Long Passwords Cause Beta 2 Install to Fail
An issue has been identified in the Beta 2 installer. This issue manifests itself by causing the installation of FSOCS to fail when the length of the "domain\username" is less than the length of the corresponding password field when specifying the service account credentials.
We recommend that customers use a service account with a longer username or a shorter password (taking security related complexity into account where applicable) to avoid hitting the issue noted above. This issue will be fixed and provided to TAP and CAG customers as part of the Beta 2 Refresh release.
Thanks,
ShreyS
MSFT - Forefront Service Security
All Replies
In beta 1, there is no such issue. Can you tell me why this changed in Beta 2 ?
Thanks.
DavidThe Forefront for Office Communications Server installer was updated to perform additional validation of the information provided during the setup process. One of the associated changes included adding validation to check that the supplied service account was a member of the proper domain groups (i.e. RTCUniversalServerAdmins and RTCProxyUniversalServices). The username/password issue described in this thread was introduced when this check was added. In the Beta 1 installer, this validation was not being done; as a result, if the service account was not a member of the proper groups, FSOCS may not function as expected. The Beta 2 installer performs to check to be able to inform the administrator that the condition is not met.
In addition to validation, the installer has also been updated so that it attempts to query the Notification Agent SIP server settings. On domain-joined roles (i.e. Director, Front-end, or SE) the SIP server and SIP URI will be pre-populated based on the available information in Active Directory for whatever account is specified as the user that will send IM notifications.
Thanks,
ShreyS
MSFT - Forefront Server Security
