Hello all -
Just an FYI for those of you running 4.2(1) servers. Last night I used the new PW on 5 servers to add a new domain. I made sure the Enable DCOM box was checked in the PW because I am still running Windows 2003 SP1. The wizard ran fine on all servers. However, this morning, our ViewMail users were getting prompted for network authentication and the error "Access was denied when connecting to the voice server." Before calling TAC, I made sure DCOM was still enabled on the server in dcomcnfg. Working with TAC, I used regedit to scan for the CLSID number of the component that was now showing DCOM errors in the System Event Log once we rebooted the server. The component was identified as AvCsGateway. TAC and I compared our Security permissions for this component. I did not have Authenticated Users. Cross referencing the security permissions in the AvCsGateway component - The default settings on this page are:
- Launch and activate permissions - Use default. Note: I previously had this set as Custom, which gave the Everyone group Launch and activate permissions. I changed it to Default to match what TAC had.
- Access Permissions - Use default
- Configuration permissions - Custom. This is where I added Authenticated Users.
We tested a reboot of one server and users could again use ViewMail without authentication. It wasn't until I had made the change on all servers and rebooted them, that I discovered we now were getting the following error when attempting to use the Unity SA Webpage:
This is most likely an error with a DLL, probably AvSaLocalizationSvr.dll or perhaps AvSaLocaleInfoSvr.dll.
Check that these files are present, and registered with REGSVR32.
Also be sure that the appropriate MsgStoreRes.dll file is present.
(From: Global.asa: hr=0x80070005)
I'm pretty sure I need to revert the Local launch and activation on the AvCsGateway component back to allow the Everyone group permissions. As this will require another reboot of the servers, I am scheduling this for the evening. This error does not impact the local Unity domain account, so we can circumvent the problem by using Remote Desktop or by RunAs IE as the domain\unityadmin account, both work fine. I also forwarded this information to TAC and wanted to alert you to the problems I was having in case you have a similar problem.
Best wishes as always, Ginger