Recently while adding a new Front End Server to the existing Skype for Business Enterprise Pool we got the following message on SfB Deployment Wizard Step 1:
Prerequisite installation failed: Prerequisite installation failed: SqlInstanceRtcLocal For more information, check your SQL Server log files. Log files are in the folder C:\Program Files\Microsoft SQL Server\MSSQL*.RtcLocal\MSSQL\Log, where the * represents your SQL Server version number. For example, SQL Server 2012 uses this path: C:\Program Files\Microsoft SQL Server\MSSQL11.RtcLocal\MSSQL\Log.
After attempting to run Step 1 a second time the error message was slightly different:
Prerequisite not satisfied: SupportedSqlRtcLocal: A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: Shared Memory Provider, error: 40 – Could not open a connection to SQL Server)
The SQL Server (RTCLOCAL) service was installed but stopped:
We tried to start the service without success:
Windows could not start the SQL Server (RTCLOCAL) on Local Computer. For more information, review the System Event Log. If this is a non-Microsoft service, contact the service vendor, and refer to service-specific error code 5023.
And looking in Event Viewer > Windows Logs > System we could find two related errors:
Log Name: System
Date: 16/10/2017 18:35:40
Event ID: 36871
Task Category: None
A fatal error occurred while creating an SSL client credential. The internal error state is 10013.
Log Name: System
Source: Service Control Manager
Date: 16/10/2017 18:35:41
Event ID: 7024
Task Category: None
The SQL Server (RTCLOCAL) service terminated with the following service-specific error:
The group or resource is not in the correct state to perform the requested operation.
The error state 10013 is related to Enabled Protocols, we checked the enabled protocols and on this particular server TLS 1.0 was disabled for client and server:
Get-ChildItem -Path “HKLM:SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0”
To re-enable TLS 1.0, we modified the following registry keys:
Set-ItemProperty -Path ‘HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Client’ -Name DisabledByDefault -Value ‘0’ -Type Dword
Set-ItemProperty -Path ‘HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Client’ -Name Enabled -Value ‘1’ -Type Dword
Set-ItemProperty -Path ‘HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Server’ -Name DisabledByDefault -Value ‘0’ -Type Dword
Set-ItemProperty -Path ‘HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Server’ -Name Enabled -Value ‘1’ -Type Dword
Note: After enable/disable protocols or cipher suites we need to restart the server.
Because the SQL Server Express installation failed, we also had to remove the RTCLOCAL instance by going to Control Panel > Programs > Programs and Features > Uninstall a program, select the SQL Server 2014 and then Uninstall/Change:
Now we use the option to Remove:
We will be prompted to remove the RTCLOCAL:
And we only need to remove the Database Engine Services:
In Ready to Remove we select Remove and wait for the RTCLOCAL to be removed:
Please also make sure that all the database files (*.mdf and *.ldf) related to the RTCLOCAL were removed:
(Get-ChildItem “C:\Program Files\Microsoft SQL Server\*RTCLOCAL” -Include *.mdf,*.ldf -Recurse).count
Since we remove the RTCLOCAL instance we should restart the server again.
Finally, we should be able to successful run Deployment Wizard Step 1:
Please note that currently it’s not supported to disable TLS 1.0 on any role related to Lync Server 2010/2013 and Skype for Business Server 2015.
As announced at Ignite 2017 the support will be available for Skype for Business Server 2015 in a future update.