To determine what is replicating and what is not, run the following command. Scroll down to the output below for lynccedge2.pipe2text.com and you will notice the UpToDate value is False and LastStatusReport is blank<\/p>\n
PS C:Userspipe2text> Get-CsManagementStoreReplicationStatus<\/p>\n
UpToDate : True<\/p>\n
ReplicaFqdn : lyncfe1.pipe2text.com<\/p>\n
LastStatusReport : 3\/18\/2014 10:29:55 AM<\/p>\n
LastUpdateCreation : 3\/18\/2014 10:29:49 AM<\/p>\n
ProductVersion : 5.0.8308.0<\/p>\n
UpToDate : True<\/p>\n
ReplicaFqdn : lynccedge1.pipe2text.com<\/p>\n
LastStatusReport : 3\/18\/2014 10:29:59 AM<\/p>\n
LastUpdateCreation : 3\/18\/2014 10:29:49 AM<\/p>\n
ProductVersion : 5.0.8308.0<\/p>\n
UpToDate : True<\/p>\n
ReplicaFqdn : lyncfe2.pipe2text.com<\/p>\n
LastStatusReport : 3\/18\/2014 10:29:54 AM<\/p>\n
LastUpdateCreation : 3\/18\/2014 10:29:49 AM<\/p>\n
ProductVersion : 5.0.8308.0<\/p>\n
UpToDate : False<\/p>\n
ReplicaFqdn : lyncedge2.pipe2text.com<\/p>\n
LastStatusReport :<\/p>\n
LastUpdateCreation : 3\/18\/2014 10:29:49 AM<\/p>\n
ProductVersion : 5.0.8308.0<\/p>\n
UpToDate : False<\/p>\n
ReplicaFqdn : lyncedge2.pipe2text.com<\/p>\n
LastStatusReport :<\/p>\n
LastUpdateCreation : 3\/18\/2014 10:29:49 AM<\/p>\n
ProductVersion : 5.0.8308.0<\/p>\n
Force Replication<\/span><\/strong><\/span><\/strong><\/p>\n Ran the following command from one of the Front End Servers<\/p>\n PS C:\\Usersp2tuser> Invoke-CsManagementStoreReplication<\/p>\n We watched the eventlogs on the CMS Master server we ran this from. All event logs that related to \u201creplication\u201d came back clean no errors. So we ran Get-CsManagementStoreReplicationStatus again:<\/p>\n UpToDate : False<\/p>\n ReplicaFqdn : lyncedge2.pipe2text.com<\/p>\n LastStatusReport :<\/p>\n LastUpdateCreation : 3\/18\/2014 10:49:37 AM<\/p>\n ProductVersion : 5.0.8308.0<\/p>\n Still showing \u201cFalse\u201d<\/p>\n Check Topology<\/span><\/strong><\/span><\/strong><\/p>\n Went back to the Topology Builder and took note of the name that was entered when we added the server to the topology. It was spelled correctly and all lower case. Logged back into the server and checked the computer name, also all in lower case. Then verified all the FQDN\u2019s in the certificate we applied. Again all in lower case. I stress this point because we found articles that indicated the names specified in the topology had to match the server name, even the case. Not sure it would\u2019ve mattered in the end but everything lined up.<\/p>\n lyncedge2.pipe2text.com<\/p>\n Domain Suffix<\/span><\/strong><\/span><\/strong><\/p>\n As the Edge server is not joined to the domain a domain suffix doesn\u2019t get applied. Went back into the Computer Name settings on the Edge Server to double check we had manually added this in. If you specify the fqdn in topology builder but the computer name is just lyncedge2 without the pipe2text.com you will have an issue. This will also cause an issue when you run \u201cSetup or Remove Lync Server Components<\/em>\u201d<\/em><\/p>\n Firewall<\/span><\/strong><\/span><\/strong><\/p>\n Generally when I\u2019ve had a Lync issue between the Front End and Edge Servers its firewall related. So we ran a test from every Front End server to lyncedge2.pipe2text.com<\/p>\n telnet lyncedge2.pipe2text.com 4443<\/p>\n Connected successfully from each Front End Server. No issues there<\/p>\n Services<\/span><\/strong><\/span><\/strong><\/p>\n Verified all of the services on the Front End Servers were started. Restarted the \u201cReplicator\u201d Services on all FE servers<\/p>\n Verified all of the services on the Edge Servers were started. Restarted the \u201cReplicator\u201d Services on all Edge servers<\/p>\n In addition the Edge server was rebooted. Still not working<\/p>\n Certificates<\/span><\/strong><\/span><\/strong><\/p>\n Verified all certificates were valid and not expired and applied correctly via the Deployment Wizard \u2013 Request, Install, or Assign Certificates console.<\/p>\n All certificates applied were correct and matched exactly what was installed on our other Edge server which was replicating successfully.<\/p>\n Re-apply and Re-install<\/span><\/strong><\/span><\/strong><\/p>\n Just for the sake of trying something we re-published the Lync Topology. It completed successfully. Then we exported the Topology from one of the FE servers and imported it into the broken Edge Server again.<\/p>\n The command to export the topology file from your Front End Server is the following. Change the directory to your liking.<\/p>\n Export-CsConfiguration -FileName c:\\lynctopologyexport.zip<\/p>\n The<\/em>n we re-ran \u201cSetup or Remove Lync Server Components<\/em>\u201d<\/em><\/p>\n No Issues with the re-install<\/em><\/p>\n Re-ran Get-CsManagementStoreReplicationStatus and got the following:<\/p>\n UpToDate : False<\/p>\n ReplicaFqdn : lyncedge2.pipe2text.com<\/p>\n LastStatusReport :<\/p>\n LastUpdateCreation : 3\/18\/2014 3:45:22 PM<\/p>\n ProductVersion : 5.0.8308.0<\/p>\n Invoked replication again.<\/p>\n Still showing \u201cFalse\u201d<\/p>\n Logging<\/span><\/strong><\/span><\/strong><\/p>\n At this point everything is configured properly and has been verified. We decided to run some additional Logging\/Tracing tests on the Edge server. We installed Microsoft Lync Server 2013 Debugging Tools.<\/p>\n http:\/\/www.microsoft.com\/en-us\/download\/details.aspx?id=35453<\/a><\/p>\n Opened up the Logging Tool and selected \u201cXDS_Replica_Replicator\u201d, chose all for \u201cLevel\u201d and put a check in \u201cAll Flags<\/p>\n Clicked on start logging and ran the Invoke-CsManagementStoreReplication command from the one of our FE servers. Waited about a minute or so and stopped the logging. Clicked on Analyze Log Files.<\/p>\n Typed the word certificate into the search box and got the following results.<\/p>\n TL_ERROR(TF_COMPONENT) [0]197C.1A7C::03\/18\/2014-21:36:30.903.0000000d (XDS_Replica_Replicator,ReplicationWebService.ValidateMessageSender:replicationwebservice.cs(213))(0000000000456E68)Invalid certificate presented by remote source lync1.pipe2text.com in cluster lyncpool.pipe2text.com. Details: No match.<\/p>\n So we\u2019ve narrowed it down to a certificate issue as you can see from the logs. So to figure out the cause we proceeded to do the following:<\/p>\n -Checked the certificate on lync1.pipe2text.com and it was valid.<\/p>\n -Opened up the certificate stores on both systems.<\/p>\n -On lyncedge2.pipe2text.com we had GeoTrust certificates<\/p>\n -On lync1.pipe2text.com we had used Verisign certificates (hmmm)<\/p>\n -On lync1.pipe2text.com there were Verisign and Geotrust Intermediate and Root Certs.<\/p>\n -On lyncedge2.pipe2text.com there were only Geotrust Intermediate and Root Certs. No Symantec Intermediate and Root Certs<\/p>\n **Certificate chain cannot be verified**<\/p>\n -Exported the Verisign Intermediate and Root Certs certificates from lync1.pipe2text.com<\/p>\n -Imported them into the Intermediate and Root Cert stores on lyncedge2.pipe2text.com<\/p>\n -Restarted the Lync Replication services on the FE Servers and the Edge Server<\/p>\n – Re-ran Get-CsManagementStoreReplicationStatus and got the following:<\/p>\n UpToDate : True<\/p>\n ReplicaFqdn : lyncedge2.pipe2text.com<\/p>\n LastStatusReport : 3\/18\/2014 5:19:14 AM<\/p>\n LastUpdateCreation : 3\/18\/2014 5:19:14 AM<\/p>\n ProductVersion : 5.0.8308.0<\/p>\n","protected":false},"excerpt":{"rendered":" We recently added a new Edge server to a pre-existing Lync 2013 Edge pool in our primary site. For purposed of this article the problem edge server is named \u201clyncedge2.pipe2text.com\u201d. No matter what we tried we could not get the … Continue reading ![\"\"](\"https:\/\/pipe2text.com\/wp-content\/plugins..\/..\/uploads\/media\/lync-certificate\/image1.png\")
<\/p>\n![\"\"](\"https:\/\/pipe2text.com\/wp-content\/plugins..\/..\/uploads\/media\/lync-certificate\/image2.png\")
<\/p>\n![\"\"](\"https:\/\/pipe2text.com\/wp-content\/plugins..\/..\/uploads\/media\/lync-certificate\/image3.png\")
<\/p>\n![\"\"](\"https:\/\/pipe2text.com\/wp-content\/plugins..\/..\/uploads\/media\/lync-certificate\/image4.png\")
<\/span><\/strong><\/p>\n![\"\"](\"https:\/\/pipe2text.com\/wp-content\/plugins..\/..\/uploads\/media\/lync-certificate\/image5.png\")
<\/p>\n![\"\"](\"https:\/\/pipe2text.com\/wp-content\/plugins..\/..\/uploads\/media\/lync-certificate\/image6.png\")
<\/p>\n![\"\"](\"https:\/\/pipe2text.com\/wp-content\/plugins..\/..\/uploads\/media\/lync-certificate\/image7.png\")
<\/p>\n![\"\"](\"https:\/\/pipe2text.com\/wp-content\/plugins..\/..\/uploads\/media\/lync-certificate\/image8.png\")
<\/p>\n![\"\"](\"https:\/\/pipe2text.com\/wp-content\/plugins..\/..\/uploads\/media\/lync-certificate\/image9.png\")
<\/p>\n![\"\"](\"https:\/\/pipe2text.com\/wp-content\/plugins..\/..\/uploads\/media\/lync-certificate\/image10.png\")
<\/p>\n![\"\"](\"https:\/\/pipe2text.com\/wp-content\/plugins..\/..\/uploads\/media\/lync-certificate\/image11.png\")
<\/a><\/p>\n