DLP Endpoint Agent 15.1 Crashes Skype Meetings

I do not need a solution (just sharing information)

My organization recently updated from Symantec Data Loss Prevention 14.6 MP2 to 15.1. We are also in the process of migrating our users to Skype for Business 2016 (formerly known as Lync) and Skype Meetings.

I’ve found that “Application Monitoring” in Symantec Data Loss Prevention 15.1 is by default configured to monitor Application File Access (AFAC) for the Skype for Business / Lync process (Lync.exe). However, whenever my users attempt to launch or join a Skype meeting, Skype for Business will enter a non-responsive state.

Examination of logs shows that the Lync.exe process is actually accessing a Windows Jump List (.automaticDestinations-ms file). The detection eventually times out if you wait the default 15 minutes.

11/21/2018 00:17:55 | 67720 | INFO    | CoreServices.MessageLogger | MESSAGETYPE_DETECTION_REQUEST    MESSAGESOURCE_FILE_SYSTEM_CONNECTOR  11/21/2018 06:17:55  [
Request Id #123
Detection Request Details :
    Session Command : Single Request
    Request Type : Data In Motion Request

Dim Detection Request Details :
    Process Id : 21852
    Process Path : C:Program Files (x86)Microsoft OfficerootOffice16lync.exe
    Application Name : Microsoft Lync
    User : yourusername
    Domain : yourdomain
    Time Stamp : 11/21/2018 06:17:55
    Dim Event Type : Application file access

AFAC Detection Request Details :
 file: C:UsersyourusernameAppDataRoamingMicrosoftWindowsRecentAutomaticDestinations78f0afb5bd4bb278.automaticDestinations-ms
]

11/21/2018 00:32:55 | 67720 | INFO    | CoreServices.MessageLogger | MESSAGETYPE_DETECTION_RESPONSE    MESSAGESOURCE_DETECTION_SCHEDULER  11/21/2018 06:32:55  [
Request Id #123 FAILURE Detection timeout allow
Scan Time : 900146 ms]

I’ve been able to resolve the issue by creating a Channel Filter to exclude either the file path or the file type. Just sharing information and wondering if anyone else has ran into similar issues? Skype in general doesn’t seem to be stable with Application File Access (AFAC) monitoring turned on.

0

Related:

Lifecycle Information for Citrix XenApp/XenDesktop HDX RealTime Optimization Pack

The HDX RealTime Optimization Pack (RTOP) for Skype® for Business is a feature of Citrix Virtual Apps and Desktops (formerly XenApp and XenDesktop), Advanced (formerly Enterprise) and Premium (formerly Platinum) editions. HDX RTOP provides optimized delivery of the Microsoft Skype for Business 2015, 2016 and 2019 clients.

HDX RTOP’s support and maintenance is tied to the lifecycle of the underlying Citrix Virtual Apps and Desktops (XenApp and XenDesktop) product in use.

HDX RTOP LTSR is compatible and supported with all actively supported Citrix Virtual Apps and Desktops (XenApp and XenDesktop) LTSRs and CRs. Please refer to the Citrix Product Lifecycle (Product Matrix) for details.

HDX RTOP is supported only on server and client Operating System versions that are supported by their manufacturer and only with Skype for Business versions that Microsoft still supports under mainstream or extended support.

1. Long Term Service Release

HDX RTOP 2.4 is a Long Term Service Release (LTSR). The EoM/EoL lifecycle of Optimization Pack 2.4 aligns with the lifecycle of the Citrix Receiver for Windows 4.9 LTSR.

Code-level maintenance (critical defect and security fixes) is provided by updating to the most recent RTOP Cumulative Update software version.

CUs are released twice a year, aligned with the XenApp/XenDesktop CUs in April and October.

The components covered under the LTSR program are:

  • HDX RealTime Connector for Skype for Business
  • HDX RealTime Media Engine for Windows only

HDX RealTime Media Engine for Mac, Linux, Android and Workspace Hub are not included in the LTSR program

RTOP Version GA Date EoM Date EoL Date
2.4 12-19-2017 08-15-2020
2.4.1000 06-08-2018 08-15-2020
2.4.2000 10-23-2018 08-15-2020

Lifecycle Phases: GA (General Availability), EOM (End of Maintenance), EOL (End of Life). For definitions of these terms, click here.

Customers must be current with Citrix Customer Success Services (CSS) for Citrix Virtual Apps and Desktops to obtain HDX RealTime Connector LTSRs and LTSR Cumulative Updates (CUs).

Accessing and Deploying Updates: Cumulative Updates (CUs) are software releases that provide maintenance corrections and/or fixes. CUs will be available for download from www.citrix.com for Customer Success Services (Software Maintenance) customers.

Generally, CUs will include fixes and no new functionality. CUs are cumulative in nature, so any new CU will include all fixes released in previous CUs for that component.

This means that all updates will include all previous updates. You will not be able to install a subset of the fixes included in a CU release.

Support is available for any LTSR version level, but code level maintenance will be provided on the latest released CU.

Admins that want to routinely point their end users to the latest version may choose to advertise a download page for the latest current release version or a download page for the latest LTSR CU version (only the RTME for Windows is covered by the LTSR program). Those pages will be evergreen – the URLs will persist while the contents on the pages are refreshed with each release. If you prefer to point your end users to a specific version, choose one of the pages listed here.

HDX RealTime Optimization Pack 2.4.x

HDX RealTime Optimization Pack 2.4.x is for customers using one of the following Microsoft unified communications products: Skype for Business Server 2015, Lync Server 2013, Skype for Business Online (Office 365 – restrictions apply).

2. Current Releases

RTOP Current Releases are released Quarterly, generally aligned with Citrix Virtual Apps and Desktops CRs.

Citrix reserves the right to skip an RTOP CR release on a given quarter.

Starting from Current Release 2.6, CRs will reach End of Maintenance (EoM) 6 months after general availability (GA), and will reach End of Life (EoL) 18 months after GA.

Lifecyle Milestones for RTOP CRs
RTOP Version GA Date EoM Date EoL Date
2.0 12-29-2015 06-29-2016 05-15-2019
2.1.200 10-28-2016 04-28-2017 05-15-2019
2.2.100 03-10-2017 11-10-2017 05-15-2019
2.3 09-18-2017 04-18-2018 05-15-2019
2.5 06-05-2018 03-12-2019 12-05-2019
2.6 09-12-2018 03-12-2019 03-12-2020

HDX RealTime Optimization Pack 1.8.x

HDX RealTime Optimization Pack 1.8.200 (December 2015) is the last release for customers still using Lync Server 2010.

Please note that Microsoft’s Mainstream Support End Date for Lync Server 2010 was 4/12/2016 – hence it is not supported by Citrix any longer.

3. Questions and Answers:

Q: What is a Current Release (CR) and how does it compare to a Long Term Service Release (LTSR)?

A: See Servicing Options.

Q: Where can I find documentation for HDX RealTime Optimization Pack?

A: Documentation for HDX RealTime Optimization Pack 2.x can be found here.

Q: Would HDX RealTime Optimization Pack work when trying to optimize Microsoft Teams?

A: No. Citrix offers Browser Content Redirection for optimized delivery of the Teams web client. In addition, Citrix is currently developing a Teams desktop client optimization solution and GA is targeted for 2019.

Disclaimer

The information contained herein is believed to be accurate as of the date of publication, but updates and revisions may be posted periodically and without notice. CITRIX DOES NOT PROVIDE ANY WARRANTIES COVERING THIS INFORMATION AND SPECIFICALLY DISCLAIMS ANY LIABILITY FOR DAMAGES, INCLUDING, WITHOUT LIMITATION, DIRECT, INDIRECT, CONSEQUENTIAL, INCIDENTAL, AND SPECIAL DAMAGES, IN CONNECTION WITH THE INFORMATION PRESENTED HERE.

Related:

The Unified Messaging server rejected an incoming call with the ID “%1”. Reason: “%2”

Details
Product: Exchange
Event ID: 1021
Source: MSExchange Unified Messaging
Version: 8.0
Symbolic Name: CallRejected
Message: The Unified Messaging server rejected an incoming call with the ID “%1”. Reason: “%2”
   
Explanation

This Warning event indicates that the incoming call with the Call-ID referenced in the event description was rejected by the computer that has the Unified Messaging server role installed. The Call-ID is a random identifier encapsulated in the Session Initiation Protocol (SIP) request. It is used to uniquely identify a call between the IP/VoIP gateway and the Unified Messaging (UM) server. This event may be caused by one or more of the following:

  • The UM IP gateway is disabled. When the gateway is set to Disabled Immediately, the UM server disconnects all calls that are connected to the server. When the gateway is Disabled After Completing Calls, the server processes all existing calls but does not accept any new calls.

  • The pilot number sent by the IP/VoIP gateway does not match to any pilot identifiers of the UM hunt groups that are associated with the UM IP gateway.

  • The IP address of the IP/VoIP gateway does not match to the IP address of the UM IP gateway.

  • The UM IP gateway does not contain any UM hunt groups.

  • The UM IP gateway is not linked to the UM server through UM hunt groups and UM dial plans.

   
User Action

To resolve this warning, do one or more of the following:

If a default UM hunt group is used, the pilot identifier should be blank.

If you are not already doing so, consider running the tools that Microsoft Exchange offers to help administrators analyze and troubleshoot their Exchange environment. These tools can help you make sure that your configuration is in line with Microsoft best practices. They can also help you identify and resolve performance issues, improve mail flow, and better manage disaster recovery scenarios. Go to the Toolbox node of the Exchange Management Console to run these tools now. For more information about these tools, see Toolbox in the Exchange Server 2007 Help.

Related:

No %1 IP gateways were found for the Microsoft Exchange Unified Messaging service.

Details
Product: Exchange
Event ID: 1124
Source: MSExchange Unified Messaging
Version: 8.0
Symbolic Name: NoPeersFound
Message: No %1 IP gateways were found for the Microsoft Exchange Unified Messaging service.
   
Explanation

This Warning event indicates that no Session Initiation Protocol (SIP) peers (VoIP gateway or IP/PBX) are linked to the computer that has the Unified Messaging server role installed through the Unified Messaging (UM) dial plan and UM hunt group. In addition, all incoming calls may be rejected from any SIP peers when this event occurs. This event may be caused by the following conditions:

  • An IP/VoIP gateway is not created.

  • The gateway that is created is not linked to any dial plan through a hunt group for the UM server.

   
User Action

To resolve this warning, make sure that an IP/VoIP gateway is created. Additionally, make sure that the IP/VoIP gateway is linked to a dial plan associated with the UM server through a hunt group.

For more information, see the following topics at the Exchange Server TechCenter:

If you are not already doing so, consider running the tools that Microsoft Exchange offers to help administrators analyze and troubleshoot their Exchange environment. These tools can help you make sure that your configuration is in line with Microsoft best practices. They can also help you identify and resolve performance issues, improve mail flow, and better manage disaster recovery scenarios. Go to the Toolbox node of the Exchange Management Console to run these tools now. For more information about these tools, see Toolbox in the Exchange Server 2007 Help.

Related:

The Unified Messaging server could not find an IP gateway that allows outgoing calls.

Details
Product: Exchange
Event ID: 1105
Source: MSExchange Unified Messaging
Version: 8.0
Symbolic Name: OutboundGatewayNotFound
Message: The Unified Messaging server could not find an IP gateway that allows outgoing calls.
   
Explanation

This Warning event indicates that no Unified Messaging (UM) IP gateway is linked to the computer that is running the Unified Messaging server role through the UM dial plan and the UM hunt group. Any outbound calls from the Unified Messaging server will be disabled. This event may be caused by the following conditions:

  • The UM IP gateway is not created.

  • The UM IP gateway is created. However, the UM IP gateway is not linked to any dial plan through a UM hunt group for the Unified Messaging server.

   
User Action

To resolve this warning, do one or more of the following:

  • Make sure an UM IP gateway is created.

  • Make sure that the UM IP gateway linked to a dial plan associated with the Unified Messaging server through a hunt group.

For information about how to create a new UM gateway, see How to Create a New Unified Messaging IP Gateway.

For information about how to create a new UM hunt group, see How to Create a New Unified Messaging Hunt Group.

For more information about UM hunt groups, see Understanding Unified Messaging Hunt Groups.

If you are not already doing so, consider running the tools that Microsoft Exchange offers to help administrators analyze and troubleshoot their Exchange environment. These tools can help you make sure that your configuration is in line with Microsoft best practices. They can also help you identify and resolve performance issues, improve mail flow, and better manage disaster recovery scenarios. Go to the Toolbox node of the Exchange Management Console to run these tools now. For more information about these tools, see Toolbox in the Exchange Server 2007 Help.

Related:

The Unified Messaging Web service was unable to process a “%1” request for user “%2”. The error was “%3”.

Details
Product: Exchange
Event ID: 1083
Source: MSExchange Unified Messaging
Version: 8.0
Symbolic Name: UMClientAccessError
Message: The Unified Messaging Web service was unable to process a “%1” request for user “%2”. The error was “%3”.
   
Explanation

The Warning event indicates that the Microsoft Exchange Server 2007 Unified Messaging (UM) Web service installed on the computer that is running the Client Access server role did not process a request. Review the event description for the type of request that failed:

  • GetUMProperties: Return all Unified Messaging properties of a Unified Messaging-enabled user.

  • SetOofStatus: Change the Out of Office setting.

  • SetMissedCallNotificationEnabled: Receive notifications when callers attempt to contact a user but do not leave a voice mail message.

  • SetPlayOnPhoneDialString: Set phone number to use to listen to voice mail using Play on Phone.

  • SetTelephoneAccessFolderEmail: Set the folder to read when users access e-mail messages from the phone by using Outlook Voice Access.

  • ResetPIN: Reset the PIN used to access mailboxes from a phone.

  • PlayOnPhone: Play voice mail greeting to callers.

  • PlayOnPhoneGreeting: Play Out of Office voice mail greeting to callers.

  • GetCallInfo: Return information about a call

  • Disconnect: Disconnect a call

The event maybe caused by one or more of the following conditions:

  • A UM IP gateway object does not exist.

  • A UM IP gateway object is not linked to the UM dial plan that is used by the user who initiated the Web request.

  • The certificate that the Client Access server that is used to establish a secure communication with the Unified Messaging server role has an incorrect Subject or Subject Alternative Name.

  • The Call-ID is empty, longer than 1064 characters, or has “@” (without the quotation mark) as the last character.

  • The phone number supplied for PlayOnPhone or PlayOnPhoneGreeting Web service requests is empty, or contains non-numeric characters.

  • The user referenced in the event description is not UM-enabled.

The UM Web service (UnifiedMessaging) resides in the Internet Information Service virtual directory of the computer that has the Client Access server role installed. The UM Web service accepts user requests such as recording a voice mail greeting or using the Play on Phone feature over HTTP or HTTPS, and then it processes and relays the requests to the computer that has the Unified Messaging server role installed over Session Initiation Protocol (SIP) information. The UM Web Service is necessary for Microsoft Office Outlook 2007 and Outlook Web Access client to communicate with the Unified Messaging server.

   
User Action

To resolve this warning, do one or more of the following:

If you are not already doing so, consider running the tools that Microsoft Exchange offers to help administrators analyze and troubleshoot their Exchange environment. These tools can help you make sure that your configuration is in line with Microsoft best practices. They can also help you identify and resolve performance issues, improve mail flow, and better manage disaster recovery scenarios. Go to the Toolbox node of the Exchange Management Console to run these tools now. For more information about these tools, see Toolbox in the Exchange Server 2007 Help.

Related:

The Microsoft Exchange Unified Messaging service was not able to redirect the call with ID “%1” to an available Unified Messaging Worker Process.

Details
Product: Exchange
Event ID: 1058
Source: MSExchange Unified Messaging
Version: 8.0
Symbolic Name: UMServiceUnableToRedirectCall
Message: The Microsoft Exchange Unified Messaging service was not able to redirect the call with ID “%1” to an available Unified Messaging Worker Process.
   
Explanation

This Error event indicates that the Unified Messaging Service was not able to redirect incoming messages received from the IP/VoIP gateway to the Unified Messaging (UM) worker process. The call with Call-ID specified in the event description was disconnected. The Unified Messaging Service first accepts the incoming Session Initiation Protocol (SIP) INVITE message over TCP sent by the IP/VoIP gateway. The service then tries to locate an available UM worker process (UMWorkerProcess.exe). If the UM worker process is ready to accept calls, the Unified Messaging Service will reply to the SIP INVITE message by using a 302 Moved Temporarily SIP response message. In this scenario, calls will be redirected and handled by the UM worker process. If the UM worker process becomes unresponsive or exceeds the lifespan, the Unified Messaging Service will retire the existing UM worker process, together with the resources it uses, and create a new UM worker process to handle any new requests. By creating a new process and redirecting calls to it, you can make the Unified Messaging Service more efficient and reliable, even when the original worker process that serves the requests has problems.

This event may occur if the UM worker process is started or shut down when the Unified Messaging Service tries to redirect a call. On rare occasions, this may occur after all UM worker processes stop unexpectedly.

   
User Action

To resolve this error, do the following:

  • Restart the Unified Messaging Service.

  • If this error frequently occurs, contact Microsoft Product Support. For more information, visit the Contact Us page of the Microsoft Help and Support Web site.

If you are not already doing so, consider running the tools that Microsoft Exchange offers to help administrators analyze and troubleshoot their Exchange environment. These tools can help you make sure that your configuration is in line with Microsoft best practices. They can also help you identify and resolve performance issues, improve mail flow, and better manage disaster recovery scenarios. Go to the Toolbox node of the Exchange Management Console to run these tools now. For more information about these tools, see Toolbox in the Exchange Server 2007 Help.

Related:

The Microsoft Exchange Unified Messaging service was not able to start because the executable file “%1” for the Unified Messaging Worker Process does not exist. To resolve this issue, copy the default file located on the Exchange Server 2007 DVD into the \bin folder in the installation directory.

Details
Product: Exchange
Event ID: 1043
Source: MSExchange Unified Messaging
Version: 8.0
Symbolic Name: UMInvalidWorkerProcessPath
Message: The Microsoft Exchange Unified Messaging service was not able to start because the executable file “%1” for the Unified Messaging Worker Process does not exist. To resolve this issue, copy the default file located on the Exchange Server 2007 DVD into the \bin folder in the installation directory.
   
Explanation

This Error event indicates that the Microsoft Exchange Unified Messaging Service was not able to start because the executable file for the Unified Messaging (UM) worker process (UMWorkerProcess.exe) does not exist. The default location of this file is C:\Program Files\Microsoft\Exchange Server\bin. When the Unified Messaging Service starts, a UM worker process is also started. The Unified Messaging Service first accepts the calls sent by the IP/VoIP gateway, and then it tries to redirect the calls to the UM worker process. If the UM worker process becomes unresponsive or exceeds the lifespan, the Unified Messaging Service will retire the existing UM worker process, together with the resources it consumes, and create a new UM worker process to continue to process any new requests. When you create a new process and redirect calls to it, you can make UM more efficient and reliable, even when the original worker process that served the requests has problems.

This event may be logged when the following conditions are true:

  • The file has been deleted or renamed manually by a user.

  • The file has been deleted or quarantined by antivirus software.

   
User Action

To resolve this error, replace the UM worker process executable (UMWorkerProcess.exe) with the default file located on the Exchange Server 2007 CD. UMWorkerProcess.exe is located in the \Setup\Server Roles\Common folder on the Exchange 2007 CD. After you replace the executable, restart the Unified Messaging Service.

If you are not already doing so, consider running the tools that Microsoft Exchange offers to help administrators analyze and troubleshoot their Exchange environment. These tools can help you make sure that your configuration is in line with Microsoft best practices. They can also help you identify and resolve performance issues, improve mail flow, and better manage disaster recovery scenarios. Go to the Toolbox node of the Exchange Management Console to run these tools now. For more information about these tools, see Toolbox in the Exchange Server 2007 Help.

Related: