While publishing and enabling a topology, we were getting this error:
Enable-CsTopology: Multiple Active Directory entries were found for type”ms-RTC-SIP-TrustedServer” with ID “<SERVER FQDN>”.
The publishing was successful but then the enabling was showing this error.
The next step was to check the duplicates in the Active Directory Configuration Partition. For those who have already browsed this, you probably know it has too many entries:
An easy way to check duplicates is to use PowerShell. For this we need a server/desktop with the Active Directory PowerShell module installed, because the AD:\ won’t be available if we don’t load the AD module:
Get-ItemProperty : Cannot find drive. A drive with the name ‘AD’ does not exist.
At line:1 char:1
+ Get-ItemProperty -Path “AD:CN=*,CN=Trusted Services,CN=RTC Service,CN=Services, …
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (AD:String) [Get-ItemProperty], DriveNotFoundException
+ FullyQualifiedErrorId : DriveNotFound,Microsoft.PowerShell.Commands.GetItemPropertyCommand
To import the Active Directory module simply run:
Import-Module ActiveDirectory
And to check the duplicates we use the following PowerShell cmdlet:
Get-ItemProperty -Path “AD:CN=*,CN=Trusted Services,CN=RTC Service,CN=Services,CN=Configuration,DC=gears,DC=lab” -Name cn,msRTCSIP-TrustedServerFQDN,msRTCSIP-TrustedServiceType,whenCreated,whenChanged | Group-Object -Property msRTCSIP-TrustedServerFQDN,msRTCSIP-TrustedServiceType | Where-Object {$_.Count -gt 1} | Select-Object -ExpandProperty Group | Select cn,msRTCSIP-TrustedServerFQDN,msRTCSIP-TrustedServiceType,whenCreated,whenChanged | ft -AutoSize
Note: Replace DC=gears,DC=lab with the value for your domain.
Now we know which values are duplicated. Please take special attention when changing values in the Active Directory Configuration partition, as you should have a backup of all values before doing any change.
