Kategoriarkiv: FAQ

Lync 2010 – Renew Certificate

Renewing Lync Certificates can be done in sort of 2 ways: the slow one (described here) or the faster one which I describe here.

Open MMC Concole on the Lync FE and localize the Certificate you want to renew – right click and select ‘all Tasks/ Renew Certificate with New Key..’
Localize_Lync_Cert

Click Next in the ‘Certificate Enrollment’ dialog and click Enroll on the ‘Request Certificates’ page
Lync_Renew_Cert

Start Lync Deployment Wizard on FE server and select ‘Step 3’ Request, Intsall or Assign Certificates and click ‘Run Again’
Lync_Deploy_cert_Assign

On the Certificate Assignment page select the renewed certificate and click Next
Lync_Deploy_Cert_Assign_Select

You can verify in IIS that certificate is updated
Verify IIS Cert

On FE start ‘Lync Server Management Shell’ and run Command ‘Stop-CsWindowsService’

Restart IIS service

On FE start ‘Lync Server Management Shell’ and run Command ‘Start-CsWindowsService’

Install renewed certificate on additional FE server and assign it with Lync Deployment Wizard

Repeat the other steps on additional FE

Netscaler – Setup LDAPS load balancing

1. First create a user in Directory / Active Directory.
2. Create a global Group to ebcome primary Group for that user, so user don not have access to domain users resources.
3. Create nsldaps.pl file according to and use winscp yo upload it to /flash/nsconfig/monitors on all nodes in cluster
4. Edit Security rights on nsldaps.pl file according to this (otherwise monitor shows Down)
nsldaps_wrong
Wrong permissions looks like this when you do ldp bind
ldp_bind_error
snapdrive service

nsldaps
4a. If service continues to be Down you can try to renew DC certificate with new key. Ldp error looks like this
ldp_connect_error
Renew DC cert with new key and verify access with ldp.exe
renew_dc_cert
4b. Create a Monitor object (under Load Balancing/Monitors) of type LDAP with these parameters
monitor
5. Create a server object (under Load Balancing/ Servers) for each Domain Controller
6. Create a Service Group containing all the server objects using port 636
7. Bind monitor object to Service Group on Monitors tab. Close dialog and open it Again. On Members tab select a node and click on ‘Monitors Details’. You can see if probe Works or not.
bind monitor
8. Bind serice Group to a LBV_server etc…
9. Test LBV_server with ldp

NetApp Snapdrive start or install error 1920

Symptom:
Snapdrive service could not start or when you try to install snapdrive it fails with error 1920 – cannot start SWsvc.exe ( web service). In the Application log you can see this event
snapdrive error 1920
and /or these
snapdrive error 1920_a

Another symptom is that service ‘Net.Tcp Port Sharing Service’ is unable to start (when you install .net 4.5 there will be a Net listener service’ as well)

I ran Process Monitor during the install and I could see that snapdrive 6.4.1 was trying to communicate with .net 3.5.1

Someone updated the server and .net and installed .net 4.5 which disables the .net 3.5.1 services. I tried removing .Net 4.5 but that did not do it. Finally I decided to remove .net 3.5.1 feature on my 2008 R2 SQL cluster node and reboot and reinstall .net 3.5.1 feature and on a fresh .net 3.5.1 install I could install and start snapdrive

.net service

snapdrive service

Netscaler – Popup: Protocol Driver Error

Symptom:
When accessing Citrix Wi through Netscaler HA pair, launcing applications Works on one of the Netscaler nodes but when you failover to the other HA node users get an ‘Unable to launch application….Protocol Driver error’ dialog box.

The cause of this can be duplicate STA IDs on STA servers in farm. Identical STA IDs can occur when you clone servers (see http://support.citrix.com/proddocs/topic/xenapp5fp-w2k8/ps-install-config-clone-task-v2.html bullet 13) from VM template and if XML service starts before the NIC (you should set XML service to delayed start on template). When users connect on the first node they get a ticket from STA – when you failover netscaler flips the order of the STA’s and users will ask the STA with duplicate ID about the ticket, but the second STA does not know about the Tiket and refuses connection.

Netscaler - protocol driver error

see http://www.michelstevelmans.com/creating-unique-sta-id-xenapp-6-provisioning/ for powershell script to change STA ID. For convenience you can copy the script from here:
—Script Start—
# Change XenApp 6 STA ID to MAC Address
# Created by Michel Stevelmans – http://www.michelstevelmans.com

# Set location of CtxSta.config file
$Location = “${env:ProgramFiles(x86)}\Citrix\system32\CtxSta.config”

# Get the MAC address of the first NIC
$Nics = Get-WmiObject -Class Win32_NetworkAdapterConfiguration -Filter “IpEnabled = TRUE”
foreach ($Nic in $Nics)
{
$Mac = $Nic.MacAddress
Break
}

# Remove colons from MAC Address
$Sta = $Mac.Replace(“:”, “”)

# Replace STA ID with MAC Address
(Get-Content $Location) | Foreach-Object {$_ -replace ‘^UID=.+$’, “UID=STA$Sta”} | Set-Content $Location

# Restart Citrix XML Service
Restart-Service CtxHTTP
—Script End—