Today I was bugged Down with a problem on a migration job from 2010 to 2013. After prep, topology design and deployment of the new 2013 pool – with no specific warnings of what was to come – I ran into this issue with the Address Book Server.
After the above mentioned progress I decided to check Event Viewer for any problems before moving some test users to the new pool. One error immediately stood out, repeatedly:
Some research told me that this could both point to File Store permissions or SQL database permissions.
At first I ruled out the File Store, because I knew (and confirmed) that I had assigned the proper Security Groups full Access to the share, in accordance with i.e. Matthew Landis’ blog (http://windowspbx.blogspot.no/2012/07/step-by-step-installing-lync-server.html):
Since it was a Win Srv 2012, I even did a “Effective Permissions” check within the ABFiles folder:
I also checked the SQL, and made sure that the same Security Groups had access to the rtcab database.
Re-running the TB publishing process, running Enable-CsTopology or restarting the server made no difference – although they sometimes do fix Access rights related problems. Reaching out to my colleagues for a tip I got a suggestion to try giving “Everyone” full Access to the File Store (not needed, but to see if there was some undocumented Access rights that were missing). And it worked!
Then another colleague pointed me to Jeff Schertz’ recent blog post on the File Store, http://blog.schertz.name/2013/03/breaking-down-lync-file-share/. As he Points out, there are some local (to the server) Security Groups that needs to be enabled rights:
|RTC Local Administrators||Change|
|RTC Local Config Replicator||Change|
|RTC Server Local Group||Change|
|RTC Component Local Group||Change|
So, removing the “Everyone” group’s permissions and adding the RTC Local… Groups still makes the ABServer run just fine!
Although the initial setup should add the necessary Access rights on the File Store, in case you struggle with it – make sure these are all present.