Working with a client to move users between a Lync 2010 pool and a new Lync 2013 pool, a colleague of mine came across the following error:
Unable to connect to some of the servers in pool “poolname” due to a Distributed Component Object Model (DCOM) error. Verify that Front End service is running on servers in this pool. If the pool is set up for load balancing, verify that load balancer is configured correctly.
Trying the same move from the Lync Management Shell had the following error:
Cannot find Registrar pool. Verify that “poolname” is a valid registrar pool.
Searching the net for the error yielded fixes if the pool was behind a hardware load balancer or messing with the dcomcnfg tool.
- http://blogs.technet.com/b/dodeitte/archive/2010/12/19/issue-when-moving-legacy-users-to-a-lync-server-2010-pool-using-hlb.aspx
- http://www.bibble-it.com/2011/03/22/unable-to-move-lync-user-dcom-error
Unfortunately neither solution work in our scenario. To resolve the error, the Local Security Policy of the servers reported in the error needed to be modified.
Fix:
- Click “Start” -> “Run” -> Type “secpol.msc” -> Click “OK”
- Expand “Local Policies” -> Click on “Secuirty Options”
- Double Click “DCOM: Machine Launch Restrictions in Security Descriptor Definition Language (SDDL) syntax” Policy
- On the “Template Secuirty Policy Setting” Click “Edit Security”
- Click “Add” -> Type “RTCUniversalServerAdmins” -> Click “OK”
- Check all the Allow boxes for the RTCUniversalServerAdmins account -> Click “OK”
- Log off and on
All credit goes to Korbyn for finding the fix.