When installing Lync server 2013  this error bugged me.

What could be wrong. with SqlExpress? Tried installing “sqlexpr_64.exe” from the DVD and here is my problem.

Something went wrong when I downloaded the ISO image. Deleted the downloaded imaged and did a new download. After mounting the image I ran setup.exe and the same error appeared. I then remembered that Lync setup copies setup files to the cache. Deleted Lync setup cache directory from “C:\ProgramData\Microsoft\Lync Server\Deployment”. After this the install ran perfectly.

You can do a dbimpexp from Lync 2010 to a xml file. Lync 2013 does not use dbimpexp more, but have a native import-csuserdata.

These two commands does not use the same fileformat – this is where convert-csuserdata can help. This command convert from dbimpexp xml format to the zip(xml) format used by import-csuserdata.

convert-csuserdata -PoolFqdn Lyncpool.test.local -InputFile FromLync2010.xml -OutFile ToLync2013.zip -TargetVersion Current

TargetVersion can be “Current” or “Lync2010” so this command can be used to convert between the two Versions.

Issue:

Abserver.exe in Lync crashes every 4 minutes.

Event ID 12330:Failed starting a worker process. Process: ‘C:\Program Files\Microsoft Lync Server 2010\Server\Core\ABServer.exe’ Exit Code: C3E8302D!_HRX! (The worker process failed to initialize itself in the maximum allowable time.!_HRM!). Cause: This could happen due to low resource conditions or insufficient privileges.

Resolution: Try restarting the server. If the problem persists contact Product Support Services.

Event ID12331: Worker process exited prematurely. The process will be automatically restarted. Process: ‘C:\Program Files\Microsoft Lync Server 2010\Server\Core\ABServer.exe’ Exit Code: 0!_HRX! (The operation completed successfully. !_HRM!).

This can happen after a Lync server update (done via Windows updates). I had to run the Lync setup and update roles. After doing so these events disappeard from the server.

At some time Lync edge server stopped replicating changes in configuration. Also a “get-csmanagementstorereplicationstatus” show False on Edge server.

Investigation shows that the firewall has not changed and you can telnet from frontend to edge on port 4443.

Alse got the same error in systemlog on edge server :

Description: When asking for client authentication, this server sends a list of trusted certification authorities to the client. The client uses this list to choose a client certificate that is trusted by the server. Currently, this server trusts so many certification authorities that the list has grown too long. This list has thus been truncated. The administrator of this machine should review the certification authorities trusted for client authentication and remove those that do not really need to be trusted. 

The reason for this is the http://support.microsoft.com/kb/931125 update. This resulted in a trusted root ca list of 357 items. Solution is to configure server to not send trusted ca list to client (in this case another server).

Value name: SendTrustedIssuerList
Value type: REG_DWORD
Value data: 0 (False)

Then I did a “invoke-csmanagementstorereplication” just to verify that replication now occurs.

After update to Root Sertificates ( KB931125) http://support.microsoft.com/kb/931125 You are constantly getting Warning in the eventlog. Also Lync Phones will be unable to sign in. The error message on the phone is that the “Registrar FQDN could not be resolved”.

UPDATED: On new Phones you will only get a message that login failed when trying to sign-in using extension and PIN.

On the Lync Frontend server:

Event Type: Warning
Event Source: Schannel
Event Category: None
Event ID: 36885
Date: date
Time: time
User:
Computer: COMPUTERNAME
Description: When asking for client authentication, this server sends a list of trusted certification authorities to the client. The client uses this list to choose a client certificate that is trusted by the server. Currently, this server trusts so many certification authorities that the list has grown too long. This list has thus been truncated. The administrator of this machine should review the certification authorities trusted for client authentication and remove those that do not really need to be trusted.

The solution to this is to make the Lync server to not send the trusted root certification authority list.

Value name: SendTrustedIssuerList
Value type: REG_DWORD
Value data: 0 (False)

This will be a problem for all services that requies client certificates thereby it could be a problem is you run NAC. 

Atle

Needed one AD group that contained all Lync enabled users. Here this  group is called “A-Lync” 

import-module lync
Import-Module activedirectory
$lu=get-csuser
$lu|ForEach-Object{
    $_.Samaccountname
    Add-ADPrincipalGroupMembership -MemberOf A-Lync -Identity $_.Samaccountname
}

Nice document from Microsoft about delegation on Lync Phone Device.

http://www.microsoft.com/en-us/download/details.aspx?id=34593

To enable HD Video:

Set-CsMediaConfiguration -Identity:Global -MaxVideoRateAllowed HD720p15m

(You can select one of 3 different resolutions : CIF250K, VGA600K (the default), and last the HD resolution Hd720p15M)

Enable-cstopology

Restart Lync frontend services.

When installing Lync server 2013 on a Windows server 2012 I got a missing prerequisite.

All you have to do is to install the “Windows Identity Foundation” feature.

Powershell: Add-WindowsFeature Windows-Identity-Foundation

To install all of required Windows features :

import-module servermanager
add-windowsfeature telnet-client,RSAT-ADDS,net-framework-45-core,windows-identity-foundation,Web-Static-Content,Web-Default-Doc,Web-Http-Errors,web-asp-net,web-asp-net45,Web-Net-Ext,Web-ISAPI-Ext,web-isapi-filter,Web-Http-Logging,Web-Log-Libraries,Web-Http-Tracing,Web-Windows-Auth,Web-Filtering,Web-Stat-Compression,Web-Dyn-Compression,Web-Mgmt-Console,Web-Scripting-Tools,Web-Client-Auth,server-media-foundation,MSMQ-Server,MSMQ-Directory,NET-WCF-HTTP-Activation45

 To add “add-windowsfeature Web-Asp-Net,Web-Net-Ext ” your computer needs access to internet.

After some time using Bing I have manged to do this. Thanks to :

http://ucken.blogspot.no/2012/02/re-routing-incoming-calls-to.html 

I wanted the caller that is blocked to get a announcment.

Step 1. Install Microsot Lync Server 2010/2013 SDK.

Step 2. Create a announcement using new-csannouncement.

New-CsAnnouncement -Identity “Applicationserver:server.contoso.com” -Name “NumberBlocked” -TextToSpeechPrompt “Sorry, Your call has been restricted” -Language “en-US” -whatif

Step 3. Create a unassigned number entry in Lync CP. I used +4787654321 as an example. assigning the announcement from step 2

Step 4. Create a BlockedNumbers.txt file on the Lync FE server share. Adding numbers and action ” +4712345678,block”, one on each line.

Step 5. Add the block/reroute script to “C:\Program Files\Microsoft Lync Server 2010\Server\Core”. Called my scripte CallerIDfilter.am (attached file) Remember to edit the file. Replace entries with your unassigned number,fileshare and domain in the manifest part and contact entry.

Step 6. You could run the “compilespl.exe  CallerIDFilter.am” to validate that it does not contain any compilatio errors.

Step 7. Register the CallerIDfilter.am with the lync pool. :

New-CsServerApplication -Identity “registrar:lyncpool.contoso.com/CallerIDFilter” -Uri http://www.contoso.com/CallerIDFilter  -ScriptName “CallerIDFilter.am” -Critical $False -Enabled $True -Priority 2

CallerIDFilter.am (2,22 kb)