I'm seeing the following when trying to open the Lync Server 2010 Administration Control Panel:
Unauthorized: Authorization failed.
The application cannot verify your credentials.
Verify your logon credentials and contact your support team.In the Lync Server application event log I see this warning message:
Log Name: Lync ServerSource: LS Remote PowerShell
Date: 5/15/2013 2:33:27 PM
Event ID: 35007
Task Category: (3500)
Level: Warning
Keywords: Classic
User: N/A
Computer: LYNC01.domain
Description:
Remote PowerShell cannot create InitialSessionState.
Remote PowerShell cannot create InitialSessionState for user: <SID>. Cause of failure: Active Directory server "<ADServer>" is not available. Try again later.
Cause: Remote PowerShell can fail to create InitialSessionState for varied number of reasons. Please look for other events that can give some specific information.
Resolution:
Follow the resolution on the corresponding failure events.
I can ping <ADServer> just fine. From a previous message in this forum I also confirmed that NSLookup can see all AD and GC servers fine. In some cases I can do an IISReset /noforce and I am then able to connect again to the control panel, but this isn't always the case.
<ADServer> appears to be working fine, there is nothing in the event logs that would suggest otherwise. Doing an NLTest /SC_Query:domain returns successful with a different <ADServer> than the one in the warning message.
The <SID> user has all the appropriate permissions to access the control panel and has done so in the past without issues.
The only changes to the domain are that we recently raised the forest and domain functional levels to 2008 R2, however this was 7 days before this issue started occurring.
Anyone have any ideas on what this might be? Note that we have had this environment set up for several months without issue, this problem only started happening on the 10th of May.
Thanks!