Monday, March 25, 2013

(A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.

I was deploying a Lync Server Director in a Multi-Tenant configuration after i assigned the certificate a went to start the services, the Front-End services couldn't start with the following errors

Log Name:      Lync Server
Source:        LS Protocol Stack
Date:          3/12/2013 1:52:06 PM
Event ID:      14397
Task Category: (1001)
Level:         Warning
Keywords:      Classic
User:          N/A
Computer:      Lync Director FQDN
Description:
A configured certificate could not be loaded from store. The serial number is attached for reference.
Extended Error Code: 0x800B0109 (A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.).
Event Xml:
http://schemas.microsoft.com/win/2004/08/events/event
">
 
   
    14397
    3
    1001
    0x80000000000000
   
    58
    Lync Server
    Lync Director FQDN
   
 

 
    0x800B0109
    A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.
    AD5CEFED0AA77CC23B0B247DCF82F208
 

========================================================================Log Name:      Lync Server
Source:        LS Protocol Stack
Date:          3/12/2013 1:52:06 PM
Event ID:      14359
Task Category: (1001)
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      Lync Director FQDN
Description:
Unable to use the default outgoing certificate.
Error 0x800B0109 (A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.).
Cause: The certificate may have been deleted or may be invalid, or permissions are not set correctly.
Resolution:
Ensure that a valid certificate is present in the local computer certificate store. Also ensure that the server has sufficient privileges to access the store.
Event Xml:
http://schemas.microsoft.com/win/2004/08/events/event
">
 
   
    14359
    2
    1001
    0x80000000000000
   
    59
    Lync Server
    Lync Director FQDN
   
 

 
    0x800B0109
    A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.
 


I installed an Inetermediate CA certificate from the certificate provider and the Front-End Service started successfully, the strange thing is that I didn't face this issue with the Front-End servers so I was pulling my hair out and looking into different directions!!

SQLServerAgent could not be started (reason: Unable to connect to server 'ServerName\Instancename'; SQLServerAgent cannot start).

Hello,

At one of the environments i faced a very strange issue, i was working on SQL Server cluster that was working fine, but for some reason i have to perform a failover, all the resources and services were restarted successfully except for the SQL Server Agent service... looking at the system logs of the vent viewer i found the following error, Event ID 103 "
SQLServerAgent could not be started (reason: Unable to connect to server 'ServerName\Instancename'; SQLServerAgent cannot start)."

Log Name:      Application
Source:        SQLAgent$InstaceName
Date:          3/20/2013 3:29:58 PM
Event ID:      103
Task Category: Service Control
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      ServerName
Description:
SQLServerAgent could not be started (reason: Unable to connect to server 'ServerName\InstanceName'; SQLServerAgent cannot start).
Event Xml:
http://schemas.microsoft.com/win/2004/08/events/event
">
 
   
    103
    2
    2
    0x80000000000000
   
    22958
    Application
    ServeraName
   
 

 
    Unable to connect to server 'ServerName\InstanceName'; SQLServerAgent cannot start
 

A quick search on the Internet yielded some forum posts that talk about permission on the SQL drives, and this was not my case.
After some troubleshooting i looked at the account used by the SQL Server Agent Service, the account was OK, but looking at SQL server logs i fount the root cause !
Login failed for user 'Domain\ServiceAccount'. Reason: The account is disabled. [CLIENT: IP Address]
looking at the SQL logins I found out that the login for this account has been disabled by the DBA !!! :(

enabling the account solved the  problem and the service can start successfully

Regards
Amr

Thursday, October 11, 2012

the networkmanager has not yet been initialized

I faced a very strange case with Exchange DAG, I was doing a site resiliency test I failed over to the DR site successfully and then I failed back to the main site, after failing back I found that the DAG was in a state that looks like split brain syndrome although the DAG was running in DAC mode.

the symptoms were as follows:

From the DR mailbox server:
  • Cluster Console only showed this node while the active nodes were not present.
  • From EMC the copies on the DR server were healthy.

From the Main site mailbox servers:
  • Cluster console showed the three nodes but the DR node was stopped, and the option to start it was grayed out.
  • From EMC the copies on the DR server were failed.

The fix was as follows:
  •  run the following command: Cluster     /forcecleanup
  • Then run the following: Start-DatabaseAvailabilityGroup "DAGname" -MailboxServer  "DRNodeName"
  • After the first command you will find that the DR node can see the other nodes in the cluster console, but the DR node will be stopped, so run the second command to start it.
     

    That's It !

    No static address matched networks "Cluster Network Name" . Specified static addresses: x.x.x.x

    While I was working on a DAG with separate MAPI and Replication Networks whenever I  make any changes to DAG like running start-DatabaseAvailabilityGroup or Set-DatabaseAvailabilityGroup I get the following warning message:

    "No static address matched networks "Cluster Network". Specified static addresses: x.x.x.x".

    The Cluster Network was the Replication Network whose subnet is different than that of the DAG IP addresses.


    Seems that Exchange wanted to utilize this network for MAPI traffic. Although When I run the command get-DatabaseAvailabilityGroupNetwork I find that MAPIEnabled is false on the replication network.

    when I compared the cluster networks of this DAG with another healthy DAG I found that the checkbox "allow clients to connect through this network" was checked.

    when I uncheck it, it gets checked by itself again  !.

    The reason was that one of the DAG members had the "register this connection's address in dns" checkbox checked.

    After unchecking this check box, the "allow clients to connect through this network"  checkbox was unchecked by itself and the warning message went away!

    MAPI makes me Happy :)

    Tuesday, September 18, 2012

    Outook 2010 Ribbon diappeared after installing and uninstalling of office 365 on demand

    I had a very strange issue, i  installed Microsoft office 365 on demand and then uninstalled it, after that i found that the ribbon completely disappeared from Outlook 2010, reparing or re-installing Outlook 2010 didn't help, after a bit of googling i found this TechNet forum post, http://social.technet.microsoft.com/Forums/en-US/outlook/thread/8578021b-f34b-4d2f-9f7a-fa15674aa998/

    all you have to do is as follows:
    1. Close Outlook


    2. Go to Start-Run type in Regedit

    3. Navigate to HKEY_CLASSES_ROOT\TypeLib\{2DF8D04C-5BFA-101B-BDE5-00AA0044DE52}

    4. Right click on the 2.5 and 2,7 regkeys and choose Export. Save this export to your desktop for now so we have a backup.

    5. Now once that is backed up right click on the 2.5 and 2.7 regkeys and choose delete.

    6. Launch Outlook, outlook will start in repair mode after that Outlook should work well and the ribbon should appear !



    Thursday, July 19, 2012

    sharing failed to connect due to network issues. Try again later.

    I faced an issue with Lync Application Sharing and File Transfers, where on of the users was Internal and the other was external, the sharing failed with the following message (sharing failed to connect due to network issues. Try again later.)

    After investigation this was found to be caused by a firewall on the client, it was caused by Kaspersky Internet Security, so always make sure to turn off any firewall on the client computer.

    Exchange 2013 and Lync 2013 Previews are now released !

    Microsoft has released the Previews for Exchange Server 2013 and Lync server 2013, seems there are big architectural changes in Exchange server, as the TechNet documentation lists only two roles for Exchange Server (Mailbox and CAS), the architecture seems similar to Exchange 2003 as the CAS is also responsible for routing E-mails !.

    you can find the links here: