none
Cannot generate addressbook: Failed to save Web Ticket Signing certificate to the file store

    Question

  • Hi all,

    I have a problem in my Lync enterprise. We cannot seem to get the addressbook te generate. We get the following error:

    Log Name:      Lync Server
    Source:        LS Web Components Server
    Date:          17-2-2011 11:36:06
    Event ID:      4101
    Task Category: (1074)
    Level:         Error
    Keywords:      Classic
    User:          N/A
    Computer:      xxx
    Description:
    Failed to save Web Ticket Signing certificate to the file store.

    Certificate file path: \\xxx\lyncserver\1-WebServices-1\WebAuthStore\WebT_Sign-51DB231FCB5A34D05010091242E9AEBE83426E9D.cer, exception details: System.IO.IOException: The account used is a computer account. Use your global user account or local user account to access this server.

       at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
       at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy)
       at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy)
       at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share)
       at System.IO.File.Open(String path, FileMode mode, FileAccess access, FileShare share)
       at Microsoft.Rtc.Internal.WebServicesAuthFramework.WebTicketKeyStore.InitSigningCredentials().
    Resolution:
    Ensure that file store is available and Web Ticket service account can access it.
    Event Xml:
    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
      <System>
        <Provider Name="LS Web Components Server" />
        <EventID Qualifiers="50226">4101</EventID>
        <Level>2</Level>
        <Task>1074</Task>
        <Keywords>0x80000000000000</Keywords>
        <TimeCreated SystemTime="2011-02-17T10:36:06.000000000Z" />
        <EventRecordID>10342</EventRecordID>
        <Channel>Lync Server</Channel>
        <Computer>xxx</Computer>
        <Security />
      </System>
      <EventData>
        <Data>\\xxx\lyncserver\1-WebServices-1\WebAuthStore\WebT_Sign-51DB231FCB5A34D05010091242E9AEBE83426E9D.cer</Data>
        <Data>System.IO.IOException: The account used is a computer account. Use your global user account or local user account to access this server.

       at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
       at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy)
       at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy)
       at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share)
       at System.IO.File.Open(String path, FileMode mode, FileAccess access, FileShare share)
       at Microsoft.Rtc.Internal.WebServicesAuthFramework.WebTicketKeyStore.InitSigningCredentials()</Data>
      </EventData>
    </Event>

    The critical part seems to be: The account used is a computer account. Use your global user account or local user account to access this server.

    I have tried giving some application pools different credentials in IIS without succes.. Any help appreciated!

    • Edited by Franck Vader Thursday, February 17, 2011 10:50 AM changed titl
    Thursday, February 17, 2011 10:40 AM

All replies

  • Hi,

    "Ensure that file store is available and Web Ticket service account can access it."

    So you have to check the permission of file store, would you please check following thread which have the same issue as yours.

    http://social.technet.microsoft.com/Forums/en-US/ocsaddressbook/thread/9f27de9f-f9a9-4b83-a4fe-1e8b052a59a1


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
    Friday, February 18, 2011 7:36 AM
  • Hmm we are using a netapp storage device (CIFS) that hosts the share... I will check with the storage guys. They told me they set everything to everyone for the share. Thank you so far, I'll be back when i know more ;)

    <edit>

    Is there a way to make the service use a user account?

    <\edit>

    Tuesday, February 22, 2011 12:27 PM
  • I have moved the share to a Server 2008 R2 machine, with everyone in NTFS and share permissions... i stil get the same error:

    Address Book Server has encountered an unexpected exception.

    Exception: The account used is a computer account. Use your global user account or local user account to access this server.

    Exception Type: System.IO.IOException

    at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)

    at System.IO.Directory.InternalCreateDirectory(String fullPath, String path, DirectorySecurity dirSecurity)

    at System.IO.Directory.CreateDirectory(String path, DirectorySecurity directorySecurity)

    at Microsoft.Rtc.ABServer.ABServer.ReadContactsFromSqlAndWriteToOutput(NormalizeRuleSet normalizationRules, SqlConnection sqlConnection, List`1 sinks)

    at Microsoft.Rtc.ABServer.ABServer.Synchronize()

    Cause: Internal Error

    Resolution:

    Contact Product Support Services.

    Tuesday, February 22, 2011 1:19 PM
  • Hi,

    From this information "The account used is a computer account. Use your global user account or local user account to access this server", would you please give full access permission on file store to try again?


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
    Thursday, February 24, 2011 2:23 AM
  • Any update on this ?

    I have the exact same issue (LyncShare on NetApp)...

    Wednesday, February 08, 2012 12:42 PM
  • It's possibly you need to add Change rights for the Everyone Group on the DFS permissions.

    http://jaworskiblog.com/2012/03/30/using-dfs-for-publishing-the-lync-file-share/


    http://jaworskiblog.com

    Friday, March 30, 2012 2:28 PM