** Update 5 see’s Microsoft re-release the server.msp security patch – confirmed working.
A client just contacted me saying they had no edge access. Internal clients were showing “Limited External Calling”.
Environment is Lync Server 2010, running on Windows 2008 R2.. This specifically affected the Edge Server role only.
Upon further inspection on the Edge Server, the services had stopped and were refusing to start. One of the errors seemed vagule certificate related.
The Lync Server Access Edge service terminated with service-specific error %%-1008193023.
I have seen similar ‘service not starting’ issues before, usually after an update, or CU where simply running Set-CsCertificate with the same thumbprint allows you to start the service again.. And it did, for the Access Edge, and suddenly federated presence worked again. But the AV Edge and AV Auth services still refused to start.
Because the Access Edge service was now running, the Lync Event Logs were showing Event ID 50007 LS AppDomain Host Process , saying that RtcHost.exe had stopped and would automatically be restarted.
Worker process exited prematurely. The process will be automatically restarted.
Process: 'D:\Program Files\Microsoft Lync Server 2010\Server\Core\RtcHost.exe' Exit Code: E0434F4D!_HRX! (No Message Text Found!_HRM!).
An unhandled exception was encountered.
Exception Details. System.NullReferenceException: Object reference not set to an instance of an object.
at Microsoft.Rtc.IIMFilter.IIMFilter.GetThrottlingConfig(Int32& messageOverloadWatermark, Int32& memoryWatermark, Int32& overloadRecalculationInterval, Int32 messagesInServer)
at Microsoft.Rtc.ApplicationService.ApplicationService.Start(EventWaitHandle shutdownEvent, RoleName roleName)
at Microsoft.Rtc.ApplicationService.ApplicationService.Main(String args)
at System.AppDomain._nExecuteAssembly(Assembly assembly, String args)
at System.AppDomain.ExecuteAssemblyByName(String assemblyName, Evidence assemblySecurity, String args)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
Also Windows Error Reporting events were flooding in too…
Error 2: Lync Server log, LS AppDomain Host Process, Event ID 50007
An unhandled exception was encountered.
Windows (didn’t) Update.
After checking the Windows Update History there were a handful of windows update that had been installed automatically (client company’s practice for servers in DMZ), which included 2x Lync Server Updates
- KB2953590 for OCSCore
- KB2982385 for Server
Downloading the LyncServerUpdateInstaller.exe from MS was able to install OCSCore successfully, but we weren’t so lucky for KB2982385 – which showed the following dialog box.
The client is currently talking to Microsoft to get an answer on this. I will update this article when I get more information.
This issue has been confirmed by a few people who commented on this article, and replied on Twitter, as well as replicated in a lab by my colleague
The certificate of the patch has been confirmed trusted, and valid on the servers trying to install them.
The UAC popup references G:\PreRelease\
Microsoft Support recommended that my client should just ignore and install the patch, however I’m not sure that is the best thing to do, getting into a routine of dismissing security warnings (even if false-positive) is a bad idea, there must be a reason it failed. Microsoft Support then recommended disabling Certificate Revocation checking in Internet Explorer.
However, the certificate contained the following CRL locations:
And they were all accessible from the server, and didn’t contain a revocation for the certificate in question, nothing failed there.
I guess the package could contain something else with another digital signature, but I still maintain a Microsoft written patch for a Microsoft product, on a Microsoft platform, should not fail to verify. Something else must be going on here.
Microsoft have removed the download to the server.msp patch file due to this ‘Known Issue’. More information will be added when available. The FAQ section of the security bulliten has been updated to include…
Why was this bulletin revised on September 15, 2014?
Microsoft revised this bulletin to address a known issue that prevented users from successfully installing security update 2982385 for Microsoft Lync Server 2010. Microsoft is investigating behavior associated with the installation of this update, and will update this bulletin when more information becomes available. As an added precaution, Microsoft has removed the download links to the 2982385 security update.
And the “Security Update for Lync 2010 (KB2982385, KB2982388)” now only includes rgs.msp
And it’s back! Microsoft have yet again updated their security bulliten for MS14-055 with the following message
Why was this bulletin revised on September 23, 2014?
Microsoft rereleased this bulletin to announce the reoffering of the 2982385 security update file (server.msp) for Microsoft Lync Server 2010. The rereleased update addresses an issue in the original offering that prevented users from successfully installing the server.msp file. Customers who attempted to install the original update will be reoffered the 2982385 update and are encouraged to apply it at the earliest opportunity.
And there has already been one confirmed case of this being installed successfully. So it looks like we’re back on track.
Feel free to let me know what happens after you’ve grabbed the latest version.
With special thanks to @tobiefysh for supplying some information, screenshots, and yet another topic for my blog 🙂