Lync Server 2013 and Address Book Server issue

Today I was bugged Down with a problem on a migration job from 2010 to 2013. After prep, topology design and deployment of the new 2013 pool – with no specific warnings of what was to come – I ran into this issue with the Address Book Server.

After the above mentioned progress I decided to check Event Viewer for any problems before moving some test users to the new pool. One error immediately stood out, repeatedly:
Event Viewer ABS error
Some research told me that this could both point to File Store permissions or SQL database permissions.
At first I ruled out the File Store, because I knew (and confirmed) that I had assigned the proper Security Groups full Access to the share, in accordance with i.e. Matthew Landis’ blog (http://windowspbx.blogspot.no/2012/07/step-by-step-installing-lync-server.html):
File Store Security Groups
Since it was a Win Srv 2012, I even did a “Effective Permissions” check within the ABFiles folder:
Effective Permisssions

I also checked the SQL, and made sure that the same Security Groups had access to the rtcab database.

Re-running the TB publishing process, running Enable-CsTopology or restarting the server made no difference – although they sometimes do fix Access rights related problems. Reaching out to my colleagues for a tip I got a suggestion to try giving “Everyone” full Access to the File Store (not needed, but to see if there was some undocumented Access rights that were missing). And it worked!

Then another colleague pointed me to Jeff Schertz’ recent blog post on the File Store, http://blog.schertz.name/2013/03/breaking-down-lync-file-share/. As he Points out, there are some local (to the server) Security Groups that needs to be enabled rights:

Principal Access
NETWORK SERVICE Change
RTCHSUniversalServices Change
RTCComponentUniversalServices Change
RTCUniversalServerAdmins Change
RTCUniversalConfigReplicator Change
RTC Local Administrators Change
RTC Local Config Replicator Change
RTC Server Local Group Change
RTC Component Local Group Change

So, removing the “Everyone” group’s permissions and adding the RTC Local… Groups still makes the ABServer run just fine!

Although the initial setup should add the necessary Access rights on the File Store, in case you struggle with it – make sure these are all present.

Advertisements

3 thoughts on “Lync Server 2013 and Address Book Server issue

  1. Mars Blog artikler fra Atea konsulenter – LyncAtea.no

  2. My question is, where is the best location to put File share for Lync 2013 deployment. UIn my environment I created a DFS separate server and everything works fine?

    • I don’t think there is a simple correct answer to that, other than “it depends”; it depends on whether you have a file share set up for Your Company already, and that is being backed up and everything; it depends on the type of solution, Standard or Enterprise, in the latter case you cannot set up the file share on the Lync Front End itself etc etc.
      Using a DFS share will work just fine and does introduce some redundancy feature as well.

      Rune

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s