Troubleshooting the Central Forest Topology
Microsoft Office Communications Server 2007 and Microsoft Office Communications Server 2007 R2 will reach end of support on January 9, 2018. To stay supported, you will need to upgrade. For more information, see Resources to help you upgrade your Office 2007 servers and clients.
Use this section to help troubleshoot problems that you may encounter. For general Microsoft Identity Integration Server (MIIS) information, go to https://www.microsoft.com/windowsserversystem/miis2003/techinfo/default.mspx.
Note
NTLM must be used to authenticate contacts in the central forest. Using Kerberos or NTLM and Kerberos for authentication of contacts in the central forest is not supported.
Issues
Issue: SIP-enabled contact object cannot sign in
Resolution: Check the client logs
If a 401error appears in the logs, there may be an authentication problem.
Check the contact object with LDP.exe, and ensure all SIP attributes are populated and msRTCSIP-OriginatorSid is set for all contact objects. Otherwise, authentication will fail.
If the contact is not created properly, check the MIIS logs.
If needed, set the Lcssync logging level to 3, as explained earlier in Deploying Office Communications Server Sync Tool, in Step 1 Configure MIIS. Resynchronize the contact to confirm why the contact object is not being created.
Verify that credentials (user name and password) from the original user forest are used. If the central forest is in the Contoso domain, and the user object is replicated from the Northwind Traders domain to Contoso as a contact object, Northwind Traders credentials must be used to sign in to the domain.
Check the cross-forest trust relationship. The central forest must trust incoming credentials from the user forest.
Verify that you are not using Kerberos or a combination of Kerberos and NTLM as your authentication protocol in the central forest. You must only use the NTLM protocol.
If client receives a 404 error, there is a replication problem.
Verify that the contact object is properly SIP-enabled and that it exists in the Office Communications Server 2007 database.
Use Dbanalyze.exe, which is available in the Microsoft Office Communications Server 2007 Resource Kit, to get the user report for this particular user. Ensure that the user exists in the database.
Check Office Communications Server logs for "RTC User Replicator" errors or warnings.
Communicator Log Files
Use the Communicator log files to troubleshoot client issues.
Open the files communicator0.log and Communicator-uccp-0.log found under <Drive>:\Documents and Settings\%User%\Tracing.
MIIS Errors
Table 3 lists common Microsoft Identity Integration Server (MIIS) errors and describes the possible cause and resolution.
Table 3 Common MIIS Errors
| Error Constant | Description |
|---|---|
no-start-no-domain-controller |
The run step failed to start because the domain controller could not be contacted by the server. The next step in the run profile will not run and obsolete data will not be removed. If an import step returned this value, the next step will not be attempted again and any placeholder objects will not be removed. Verify that the domain controller is connected to the network. If this string is the value for the MIIS_ManagementAgent.RunStatus property, then a run step is not currently running but a run step did run in the past. |
no-start-no-partition-delete |
The run step failed to start because domain or naming context was deleted. The next step in the run profile will not run and obsolete data will not be removed. If an import run step returned this value, the next step will not be retried and any placeholder objects will not be removed. Verify that the specified partition still exists. If this string is the value for the MIIS_ManagementAgent.RunStatus property, then a run step is not currently running but a run step did run in the past. |
Table 3 Common MIIS Errors
no-start-partition-not-configured |
The run step failed to start because the required partition is not selected in the management agent properties Configure Directory Partitions dialog box. The next step in the run profile will not run and obsolete data will not be removed. If an import step returned this value, the next step will not be retried and placeholder objects will not be removed. Verify that the appropriate partition is selected. For more information, see "Configure directory partitions" in Microsoft Identity Integration Server 2003 Help. If this string is the value for the MIIS_ManagementAgent.RunStatus property, then a run step is not currently running but a run step did run in the past. |
no-start-partition-rename |
The run step failed to start because the selected partition in the Configure Directory Partitions dialog box of the management agent properties was renamed. Verify that the appropriate partition is selected. For more information, see "Configure directory partitions" in Microsoft Identity Integration Server 2003 Help. If this string is the value for the MIIS_ManagementAgent.RunStatus property, then a run step is not currently running but a run step did run in the past. |
stopped-extension-dll-file-not-found |
The run step stopped because the specified assembly name could not be found. The next step in the run profile will not run and obsolete data will not be removed. If an import step returned this value, the step will not be attempted again and placeholder objects will not be removed. Check the event log for the assembly name that the server was trying to load. Next, in Properties, in the Configure Rules Extensions dialog box of the management agent or in Configure Rules Extensions on the Metaverse Rules Extensions tab, specify the correct assembly name to prevent this return value. For more information, see "Configure Rules Extensions" for management agent rule extensions or "Configure Provisioning for Metaverse Rule Extensions" in Microsoft Identity Integration Server 2003 Help. If this string is the value for the MIIS_ManagementAgent.RunStatus property, then a run step is not currently running but a run step did run in the past. |
stopped-server |
This error can be returned when Microsoft SQL Server® database software is stopped and you are trying to run Management Agents. The run step stopped because of an unknown server error. The next step in the run profile will not run and obsolete data will not be removed. If an import step returned this value, the processing of retries and cleanup of placeholder objects is canceled. Resolve the server error. If this string is the value for the MIIS_ManagementAgent.RunStatus property, then a run step is not currently running but a run step did run in the past. |
stopped-out-of-memory |
The run step stopped because of insufficient server memory. The next step in the run profile will not run and obsolete data will not be removed. If an import run step returned this value, the processing of retries and cleanup of placeholder objects is canceled. Increase the server memory. |
stopped-extension-dll-load |
The run step stopped because the specified assembly name cannot be loaded due to an unknown error. The next step in the run profile will not run and obsolete data will not be removed. If an import run step returned this value, the processing of retries and cleanup of placeholder objects is canceled. Check the event log for the assembly name that the server was trying to load. |