You can do a dbimpexp from Lync 2010 to a xml file. Lync 2013 does not use dbimpexp more, but have a native import-csuserdata.

These two commands does not use the same fileformat – this is where convert-csuserdata can help. This command convert from dbimpexp xml format to the zip(xml) format used by import-csuserdata.

convert-csuserdata -PoolFqdn Lyncpool.test.local -InputFile FromLync2010.xml -OutFile ToLync2013.zip -TargetVersion Current

TargetVersion can be “Current” or “Lync2010” so this command can be used to convert between the two Versions.

Issue:

Abserver.exe in Lync crashes every 4 minutes.

Event ID 12330:Failed starting a worker process. Process: ‘C:\Program Files\Microsoft Lync Server 2010\Server\Core\ABServer.exe’ Exit Code: C3E8302D!_HRX! (The worker process failed to initialize itself in the maximum allowable time.!_HRM!). Cause: This could happen due to low resource conditions or insufficient privileges.

Resolution: Try restarting the server. If the problem persists contact Product Support Services.

Event ID12331: Worker process exited prematurely. The process will be automatically restarted. Process: ‘C:\Program Files\Microsoft Lync Server 2010\Server\Core\ABServer.exe’ Exit Code: 0!_HRX! (The operation completed successfully. !_HRM!).

This can happen after a Lync server update (done via Windows updates). I had to run the Lync setup and update roles. After doing so these events disappeard from the server.

At some time Lync edge server stopped replicating changes in configuration. Also a “get-csmanagementstorereplicationstatus” show False on Edge server.

Investigation shows that the firewall has not changed and you can telnet from frontend to edge on port 4443.

Alse got the same error in systemlog on edge server :

Description: When asking for client authentication, this server sends a list of trusted certification authorities to the client. The client uses this list to choose a client certificate that is trusted by the server. Currently, this server trusts so many certification authorities that the list has grown too long. This list has thus been truncated. The administrator of this machine should review the certification authorities trusted for client authentication and remove those that do not really need to be trusted. 

The reason for this is the http://support.microsoft.com/kb/931125 update. This resulted in a trusted root ca list of 357 items. Solution is to configure server to not send trusted ca list to client (in this case another server).

Value name: SendTrustedIssuerList
Value type: REG_DWORD
Value data: 0 (False)

Then I did a “invoke-csmanagementstorereplication” just to verify that replication now occurs.

After update to Root Sertificates ( KB931125) http://support.microsoft.com/kb/931125 You are constantly getting Warning in the eventlog. Also Lync Phones will be unable to sign in. The error message on the phone is that the “Registrar FQDN could not be resolved”.

UPDATED: On new Phones you will only get a message that login failed when trying to sign-in using extension and PIN.

On the Lync Frontend server:

Event Type: Warning
Event Source: Schannel
Event Category: None
Event ID: 36885
Date: date
Time: time
User:
Computer: COMPUTERNAME
Description: When asking for client authentication, this server sends a list of trusted certification authorities to the client. The client uses this list to choose a client certificate that is trusted by the server. Currently, this server trusts so many certification authorities that the list has grown too long. This list has thus been truncated. The administrator of this machine should review the certification authorities trusted for client authentication and remove those that do not really need to be trusted.

The solution to this is to make the Lync server to not send the trusted root certification authority list.

Value name: SendTrustedIssuerList
Value type: REG_DWORD
Value data: 0 (False)

This will be a problem for all services that requies client certificates thereby it could be a problem is you run NAC. 

Atle