Contact Us

Removing stale Lync references from AD

Published by

Paul Bloem

on


Problem

The old Lync 2010 ServerPool was discovered when running ExchUCUtil. The image below depicts the 2 Pools I was expecting to see 1:2 and 1:1 BUT I wasn’t expecting 1:4.

So when Lync is initially deployed a bunch of references are made in AD, of course if you remove Lync from the environment and don’t do so gracefully then a bunch of unwanted references are ..still in AD.
 So far I haven’t seen any other issues due to AD objects still referencing the old Lync 2010 Pool other than whats seen in the screen shot above, but (not being OCD of course) it needs to go as its messing with my Nirvana.

Solution

A deep dive into AD to remove the reference to the Lync 2010 ServerPool showing up here as 1:4. 

ADSIEdit to the rescue in this case. We will need to find the specific references which will refer to servers and pools in Global Settings, Pools, Trusted MCUs, Trusted Services and Trusted WebComponentsServers.

So lets go and find these references then..
Open LDP by typing ldp in the run box and click OK

In the Connection window type the name of your DC in the Server Box and click OK





Select Connection – Bind





You need to Bind as a valid user,either use the currently logged on user, or specify an account with credentials

Next we need to view the tree
















The BaseDN will depend on where the information is stored as follows:-
  • DC=domain,DC=com (information in System Container)
  • CN=Configuration,DC=Domain,DC=COM (information in Configuration

We need to drill down to the RTC Service container. Just a note that when you first see this view there is no indication that the container objects can be expanded, go ahead and double click on them anyway 🙂



We can now search for the old server references. Right click on the RTC Service container and select search

















Enter the following string in the Filter box (replacing the OldServerFQDN with the actual FQDN of the old server)

(msRTCSIP-TrustedServerFQDN=OldServerFQDN)

NOTEReturn to this step and do another search using the following 2 string formats to find Trusted Server and Trusted Web components:-

msRTCSIP-TrustedMCUFQDN=OldServerFQDN)
msRTCSIP-TrustedWebComponentsServerFQDN=OldServerFQDN)


Be sure to select Subtree so it searches all the trees below this entry. Then click run.

The search should return results in the righthand pane.

TIP
You can easily spot the results as they start with ***Searching…

In the image below you will notice that my environment found 2 entries


Be sure to make note of these results because they will be required to find them in ADSIEdit.

Next we will open ADSIEdit and connect to the configuration. The path to each CN is noted in the search we did just before so it really simple to find them.


In my example above I found both the containers and the 1:4 that was discovered when setting up UM (bonus..)

WARNING
Before deleting each of these review them by looking at the properties and confirming that they are OK to delete. A tell tale is the references to the individual services and the machines they run on seen in the differentTrustedServicePort and ServiceType attributes

To delete simply navigate to the full DN, right click and select delete

At this point you could return to the search in ldp and perform additional searches for Trusted Server and Trusted Web components.


Running ExchUCUtil now shows just what I expected..


1:4 Gone!
Peace restored

Leave a comment

Previous Post
Next Post

A WordPress.com Website.