Removing stale Lync references from AD


Problem

The old Lync 2010 ServerPool was discovered when running ExchUCUtil. The image below depicts the 2 Pools I was expecting to see 1:2 and 1:1 BUT I wasn’t expecting 1:4.

So when Lync is initially deployed a bunch of references are made in AD, of course if you remove Lync from the environment and don’t do so gracefully then a bunch of unwanted references are ..still in AD.
 So far I haven’t seen any other issues due to AD objects still referencing the old Lync 2010 Pool other than whats seen in the screen shot above, but (not being OCD of course) it needs to go as its messing with my Nirvana.

Solution

A deep dive into AD to remove the reference to the Lync 2010 ServerPool showing up here as 1:4. 

ADSIEdit to the rescue in this case. We will need to find the specific references which will refer to servers and pools in Global Settings, Pools, Trusted MCUs, Trusted Services and Trusted WebComponentsServers.

So lets go and find these references then..
Open LDP by typing ldp in the run box and click OK

In the Connection window type the name of your DC in the Server Box and click OK





Select Connection – Bind





You need to Bind as a valid user,either use the currently logged on user, or specify an account with credentials

Next we need to view the tree
















The BaseDN will depend on where the information is stored as follows:-
  • DC=domain,DC=com (information in System Container)
  • CN=Configuration,DC=Domain,DC=COM (information in Configuration

We need to drill down to the RTC Service container. Just a note that when you first see this view there is no indication that the container objects can be expanded, go ahead and double click on them anyway 🙂



We can now search for the old server references. Right click on the RTC Service container and select search

















Enter the following string in the Filter box (replacing the OldServerFQDN with the actual FQDN of the old server)

(msRTCSIP-TrustedServerFQDN=OldServerFQDN)

NOTEReturn to this step and do another search using the following 2 string formats to find Trusted Server and Trusted Web components:-

msRTCSIP-TrustedMCUFQDN=OldServerFQDN)
msRTCSIP-TrustedWebComponentsServerFQDN=OldServerFQDN)


Be sure to select Subtree so it searches all the trees below this entry. Then click run.

The search should return results in the righthand pane.

TIP
You can easily spot the results as they start with ***Searching…

In the image below you will notice that my environment found 2 entries


Be sure to make note of these results because they will be required to find them in ADSIEdit.

Next we will open ADSIEdit and connect to the configuration. The path to each CN is noted in the search we did just before so it really simple to find them.


In my example above I found both the containers and the 1:4 that was discovered when setting up UM (bonus..)

WARNING
Before deleting each of these review them by looking at the properties and confirming that they are OK to delete. A tell tale is the references to the individual services and the machines they run on seen in the differentTrustedServicePort and ServiceType attributes

To delete simply navigate to the full DN, right click and select delete

At this point you could return to the search in ldp and perform additional searches for Trusted Server and Trusted Web components.


Running ExchUCUtil now shows just what I expected..


1:4 Gone!
Peace restored
Advertisements

About Paul B

My name is Paul Bloem and I am employed at Lexel Systems in New Zealand as a Principal Consultant for Unified Communications. I have been working on enterprise voice solutions for over 20 years. My first 10 years were spent working for a Telco in South Africa (Telcom SA). This is where all the groundwork happened as I was exposed to just about every aspect of telecommunication you could imagine. I develop an interest in PBX technologies and eventually became the go-to guy. Next, I had a 10 year run at Siemens South Africa, most of my time there was as a Technical Trainer. During this time VoIP hit the world stage, I had the privilege of introducing VoIP both as H.323 and later SIP across the Siemens HiPath 4000 solution stack. In 2008 I immigrated to New Zealand with my newly attained MCSE, I was ready to go where no PBX Techie had gone before. I was employed to explore OCS 2007 and that was pretty much the beginning of the end for me. I have been working on OCS and Lync ever since. My current role focuses exclusively on Lync and associated technologies.. That includes pre-sales, consulting, architecture and design, training and support. I even get to play in the development space from time to time - focus on play ;-) I was nominated as a Microsoft VTSP for Lync early in 2013 and also awarded Microsoft's MVP award for Lync in 2014.
This entry was posted in Removing Lync from AD. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s