Lync 2013 error : BackCompatSchema.ldf failed. The exit code is “8224”

During deploying Lync 2013 pilot pool for side-by-side migration from Lync 2010, I faced with strange problem on Step 1 (AD Preparation) in Wizard.schema error

I have had installed Lync 2010 in my infrastructure, so I have a “half-prepared” schema for Lync 2013 Server. To update your current schema Lync uses four ldf scripts , which you can find in your Lync installation disk (<drive letter>:\support\schema).

  • ExternalSchema.ldf is is used for interoperability with Microsoft Exchange Server
  • ServerSchema.ldf is the primary Lync Server 2013 schema file
  • BackCompatSchema.ldf is used for interoperability with any components from prior releases
  • VersionSchema.ldf is used for version information of the prepared schema

Wizard runs them in the following order :

  1. ExternalSchema.ldf
  2. ServerSchema.ldf
  3. BackCompatSchema.ldf
  4. VersionSchema.ldf

To resolve my problem I decided to run scripts manually on my DC
*don’t forget to change DC=  and type FQDN of your DC

ldifde.exe -i -v -k -j "C:\Users\rlevchenko\AppData\Local\Temp" -f "D:\Support\Schema\ExternalSchema.ldf" -c DC=X "DC=demo,DC=local" -s ad.demo.local
ldifde.exe -i -v -k -j "C:\Users\rlevchenko\AppData\Local\Temp" -f "D:\Support\Schema\ServerSchema.ldf" -c DC=X "DC=demo,DC=local" -s ad.demo.local
ldifde.exe -i -v -k -j "C:\Users\rlevchenko\AppData\Local\Temp" -f "D:\Support\Schema\BackCompatSchema.ldf" -c DC=X "DC=demo,DC=local" -s ad.demo.local
ldifde.exe -i -v -k -j "C:\Users\rlevchenko\AppData\Local\Temp" -f "D:\Support\Schema\VersionSchema.ldf" -c DC=X "DC=demo,DC=local" -s ad.demo.local

Can’t sign to Lync Server 2010/2013

I have just installed Lync Server 2013 Std with external connectivity (used free comodo ssl certificate) for my own demo. Everything works as good as expected. But some clients on old operation systems (for example, XP SP3) couldn’t sign to Lync server.

lync can't sign_1

Turned on the logging on the client side and analyzed them in snooper

lync can't sign

Resolution:

By default, Server 2008 R2/2012 require 128 bit encryption for NTLMv2 session. So, if  strong encryption  is not negotiated, connection will fail. In Windows XP/Vista this policy has no requirements. To provide negotiation between servers and all clients you have to do the following actions:

1) Open your gpedit.msc on Lync FE
2) Computer configuration > Windows Settings > Security Settings > Local Policies >Security Options and find following policies:

Network security: Minimum session security for NTLM SSP based (including secure RPC) servers

3) Uncheck all requirements and run gpupdate /force

ntlm

P.S. Lync Server 2013 installation manual is going to publish as soon as possible 🙂

%d bloggers like this: