Office Communications Server 2007 R2 Tool: LcsError

LcsError.exe, a Microsoft Office Communications Server 2007 R2 Resource Kit tool, is designed to return those hard-to-find text error strings that provide the meaningful text message match for a hexadecimal or decimal error string, which can sometimes be difficult to interpret. You can download this and other Office Communications Server 2007 R2 Resource Kit tools from the Download Center.

Author: Mike Adkins

Publication date: April 2011

Product versions: Microsoft Office Communications Server 2007 R2, Microsoft Office Communications Server 2007, Microsoft Office Communicator 2007 R2


The Microsoft Office Communications Server 2007 R2 command-line tool called LcsError can be used to research error information that is in a hexadecimal or decimal format. These types of errors will show up in the following:

  • Office Communications Server 2007 R2 Event logs
  • Office Communications Server 2007 R2 command-line operations
  • Office Communications Server 2007 R2 or Microsoft Office Communicator 2007 R2 debug logging

At a command prompt, LcsError accepts the hexadecimal or decimal error values as an input parameter that can be processed by LcsError to return the matching text error string. This meaningful error string information is useful when troubleshooting Communications Server issues that are not easily defined.

You can download this and other Office Communications Server 2007 R2 Resource Kit tools from the Download Center.


LcsError is an executable file that contains a database of error information for Communications Server and the Office Communicator 2007 R2 client. In those rare situations when the only error information that is provided is a decimal or hexadecimal string, LcsError can be used to convert this information into a meaningful text message.


Use LcsError by following these steps:

  1. Open a Command Prompt window on the computer that is hosting the Office Communications Server 2007 R2 Resource Kit tools.
  2. Browse to the directory prompt that is hosting LcsError.exe.
  3. Type LcsError followed by the numeric error code that you need research.
  4. Press ENTER to get the results. They will be similar to the following example and appear in the Command Prompt window.

C:LCSError>lcserror 0x80004004

0x80004004 -> (E_ABORT)  (kernel32.dll) Operation aborted


LcsError allows you to conveniently analyze error information that might otherwise be considered cryptic. The additional information that LcsError reveals may provide insight into the root cause of the error. After the cause of an error is discovered, resolving the errant situation becomes a possibility.


The Office Communications Server 2007 R2 Resource Kit tools are supported on the following Window Server operating systems:

  • Windows Server 2008 operating system
  • Windows Server 2003 Standard Edition operating system with Service Pack 2 (SP2)
  • Windows Server 2003 Enterprise Edition operating system with Service Pack 2 (SP2)


Hexadecimal or decimal error strings usually appear when you analyze Communications Server debug captures or system event logging. Debug captures or system event logs are usually reviewed together to gather detailed information about problems that are occurring in the Communications Server environment.

The debug capture for a specified Communications Server service can encapsulate a literal representation of the specified Communications Server service's functionality when the issue is occurring. At the same time, the Windows Server or Communications Server event log gathers all error or warning information from the hosting computer.

This section of the article provides you with two separate examples of how you can use the LcsError tool to troubleshoot some of the issues that can occur in a Communications Server environment:

  • The first issue consists of failed network communications between Communications Server pools during a coexistence installation of Office Communications Server 2007 R2 and Office Communications Server 2007.
  • The second issue takes place when a remote Communicator 2007 R2 client authentication attempt fails while trying to sign in to the internal Communications Server network.

Failed Network Communications During Coexistence

This problem occurred during a coexistence scenario between a Communications Server 2007 R2 pool and a Communications Server 2007 pool. Secure mutual TLS (MTLS) network communications was failing between each pool's servers, not allowing the needed secure communications between each of the separate Communications Server pool's to take place. To troubleshoot the issue, SipStack logging was enabled on the Communications Server 2007 R2 pool. The following log information was returned, revealing a hexadecimal error code.


LogType: diagnostic


Severity: errorText: Failure in security functionResult-Code: 0x80090321Location: 0x00000000'00ab7d19$$end_record


LcSError provided the literal meaning of 0x80090321 (the hexadecimal error code) as shown in the following code.

C:LCSError>LcsError 0x80090321

0x80090321 -> (SEC_E_BUFFER_TOO_SMALL)  (kernel32.dll)

The buffers supplied to a function were too small.

Researching the previous hexadecimal error code information revealed that a limited amount of certificate authority certificate information was being passed between the two Communications Server pools. The truncated MTLS certificate authority certificate list didn't contain the public certificate authority information that was needed to ensure a secure MTLS connection between the Communication Server pools.

The previously shown hexadecimal error code led to the resolution for the coexistence issue. For more information, see TLS Client Authentication Fails Between Unified Communications Peers with a Logged Schannel Warning.

Failed Remote User Authentication Example

NTLM Authentication attempts by the remote Communicator 2007 R2 client to the internal Communications Server pool would fail during the remote client's sign-in process. This pool was enabled for the default Kerberos/NTLM authentication methods.

The Communications Server 2007 R2 Front End Server had Windows Security Auditing enabled for troubleshooting purposes. This allowed the following security Event ID 537 to be logged by the Security event log of Windows Server when the remote Communicator 2007 R2 client's connection failed.

Event Type: Failure Audit

Event Source: Security

Event Category: Logon/Logoff

Event ID: 537


Computer: OCSFE


Logon Failure:

Reason: An error occurred during logon

User Name:


Logon Type: 3

Logon Process: ÐùÂ

Authentication Package: NTLM

Workstation Name:

Status code: 0x80090302

Substatus code: 0x0


LcSError determines the literal meaning of 0x80090302, shown as follows.

C:LcsError>LcsError 0x80090302

0x80090302 -> (SEC_E_UNSUPPORTED_FUNCTION)  (kernel32.dll)

The function requested is not supported


This hexadecimal error code information required further research by support personnel by using LcsError. This led to the discovery of the actual cause of the remote client sign-in failure. The internal Communications Server Front End Server had the following local Windows network security group policies applied to it:

  • Network Security: minimum session security for NTLM security support provider (SSP)-based (including secure remote procedure call (RPC)) servers
  • Network Security: minimum session security for NTLM SSP-based (including secure RPC) clients

Both of these Windows group policies were set to the nondefault setting-Require NTLM 2 session security.

The remote Windows client computer didn't have the previously shown network security policies applied by using a local group policy. This resulted in the failed remote user authentication attempt by using the Communicator 2007 R2 client. Updating the Network Security policies locally on the remote Windows client to match those previously listed in this section solved the issue. The remote Communicator 2007 R2 client was able to sign in to the internal Communications Server network.


LcsError, an Office Communications Server 2007 R2 Resource Kit tool, provides helpful error string information that interprets cryptic decimal or hexadecimal information. The error string information is located by doing research in break-fix scenarios. This concise, literal definition of the error helps identify the cause of the problem. LcsError can help lead to quicker resolutions of issues that are sometimes difficult to resolve.

Lync Server Resources

We Want to Hear from You

Keywords: hresult, hex, error, decimal, log

Comments (2)
  1. Mahmoud says:

    Hi Mike amazing article, can you help me in my enviroment making enterprise migration from OCS 2007 R2 to Lync2 2010 and till now after migrate all users to Lync server, most of clients still runing OCS client cause in our phase we have the old OCS Edge and we need to make it the other Lync Edg as a high availabilty, the main issue and problem is in the federation we mak a federation with other Lync 2010 after we change to our Lync Edge the we cant initiate the any session  whatever Audio, video and IM, but when the other company initiate any session we can reply with them.

  2. Mike Adkins says:


    It would be in your best interest to open a support incident with Microsoft Customer Technical Support to address this issue. Please review the support information listed below for more details on this topic.

    TechNet Support…/ms772425


Comments are closed.

Skip to main content