LcsError.exe, a Microsoft Office Communications Server 2007 R2 Resource Kit tool, is designed to return those hard-to-find text error strings that provide the meaningful text message match for a hexadecimal or decimal error string, which can sometimes be difficult to interpret. You can download this and other Office Communications Server 2007 R2 Resource Kit tools from the Download Center.
Author: Mike Adkins
Publication date: April 2011
Product versions: Microsoft Office Communications Server 2007 R2, Microsoft Office Communications Server 2007, Microsoft Office Communicator 2007 R2
The Microsoft Office Communications Server 2007 R2 command-line tool called LcsError can be used to research error information that is in a hexadecimal or decimal format. These types of errors will show up in the following:
- Office Communications Server 2007 R2 Event logs
- Office Communications Server 2007 R2 command-line operations
- Office Communications Server 2007 R2 or Microsoft Office Communicator 2007 R2 debug logging
At a command prompt, LcsError accepts the hexadecimal or decimal error values as an input parameter that can be processed by LcsError to return the matching text error string. This meaningful error string information is useful when troubleshooting Communications Server issues that are not easily defined.
You can download this and other Office Communications Server 2007 R2 Resource Kit tools from the Download Center.
LcsError is an executable file that contains a database of error information for Communications Server and the Office Communicator 2007 R2 client. In those rare situations when the only error information that is provided is a decimal or hexadecimal string, LcsError can be used to convert this information into a meaningful text message.
Use LcsError by following these steps:
- Open a Command Prompt window on the computer that is hosting the Office Communications Server 2007 R2 Resource Kit tools.
- Browse to the directory prompt that is hosting LcsError.exe.
- Type LcsError followed by the numeric error code that you need research.
- Press ENTER to get the results. They will be similar to the following example and appear in the Command Prompt window.
0x80004004 -> (E_ABORT) (kernel32.dll) Operation aborted
LcsError allows you to conveniently analyze error information that might otherwise be considered cryptic. The additional information that LcsError reveals may provide insight into the root cause of the error. After the cause of an error is discovered, resolving the errant situation becomes a possibility.
The Office Communications Server 2007 R2 Resource Kit tools are supported on the following Window Server operating systems:
- Windows Server 2008 operating system
- Windows Server 2003 Standard Edition operating system with Service Pack 2 (SP2)
- Windows Server 2003 Enterprise Edition operating system with Service Pack 2 (SP2)
Hexadecimal or decimal error strings usually appear when you analyze Communications Server debug captures or system event logging. Debug captures or system event logs are usually reviewed together to gather detailed information about problems that are occurring in the Communications Server environment.
The debug capture for a specified Communications Server service can encapsulate a literal representation of the specified Communications Server service’s functionality when the issue is occurring. At the same time, the Windows Server or Communications Server event log gathers all error or warning information from the hosting computer.
This section of the article provides you with two separate examples of how you can use the LcsError tool to troubleshoot some of the issues that can occur in a Communications Server environment:
- The first issue consists of failed network communications between Communications Server pools during a coexistence installation of Office Communications Server 2007 R2 and Office Communications Server 2007.
- The second issue takes place when a remote Communicator 2007 R2 client authentication attempt fails while trying to sign in to the internal Communications Server network.
Failed Network Communications During Coexistence
This problem occurred during a coexistence scenario between a Communications Server 2007 R2 pool and a Communications Server 2007 pool. Secure mutual TLS (MTLS) network communications was failing between each pool’s servers, not allowing the needed secure communications between each of the separate Communications Server pool’s to take place. To troubleshoot the issue, SipStack logging was enabled on the Communications Server 2007 R2 pool. The following log information was returned, revealing a hexadecimal error code.
Date: YYYY/MM/DD HH:MM:SS
Severity: errorText: Failure in security functionResult-Code: 0x80090321Location: 0x00000000’00ab7d19$$end_record
LcSError provided the literal meaning of 0x80090321 (the hexadecimal error code) as shown in the following code.
0x80090321 -> (SEC_E_BUFFER_TOO_SMALL) (kernel32.dll)
The buffers supplied to a function were too small.
Researching the previous hexadecimal error code information revealed that a limited amount of certificate authority certificate information was being passed between the two Communications Server pools. The truncated MTLS certificate authority certificate list didn’t contain the public certificate authority information that was needed to ensure a secure MTLS connection between the Communication Server pools.
The previously shown hexadecimal error code led to the resolution for the coexistence issue. For more information, see TLS Client Authentication Fails Between Unified Communications Peers with a Logged Schannel Warning.
Failed Remote User Authentication Example
NTLM Authentication attempts by the remote Communicator 2007 R2 client to the internal Communications Server pool would fail during the remote client’s sign-in process. This pool was enabled for the default Kerberos/NTLM authentication methods.
The Communications Server 2007 R2 Front End Server had Windows Security Auditing enabled for troubleshooting purposes. This allowed the following security Event ID 537 to be logged by the Security event log of Windows Server when the remote Communicator 2007 R2 client’s connection failed.
Event Type: Failure Audit
Event Source: Security
Event Category: Logon/Logoff
Event ID: 537
User: NT AUTHORITYSYSTEM
Reason: An error occurred during logon
Logon Type: 3
Logon Process: ÐùÂ
Authentication Package: NTLM
Status code: 0x80090302
Substatus code: 0x0
LcSError determines the literal meaning of 0x80090302, shown as follows.
0x80090302 -> (SEC_E_UNSUPPORTED_FUNCTION) (kernel32.dll)
The function requested is not supported
This hexadecimal error code information required further research by support personnel by using LcsError. This led to the discovery of the actual cause of the remote client sign-in failure. The internal Communications Server Front End Server had the following local Windows network security group policies applied to it:
- Network Security: minimum session security for NTLM security support provider (SSP)-based (including secure remote procedure call (RPC)) servers
- Network Security: minimum session security for NTLM SSP-based (including secure RPC) clients
Both of these Windows group policies were set to the nondefault setting-Require NTLM 2 session security.
The remote Windows client computer didn’t have the previously shown network security policies applied by using a local group policy. This resulted in the failed remote user authentication attempt by using the Communicator 2007 R2 client. Updating the Network Security policies locally on the remote Windows client to match those previously listed in this section solved the issue. The remote Communicator 2007 R2 client was able to sign in to the internal Communications Server network.
LcsError, an Office Communications Server 2007 R2 Resource Kit tool, provides helpful error string information that interprets cryptic decimal or hexadecimal information. The error string information is located by doing research in break-fix scenarios. This concise, literal definition of the error helps identify the cause of the problem. LcsError can help lead to quicker resolutions of issues that are sometimes difficult to resolve.
Lync Server Resources
- Lync Server 2010 documentation in the TechNet Library
- NextHop blog
- Lync Server and Communications Server resources
We Want to Hear from You
Keywords: hresult, hex, error, decimal, log