Tuesday, January 8, 2019

How to Renew Expires Office Web Apps Server SSL Certificate



If you want trouble, then let Lync certificates expire and struggle to figure out how to bring the service up and running. Office WebApp servers will provide, PowerPoint presentation capabilities to Skype clients and you will quickly notice the existed function is no longer working due to not having valid certificate and Office Web Apps service won’t come up.
Issue:

Office Web Apps Service is not starting (Service name: WACSM) Lync PowerShell commands won’t run due to same issues, and will fail with following warnings. “-OfficeWebAppsFarm: It does not appear that this machine is part of an Office Web Apps Server farm. “Assuming you did not change any other setting, your server is part of existing Web Apps Server, the PS command won’t run due to WACSM service issues listed earlier.
Fixing the issue:

  1. Copy new certificate to first Web Apps Server C:\temp drive
  2. Log onto first Web Apps Server via RDP
  3. Open MMC console and add certificates snap-in, on the certificates Local computer | Personal | Certificates, delete expired certificate and import new one.
  4. Take a note of certificate name (Issued to)
  5. Close MMC.
  6. Open following directory (\ProgramData\Microsoft\OfficeWebApps\Data\FarmState\settings.xml)
  7. Open Setting.xm file with notepad
  8. Locate following line and make sure Certificate name matches the imported certificate name.
  9. Server1.SecuredNinja.com
(SettingName="CertificateName"DataType="System.String">Server1.SecuredNinja.com")






  1. Close XML file
  2. Restart Office Web Apps Service (Service name: WACSM)







Casey, Dedeal
Principal Systems Engineer

Wednesday, December 26, 2018

Lync Front Service hangs on "starting" status on Lync 2013 Servers.



The common cause of Lync FE servers service to hang is related to non self-assigned certificates found on the Trusted Root Certificate store. Lync servers does use HTTP/s to communicate each other and the issue mentioned will break this behavior. Until such certs removed, FE service wont come back to its health state.


Step # 1
 Identify the certs causing this issue, run below PS from problem Lync FE Server.




 
<#



.NOTES
#=============================================
# Script : Non_Self_Assigned_Certs-Scan.ps1
# Created : ISE 3.0
# Author(s) : casey.dedeal
# Date : 12/26/2018  
# Org : ETC Solutions
# File Name :
# Comments :
# Assumptions :
#==============================================
SYNOPSIS :
DESCRIPTION :
Acknowledgements : Open license
Limitations : None
Known issues : None
Credits : None
.EXAMPLE
.\Non_Self_Assigned_Certs-Scan.ps1
MAP:
-----------
(1)_.Adding Vars
(2)_.Check Log Folder create one if ! exist
(3)_.Scan Local Machine Trusted Root Certs Store
(4)_.Open File
Cleanup all Certs listed on the log file.
Certs could be pushed via GPO, if that is the case
You will have find the GPO and make sure, problems
Cers have been removed from Policy.


#>



 

#(1)_.Adding Vars


$Fname = "None-Self-Certs-Report.txt"
$TargetFolder = "C:\temp\Logs\"
$file = $TargetFolder + $Fname



#(2)_.Check Log Folder create one if ! exist


if(!(Test-Path -Path $TargetFolder))


{

write-host "()_Creating Target Folder" -f Yellow
New-Item -ItemType directory -Path $TargetFolder

}

#(3)_.Scan Local Machone Trusted Root Certs Store


$Report = Get-Childitem cert:\LocalMachine\root -Recurse |`
?{$_.Issuer -ne $_.Subject} | fl *
$Report | Out-File


 


Step # 2
Delete the problem certificates from Trusted root store, it is easy to identify these certificates as
"Issued From" and "Issues To" wont match. Check to make sure these certs are not getting pushed via GPO if so, you will need to make sure such GPO is cleared out.


Step # 3
Reboot FE server and make sure FE service comes up. Check event logs to make sure related event logs are cleared.


Related KB


Casey, Dedeal
Principal Systems Engineer





Tuesday, July 17, 2018

Exchange Transport Service stops after installing July 2018 Updates


After installing Windows security updates KB4338823 and KB4338818, Transport service on Exchange 2010 Sp3 servers will stop processing mail. When this article is written MS has confirm this as an issue (bug) and confirmed the patch is on its way. Both updates seem to be causing issues with TCP/IP stack which then affects Exchange application, transport issues.

As of now you should uninstall both updates and wait for MS to come up with another KB which KB4338823 and KB4338818 broke at the first time.


Oz Casey, Dedeal

Principal Systems Engineer

https://simplepowershell.blogspot.com/  (blog)

https://smtp25.blogspot.com/ (blog)

https://telnet25.wordpress.com/ (blog)

https://twitter.com/Message_Talk (Twitter)

Friday, June 8, 2018

Windows 2012 R2. The File Replication Service has Stopped after taking an assertion failure.

On the Domain controller event logs 13505 13555, 13506 present as shown below. NTFRS service could be in stopped state and re-starting NTFRS service will cause it to fail.

The issue most likely caused by corruption on the FRS Jet database or its Jet database log file

clip_image002

Cause: Corruption within NTFRS database or with logs.

Solution: Make sure NTFRS service is stopped.

1. Navigate to NTFRS folder directory

2. Rename folder to OLD-NTFRS

3. Re-start NTFRS Service

4. Observe the service and event logs

clip_image004

Oz Casey, Dedeal

Principal Systems Engineer

https://simplepowershell.blogspot.com/  (blog)

https://smtp25.blogspot.com/ (blog)

https://telnet25.wordpress.com/ (blog)

https://twitter.com/Message_Talk (Twitter)