I recently deployed Microsoft Lync Server 2010 in a small environment and was told that Microsoft LCS and OCS was never deployed so I went ahead and treated the environment as a greenfield but as soon as I began to enable users for Lync, I noticed that some users would throw the following error when I try to enable them in PowerShell:
PS C:\Users\tluk-admin> enable-csuser -identity domain.local\dtrott -registrarpool ly
ncpool01.domain.local -sipaddresstype samaccountname -sipdomain domain.com
Enable-CsUser : Cannot move legacy user in enable operation. Use the Move user
At line:1 char:14
+ enable-csuser <<<< -identity domain.local\dtrott -registrarpool lyncpool01.ccs.in
t -sipaddresstype samaccountname -sipdomain domain.com
+ CategoryInfo : InvalidOperation: (:) [Enable-CsUser], InvalidOp
+ FullyQualifiedErrorId : ProcessRecord,Microsoft.Rtc.Management.AD.Cmdlet
As some of you have already guessed, the reason why I am getting this error is because the user I was trying to enable for Lync was at one point enabled for Microsoft OCS and therefore the Enable-CsUser cmdlet is recommending that I try using the cmdlet to move a legacy user instead. It would have been easy to get these users over if the old OCS environment still existed but that wasn’t the case for this organization.
What I ended up doing was to open up adsiedit.msc, navigate to the user’s object, open the properties, and removing or setting the following attributes to “<not set>” and “0”:
Here’s an example of a user who still had legacy OCS attributes populated for their account:
Here’s an example of a user account that had the legacy OCS attributes removed:
I’d have to say that while this solution works, it properly doesn’t scale well if you had more than 50 users in the organization so if you fall into that situation, I would suggest that you make an attempt to script the procedure for everyone in Active Directory (make sure you run the script before you enable anyone for Lync).