool, it will show up here. Review this list. Run this command form the Lync 2010 shell. If you decommissioned 2010 before removing Lync 2010 from the topology, I would say go back and re-install there Lync 2010 Shell. This step is required to get all tye Lync 2010 objects Identified.

Remove or update all the objects you find to point to the Lync 2013 pool. If not, you must delete said objects. If all this will not let you remove the lync 2010 machine from the topology, then move forward.

Here is a walkthrough on removing objects in the Lync 2010 AD Schema and Configuration:

Table of Contents:

  1. Create Dump File to Review Attributes stuck in RTC service
  2. Remove Global  Settings and Trusted Services
  3. Remove Pools
  4. Remove Trusted MCU  
  5. Remove Trusted Web Server Component

Errors in AD occur  during move-CsConfigurationStoreLocation or Move-Management server.  The Trusted Application pool AD tree is suspected.  AD Objects  may not have removed properly because  they are  common to the coexistence. Ideally, the 2010 application pool should have been removed before creating a 2013 application pool.  Unfortunately the common commands did not identify this with certainty.  You may recreate the application pool and application server in the Lync 2013 environment, if you feel the order in which application pool was created showed you errors on creation.

On a more global level, we will handle the failure to publish in a general way. Looking at the who RTC service.

 In the interest of keeping customer troubleshooting to minimum, it will be required to pull another log to identify and formulate what AD deletion needs to be made.

 References to old server objects in AD include Global Settings, Pools, Trusted MCUs, Trusted Services and Trusted WebComponentsServers.

  Before beginning the five processes to remove attributes, It seems best to introduce the possible shortest way to find an orphaned object. For ease of troubleshooting I recommend exporting the RTC service information. You can use notepad++ to search for the attributes and determine which AD object contains the reference. 

 —————————————————————————————————————-

Create Dump File for Support

 

  1. 1.       Start->run->adsiedit.msc
  2. 2.       Right click the adsiedit object and choose   connect to.                                                                                               
  3. Choose configuration option from “select from well-known context”                                                                                                
  4.  navigate to  configuration->services->RTC service
  5. Right click RTC Service and choose properties
  6. Go to the distinguished name field or object category (depending on Lync version)
  7. Copy the string from this field. This is our search string in the next step.
  8. The value looks similar to CN=ms-RTC-SIP-Service,CN=Schema,CN=Configuration,DC=yoursipdomain,DC=com
  9. Double click on the object and copy the value to notepad
  10. Create a new command using your text. The syntax will be
    1. Make a temp folder called c:\temp
    2. Navigate to c:\temp with a command window
    3. Execute your version of Ldifde –j “c:\temp” –f rtcdump.ldf –s yourdcname –d yourtextfromstep7
    4. The command should look like

Example from server 2012:

ldifde -j “c:\temp” -f 1.ldf -s remote42dc -d “CN=ms-RTC-SIP-Service,CN=

Schema,CN=Configuration,DC=lynckeeper,DC=info”

Please use notepad++ to “search” for the FQDN of the 2010 pool . Go in and remove the objects. Notice the GUIDs where you see the 2010 pool. Identify the Object, attribute, etc… you may update the attribute, or remove it depending on the situation. The goal is so the Lync 2010 Topology builder does not find  references to anything in the 2010 Pool

 —————————————————————————————————————————————–

 Global settings and Trusted services Removal

To break the troubleshooting into its components, we use LDP to search the global settings

 

  1. 1.       Global settings and Trusted services Removal
    1. Log into windows with enterprise admin permission
    2. Start->Run->Ldp (enter)
    3. Choose connection from the top menu then
    4. Choose connect
    5. Leave the server pop-up blank and hit connect (you should be on a DC)
    6. Go back to figure 1 and choose connection ->bind->ok
    7. Your now connected to AD- Choose View->tree from the top menu
    8. Enter dc=yourdomainname,dc=com (or for the configuration partition CN=configuration, dc=yourdomainname,dc=com)
    9. Click ok
    10. Navigate to services->RTC service
    11. Right Click Rtc Service
    12. Choose search      
    13.     Search terms are

                                                               i.         BASE DN is completed for you

                                                             ii.      Scope is     subtree

                                                            iii.      Attributes are Objectclass;name;description;Cannonicalname

                                                           iv.       Filter is (msRTCSIP-TrustedServerFQDN=SERVERFQDN)    

  1. Save the output and review the text for old server names
  2. Go to adsiedit and drill into the object where you found the old name reference.
  3. (likely configuration partition)  right click the object and go to properties
  4. In the attribute editor chose the attribute as you see it in the ldp dump
  5. Edit the Attribute to remove the old server object or replace with the new server object for the 2013 pool if appropriate.

 

 —————————————————————————————–

 Pools

 

  1. Pool removal

 

  1. Pools should only require adsiedit.
  2. Connect to configuration container
  3. Navigate to services->RTC Service ->Pools
  4. Remove any pools which are not part of your current deployment

 

 ————————————————————————————–

  Trusted MCU

 

  1. Trusted MCU removal
    1. a.       Follow same process in the steps in “global settings above”.
    2. Log into windows with enterprise admin permission
    3. Start->Run->Ldp (enter)
    4. Choose connection from the top menu then
    5. Choose connect
    6. Leave the server pop-up blank and hit connect (you should be on a DC)
    7. Go back to figure 1 and choose connection ->bind->ok
    8. Your now connected to AD- Choose View->tree from the top menu
    9. Enter dc=yourdomainname,dc=com (or for the configuration partition CN=configuration, dc=yourdomainname,dc=com)
    10. Click ok
    11. Navigate to services->RTC service
    12. Right Click Rtc Service
    13. Choose search      
    14.     Search terms are

                                                               i.         BASE DN is completed for you

                                                             ii.      Scope is     subtree

                                                            iii.      Attributes are Objectclass;name;description;Cannonicalname

                                                           iv.       Filter is (msRTCSIP-TrustedMCUFQDN=SERVERFQDN)    

  1. Save the output and review the text for old server names *
  2. Go to adsiedit and drill into the object where you found the old name reference.
  3. (likely configuration partition)  right click the object and go to properties
  4. In the attribute editor chose the attribute as you see it in the ldp dump
  5. Edit the Attribute to remove the old server object or replace with the new server object for the 2013 pool if appropriate.

 

 *Please use notepad++ to “search” for the FQDN of the 2010 pool . Go in and remove the objects. Notice the GUIDs where you see the 2010 pool. Identify the Object, attribute, etc… you may update the attribute, or remove it depending on the situation. The goal is so the Lync 2010 Topology builder does not find  references to anything in the 2010 Pool

 —————————————————————————————–

Trusted Web Component Server

 

Trusted MCU

 

  1. Trusted MCU removal
    1. a.       Follow same process in the steps in “global settings above”.
    2. Log into windows with enterprise admin permission
    3. Start->Run->Ldp (enter)
    4. Choose connection from the top menu then
    5. Choose connect
    6. Leave the server pop-up blank and hit connect (you should be on a DC)
    7. Go back to figure 1 and choose connection ->bind->ok
    8. Your now connected to AD- Choose View->tree from the top menu
    9. Enter dc=yourdomainname,dc=com (or for the configuration partition CN=configuration, dc=yourdomainname,dc=com)
    10. Click ok
    11. Navigate to services->RTC service
    12. Right Click Rtc Service
    13. Choose search      
    14.     Search terms are

                                                               i.         BASE DN is completed for you

                                                             ii.      Scope is     subtree

                                                            iii.      Attributes are Objectclass;name;description;Cannonicalname

                                                           iv.       Filter is (msRTCSIP-TrustedWebcomponentsserverFQDN=SERVERFQDN)    

  1. Save the output and review the text for old server names *
  2. Go to adsiedit and drill into the object where you found the old name reference.
  3. (likely configuration partition)  right click the object and go to properties
  4. In the attribute editor chose the attribute as you see it in the ldp dump
  5. Edit the Attribute to remove the old server object or replace with the new server object for the 2013 pool if appropriate.

 

 

 *Please use notepad++ to “search” for the FQDN of the 2010 pool . Go in and remove the objects. Notice the GUIDs where you see the 2010 pool. Identify the Object, attribute, etc… you may update the attribute, or remove it depending on the situation. The goal is so the Lync 2010 Topology builder does not find  references to anything in the 2010 Pool

Reference to this article goes to Randy Wintle. Thank you for documenting these locations as they seem to come up over and over.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s