Unable to start Lync Server access edge service.
Recently I came across issue, were customer was unable to start Lync Server Access Edge service on any of their edge server. Recently they had Power Shutdown and all servers went down, all Front End services started however Lync access edge service not starting.
After power come up none of edge server access edge service starts.
I was thinking it may be because certificate expired or SQL service not started however certificate was valid with SAN names and it was properly installed and assigned as well. Also, all dependent services were running however still access edge service was not starting.
When I tried to start access edge service again and it failed as expect but it generates error events in event viewer. Event log show two error event (Event Viewer > Applications and Service log > Lync) on Lync edge server.
Event 14497, LS Protocol Stack and Event 14517, LS Protocol Stack.
Event log 14517, shows error that tells, the server configuration validation mechanism detected some serious problems.
With ERRORS: The server at FQDN [sipfed.online.lync.com] is configured as both type 'allowed partner server' and type 'IM service provider'.
This explain that there is configuration issue and that is causing the server might not behave as expected to start services.
When I review allowed domain and provider configuration under external access.
SIP Federated domain shows allowed domain as “abc.com” and Edge server as “sipfed.online.lync.com” however, “sipfed.online.lync.com” is already added under SIP Federated Providers. This configuration conflicts hence Lync Server Access Edge service was not starting.
Review and correct the errors listed above, then restart the service. You may also wish to review any warnings present.
First, I have deleted allowed domain which has “sipfed.online.lync.com” and waited for replication to happen. This will resolves error shows in event log.
Then you can verify event log on edge server to see event id 3013, like below.
Once you see this event (3013) means changes got replicated and you will be able to start Lync Server Access Edge service. I could start Lync Server Access Edge service on all affected edge Servers after deleting affected allowed domain.
You can add your federated domain without edge server (sipfed.online.lync.com) to work federation and not affecting your edge services.Thank you.