Rtcrsv.exe stops working when you add a TCP-enabled trusted application to a trusted application pool

Symptoms
You create a trusted application pool and publish the topology. Then, you add a TCP-enabled trusted application and run Enable-CsTopology. In this situation, the Rtcsrv.exe process stops running on the front-end servers. This issue occurs in a Skype for Business 2015 and Lync Server 2013 environment.
Cause
This issue may occur if you are using for the trusted application a trusted application pool with different Outbound Only settings and the same IP as another trusted application or service from the pool.

When the application is enabled for TCP, the application endpoint is identified by IP address and port instead of by FQDN and port. If the IP address that's used by the trusted application pool is not explicitly specified in the topology, it defaults to 0.0.0.0 (any IP), which can match any server. This causes a configuration conflict.

When this issue occurs, the following events are logged in the event log when you try to start the Rtcsrv.exe process:

Log Name:      Lync Server Source:       
LS Protocol Stack
Date:          7/4/2016 9:31:44 AM
Event ID:      14625
Task Category: (1001)
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      FE01.contoso.com
Description:
A serious configuration problem is preventing Skype for Business Server from functioning.

An unexpected error occurred while configuring the internal servers table. Contact Product Support Services.

Cause: The Skype for Business Server failed to process a configuration update due to invalid settings from CMS.
Resolution:
Review and correct the CMS configuration.


Log Name:      Lync Server Source:       
LS Protocol Stack
Date:          7/4/2016 9:31:44 AM
Event ID:      14562
Task Category: (1001)
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      FE01.contoso.com
Description:
Two servers cannot be configured at the same FQDN with different 'Outbound Only' options.

Cannot configure a server at FQDN [0.0.0.0] because another server is already configured there with a different 'Outbound Only' option.
Cause: This is a configuration problem.
Resolution:
Review the server roles that are configured at this FQDN and ensure that they have identical trust options.


Log Name:      Lync Server Source:       
LS Server
Date:          7/5/2016 2:58:10 PM
Event ID:      12303
Task Category: (1000)
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      FE01.contoso.com
Description:
The protocol stack reported a critical error: code 0xC3E93C66 (SIPPROXY_E_MULTIPLE_INCOMPATIBLE_TRUST_OPTIONS). The service has to stop.


Log Name:      Lync Server Source:       
LS Server
Date:          7/5/2016 2:58:10 PM
Event ID:      12303
Task Category: (1000)
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      FE01.contoso.com
Description:
The protocol stack reported a critical error: code 0xC3E93C66 (Configuration failure prevented the server from starting up). The service has to stop.


Resolution
To fix this problem, use one of the following methods:
  • Use TLS instead of TCP for the trusted application.
  • Make sure that trusted application pools have the same Outbound Only settings.
  • Specify the IP address of the trusted application pool by using the Limit service usage to selected IP addresses option in the topology. This option is not available when you create the trusted application pool. However, it becomes available after you associate a trusted application with the trusted application pool.
Properties

Article ID: 3175719 - Last Review: 07/08/2016 15:49:00 - Revision: 1.0

Skype for Business, Skype for Business 2015, Microsoft Lync Server 2013

  • KB3175719
Feedback