locked
Activer Directory prepartion completed partly RRS feed

  • Question

  • I have a running S4B environment with multiple FE servers + edge pools. Everything works fine for a long time, but when publishing topology last time, I got to an error that domain is not prepared.

    In deployment wizard I see that AD is prepared only partly and step 5: Prepare Current Domain is not completed.

    My question is, can I re-run step5 in AD preparation without doing any damage to running system? I did not find any documentation what exactly it does except it sets ACEs for S4B groups. But can it hurt running system?

    thanks.


    Thursday, November 7, 2019 1:35 PM

All replies

  • Hi karels,

    What do you do before the last time publishing topology?

    In my research, you could verify the following conditions again:

    1. Open adsiedit.msc and connect to the Schema container to verify that the various ‘ms-RTC-SIP…’ schema attributes have been created.
    2. Run dsa.msc to open “Active Directory Users and Computers” and then browse to the default Users container. Look for a number of groups starting with ‘CS’ and ‘RTC’ in their names.

    In order to know more clearly about this issue, please provide us the error message.

    Best Regards,
    Jimmy Yang

    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.


    Friday, November 8, 2019 8:47 AM
  • Hi, thanks for reply.

    AD team did some changes to AD, but they say they did no change to Skype groups and users.

    1 - ms-RTC-SIP attributes are present

    2 - CS and RTC groups are there, CS groups = 11, RTC groups = 13

    Error message during publishing is:

    System.Management.Automation.CmdletInvocationException: Cannot continue because Active Directory has not been prepared yet. ---> Microsoft.Rtc.Management.Deployment.ActiveDirectoryException: Cannot continue because Active Directory has not been prepared yet.
       at System.Management.Automation.MshCommandRuntime.ThrowTerminatingError(ErrorRecord errorRecord)
       --- End of inner exception stack trace ---
       at System.Management.Automation.Internal.PipelineProcessor.SynchronousExecuteEnumerate(Object input, Hashtable errorResults, Boolean enumerate)
       at System.Management.Automation.Runspaces.LocalPipeline.InvokeHelper()
       at System.Management.Automation.Runspaces.LocalPipeline.InvokeThreadProc()
    Failed

    In Deployment wizard, there is point 1,2,3,4 complete, Step 5 is not Completed.

    Friday, November 8, 2019 2:01 PM
  • Hi karels,

    Have you tried re-run Step 5 in AD preparation?

    Before you prepare Current Domain, check if you meet the following prerequisites:

    1)You are logged on as a member of the Domain Admins group in the domain that you are preparing.

    2)The function levels of the Active Directory forest and domain are set to Windows Server 2003 or higher.

    Best Regards,
    Jimmy Yang

    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.
    Tuesday, November 12, 2019 10:11 AM
  • Hello,

    thanks for reply.

    That was my original question, if I can re-run step 5 without damaging running environment.

    Tuesday, November 12, 2019 2:13 PM
  • Hi karels,

    From your previous description, it seems that this issue happened after you did some changes to AD.

    So could you tell me more details about how you changed AD? And this can help me narrow down the issue.

    Thanks a lot!

    Best Regards,
    Jimmy Yang

    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.

    Friday, November 15, 2019 9:13 AM
  • Hi karels,
    Is there any update on this case?
    Please feel free to drop us a note if there is any update.
    Have a nice day!

    Best Regards,
    Jimmy Yang

    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.
    Monday, November 25, 2019 9:04 AM
  • Here I will provide a brief and temporary summary of this post.

    <Issue Symptom>:

    Users Environment: Skype for Business environment with multiple Front End Server + Edge Pools.

    When publishing topology last time got an error that domain is not prepared and AD is prepared only partly.

    <Possible cause>:

    1. The various ‘ms-RTC-SIP…’ schema attributes have not been created.

    2. Missing a number of groups starting with ‘CS’ and ‘RTC’ in their names.

    3.not logged on as a member of the Domain Admins group in the domain that you are preparing

    4. The function levels of the Active Directory forest and domain are not set to Windows Server 2003 or higher.

    <Troubleshooting so far>

    Re-run step5 in AD preparation

    Here I will provide a brief and temporary summary of this post.

    <Issue Symptom>:

    Users Environment: Skype for Business environment with multiple Front End Server + Edge Pools.

    When publishing topology last time got an error that domain is not prepared and AD is prepared only partly.

    <Possible cause>:

    1.Open adsiedit.msc and connect to the Schema container to verify that the various ‘ms-RTC-SIP…’ schema attributes have been created.

    2. Run dsa.msc to open “Active Directory Users and Computers” and then browse to the default Users container. Look for a number of groups starting with ‘CS’ and ‘RTC’ in their names.

    3.not logged on as a member of the Domain Admins group in the domain that you are preparing

    4. The function levels of the Active Directory forest and domain are not set to Windows Server 2003 or higher.

    <Troubleshooting so far>

    Re-run step5 in AD preparation

    Best Regards,
    Jimmy Yang

    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.

    Wednesday, December 4, 2019 2:51 PM