Office Communications Server 2007 R2 Tool: LcsError

NextHop_Team · ‎May 20 2019

First published on TECHNET on Apr 10, 2011

LcsError.exe, a Microsoft Office Communications Server 2007 R2 Resource Kit tool, is designed to return those hard-to-find text error strings that provide the meaningful text message match for a hexadecimal or decimal error string, which can sometimes be difficult to interpret. You can download this and other Office Communications Server 2007 R2 Resource Kit tools from the Download Center .

Author: Mike Adkins

Publication date: April 2011

Product versions: Microsoft Office Communications Server 2007 R2, Microsoft Office Communications Server 2007, Microsoft Office Communicator 2007 R2

Introduction

The Microsoft Office Communications Server 2007 R2 command-line tool called LcsError can be used to research error information that is in a hexadecimal or decimal format. These types of errors will show up in the following:

Office Communications Server 2007 R2 Event logs

Office Communications Server 2007 R2 command-line operations

Office Communications Server 2007 R2 or Microsoft Office Communicator 2007 R2 debug logging

At a command prompt, LcsError accepts the hexadecimal or decimal error values as an input parameter that can be processed by LcsError to return the matching text error string. This meaningful error string information is useful when troubleshooting Communications Server issues that are not easily defined.

You can download this and other Office Communications Server 2007 R2 Resource Kit tools from the Download Center .

Description

LcsError is an executable file that contains a database of error information for Communications Server and the Office Communicator 2007 R2 client. In those rare situations when the only error information that is provided is a decimal or hexadecimal string, LcsError can be used to convert this information into a meaningful text message.

Output

Use LcsError by following these steps:

Open a Command Prompt window on the computer that is hosting the Office Communications Server 2007 R2 Resource Kit tools.

Browse to the directory prompt that is hosting LcsError.exe.

Type LcsError followed by the numeric error code that you need research.

Press ENTER to get the results. They will be similar to the following example and appear in the Command Prompt window.

C:LCSError>lcserror 0x80004004

0x80004004 -> (E_ABORT) (kernel32.dll) Operation aborted

Purpose

LcsError allows you to conveniently analyze error information that might otherwise be considered cryptic. The additional information that LcsError reveals may provide insight into the root cause of the error. After the cause of an error is discovered, resolving the errant situation becomes a possibility.

Requirements

The Office Communications Server 2007 R2 Resource Kit tools are supported on the following Window Server operating systems:

Windows Server 2008 operating system

Windows Server 2003 Standard Edition operating system with Service Pack 2 (SP2)

Windows Server 2003 Enterprise Edition operating system with Service Pack 2 (SP2)

Examples

Hexadecimal or decimal error strings usually appear when you analyze Communications Server debug captures or system event logging. Debug captures or system event logs are usually reviewed together to gather detailed information about problems that are occurring in the Communications Server environment.

The debug capture for a specified Communications Server service can encapsulate a literal representation of the specified Communications Server service's functionality when the issue is occurring. At the same time, the Windows Server or Communications Server event log gathers all error or warning information from the hosting computer.

This section of the article provides you with two separate examples of how you can use the LcsError tool to troubleshoot some of the issues that can occur in a Communications Server environment:

The first issue consists of failed network communications between Communications Server pools during a coexistence installation of Office Communications Server 2007 R2 and Office Communications Server 2007.

The second issue takes place when a remote Communicator 2007 R2 client authentication attempt fails while trying to sign in to the internal Communications Server network.

Failed Network Communications During Coexistence

This problem occurred during a coexistence scenario between a Communications Server 2007 R2 pool and a Communications Server 2007 pool. Secure mutual TLS (MTLS) network communications was failing between each pool's servers, not allowing the needed secure communications between each of the separate Communications Server pool's to take place. To troubleshoot the issue, SipStack logging was enabled on the Communications Server 2007 R2 pool. The following log information was returned, revealing a hexadecimal error code.

$$begin_record

LogType: diagnostic

Date: YYYY/MM/DD HH:MM:SS

Severity: errorText: Failure in security functionResult-Code: 0x80090321Location: 0x00000000'00ab7d19$$end_record

LcSError provided the literal meaning of 0x80090321 (the hexadecimal error code) as shown in the following code.

C:LCSError>LcsError 0x80090321

0x80090321 -> (SEC_E_BUFFER_TOO_SMALL) (kernel32.dll)

The buffers supplied to a function were too small.

Researching the previous hexadecimal error code information revealed that a limited amount of certificate authority certificate information was being passed between the two Communications Server pools. The truncated MTLS certificate authority certificate list didn't contain the public certificate authority information that was needed to ensure a secure MTLS connection between the Communication Server pools.

The previously shown hexadecimal error code led to the resolution for the coexistence issue. For more information, see TLS Client Authentication Fails Between Unified Communications Peers with a Logged Schannel War... .

Failed Remote User Authentication Example

NTLM Authentication attempts by the remote Communicator 2007 R2 client to the internal Communications Server pool would fail during the remote client's sign-in process. This pool was enabled for the default Kerberos/NTLM authentication methods.

The Communications Server 2007 R2 Front End Server had Windows Security Auditing enabled for troubleshooting purposes. This allowed the following security Event ID 537 to be logged by the Security event log of Windows Server when the remote Communicator 2007 R2 client's connection failed.

Event Type: Failure Audit

Event Source: Security

Event Category: Logon/Logoff

Event ID: 537

User: NT AUTHORITYSYSTEM

Computer: OCSFE

Description:

Logon Failure:

Reason: An error occurred during logon

User Name:

Domain:

Logon Type: 3

Logon Process: ÐùÂ

Authentication Package: NTLM

Workstation Name:

Status code: 0x80090302

Substatus code: 0x0

LcSError determines the literal meaning of 0x80090302, shown as follows.

C:LcsError>LcsError 0x80090302

0x80090302 -> (SEC_E_UNSUPPORTED_FUNCTION) (kernel32.dll)

The function requested is not supported

This hexadecimal error code information required further research by support personnel by using LcsError. This led to the discovery of the actual cause of the remote client sign-in failure. The internal Communications Server Front End Server had the following local Windows network security group policies applied to it:

Network Security: minimum session security for NTLM security support provider (SSP)-based (including secure remote procedure call (RPC)) servers

Network Security: minimum session security for NTLM SSP-based (including secure RPC) clients

Both of these Windows group policies were set to the nondefault setting-Require NTLM 2 session security.

The remote Windows client computer didn't have the previously shown network security policies applied by using a local group policy. This resulted in the failed remote user authentication attempt by using the Communicator 2007 R2 client. Updating the Network Security policies locally on the remote Windows client to match those previously listed in this section solved the issue. The remote Communicator 2007 R2 client was able to sign in to the internal Communications Server network.

Summary

LcsError, an Office Communications Server 2007 R2 Resource Kit tool, provides helpful error string information that interprets cryptic decimal or hexadecimal information. The error string information is located by doing research in break-fix scenarios. This concise, literal definition of the error helps identify the cause of the problem. LcsError can help lead to quicker resolutions of issues that are sometimes difficult to resolve.