LCS 2005 Error: User not provisioned in database
Windows Server Forum Index Windows Server
Server discussion on Windows platform.
 
 FAQFAQ   MemberlistMemberlist     RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 
 
Google
 
Web winserverhelp.com
LCS 2005 Error: User not provisioned in database

 
Post new topic   Reply to topic    Windows Server Forum Index -> Live Communications Server
Author Message
Ken Johnson
Guest
Posted: Mon Jan 31, 2005 6:47 am    Post subject: LCS 2005 Error: User not provisioned in database Reply with quote
I setup LCS2005 Standard last week and all appeared to go
smoothly during the install. The schemsa, forest, and
domain additions all reported success as did the
installatin and activation.

I ensured that our domain was in the supported domains
list on the server, added the _sip._tcp SRV record in DNS.

I enabled live communications on the active directory
users and computers tab and waited for it to propogate.

Then I tried to log in with messenger 5.1.


I got the error:
"Singing in to SIP Communications Service failed because
the password is incorrect or the sign-in name does not
exist. Check your sign-in name and password and try
again."

I checked the sign-in name and it was correct, checked
the windows account and password, they were correct. I
tried the domain\username form of login, the
username@domain form, and leaving it blank to use
existing credentials.

The logs on the server for one single login attempt are
copied at the end of this post (username and domain have
been replaced by "username" and "domain.com").

I have tried switching the authentication from both
kerberos and NTLM, to just NTLM with no success.

This communication is straight from a windows xp SP2
machine to a Windows 2003 server with no firewalls in
between (which makes sense since it looks from the logs
like authentication requests are getting to the server
but are being denied or something :-/

Selecting my user on the LCS machine to check, it is
there, but if I click on the allow/block button, I get
this error:

"User is not provisioned in the database. Please check
event logs on the user's pool for any LCS User Replicator
errors/warnings."

The event log shows no relevant errors, though it does
complaing about not being able to communicate with a
subdomain (subdomain.domain.com) which is used to store
student computers and contains neitehr my account, nor
any servers, domain controllers, or the LCS box.

I have restarted, reinstalled, disabled the user account
for live communications and renabled it, nothing seems to
work.

I was hoping someone might have a clue. THe "User not
provisioned" error seemed relevant - but I couldn't find
that error on any searches google or otherwise (unless
I'm blind. Everyone else's problems seemed to be missing
the supported domains, enableing the live communications
tab, etc.

Thanks much in advance for any tips!

- Ken Johnson

LOGS:
$$begin_record
LogType: protocol
Date: 20050131 164512
Direction: Incoming
Message-Type: Request
Start-Line: REGISTER sip:domain.com SIP/2.0
To: <sip:username@domain.com>
From:
<sip:username@domain.com>;tag=fde7fbb6c703476988892b39f3e3
3c7e;epid=92d98ff2ae
Call-ID: 83045e7d03874821a4f930b753d0bbf7
CSeq: 1 REGISTER
Contact:
<sip:10.22.90.53:11764;transport=tcp>;methods="INVITE,
MESSAGE, INFO, SUBSCRIBE, OPTIONS, BYE, CANCEL, NOTIFY,
ACK, REFER, BENOTIFY";proxy=replace
Via: SIP/2.0/TCP 10.22.90.53:11764
Max-Forwards: 70
Content-Length: 0
Other-Headers: User-Agent: RTC/1.3.5369 (Messenger
5.1.0639)
Other-Headers: Supported: com.microsoft.msrtc.presence,
adhoclist
Other-Headers: ms-keep-alive: UAC;hop-hop=yes
Other-Headers: Event: registration
Other-Headers: Allow-Events: presence
$$end_record
$$begin_record
LogType: diagnostic
Date: 20050131 164512
Severity: information
Text: Response successfully routed
SIP-Start-Line: SIP/2.0 401 Unauthorized
SIP-Call-ID: 83045e7d03874821a4f930b753d0bbf7
SIP-CSeq: 1 REGISTER
Peer: 10.22.90.53:2789
$$end_record
$$begin_record
LogType: protocol
Date: 20050131 164512
Direction: Outgoing
Origin: Local
Message-Type: Response
Start-Line: SIP/2.0 401 Unauthorized
To:
<sip:username@domain.com>;tag=44E5C2BE8D2192FD71D0AD8ADF0F
ADEF
From:
<sip:username@domain.com>;tag=fde7fbb6c703476988892b39f3e3
3c7e;epid=92d98ff2ae
Call-ID: 83045e7d03874821a4f930b753d0bbf7
CSeq: 1 REGISTER
Via: SIP/2.0/TCP 10.22.90.53:11764;ms-received-
port=2789;ms-received-cid=400
Content-Length: 0
Other-Headers: Date: Mon, 31 Jan 2005 16:45:12 GMT
Other-Headers: WWW-Authenticate: NTLM realm="SIP
Communications Service", targetname="RAHAB-NEW.domain.com"
$$end_record
$$begin_record
LogType: protocol
Date: 20050131 164512
Direction: Incoming
Message-Type: Request
Start-Line: REGISTER sip:domain.com SIP/2.0
To: <sip:username@domain.com>
From:
<sip:username@domain.com>;tag=fde7fbb6c703476988892b39f3e3
3c7e;epid=92d98ff2ae
Call-ID: 83045e7d03874821a4f930b753d0bbf7
CSeq: 2 REGISTER
Contact:
<sip:10.22.90.53:11764;transport=tcp>;methods="INVITE,
MESSAGE, INFO, SUBSCRIBE, OPTIONS, BYE, CANCEL, NOTIFY,
ACK, REFER, BENOTIFY";proxy=replace
Via: SIP/2.0/TCP 10.22.90.53:11764
Max-Forwards: 70
Content-Length: 0
Other-Headers: User-Agent: RTC/1.3.5369 (Messenger
5.1.0639)
Other-Headers: Authorization: NTLM qop="auth",
realm="SIP Communications Service", targetname="RAHAB-
NEW.domain.com", gssapi-data=""
Other-Headers: Supported: com.microsoft.msrtc.presence,
adhoclist
Other-Headers: ms-keep-alive: UAC;hop-hop=yes
Other-Headers: Event: registration
Other-Headers: Allow-Events: presence
$$end_record
$$begin_record
LogType: diagnostic
Date: 20050131 164512
Severity: information
Text: Response successfully routed
SIP-Start-Line: SIP/2.0 401 Unauthorized
SIP-Call-ID: 83045e7d03874821a4f930b753d0bbf7
SIP-CSeq: 2 REGISTER
Peer: 10.22.90.53:2789
$$end_record
$$begin_record
LogType: protocol
Date: 20050131 164512
Direction: Outgoing
Origin: Local
Message-Type: Response
Start-Line: SIP/2.0 401 Unauthorized
To:
<sip:username@domain.com>;tag=44E5C2BE8D2192FD71D0AD8ADF0F
ADEF
From:
<sip:username@domain.com>;tag=fde7fbb6c703476988892b39f3e3
3c7e;epid=92d98ff2ae
Call-ID: 83045e7d03874821a4f930b753d0bbf7
CSeq: 2 REGISTER
Via: SIP/2.0/TCP 10.22.90.53:11764;ms-received-
port=2789;ms-received-cid=400
Content-Length: 0
Other-Headers: Date: Mon, 31 Jan 2005 16:45:12 GMT
Other-Headers: WWW-Authenticate: NTLM opaque="9A0D24EB",
gssapi-
data="TlRMTVNTUAACAAAAAAAAADgAAADzgpjitwGXK04Ps+YAAAAAAAAA
AIYAhgA4AAAABQLODgAAAA8CAAwATABFAFQATgBFAFQAAQASAFIAQQBIAE
EAQgAtAE4ARQBXAAQAFABsAGUAdABuAGUAdAAuAG4AZQB0AAMAKABSAEEA
SABBAEIALQBOAEUAVwAuAGwAZQB0AG4AZQB0AC4AbgBlAHQABQAUAGwAZQ
B0AG4AZQB0AC4AbgBlAHQAAAAAAA==", targetname="RAHAB-
NEW.domain.com", realm="SIP Communications Service"
$$end_record
$$begin_record
LogType: protocol
Date: 20050131 164512
Direction: Incoming
Message-Type: Request
Start-Line: REGISTER sip:domain.com SIP/2.0
To: <sip:username@domain.com>
From:
<sip:username@domain.com>;tag=fde7fbb6c703476988892b39f3e3
3c7e;epid=92d98ff2ae
Call-ID: 83045e7d03874821a4f930b753d0bbf7
CSeq: 3 REGISTER
Contact:
<sip:10.22.90.53:11764;transport=tcp>;methods="INVITE,
MESSAGE, INFO, SUBSCRIBE, OPTIONS, BYE, CANCEL, NOTIFY,
ACK, REFER, BENOTIFY";proxy=replace
Via: SIP/2.0/TCP 10.22.90.53:11764
Max-Forwards: 70
Content-Length: 0
Other-Headers: User-Agent: RTC/1.3.5369 (Messenger
5.1.0639)
Other-Headers: Authorization: NTLM qop="auth",
opaque="9A0D24EB", realm="SIP Communications Service",
targetname="RAHAB-NEW.domain.com", gssapi-
data="TlRMTVNTUAADAAAAGAAYAGoAAAAYABgAggAAAAwADABIAAAABgAG
AFQAAAAQABAAWgAAABAAEACaAAAAVYKQQgUBKAoAAAAPbABlAHQAbgBlAH
QAawBlAG4ASwBKAE8ASABOAFMATwBOAFXe6WOn8rluG0RDy8+dSgZxL43y
YHUGIwXnwYI6V3Fb70zBVvM0HjCm67oInMdrBSSePlADDVjKfSfWVKRkQV
Y="
Other-Headers: Supported: com.microsoft.msrtc.presence,
adhoclist
Other-Headers: ms-keep-alive: UAC;hop-hop=yes
Other-Headers: Event: registration
Other-Headers: Allow-Events: presence
$$end_record
$$begin_record
LogType: diagnostic
Date: 20050131 164512
Severity: information
Text: Authenticated user
SIP-Start-Line: REGISTER sip:domain.com SIP/2.0
SIP-Call-ID: 83045e7d03874821a4f930b753d0bbf7
SIP-CSeq: 3 REGISTER
Data: domain\username
$$end_record
$$begin_record
LogType: diagnostic
Date: 20050131 164512
Severity: information
Text: Response successfully routed
SIP-Start-Line: SIP/2.0 404 Not found.
SIP-Call-ID: 83045e7d03874821a4f930b753d0bbf7
SIP-CSeq: 3 REGISTER
Peer: 10.22.90.53:2789
$$end_record
$$begin_record
LogType: protocol
Date: 20050131 164512
Direction: Outgoing
Origin: Local
Message-Type: Response
Start-Line: SIP/2.0 404 Not found.
To:
<sip:username@domain.com>;tag=44E5C2BE8D2192FD71D0AD8ADF0F
ADEF
From:
<sip:username@domain.com>;tag=fde7fbb6c703476988892b39f3e3
3c7e;epid=92d98ff2ae
Call-ID: 83045e7d03874821a4f930b753d0bbf7
CSeq: 3 REGISTER
Via: SIP/2.0/TCP 10.22.90.53:11764;ms-received-
port=2789;ms-received-cid=400
Content-Length: 0
Other-Headers: Authentication-Info: NTLM
rspauth="010000004144454638F1ECBD386AC03B",
srand="278E2C41", snum="1", opaque="9A0D24EB",
qop="auth", targetname="RAHAB-NEW.domain.com", realm="SIP
Communications Service"
$$end_record
$$begin_record
LogType: protocol
Date: 20050131 164517
Direction: Incoming
Message-Type: Request
Start-Line: REGISTER sip:domain.com SIP/2.0
To: <sip:username@domain.com>
From:
<sip:username@domain.com>;tag=a20d1915de594129b8e7383d09b4
6c5c;epid=92d98ff2ae
Call-ID: b03777ffbad54764b77b5e62e124289b
CSeq: 1 REGISTER
Contact:
<sip:10.22.90.53:16548;transport=tcp>;methods="INVITE,
MESSAGE, INFO, SUBSCRIBE, OPTIONS, BYE, CANCEL, NOTIFY,
ACK, REFER, BENOTIFY";proxy=replace
Via: SIP/2.0/TCP 10.22.90.53:16548
Max-Forwards: 70
Content-Length: 0
Other-Headers: User-Agent: RTC/1.3.5369 (Messenger
5.1.0639)
Other-Headers: Supported: com.microsoft.msrtc.presence,
adhoclist
Other-Headers: ms-keep-alive: UAC;hop-hop=yes
Other-Headers: Event: registration
Other-Headers: Allow-Events: presence
$$end_record
$$begin_record
LogType: diagnostic
Date: 20050131 164517
Severity: information
Text: Response successfully routed
SIP-Start-Line: SIP/2.0 401 Unauthorized
SIP-Call-ID: b03777ffbad54764b77b5e62e124289b
SIP-CSeq: 1 REGISTER
Peer: 10.22.90.53:2790
$$end_record
$$begin_record
LogType: protocol
Date: 20050131 164517
Direction: Outgoing
Origin: Local
Message-Type: Response
Start-Line: SIP/2.0 401 Unauthorized
To:
<sip:username@domain.com>;tag=44E5C2BE8D2192FD71D0AD8ADF0F
ADEF
From:
<sip:username@domain.com>;tag=a20d1915de594129b8e7383d09b4
6c5c;epid=92d98ff2ae
Call-ID: b03777ffbad54764b77b5e62e124289b
CSeq: 1 REGISTER
Via: SIP/2.0/TCP 10.22.90.53:16548;ms-received-
port=2790;ms-received-cid=500
Content-Length: 0
Other-Headers: Date: Mon, 31 Jan 2005 16:45:17 GMT
Other-Headers: WWW-Authenticate: NTLM realm="SIP
Communications Service", targetname="RAHAB-NEW.domain.com"
$$end_record
$$begin_record
LogType: protocol
Date: 20050131 164517
Direction: Incoming
Message-Type: Request
Start-Line: REGISTER sip:domain.com SIP/2.0
To: <sip:username@domain.com>
From:
<sip:username@domain.com>;tag=a20d1915de594129b8e7383d09b4
6c5c;epid=92d98ff2ae
Call-ID: b03777ffbad54764b77b5e62e124289b
CSeq: 2 REGISTER
Contact:
<sip:10.22.90.53:16548;transport=tcp>;methods="INVITE,
MESSAGE, INFO, SUBSCRIBE, OPTIONS, BYE, CANCEL, NOTIFY,
ACK, REFER, BENOTIFY";proxy=replace
Via: SIP/2.0/TCP 10.22.90.53:16548
Max-Forwards: 70
Content-Length: 0
Other-Headers: User-Agent: RTC/1.3.5369 (Messenger
5.1.0639)
Other-Headers: Authorization: NTLM qop="auth",
realm="SIP Communications Service", targetname="RAHAB-
NEW.domain.com", gssapi-data=""
Other-Headers: Supported: com.microsoft.msrtc.presence,
adhoclist
Other-Headers: ms-keep-alive: UAC;hop-hop=yes
Other-Headers: Event: registration
Other-Headers: Allow-Events: presence
$$end_record
$$begin_record
LogType: diagnostic
Date: 20050131 164517
Severity: information
Text: Response successfully routed
SIP-Start-Line: SIP/2.0 401 Unauthorized
SIP-Call-ID: b03777ffbad54764b77b5e62e124289b
SIP-CSeq: 2 REGISTER
Peer: 10.22.90.53:2790
$$end_record
$$begin_record
LogType: protocol
Date: 20050131 164517
Direction: Outgoing
Origin: Local
Message-Type: Response
Start-Line: SIP/2.0 401 Unauthorized
To:
<sip:username@domain.com>;tag=44E5C2BE8D2192FD71D0AD8ADF0F
ADEF
From:
<sip:username@domain.com>;tag=a20d1915de594129b8e7383d09b4
6c5c;epid=92d98ff2ae
Call-ID: b03777ffbad54764b77b5e62e124289b
CSeq: 2 REGISTER
Via: SIP/2.0/TCP 10.22.90.53:16548;ms-received-
port=2790;ms-received-cid=500
Content-Length: 0
Other-Headers: Date: Mon, 31 Jan 2005 16:45:17 GMT
Other-Headers: WWW-Authenticate: NTLM opaque="7C721562",
gssapi-
data="TlRMTVNTUAACAAAAAAAAADgAAADzgpji/ExP1tpQeRoAAAAAAAAA
AIYAhgA4AAAABQLODgAAAA8CAAwATABFAFQATgBFAFQAAQASAFIAQQBIAE
EAQgAtAE4ARQBXAAQAFABsAGUAdABuAGUAdAAuAG4AZQB0AAMAKABSAEEA
SABBAEIALQBOAEUAVwAuAGwAZQB0AG4AZQB0AC4AbgBlAHQABQAUAGwAZQ
B0AG4AZQB0AC4AbgBlAHQAAAAAAA==", targetname="RAHAB-
NEW.domain.com", realm="SIP Communications Service"
$$end_record
$$begin_record
LogType: protocol
Date: 20050131 164517
Direction: Incoming
Message-Type: Request
Start-Line: REGISTER sip:domain.com SIP/2.0
To: <sip:username@domain.com>
From:
<sip:username@domain.com>;tag=a20d1915de594129b8e7383d09b4
6c5c;epid=92d98ff2ae
Call-ID: b03777ffbad54764b77b5e62e124289b
CSeq: 3 REGISTER
Contact:
<sip:10.22.90.53:16548;transport=tcp>;methods="INVITE,
MESSAGE, INFO, SUBSCRIBE, OPTIONS, BYE, CANCEL, NOTIFY,
ACK, REFER, BENOTIFY";proxy=replace
Via: SIP/2.0/TCP 10.22.90.53:16548
Max-Forwards: 70
Content-Length: 0
Other-Headers: User-Agent: RTC/1.3.5369 (Messenger
5.1.0639)
Other-Headers: Authorization: NTLM qop="auth",
opaque="7C721562", realm="SIP Communications Service",
targetname="RAHAB-NEW.domain.com", gssapi-
data="TlRMTVNTUAADAAAAGAAYAGoAAAAYABgAggAAAAwADABIAAAABgAG
AFQAAAAQABAAWgAAABAAEACaAAAAVYKQQgUBKAoAAAAPbABlAHQAbgBlAH
QAawBlAG4ASwBKAE8ASABOAFMATwBOAB/utsV01SAokM93B/yuQG9fWH6m
ZgZjikrlVC8p8SviBVlv/HsCuJ8SnmuuTEVh+6NA1eZKDivAYl92cagfJo
c="
Other-Headers: Supported: com.microsoft.msrtc.presence,
adhoclist
Other-Headers: ms-keep-alive: UAC;hop-hop=yes
Other-Headers: Event: registration
Other-Headers: Allow-Events: presence
$$end_record
$$begin_record
LogType: diagnostic
Date: 20050131 164517
Severity: information
Text: Authenticated user
SIP-Start-Line: REGISTER sip:domain.com SIP/2.0
SIP-Call-ID: b03777ffbad54764b77b5e62e124289b
SIP-CSeq: 3 REGISTER
Data: domain\username
$$end_record
$$begin_record
LogType: diagnostic
Date: 20050131 164517
Severity: information
Text: Response successfully routed
SIP-Start-Line: SIP/2.0 404 Not found.
SIP-Call-ID: b03777ffbad54764b77b5e62e124289b
SIP-CSeq: 3 REGISTER
Peer: 10.22.90.53:2790
$$end_record
$$begin_record
LogType: protocol
Date: 20050131 164517
Direction: Outgoing
Origin: Local
Message-Type: Response
Start-Line: SIP/2.0 404 Not found.
To:
<sip:username@domain.com>;tag=44E5C2BE8D2192FD71D0AD8ADF0F
ADEF
From:
<sip:username@domain.com>;tag=a20d1915de594129b8e7383d09b4
6c5c;epid=92d98ff2ae
Call-ID: b03777ffbad54764b77b5e62e124289b
CSeq: 3 REGISTER
Via: SIP/2.0/TCP 10.22.90.53:16548;ms-received-
port=2790;ms-received-cid=500
Content-Length: 0
Other-Headers: Authentication-Info: NTLM
rspauth="01000000414445468C6D121E9A9D3F50",
srand="D14EA7E5", snum="1", opaque="7C721562",
qop="auth", targetname="RAHAB-NEW.domain.com", realm="SIP
Communications Service"
$$end_record




"User is not provisioned in the database. Please check
event logs on the user's pool for any LCS User Replicator
errors/warnings."
Back to top
Serkan Kutan [MSFT]
Guest
Posted: Tue Feb 01, 2005 3:03 am    Post subject: Re: LCS 2005 Error: User not provisioned in database Reply with quote
Did you do a domain add for the sub domain (subdomain.domain.com)?

Thanks,
Serkan
--


This posting is provided AS IS with no warranties, and confers no rights.
Please do not send e-mails to the sender directly; use the group address
instead.
Back to top
Bob Christian
Guest
Posted: Tue Feb 01, 2005 6:25 am    Post subject: Re: LCS 2005 Error: User not provisioned in database Reply with quote
Another item to add to what Serkan said...
In the LCS 2005 admin console, right-click on the forest and select
properties. Make sure that the SIP domain is listed. By default the AD
domain is listed. LCS 2005 does not pick up anything from the recipient
policies in Exchange. So, if your AD is domain.local and your Exchange
primary SMTP addresses end in domain.com, you need to add domain.com.
Back to top
Dhigha D Sekara
Guest
Posted: Tue Feb 01, 2005 6:48 am    Post subject: Re: LCS 2005 Error: User not provisioned in database Reply with quote
Actually the sip domain needs to be appropriatly set for the user to sign
in. But the User Replicator doesnt rely on this to sync information from the
AD to the SQL database.
if the sip uri of the user is "sip:user@my-sip-domain.com"...
my-sip-domain.com needs to be added to the list of supported sip domains

Looks like the issue you having here is not due to the listing of the sip
domain. It seems more like the rtcsrv process not having enough permissions
to sync down the user information form the AD.
As serkan mentioned it seems more like permissions issue.

The service account which the rtcsrv process is running needs to have
appropriate permission to read the user information. You can use ldp.exe
under the service account being used to try to query for the user properties
in AD.
Back to top
Vims



Joined: 01 Feb 2007
Posts: 1
Location: Vancouver, Canada
Posted: Thu Feb 01, 2007 11:17 pm    Post subject: Reply with quote
I fixed that problem. You have to make sure that the service account which the rtcsrv process is running needs to have appropriate permission to read the user information. It has to be running under LCService account, not a local system account.
Back to top
View user's profile Send private message MSN Messenger
 
Post new topic   Reply to topic    Windows Server Forum Index -> Live Communications Server All times are GMT
Page 1 of 1

 
 You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum




New Topics Powered by phpBB