The relay server logs errors and other events to the Windows services event log which you can see using the Event Viewer link on the relay server administrative Web pages or the NT Event Viewer. The following section lists alphabetically some of the more common error events generated by the relay server and suggests responses.
ERROR: Failed to decrypt private key value.
Solution: This error condition usually occurs when the relay server's privkey.dat file (gen-erated during initial installation) has been overwritten and/or the original registry entries created in conjunction with the original privkey.dat are now different. Either restore your original privkey.dat and associated registry keys or re-create the privkey.dat file. See
“Identifying the Relay Server and Generating Relay Server Key Files” in the Getting Started chapter of this guide for information about creating the privkey.dat file.
ERROR: Mac check failed on connect; msgId: 1 device: dpp://r999.groove.net/
vynnxwgv7v3wz3rgxcht46m92jrvcnms7hqbk92
Solution: The authentication information sent by the Groove client does not match the authentication information originally stored on the relay server from the client’s initial relay contact. Open the relay server statistics Web site, select the Devices view, and spec-ify the name of the device that generated the error. When the statistics screen appears for the device, click the Clear Security Keys button to clear the existing key information on the client, then restart the client and login to the Groove virtual office application. If this fails to solve the problem, contact Groove Support.
ERROR: PreauthRequired and no User ID supplied in the registration message, account grooveAccount://zvbvpu722exhca7c4rqiiif3c8bcrdhz9cfy4es@
Solution: This error condition usually occurs when older pre-2.0 clients try to register with the relay, but the relay is configured to require identity pre-authorization which is only supported with EMS-managed clients. In order to support these pre-2.0 clients, dis-able the Require device pre-authentication parameter on the Security tab of the relay server configuration control panel applet. See “Customizing Relay Server Security and Tuning Settings” in the Getting Started chapter of this guide for information about dis-abling the device pre-authentication parameter. Also see this “Solution” in the Trouble-shooting chapter for other ways to address this error.
ERROR: RQS: RQS-Manager initialization failed - another process is using the RQS sub-system, RQSPathHome (C:\relay\RQS)
ERROR: "IGrooveRQManager Initialize failed, hResult(0x80200006)
Solution: These errors usually occur when the relay executable is started twice or when some other application is accessing the relay server database directories. Confirm whether only one relay process is trying to run. If multiple processes are running, stop one of them.
If only one relay process is running, contact Groove support for assistance. See “Viewing Relay Server Availability and State”, in the Monitoring a Relay Server chapter, for infor-mation about viewing relay server process events. See “Starting and Stopping a Relay Server” in the Managing a Relay Server chapter for information about how to stop a relay server process.
ERROR: RQS-Manager: User open failed - user object initialization failed, user name (86etwfwjij33ibxschk6wxwbwxrg6zmra99kcci), hr(0x80210009)
ERROR: 192.168.1.24:1133 user layer message verification failed for user grooveAc-count://3tuf966hej5zawssdf3kk2x4navezs984iag7rws@ on device dpp://r030.groove.net/
eurovpsx53khzrffdm3uxaphqh64bzzrtygwxk2
Solution: The Enterprise Management Server has not successfully downloaded the man-aged identity information to the relay server.See this “Solution” in the Troubleshooting chapter for ways to address this error.
ERROR: Translated exception caught in process:thread 918:808
Solution: The relay process has crashed. Contact technical support for further assistance.
INFO GCPurgeQueueCompletion::QueueCompressComplete:Queue busy, did not com-press ‘Q0000030924’
WARN GCFFQOperation::iAcquireGetNExtAdvance: GetNext lock timeout for
‘Q0000030924|FFQ1’ Not active periods = 641, unacknowledged messages = 2, last Advance=Tue May 18 22:44:48 2004
Solution: If an event log entry similar to either of the above appears for the relay server, this indicates that a client has dequeued a message from a queue but has not yet acknowl-edged the message. Under this condition, the relay server cannot attempt to purge the queue. Such messages usually mean that a purge review was skipped for this queue and the queue will be reviewed by the purge process on the next scheduled cycle. (The mes-sages can appear even when the queue has no mesmes-sages to be purged.)
Glossary
This document defines the main terms you will encounter as you use the Groove Relay Server.
Account See User Account.
Certificate Container of keys and related authentication data for a user identity, user device, or server.
Device A device is a client (user) computer that is running Groove. A device is also sometimes called a client. A device is identified by a Device URL.
Device management allows you to manage the use of Groove and third-party components for specified devices (computers) in your domain. Applying a registry key (a pointer to the domain, provided by Groove networks) to a device makes it part of your management domain. You can then set device policies to control the component downloads by devices within the domain.
Note that Groove supports multiple users on a device, as well as multiple devices per user.
You can choose to manage users only, devices only, or both.
Device-targeted message A message destined for a workspace-user-device combination (such as a Groove workspace update). A device-targeted message is sent over a session addressed by a tuple of ResourceURL, UserURL, DeviceURL.
Device Presence Protocol (DPP) Informs users when other users are online, offline, or in a workspace. Default port (registered with IETF): 1211/UDP.
DMZ An acronym for De-Militarized Zone, used in the context of firewalls and commu-nications networks to mean a separate network within your internal network that allows controlled public access.
Domain A collection of Groove users and devices, as specified in your purchase agree-ment with Groove Networks. Each domain consists of a specified number of seats (users running Groove) and the tool licenses that are available to them. You can set up one or more domains for your company, depending on your needs, each with its own set of licenses. See Management Domain for more information.
Domain Members Groove users who have injected an identity sent by their Groove administrator, giving them membership in their company’s domain and access to the asso-ciated licenses.
Enterprise Management Server (EMS) A management server installed at your site,
necessary for managing onsite relay servers and deploying Groove users at an enterprise.
Enterprise Relay Server (ERS) A relay server running on a machine installed and man-aged at your site.
Extents FFQ files of client message data.
Fanout The act of sending individual streams of data to a relay server for replication and distribution, reducing the amount of data that an individual user sends across the network.
Whenever possible, Groove transmits data directly from peer to peer, sending out individ-ual packets of data to each workspace member’s device. When conditions call for a rela-tively large amount of data to be sent out, Groove uses relay servers to fanout data transmission.
FFQ (Flat File Queue) - Database that holds Groove client message data, updates to Groove workspaces (device-targeted data) and instant messages and invitations (identity-targeted data).
Hosted Relay Server A relay server hosted by Groove Networks.
HTTP Tunneling (Encapsulated HyperText Transfer Protocol) Used when SSTP is not viable, such as when a user is behind a firewall. In this scenario, Groove wraps its SSTP messages in HTTP, allowing the deltas to pass through firewalls. HTTP is only used between a client and a relay server. Default port: 80.
Identity See User Identity.
Identity-targeted message A message destined for a particular resource handler-user combination (such as a Groove instant message or invitation), regardless of the device the user is on. An identity-targeted message is addressed by a triple of ResourceURL, Use-rURL, and a null DeviceURL. An identity-targeted message is sometimes referred to sim-ply as an identity message.
Key An authentication code associated with a user identity, user device, or server, some-times stored in a certificate.
License A license.grv file that contains formal permission to access a specific Groove tool set, tool, or tool component. One or more licenses are purchased by your company for a domain. Domain member users gain access to these licenses when they inject the identity sent to them by their Groove administrator. The license access is account-based and applies to all identities within that account. For non-member users (users for whom you did not create an injectable identity), such as consultants, you can issue individual licenses from the domain. The non-member user then injects the license into their account.
Network Services also lets you revoke domain membership along with access to all domain licenses, or revoke individual licenses from non-members.
Private key One half of a key pair, kept private by the owner and used in conjunction with a matched public key. This strictly private key is used to decrypt messages that have been encrypted by a public key.
Public key One half of a key pair, used to verify signatures created with a matched pri-vate key and to encrypt messages which can only be decrypted using the matched pripri-vate
key. This publicly-listed key is associated with a user or device and is available for other users and devices to use for sending encrypted messages to the public key owner. The public key owner than uses a private key to decrypt the message. A public key is usually stored in a certificate (.cer) file along with other identifying information.
Queue The lists of Groove messages stored on the relay server. Messages are grouped by identity, depending on whether they are device-targeted (such as workspace updates) or identity-targeted (Groove instant messages and workspace invitations).
Queue store Database files that contain queued messages.
Registering In the context of relay servers, registering refers to the first time a user that is assigned to a relay server contacts and is authenticated by that relay server.
Registry file A Groove-supplied .reg file that you can apply to devices to add them to your domain, placing them under your management. Once you apply the registry setting in this file to a device, that device becomes subject to the component download and installa-tion policies that you set for devices in your domain.
Relay Server An application that runs on one or more server machines and provides relay services to Groove clients, including navigating firewalls, providing an alternative com-munications path for clients operating over dial-up links, and offering temporary storage when users are offline.
Relay Server Configuration Control Panel Applet The relay server’s administrative interface where administrators can perform various relay server configuration tasks, including generating relay server keys, generating SOAP identity files, configuring SSL on the relay server, and customizing relay server security settings.
RQS (Relay Queue Store) Database that holds Groove meta data (including Groove authentication and account information).
Simple Symmetrical Transmission Protocol (SSTP) Used by Groove client and relay devices for communication. Default port (registered with IETF): 2492/TCP.
Secure Socket Layer (SSL) Protocol supported by the Groove relay server that is used to secure HTTP traffic.
Subscriber In the context relay servers, a Groove client that contacts a relay server to check a Groove contact’s presence information.
Tool A program or application that workspace members use to interact. Each member of a workspace has access to the same tools (such as chat, calendar, and sketchpad tools) and can use them to affect workspace data. Groove provides a set of standard tools but devel-opers familiar with Groove’s Application Programming Interface (API) can create addi-tional tools which users can then inject into their workspaces.
User A Groove user can be a domain member - one who has injected an identity sent by the Groove administrator, giving them membership in their company’s domain and access to associated licenses, or a non-member - one who has injected a license sent to them by the Groove administrator but has not received the injectable identity needed for domain membership.
User account A file, stored on a user’s computer, that maintains usage data, including information about the user’s identities, secret encryption keys, devices (computers) on which they run Groove, workspaces, and contacts. Users must have at least one account in order to use Groove and inject an identity sent to them from an administrator. The account into which they inject an identity is a managed account because it is managed by an administrator and gives them access to the licenses associated with a given domain.
User identity A persona in Groove. Groove users create an initial default identity when they install the Groove Virtual Office application. A user can have one or more identities in a single account. The user identity name and address information comprise the contact information for that identity. To manage user identities within your domain, you create an injectable identity, an identity.grv file, for each user and distribute these identities to them.
Each user then injects the assigned identity into Groove. See Injectable Identity for more information.
Workspace A user-created space, accessible via the Groove transceiver, that enables col-laboration among small groups of users.