Monitor unlimited number of servers
Filter log events
Create email and web-based reports

Direct access to Microsoft articles
Customized keywords for major search engines
Access to premium content

Event ID: 16405 Source: LiveCommunicationsServer

Level
Description
Over the past <value> minutes Live Communications Server has experienced TLS outgoing connection failures 1 time(s). The error code of the last failure is 0x80090322 (The target principal name is incorrect.) while trying to connect to the host "<host>".
Cause: Wrong principal error could happen if the peer presents a certificate whose subject name does not match the peer name. Certificate root not trusted error could happen if the peer certificate was issued by remote CA that is not trusted by the local machine.
Resolution: For untrusted root errors ensure that the remote CA certificate chain is installed locally. If you have already installed the remote CA certificate chain then try rebooting the computer.
Comments
 
From a newsgroup post: "This means that your certificate is not issued to the pool name. Please check the certificate on the front-end servers (belonging to the pool) and ensure that they match the pool FQDN.
In rare cases, this can also happen due to badly configured DNS. When the server tries to resolve the host, it gets an IP address of a server that does not belong to the pool".

From a newsgroup post: "The certificates used are directly linked to the FQDNs targeted. Therefore, if your AP targets FQDN lcsfe.contoso.com but gets a certificate for sip.contoso.com back, it is going to encounter connectivity issues.
There are other options available if you would like to use different FQDNs but make it so that employees do not need to configure their clients for a different server:
1. Internally you can deploy a policy to specify which server a client will target.
2. You can deploy SRV records which will direct clients to the correct FQDN. Read the Live Communications Server 2005 Document Planning Guide for details.
If you are concerned about the cost of public certifications, you can use your own internal CA for your front-end certificate and then deploy the certificate chain for your CA across your internal machines".

Windows Event Log Analysis Splunk App

Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net.

Read more...

 

Cisco ASA Log Analyzer Splunk App

Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.

Read more...