Wednesday, December 26, 2018

Lync Front Service hangs on "starting" status on Lync 2013 Servers.

The common cause of Lync FE servers service to hang is related to non self-assigned certificates found on the Trusted Root Certificate store. Lync servers does use HTTP/s to communicate each other and the issue mentioned will break this behavior. Until such certs removed, FE service wont come back to its health state.

Step # 1
 Identify the certs causing this issue, run below PS from problem Lync FE Server.


# Script : Non_Self_Assigned_Certs-Scan.ps1
# Created : ISE 3.0
# Author(s) : casey.dedeal
# Date : 12/26/2018  
# Org : ETC Solutions
# File Name :
# Comments :
# Assumptions :
Acknowledgements : Open license
Limitations : None
Known issues : None
Credits : None
(1)_.Adding Vars
(2)_.Check Log Folder create one if ! exist
(3)_.Scan Local Machine Trusted Root Certs Store
(4)_.Open File
Cleanup all Certs listed on the log file.
Certs could be pushed via GPO, if that is the case
You will have find the GPO and make sure, problems
Cers have been removed from Policy.



#(1)_.Adding Vars

$Fname = "None-Self-Certs-Report.txt"
$TargetFolder = "C:\temp\Logs\"
$file = $TargetFolder + $Fname

#(2)_.Check Log Folder create one if ! exist

if(!(Test-Path -Path $TargetFolder))


write-host "()_Creating Target Folder" -f Yellow
New-Item -ItemType directory -Path $TargetFolder


#(3)_.Scan Local Machone Trusted Root Certs Store

$Report = Get-Childitem cert:\LocalMachine\root -Recurse |`
?{$_.Issuer -ne $_.Subject} | fl *
$Report | Out-File


Step # 2
Delete the problem certificates from Trusted root store, it is easy to identify these certificates as
"Issued From" and "Issues To" wont match. Check to make sure these certs are not getting pushed via GPO if so, you will need to make sure such GPO is cleared out.

Step # 3
Reboot FE server and make sure FE service comes up. Check event logs to make sure related event logs are cleared.

Related KB

Casey, Dedeal
Principal Systems Engineer

Tuesday, July 17, 2018

Exchange Transport Service stops after installing July 2018 Updates

After installing Windows security updates KB4338823 and KB4338818, Transport service on Exchange 2010 Sp3 servers will stop processing mail. When this article is written MS has confirm this as an issue (bug) and confirmed the patch is on its way. Both updates seem to be causing issues with TCP/IP stack which then affects Exchange application, transport issues.

As of now you should uninstall both updates and wait for MS to come up with another KB which KB4338823 and KB4338818 broke at the first time.

Oz Casey, Dedeal

Principal Systems Engineer  (blog) (blog) (blog) (Twitter)

Friday, June 8, 2018

Windows 2012 R2. The File Replication Service has Stopped after taking an assertion failure.

On the Domain controller event logs 13505 13555, 13506 present as shown below. NTFRS service could be in stopped state and re-starting NTFRS service will cause it to fail.

The issue most likely caused by corruption on the FRS Jet database or its Jet database log file


Cause: Corruption within NTFRS database or with logs.

Solution: Make sure NTFRS service is stopped.

1. Navigate to NTFRS folder directory

2. Rename folder to OLD-NTFRS

3. Re-start NTFRS Service

4. Observe the service and event logs


Oz Casey, Dedeal

Principal Systems Engineer  (blog) (blog) (blog) (Twitter)

Tuesday, May 1, 2018

Installing newest CU and dealing with .NET upgrade

Microsoft has dropped out Service pack model and start using cumulative updates (CU) while back.

You can read more about it on this article. If you are not on the latest CU , most of the last living on premises clients will not be wanting to implement latest CU on their on prem Exchange Servers, due to it is buggy reputation. Remember how many times newest CU broke Exchange more than it claimed to fix. You need to make sure .NET frame work is supported by the version of Exchange + CU version you have. Very recently, I have encounter interesting finding, what MS is recommending. Here is an example, you are running E2016 on prem with CU7 and wanting to go to CU8, and the latest CU version is CU9. MS did recommend CU8 has caused so many issues therefore CU9 is more applicable. At the time this article is written, there are no known major issues with CU9.

This year July the 1th upcoming CUs will require .NET 4.7.1, so you would think your upgrade logic will tell you install CU9 then upgrade .NET to 4.7.1. Since .NET 4.7.1 is not supported by CU7 installing it first would cause issues? I thought so as well. The recommended update path for those who are on E2016 & CU7 is Install .NET 4.7.1 first, reboot, then install CU9 (assuming you wanted to skip the buggy CU8)

I found this interesting and worth for mentioning about it. You can read similar verbiage on the .NET section of this article if you need MS backing.


Oz Casey, Dedeal

Principal Systems Engineer  (blog) (blog) (blog) (Twitter)

Sunday, April 1, 2018

Enable Circular logging Lync Fabric logs

In this article we will talk about Lync Fabric logs and now to enable circular logging to keep your drive going out of space madness. If you are reading this article, most likely you ran into similar issues.

To enable circular logging, you will need to use following steps

1. log onto Lync FE server via Remote Desktop Protocol (RDP)

2. Make a right click on Windows PowerShell and select | Run as Administrator | press enter

3. Accept UAC warning by clicking yes

4. On the elevated PowerShell command prompt type following | and press enter

cd 'C:\ProgramData\Windows Fabric\Fabric\log\Traces'


Type following command and press | enter

Logman update trace FabricLeaseLayerTraces -f bincirc --cnf

6. From PowerShell type | Perfmon | press enter | navigate to following section within the Performance Monitor MMC.

7. Expand Data Collector Sets | Expand User Defined | Select Fabric Traces |

8. Make a right click on |Fabric Logs| and select | Stop|


9. Go back to | C:\ProgramData\Windows Fabric\Fabric\log\Traces | location

10. From command line type | Explorer .\ | press enter to open the log directory on GUI


11. Highlight all the existing ELT files and delete them.

12. Go back to Performance monitor snap in

13. This time select | Fabric Traces | on the right pane and make a right click select properties

14. Click File tab on top and locate Circular check box under log mode section


15. Make sure | Circular (requires a non-zero maximum file size) is selected, and is set to ENABLED.

16. If not enable it


17. Make a right click on the | Fabric Traces | click on start


Note: You will need to perform same work on all the Lync FE Servers.

Oz Casey, Dedeal

Senior Systems Engineer (Blog) (Blog) (Twitter)

Tuesday, February 27, 2018

Adjust Exchange 2016 Mailbox Move Historical Information.

In large environments mailbox moves are nature of the business. For various reasons mailboxes will be moved around and each time this occurs MRS will keep last two move history logs for a given mailbox. When this information is overwritten you could end-up losing important data and this might have adverse effects to create confusions on your recovery efforts. To remediate the issue, we will adjust “MSExchangeMailboxReplication.exe.config” file to ensure we are retaining 20 moves historical information.

It could be ideal for to change these settings depending on your scenario. The settings define move history is kept within the “MSExchangeMailboxReplication.exe.config” file acceptable values are from 0 to 100 (Default is 2)

Implementation Plan:

Log onto your Exchange 2016 Server. Use your Exchange Administrator account on the logon

Click Windows tile then

Navigate to following directory

D:\Program Files\Microsoft\Exchange Server\V15\Bin

Locate “MSExchangeMailboxReplication.exe.config” file

1. Make a right click and select edit

2. Press CTRL + F key to bring up Find menu and type “MaxMoveHistoryLength”

3. Press enter

4. Under MRSConfiguration locate the entry “  MaxMoveHistoryLength="2”

5. Change the number from 2 to a desired number. We will make it 20  in our scenario

6. Click File on top and select “Save” then exit.



Oz Casey, Dedeal

Systems Engineer (Blog) (Blog) (Twitter)