none
Error when enabling a lync user RRS feed

  • Question

  • Hi,

    I have a multi-forest setup, with 2 forests. Let's call them forest1 and forest2. The root domain under forest1 is forest1.net and under forest2 is forest2.net. Each domain has its own set of DCs (say DC.forest1.net and DC.forest2.net).

    I am trying to provision users in forest 2 from a server in forest 1

    Now, I got lync up and running for users under forest1.net and I am able to enable users without a problem. Now we would like to enable users on forest2.net, but I run into some strange problems

    1) Getting user information

    During the deployment, some accounts in the forest2.net domain did get lync enabled (by someone else). However, when I run this cmd:

    get-csuser -DomainController "dc.forest2.net" | where {$_.Enabled -eq $True -and $_.SipAddress -ne $Null}

    I do get the users returned but the RegistrarPool is strange and I get a warning:

    WARNING: "RegistrarPool" with identity "1921221891" assigned to "sip:user1@forest2.co.uk" has been removed from configuration store
    WARNING: "RegistrarPool" with identity "63208640" assigned to "sip:user2@forest2.co.uk" has been removed from configuration store.

    The registrarpool has some very strange values in there!

    2) Enabling a new user

    I created a new user under forest2 and tried to Lync enable it

    enable-csuser -Identity "forest2\user3" -RegistrarPool "pool.forest2.net" -SipAddressType emailaddress -DomainController "dc.forest2.net"

    When I run this, enable-csuser is unable to find the registrar pool:

    Cannot find Registrar pool "pool.forest2.net" in the service assignment. Run Enable-CsTopology to update service assignments

    Again, something dodgy going on with Registrar Pools here

    Another thing to add is that the I am running these powershell commands from an account which is part of domain forest1, and the machine these commands are being run on is also under domain forest1. Everything works ok if I enable a user under the forest1 domain (btw, the forest1 domain has its own registrarpool and domain controller), the trouble is only when I run this on forest2 domain objects. 

    I need to do this setup since I am using FIM to provision users into Lync (I have written my own MA), and the FIM machine is on forest1 but it should be capable of adding Lync users to both domains.

    Hope the question is clear, I'm really stuck at this problem and not sure how to proceed further.

    Thanks in advance





    • Edited by kmittal82 Friday, August 16, 2013 11:24 AM
    Friday, August 16, 2013 10:09 AM

Answers

  • Hi

    If Microsoft Exchange Server is not deployed in a cross-forest topology, deploy and configure the Lync Server Sync tool (Lcssync).

    If Microsoft Exchange Server is deployed in a cross-forest topology, use the global address list (GAL) sync tool with the Lync Server Sync logic.

    Exchange Server uses GAL sync to synchronize contact information in the GAL between forests. In this situation, an update to the GAL sync tool is required because the identity life cycle manager server does not support the coexistence of two different synchronization agents.

    For your reference, here are steps to deploy Lync Server in a Central Forest Topology:

    1. Please configure identity life cycle manager server first so that you can import the user objects and group objects from two user forests as identity life cycle manager server metaverse objects and export the metaverse objects to the central forest as contact objects.

    2. After installing Lync Server Sync tool on the server running the identity life cycle manager, please extend the metaverse schema so the Lync Server attributes can be synchronized.3. Configure the extensions for the Lync Server 2010 Sync tool. Configuring the extensions determines how synchronization is handled for Lync Server objects that are synchronized by the identity life cycle manager.

    4. Configure the rule that determines what the identity life cycle manager server will do when a user object is deleted in a forest and how it will synchronize the deletion with the central forest. If a user object is deleted in a user forest, the corresponding contact object that is used by Lync Server in the central forest must also be deleted. Configuring the object deletion rule ensures that the identity life cycle manager server and Lync Server handle this situation correctly.

    5. Create a management agent for the Lync Server Sync tool in the central forest and each user forest.

    6. Import Active Directory Objects for Each Forest into the Connector Space.

    7. Synchronize the Metaverse with the data in the each forest.

    8. Provision the Central Forest. After synchronizing the information imported from all user forests, you export all the information from the metaverse to the central forest. This process is known as provisioning.

    9. Enabling Contacts for Lync Server 2010

    For details, you can refer to this link:

    http://technet.microsoft.com/en-us/library/gg670889(v=ocs.14).aspx


    Kent Huang
    TechNet Community Support

    • Marked as answer by Kent-Huang Thursday, August 22, 2013 9:21 AM
    Monday, August 19, 2013 8:55 AM

All replies

  • Hi

    If Microsoft Exchange Server is not deployed in a cross-forest topology, deploy and configure the Lync Server Sync tool (Lcssync).

    If Microsoft Exchange Server is deployed in a cross-forest topology, use the global address list (GAL) sync tool with the Lync Server Sync logic.

    Exchange Server uses GAL sync to synchronize contact information in the GAL between forests. In this situation, an update to the GAL sync tool is required because the identity life cycle manager server does not support the coexistence of two different synchronization agents.

    For your reference, here are steps to deploy Lync Server in a Central Forest Topology:

    1. Please configure identity life cycle manager server first so that you can import the user objects and group objects from two user forests as identity life cycle manager server metaverse objects and export the metaverse objects to the central forest as contact objects.

    2. After installing Lync Server Sync tool on the server running the identity life cycle manager, please extend the metaverse schema so the Lync Server attributes can be synchronized.3. Configure the extensions for the Lync Server 2010 Sync tool. Configuring the extensions determines how synchronization is handled for Lync Server objects that are synchronized by the identity life cycle manager.

    4. Configure the rule that determines what the identity life cycle manager server will do when a user object is deleted in a forest and how it will synchronize the deletion with the central forest. If a user object is deleted in a user forest, the corresponding contact object that is used by Lync Server in the central forest must also be deleted. Configuring the object deletion rule ensures that the identity life cycle manager server and Lync Server handle this situation correctly.

    5. Create a management agent for the Lync Server Sync tool in the central forest and each user forest.

    6. Import Active Directory Objects for Each Forest into the Connector Space.

    7. Synchronize the Metaverse with the data in the each forest.

    8. Provision the Central Forest. After synchronizing the information imported from all user forests, you export all the information from the metaverse to the central forest. This process is known as provisioning.

    9. Enabling Contacts for Lync Server 2010

    For details, you can refer to this link:

    http://technet.microsoft.com/en-us/library/gg670889(v=ocs.14).aspx


    Kent Huang
    TechNet Community Support

    • Marked as answer by Kent-Huang Thursday, August 22, 2013 9:21 AM
    Monday, August 19, 2013 8:55 AM
  • Thanks for the detailed steps Kent
    Wednesday, August 21, 2013 10:13 AM