Home
  •  

AKN554609

Monitor_AKN554609 (UnitMonitor)

Baltimore CyberTrust Root certificate not present in the trusted root store of the Lync Edge Server

Knowledge Base article:

External

http://go.microsoft.com/fwlink/?LinkId=301771

Element properties:

TargetMicrosoft.KnowledgeServices.Lync.2010.CsServer
Parent MonitorSystem.Health.ConfigurationState
CategoryAlert
EnabledTrue
Alert GenerateTrue
Alert SeverityError
Alert PriorityHigh
Alert Auto ResolveTrue
Monitor TypeMicrosoft.KnowledgeServices.Library.PowerShellMonitorEx
RemotableTrue
AccessibilityPublic
Alert Message
Baltimore CyberTrust Root certificate not present in the trusted root store of the Lync Edge Server
<Details>
<Content>The migration of Lync Online Service to use the new Baltimore trusted root Certificate Authority is planned during May 2013. As of June 1st 2013, all of our servers, including the Lync Push Notifications Clearing House Service, will be on Baltimore certs only. Please ensure that your Lync Server deployments have been updated to trust the Baltimore Root in order for Mobile Push Notifications to work correctly. See the following link for more information.</Content>
<CollectedInformation />
</Details>
RunAsMicrosoft.KnowledgeServices.ElevatedAccount
CommentSupportTopic=TBD;VersionNumber=1.0.0.0;

Source Code:

<UnitMonitor ID="Monitor_AKN554609" Comment="SupportTopic=TBD;VersionNumber=1.0.0.0;" Accessibility="Public" Enabled="true" Target="MicrosoftKnowledgeServicesLyncLibrary!Microsoft.KnowledgeServices.Lync.2010.CsServer" ParentMonitorID="Health!System.Health.ConfigurationState" Remotable="true" Priority="High" RunAs="KnowledgeServicesLibrary!Microsoft.KnowledgeServices.ElevatedAccount" TypeID="KnowledgeServicesLibrary!Microsoft.KnowledgeServices.Library.PowerShellMonitorEx" ConfirmDelivery="true">

  <Category>Alert</Category>

  <AlertSettings AlertMessage="MonitorMessageef22373c7285438abbca7a17eebc3479">

    <AlertOnState>Error</AlertOnState>

    <AutoResolve>true</AutoResolve>

    <AlertPriority>High</AlertPriority>

    <AlertSeverity>Error</AlertSeverity>

  </AlertSettings>

  <OperationalStates>

    <OperationalState ID="Success" MonitorTypeStateID="Success" HealthState="Success"/>

    <OperationalState ID="Error" MonitorTypeStateID="Error" HealthState="Error"/>

  </OperationalStates>

  <Configuration>

    <ScriptName>AKN554609.ps1</ScriptName>

    <Parameters/>

    <ScriptBody><Script>



$ErrorActionPreference = "Stop"



# Set up the arguments

$scriptargs = new-object psobject



# Set up the output

$global:scriptoutput = new-object psobject

$scriptoutput | add-member NoteProperty "HasIssue" $false

#----------------------------------------------------- 

# MAIN CODE SECTION

#----------------------------------------------------- 



# Environment

$script:lyncPath = ""

if (Join-Path $Env:CommonProgramFiles "\Microsoft Lync Server 2013\Modules\Lync\Lync.psd1" | Test-Path)

{

    $script:lyncPath = Join-Path $Env:CommonProgramFiles "\Microsoft Lync Server 2013\Modules\Lync\Lync.psd1"

}

elseif (Join-Path $Env:CommonProgramFiles "\Microsoft Lync Server 2010\Modules\Lync\Lync.psd1" | Test-Path)

{

    $script:lyncPath = Join-Path $Env:CommonProgramFiles "\Microsoft Lync Server 2010\Modules\Lync\Lync.psd1"

}

$scriptenv = New-Object psobject

$scriptenv | Add-Member NoteProperty "RuntimeError" $false

$scriptenv | Add-Member NoteProperty "HasIssue" $false

$scriptenv | Add-Member NoteProperty "IsEdgeServer" $false



function IsEdgeServer()

{

    $edgeServices = @(Get-Service | Where-Object { $_.DisplayName -like "*edge*" })

    if($edgeServices.Count -gt 0)

    {

        $scriptenv.IsEdgeServer = $true

    }

}



# Main Function

function AdvisorRule($scriptargs, $scriptoutput)

{

    if (Test-Path $script:lyncPath)

    {

        trap [Exception]

        {

            $scriptenv.RuntimeError = $true

            continue

        }



        $scriptoutput.HasIssue = $false



		IsEdgeServer

        if ($scriptenv.IsEdgeServer)

        {

            $bcrCert = Get-ChildItem Cert:\Localmachine\root | Where-Object {$_.FriendlyName -ieq "Baltimore CyberTrust Root"}

            if ($bcrCert -ieq $null)

            {

                $scriptenv.HasIssue = $true

            }

        }



        if($scriptenv.HasIssue -eq $true -and $scriptenv.RuntimeError -eq $false)

        {

            $scriptoutput.HasIssue = $true

        }

    }

}

AdvisorRule $scriptargs $scriptoutput



# set the output

$mom = new-object -comobject "MOM.ScriptAPI"

$bag = $mom.CreatePropertyBag()



if ($scriptoutput.HasIssue -ne $null)

{

	$bag.AddValue("HasIssue", $scriptoutput.HasIssue)

}



$bag



</Script></ScriptBody>

    <SnapIns/>

    <TimeoutSeconds>300</TimeoutSeconds>

    <Schedule>14400</Schedule>

    <ErrorExpression>

      <SimpleExpression>

        <ValueExpression>

          <XPathQuery Type="Boolean">Property[@Name='HasIssue']</XPathQuery>

        </ValueExpression>

        <Operator>Equal</Operator>

        <ValueExpression>

          <Value Type="Boolean">true</Value>

        </ValueExpression>

      </SimpleExpression>

    </ErrorExpression>

    <SuccessExpression>

      <Not>

        <Expression>

          <SimpleExpression>

            <ValueExpression>

              <XPathQuery Type="Boolean">Property[@Name='HasIssue']</XPathQuery>

            </ValueExpression>

            <Operator>Equal</Operator>

            <ValueExpression>

              <Value Type="Boolean">true</Value>

            </ValueExpression>

          </SimpleExpression>

        </Expression>

      </Not>

    </SuccessExpression>

  </Configuration>

</UnitMonitor>