none
After restoring AD to Hyper-V, started getting this error on Lync FE RRS feed

  • Question

  • Few days ago, my Hyper-V server lost power connection and when I turned it back on I started receiving the error "LS Address Book and Distribution List Expansion Web Service" was unable to start. 

    Lync services like file sharing, white board, poll were not working, so I had to restore a 1 day old backup from Lync, but problem remained until I decided to restore a copy of DC backup and the error was gone and all Lync services are working properly however, I started receiving this new error. 

    User Replicator error 30011

    Encountered an unrecognized error while processing users from a domain. This error caused User Replicator to abort synchronization of this domain.  Synchronization will be retried for this domain.  If this domain is not enabled for Lync Server, then this error can be ignored.

    Domain: tesas.com (DN: CN=Configuration,DC=domain,DC=com) Error: 53 (Unwilling To Perform)
    Cause: The cause for this error can vary. Please review the errors listed above.

    Resolution:

    Contact support services if the error is not descriptive enough to remedy the problem.

    Does this affect the way Lync works ? Is there anyway to solve this ? 

    I'm thinking of demoting Lync FE from the domain and re-join it! would that work with no issues? 

    Thanks for your comments 


    Mohammed JH

    Tuesday, July 17, 2012 7:06 AM

Answers

  • Ok, Confirmed after switching on the old "original" Virtual machine instead of the backup one! Lync is working properly and now I don't even see the User Replicator error  event at all. 

    I will make sure to never backup AD using Hyper-V,  NTbackup is one of the supported AD backup tools to create backup of AD. 

    Thanks for all your contributions.


    Mohammed JH

    • Marked as answer by moh10ly Tuesday, July 17, 2012 7:43 PM
    Tuesday, July 17, 2012 7:43 PM

All replies

  • Just run the Lync Management Shell cmdlet.

    Set-CsUserReplicatorConfiguration -Identity global -ADDomainNamingContextList @{Add="dc=fabrikam,dc=com"}

    So you add domain names list and limit the Domains queried, after it 30011 errors in the event log should disappear.
    Here http://technet.microsoft.com/en-us/library/gg398540.aspx  details.


    If answer is helpful, please mark as answer or hit the green arrow on the left.

    • Proposed as answer by Alexey Filatov Tuesday, July 17, 2012 10:11 AM
    Tuesday, July 17, 2012 10:11 AM
  • Shouldn't not include the CN=configuration part too ?

    I have done it the way you have pasted it! and will wait for the next hour, the error seems to be generated every 20 minutes. 

    If it passed without any issues for the next hour, I should be considering your reply as an answer.

    thanks a lot


    Mohammed JH

    Tuesday, July 17, 2012 10:58 AM
  • The error is not gone! It persists still every 20 mins! Is there any other way around this ? 

    Thanks


    Mohammed JH

    Tuesday, July 17, 2012 11:38 AM
  • Try to run Domain Prep again. 

    Thank you.

    Tuesday, July 17, 2012 12:17 PM
  • How do I do so ? The button is grayed out on the Lync Deployment wizard! 

    Mohammed JH

    Tuesday, July 17, 2012 12:28 PM
  • Sorry, I guess I was thinking about OCS. 

    Not sure how you do it in Lync.  Try Enable-CsAdDomain PowerShell command.

    Thank you.

    Tuesday, July 17, 2012 12:36 PM
  • I did and it returned an error Warning: Enable-CsAddomain failed.

    warning detailed results can be found at "html page". I'm posting what's in this page.


    Error: Cannot find any domain controllers in domain "mydomain.com".
    ▼ Details
    └ Type: ApplicationException
    └ ▼ Stack Trace
        └   at Microsoft.Rtc.Management.ADConnect.Connection.DirectoryServicesTopologyProvider.FindDomainController(Domain domain, String site, NetworkCredential credential)
    at Microsoft.Rtc.Management.ADConnect.Connection.DirectoryServicesTopologyProvider.FindDomainController(Domain domain, String site, NetworkCredential credential)
    at Microsoft.Rtc.Management.ADConnect.Connection.DirectoryServicesTopologyProvider.GetDCForDomain(String fqdn, NetworkCredential networkCredential)
    at Microsoft.Rtc.Management.ADConnect.Connection.DirectoryServicesTopologyProvider.DiscoverDC()
    at Microsoft.Rtc.Management.ADConnect.Connection.DirectoryServicesTopologyProvider..ctor()
    at Microsoft.Rtc.Management.ADConnect.Connection.TopologyProvider.InitializeInstance()
    at Microsoft.Rtc.Management.ADConnect.Connection.TopologyProvider.GetInstance()
    at Microsoft.Rtc.Management.ADConnect.Session.ADSession.GetRootDomainNamingContext()
    at Microsoft.Rtc.Management.Deployment.Core.DeploymentCommon.GetRootDomain(DeploymentContext context)
    at Microsoft.Rtc.Management.Deployment.LcForest.Init()
    at Microsoft.Rtc.Management.Deployment.Tasks.ForestStateCheckTask.Action()
    at Microsoft.Rtc.Management.Internal.Utilities.LogWriter.InvokeAndLog(Action action)
    └ ▼ Additional Details
        └  
    Error: Domain controller not found in the domain "mydomain.com".
    ▼ Details
    └ Type: ActiveDirectoryObjectNotFoundException
    └ ▼ Stack Trace
        └   at System.DirectoryServices.ActiveDirectory.DomainController.FindOneInternal(DirectoryContext context, String domainName, String siteName, LocatorOptions flag)
    at Microsoft.Rtc.Management.ADConnect.Connection.DirectoryServicesTopologyProvider.FindDomainController(Domain domain, String site, NetworkCredential credential) 7/17/2012 3:41:14 PM Error
     └ Error: An error occurred: "System.ApplicationException" "Cannot find any domain controllers in domain "mydomain.com"."


    Mohammed JH

    Tuesday, July 17, 2012 12:44 PM
  • BTW, on Active directory on my DC I'm receiving the following error under ActiveDirectory_domainservice with task category "Replication"! Could that be related ? 

    During an Active Directory Domain Services replication request, the local domain controller (DC) identified an untrusted client which has received replication data from the local DC using already-acknowledged USN tracking numbers. Read-only DCs and DirSync clients are examples of untrusted clients.
     
     Because the client believes it is has a more up-to-date Active Directory Domain Services database than the local DC, the client will not apply future changes to its copy of the Active Directory Domain Services database or replicate them to its direct and transitive replication partners that originate from this local DC.
     
     If not resolved immediately, this scenario will result in inconsistencies in the Active Directory Domain Services databases of this source DC and one or more direct and transitive replication partners. Specifically the consistency of users, computers and trust relationships, their passwords, security groups, security group memberships and other Active Directory Domain Services configuration data may vary, affecting the ability to log on, find objects of interest and perform other critical operations.
     
     To determine if this misconfiguration exists, query this event ID using http://support.microsoft.com or contact your Microsoft product support.
     
     The most probable cause of this situation is the improper restore of Active Directory Domain Services on the local domain controller or the remote Read-Only domain controller.
     
     User Actions:
     If this situation occurred because of an improper or unintended restore, forcibly demote the affected DC. 
     
    Untrusted client:
    00000000-0000-0000-0000-000000000000 (DNS Host Name: N/A) 
    Partition:
    DC=mydomain,DC=com 
    USN reported by non-DC client:
    151627 
    USN reported by Local DC:
    139607 


    Mohammed JH

    Tuesday, July 17, 2012 12:48 PM
  • Yes, it is important.  Your problem is not with Lync, it is with Active Directory itself. I believe that when you fix this, your Lync should start working.

    Thank you.

    Tuesday, July 17, 2012 12:56 PM
  • I have shutdown the old AD (Original one) and thinking now of restoring it since I have seen some comments related to this error that it might be due to recovering AD with an unsupported recovery tool.

    I will apply this night as our Lync is running on a production environment and can't do it during day time. I will let you know what happens then.

    Thanks a lot for your help 


    Mohammed JH

    Tuesday, July 17, 2012 12:59 PM
  • Be sure you know what you are doing.  It can get much worse.  Maybe you'd better contact Microsoft for help.

    Thank you.

    Tuesday, July 17, 2012 1:34 PM
  • Ok, Confirmed after switching on the old "original" Virtual machine instead of the backup one! Lync is working properly and now I don't even see the User Replicator error  event at all. 

    I will make sure to never backup AD using Hyper-V,  NTbackup is one of the supported AD backup tools to create backup of AD. 

    Thanks for all your contributions.


    Mohammed JH

    • Marked as answer by moh10ly Tuesday, July 17, 2012 7:43 PM
    Tuesday, July 17, 2012 7:43 PM