Lync 2013 client can't connect externally to edge server

So I have my edge server set up in the DMZ. 3 ips bound to an interface for external connectivity.
sip.domain.org (A record)
webconf.domain.org (A record)
av.domain.org (A record)
_sip.tls.domain.org:443 pointing to the same IP as sip.domain.org
External Lync Clients should be using this srv record to auto-connect, correct?
I have purchased a thawte ssl cert and bound it correctly to the external interface.  Internal interface is a PKI internal CA cert. Sometimes when doing a testconnectivity from MS, it comes up stating " The certificate couldn't be validated because
SSL negotiation wasn't successful", when other times I run the test and it states that it validates the cert correctly, analyzing the cert - no problems found, etc, all looks good and then fails at "couldn't sign in Error Unknown (0x80131500) 
Error type: TLSFailureException.
Not sure where to start looking or why it shows the cert is good sometimes and others not.
Also when I launch the Lync Server Admin Console, Under Topology,  my edge server is showing Replication with a red X.  Don't know what to look for either.

Hi jackl2001,
By default, no policies are configured to support external user access, including remote user access, federated user access, even if you have already enabled external user access
support for your organization. To control the use of external user access, you must configure one or more policies, specifying the type of external user access supported for each policy.
Click on the link below for more details.
Managing federation and external access to Lync Server 2013
http://technet.microsoft.com/en-us/library/gg520966.aspx
Best regards,
Eric

Similar Messages

  • Lync 2013 Client Can't Expand Distro Group (externally)

    I have a Lync 2010 FE and Edge server with the web servcies being published via UAG 2010.  I am testing the Lync 2013 client and the DG (distro group) expansion is failing externally.  I get the error in the client "Cannot use the distribution
    group service becasue the service address is incorrect, although the service is available. Contact your...."  Distribution group expansion works fine externally with the 2010 client.  The web servcie address for DG Extneral does work via the web
    browser as expected.  Any ideas? 
    Thanks

    Did you migrate from Lync server 2010 to Lync server 2013?
    If so, please check you have create DNS record for the Lync server 2013 external web service point to the NATed public IP address of Lync Front end server.
    Check whether the internal web service for distributed group works.
    Check whether ABS for Lync 2013 works.
    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

  • Lync 2010 iPhone - Can't connect to Exchange web server. you can try again later

    Hi there,
    I installed Lync 2010 mobility, and works fine, but iPhone users have a :
    Can't connect to Exchange web server.
    you can try again later
    Now does this have anything to do with it? And how do i fix it? I searched but nothing relevant

    Total server discovery time: 0.3 seconds
    Starting Lync server autodiscovery
    Please wait; this test may take several minutes to complete...
    Starting automatic discovery for secure (HTTPS) internal channel
    Server discovery has completed for https://lyncdiscoverinternal.contoso.com/.
    Automatic discovery results for https://lyncdiscoverinternal.contoso.com/
    Access Location                          : Internal
    SIP Server Internal Access               : server.contoso.com
    SIP Server External Access               : sip.contoso.com
    SIP Client Internal Access               : server.contoso.com
    SIP Client External Access               : sip.contoso.com
    Internal Auth broker service             : https://server.contoso.com/Reach/sip.svc
    External Auth broker service             : https://lync.contoso.com/Reach/sip.svc
    Internal Auto discover service           : https://server.contoso.com/Autodiscover/AutodiscoverService.svc/root
    External Auto discover service           : https://lync.contoso.com/Autodiscover/AutodiscoverService.svc/root
    Internal MCX service                     : https://lync.contoso.com/Mcx/McxService.svc
    External MCX service                     : https://lync.contoso.com/Mcx/McxService.svc
    Internal UCWA service                    : service URL is empty in the discovery response
    External UCWA service                    : service URL is empty in the discovery response
    Internal Webscheduler service            : service URL is empty in the discovery response
    External Webscheduler service            : service URL is empty in the discovery response
    Server discovery succeeded for secure (HTTPS) internal channel against URL https://lyncdiscoverinternal.contoso.com/
    Starting automatic discovery for unsecure (HTTP) internal channel
    Couldn't connect to URL http://lyncdiscoverinternal.contoso.com/[email protected] (HTTP status code Forbidden)
    Server discovery failed for unsecured internal channel against http://lyncdiscoverinternal.contoso.com/
    Starting automatic discovery for secure (HTTPS) external channel

  • Lion Server: iOS 5 clients can't connect to Address Card Server

    I have set up shared accounts on the server for Calendar and Address Book (family) sharing. Although I can add and use the Address Book shared account on OS X Lion clients, I can't get this to work on iOS 5 clients (iPhone nor iPad). I keep on getting "CardDAV account verification failed".
    Calendar sharing works just fine on both OS X and iOS5 clients
    Let me briefly describe my setup and observations:
    Server:
    Running Lion Server 10.7.2 on Mac Mini (server)
    Using SSL connections with keys generated during set-up of the server
    Portforwarding in router (ao) for 8008 and 8843 (iCal and Address Book)
    Created  shared accounts on server for Calendar ("sharedcalendar") and Address Book ("sharedcontacts")
    In the DNS server I created services in my primary zone for "_caldavs._tcp." and "_carddavs._tcp." both on port 8443
    OS X Client (Calendar)
    Created additional CalDAV account in preferences (user "sharedcalendar")
    Left the server settings untouched (server path, port "auto" and using SSL but not Kerberos)
    Created in "sharedcalendar" different calendars and reminder lists for the family members which each can access from their OS X client
    This account is now set-up through Profile Manager (tried this with Address Book as well but didn't make any difference)
    iOS 5 Client (Calendar)
    Once tested on standalone and got this working I'm now using the Profile Manager to push the definition of the shared account to all clients
    Hostname with port 8443 (default)
    Left Principal URL blank since it was optional
    User "shared calendar" with the appropriate password
    Ticked "Use SSL"
    OS X client (Address Book)
    Created additional CardDAV account in preferences (user "sharedcontacts").
    Left the server settings untouched (port 443 using SSL)
    iOS 5 client (Address Book)
    In the settings add a CardDAV account (server, user "sharedcontacts", password, description).
    First error message "Cannot connect Using SSL. Do you want to try setting up the account without SSL?". When I press continue I get the error "CardDAV account verification failed"
    If I then save the account details still and edit the account I can access the "advanced settings". When I change to SSL I have tried port 0 (default value), 8443 (the one that's listed in the documentation) and 8843 (which is used by default if you try to set up the
    account in Profile Manager). All to no avail, including Profile Manager
    Observations:
    Lion Server app nicely lists both Calendar and Address Book Server as active (plus Profile Manager, File Server, Web server and Wiki server)
    When I access my server home page, Calendar is listed in addition to other services (Mail | Calendar | Change Password | Profile Manager) but not Address Book. Is this normal behaviour? i.e. can't Address Book entries be changed through a web interface?
    Address Book on OS X client uses 443 for SSL but does not require me to define port 8443 for secure iCal or Address Book server communications
    Lion Server Profile Manager specifies port 8843 as port for SSL communication. I only saw 8443 listed in documentation
    The response "can't connect .." or "account verification failed" happens very quick which make me think either the verification doesn't even leave the iPad or there is something wrong in the SSL connection
    Since iCal set-up works nicely using the same ports I am puzzled why it doesn't work for Address Book
    Your solutions or suggestions how to investigate are most welcome,
    Erik

    Thanks for joining the discussion.
    Although port 8443 is mosten quoted as correct port for CalDAV and CardDAV, port 8843 can be found both on Apple's website and other places:
    see Technical Note 1649 to find port 8443 listed for iCal and port 8843 for Address Book
    Mac OS X Lion Server for Dummies (sic) lists port 8843 on pages 236 and 238 but port 8443 in many other places
    when you want to push iCal and Address Book information with Profile Manager, Profile Manager lists port 8443 for iCal but port 8843 for Address Book as default:
    So I hope you understand I'm somewhat puzzled.
    I did get the Address Book working for my Lion desktops with the all the necessary certificates as far as I know, just not for the iOS devices (iPhone and IpPad). iCal sharing from Lion Server works fine on both Lion and iOS devices.

  • Exteral Users can't connect to the EDGE server

    HI All for about a week and half now I've been seeing this error a lot on my event logs. All my external users are no longer able to connect to the DMZ EDGE server with 3 external IP's. They can only use LYNC if they access out VPN. Any suggestions on what
    may be the issue???
    Log Name:      Lync Server
    Source:        LS Protocol Stack
    Date:          4/24/2014 9:07:14 AM
    Event ID:      14428
    Task Category: (1001)
    Level:         Error
    Keywords:      Classic
    User:          N/A
    Computer:      LyncEdge.*********.net
    Description:
    TLS outgoing connection failures.
    Over the past 16 minutes, Lync Server has experienced TLS outgoing connection failures 176 time(s). The error code of the last failure is 0x80090330(SEC_E_DECRYPT_FAILURE) while trying to connect to the server "**********.osis.is.local" at address
    [10.111.111.8:5061], and the display name in the peer certificate is "Unavailable".
    Cause: Most often a problem with the peer certificate or perhaps the host name (DNS) record used to reach the peer server. Target principal name is incorrect means that the peer certificate does not contain the name that the local server used to connect. Certificate
    root not trusted error means that the peer certificate was issued by a remote CA that is not trusted by the local machine.
    Resolution:
    Check that the address and port matches the FQDN used to connect, and that the peer certificate contains this FQDN somewhere in its subject or SAN fields. If the FQDN refers to a DNS load balanced pool then check that all addresses returned by DNS refer to
    a server in the same pool. For untrusted root errors, ensure that the remote CA certificate chain is installed locally. If you have already installed the remote CA certificate chain, then try rebooting the local machine.
    Thanks Dave Wolf

    Verify root certs exist in the Trusted Root Certification Store.
    Also you can refer below links
    http://www.shudnow.net/2011/02/01/lync-2010-edge-utilizing-windows-server-2008-r2-federation-tls-issues/
    http://theucguru.blogspot.com/2012/03/lync-edge-ls-protocol-stack-14428.html
    Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question, please click "Mark As Answer"
    Mai Ali | My blog: Technical

  • External outlook clients can't connect to Exchange 2013

    Currently running server 2012 r2 and exchange 2013 sp1...
    Internally everything works fine, clients can also connect externally to owa/ecp. However when using an outlook client they are unable to connect. This is my first experience with exchange 2013 so I am at a loss. What steps should I be following to get this
    working properly? Or if anyone has some suggestions to get more information I can do that as well.
    Thanks! 
    Connecting from a mobile-phone using mail.mail.com works fine.
    We are using a self-signed certificate for testing purposes..

    Testing Outlook connectivity.
    The Outlook connectivity test failed.
    Additional Details
    Elapsed Time: 941 ms.
    Test Steps
    Testing RPC over HTTP connectivity to server mail.mail.com
    RPC over HTTP connectivity failed.
    Additional Details
    Elapsed Time: 941 ms.
    Test Steps
    Attempting to resolve the host name mail.mail.com in DNS.
    The host name resolved successfully.
    Additional Details
    IP addresses returned: xxx.xxx.xx.x
    Elapsed Time: 535 ms.
    Testing TCP port 443 on host mail.mail.com to ensure it's listening and open.
    The port was opened successfully.
    Additional Details
    Elapsed Time: 176 ms.
    Testing the SSL certificate to make sure it's valid.
    The SSL certificate failed one or more certificate validation checks.
    Additional Details
    Elapsed Time: 229 ms.
    Test Steps
    The Microsoft Connectivity Analyzer is attempting to obtain the SSL certificate from remote server mail.mail.com on port 443.
    The Microsoft Connectivity Analyzer successfully obtained the remote SSL certificate.
    Additional Details
    Remote Certificate Subject: CN=mail.mail.com, Issuer: CN=mail.mail.com.
    Elapsed Time: 154 ms.
    Validating the certificate name.
    The certificate name was validated successfully.
    Additional Details
    Host name mail.mail.com was found in the Certificate Subject Common name.
    Elapsed Time: 0 ms.
    Certificate trust is being validated.
    Certificate trust validation failed.
    Test Steps
    The Microsoft Connectivity Analyzer is attempting to build certificate chains for certificate CN=mail.mail.com
    A certificate chain couldn't be constructed for the certificate.
    Tell me more about this issue and how to resolve it
    Additional Details
    The certificate chain didn't end in a trusted root. Root = CN=mail.mail.com
    Elapsed Time: 33 ms.

  • Lync 2013 client switches connection after a VPN connection

     have read that if you are working remote, it's better to go through the Edge server instead of establishing a VPN connectionn first before starting Lync. Reason is VPN is encrypted and so is Lync traffic so the double encryption will tend to slow
    things down. When I work remote, I fire up Lync first and make a connection to the Edge server. After that, I establish a VPN tunnel to work to access network drives etc....
    In about 5-10 minutes, my Lync client disconnects and then immediately reconnects but this time its connecting directly to an internal FE over the VPN which is what I don't want. Any idea on how to keep this from happening? Its not causing a major problems
    at this time but we are just doing IM right now. Once conferencing starts, it could be an issue.

    Hi Shadowtuck,
    Have a read through this guide on how to stop this from happening:
    http://blogs.technet.com/b/nexthop/archive/2011/11/15/enabling-lync-media-to-bypass-a-vpn-tunnel.aspx
    Basically, the overview of this is to:
    Split tunnel the traffic, so the Lync traffic continues to flow via the Internet 
    Block the Lync traffic from going over the VPN
    Configure DNS pinpoint entries so that when VPN'd in the Lync client resolves the external Edge IP addresses.
    If this helped you please click "Vote As Helpful" if it answered your question please click "Mark As Answer"
    Georg Thomas | Lync MVP
    Blog www.lynced.com.au | Twitter
    @georgathomas
    Lync Edge Port Check (Beta)

  • Can't open email items from search after installing Lync 2013 client

    Hello,
    We're deploying Lync 2013 in our environment.
    At the moment we're using Office 2010 on the clients.
    For testing the deployment I've installed the Lync 2013 client.
    After installing, when I perform a search on my pc and outlook items are found, they suddenly appear with an Outlook 2013 icon.
    When doubleclicking, nothing happens, neither when I rightclick.
    I've checked the "associate a file type or protocol with a prgram", and "set your default programs" in the control panel.
    In neither of them I can find the Outlook 2013 icon, and for email, every file type is configured to open with Outlook 2010.
    Does anyone know what might be the problem. We have this problem with every user for which we install the Lync 2013 client.

    You can do the following to restore functionality:
    If you have office 2010 use the keys below, the Lync install will change them to Office15:
    [HKEY_CLASSES_ROOT\CLSID\{138508bc-1e03-49ea-9c8f-ea9e1d05d65d}]
    @="@C:\\Program Files\\Microsoft Office\\Office14\\MAPISHELL.DLL,-110"
    [HKEY_CLASSES_ROOT\CLSID\{138508bc-1e03-49ea-9c8f-ea9e1d05d65d}\DefaultIcon]
    @="@C:\\Program Files\\Microsoft Office\\Office14\\MAPISHELL.DLL,-504"
    [HKEY_CLASSES_ROOT\CLSID\{138508bc-1e03-49ea-9c8f-ea9e1d05d65d}\InprocServer32]
    @="C:\\Program Files\\Microsoft Office\\Office14\\MAPISHELL.DLL"
    "ThreadingModel"="Apartment"
    [HKEY_CLASSES_ROOT\CLSID\{138508bc-1e03-49ea-9c8f-ea9e1d05d65d}\ShellFolder]
    "Attributes"=dword:20140000

  • How to connect Lync 2013 client with OCS 2007 R2 Edge server

    Hi,
    We have OCS 2007 R2 Edge server for external & OCS 2007 R2 FE Server for internal access in our environment.
    We able to access internally Lync2013 clients with OCS 2007R2 server, however from external we cannot access Lync2013 client with OCS2007 R2 server.
    Is there any patch or registry key trick to access OCS from lync2013 client externally? We cannot immediately migrate to Lync2013 server from OCS.
    Any help
    MD

    Hi,
    I suggest you still use OCS 2007 R2 client to login OCS 2007 R2 Server untill finishing migration to Lync Server 2013, as using Lync client with OCS 2007 R2 Server will offer a pretty limited experience.
    Here is a great blog about Lync 2010 Client unsupported with OCS, it is for Lync 2010 client but similar for Lync 2013 client:
    http://blog.schertz.name/2010/09/lync-client-unsupported-ocs/
    Note: Microsoft is providing this information as a convenience to you. The sites are not controlled by Microsoft. Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there.
    Please make sure that you completely understand the risk before retrieving any suggestions from the above link.
    Best Regards,
    Eason Huang
    Eason Huang
    TechNet Community Support

  • Can't share internet explorer window in lync 2013 client

    Hi,
    I'm facing a strange issue, i can't share (present program) an internet explorer window. The program is launched on my desktop but it doesn't appear when i try to share it. I use Lync 2013 client on Windows 7, same problem on Windows 8. I think it's linked
    to our domain desktops, because i don't have the issue when i try on a workgroup desktop.
    Someone has an idea ?
    Thanks & Regards

    What is the version of your Lync 2013 client?
    I don’t have this problem running Lync 2013 15.0.4535.1507 version on Windows 8.
    Please check the other Lync users have the same problem.
    Try to close your another browser, then test again.
    Lisa Zheng
    TechNet Community Support

  • Lync 2013 Client Not Display Numbers in Contact Card

    Hi
    I have a problem where Lync 2013 client connecting to Lync 2010 backend appears not download the contact list completely. Lync 2010 clients are all operating normally.  On Lync 2010 client, you can view all contact details including Enterprise Voice
    numbers and cell numbers for all users. However on Lync 2013 clients, Lync contact details for some users do not populate completely. In most cases, Enterprise numbers/Work Numbers/Mobile Numbers are missing.  If the contact is pinned then the details
    are retrieved.
    In cases where Work/Voice/Cell numbers are not displayed, affected users is limited to making lync to lync  calls only. The user can still dial the number  and get through without any issues.
    I have deleted and contacts cache on Lync 2013 but this has not helped.
    Regards

    Hi,
    How about check the contact of “Outlook Test” user from the Lync 2010 client?
    According to the second screenshot, since it’s an external account, the information will be limited.
    Thanks,
    Simon Wu
    TechNet Community Support

  • Lync internal clients have issues with external meetings

    We have a pretty easy Lync setup in our company, 2 FE servers in a Enterprise pool, one Edge server (in a pool. we will add edge servers later) and a Reverse proxy (Databases on a SQL server of course). Everything seems to be working well internally. We
    have not deployed Enterprise voice yet but that is coming later. Our issue is when our internal clients try to join a meeting from another company. They can join the meeting and IM but as soon as they try to start Voice, they get kicked out of the call. Internal
    meetings work fine with voice and video. They can join the meeting using Lync Web App but that is not a satisfactory solution for this. The company that hosted the meeting said users from other companies can join with the lync client without issue. I am a
    remote employee and I can join using audio and video from my home. I have tried tracing the issue with the lync client logs but they make little sense to me. My question is, how does the information flow from internal clients to an external meeting> Is
    it through the AV service in the Edge? 
      We have opened the firewalls wide open as a test (closed again of course) and it does not seem to be a firewall issue. Can anyone point me in the right direction?

    To both of you, thanks but the articles do not help me. We can host meetings in our Lync 2013 organization without issue and it seems that others from outside can join with either Lync client or LWA. Our remote users connect via Lync client without a VPN
    and have no issues with IM, Audio, video or sharing. The issue is connecting to another companies Lync meeting from inside our network. You can connect but as soon as you try to enable audio, you get kicked out. I have seen another post that describes the
    issue but there is no solution there either. As I said in the original post, we ran a test where we temporarily opened both the internal and external firewalls wide open for the Edge and Reverse Proxy servers and it had no effect whatsoever so I conclude it
    probably is not a firewall issue. Since Edwin verified what I believed in that the communication from the internal clients does go through our companies Edge server when joining a meeting with another company, it leads me to believe that this is
    a setup issue with the Edge server but I have followed the setup documents and nothing seems out of place. Our edge server is a virtual server. I  am wondering if this could be related to it or maybe this is just the way things are. Can anyone
    tell me that their internal users can join a meeting hosted by another company? We have open federation setup at this time and since the company that hosted the meeting claims to have had users from other companies in meetings without issue, I assume their
    SRV records work.

  • Lync 2013 client ews has not fully initialized

    Hello
    I have Lync 2010 server and Lync 2013 client. whenever Lync 2013 client logs in from outside(external) I get a exchange authentication pop up. and when I checked the status of lync - it says ews is not fully initialized. lync 2013 client works fine
    from inside.  If I use lync 2010 client from outside than it works fine, no pop up and ews status is ok. so I know that my TMG rules are accurate but something wrong with lync 2013 client itself.  I have upgraded the client to the latest update. 
    Also I have tried various combinateion of this below registry fix without any success.
    also Microsoft remote connectivity analyzer test is clean.  no errors.
    http://uclobby.com/2014/01/03/lync-client-2013-ews-has-not-fully-initialized/
    any thoughts?
    thanks

    Hi 
    Can you try clearing the user local cache SIP folder  who logs in externally and see the results
    User\App Data\Microsoft\Office 15\lync\SIP
    Is your SIP domain different from your domain name
    If it is so you can try by adding the SMTP Domain as trusted using the following cmdlet:
    reg add HKLM\Software\Policies\Microsoft\Office\15.0\Lync /v TrustModelData /t REG_EXPAND_SZ /d <SMTP Domain> /f
    If it is for multiple users you can also try the below  article
    http://technet.microsoft.com/en-us/library/gg398920.aspx
    Remember to mark as helpful if you find my contribution useful or as an answer if it does answer your question.That will encourage me - and others - to take time out to help you Check out my latest blog posts on http://exchangequery.com Thanks Sathish
    (MVP)

  • Lync 2013 client and mobile

    Dear All Hello,
    i am having one very strange issue, I setup lync 2013 certficate all thing okay. We can login into lync 2013 client to lync 2013 server without any issue using PC but same login if i try to login into mobile having anrorid or windows phone it fais and its
    pop up message we cannot sign you in please check your account info and try again. 
    We just created user using Enterprise voice optin, checked mobility is enabled. External url is configured. 
    Any body can refer if something is missing. I havenot updated any cu for lync 2013. 
    If i run Test-CsUcwaConference or Test-CsMcxP2PIM for mobiliity i get following error. I havneot done any update nor any tool as most of article are refering for lync 2010. 
     No response received for Web-Ticket service.
     Inner Exception:The content type text/html; charset=utf
     the response message does not match the content type of
     binding (text/xml; charset=utf-8). If using a custom en
     be sure that the IsContentTypeSupported method is imple
     properly. The first 1024 bytes of the response were:
     '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//E
     "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
     <html xmlns="http://www.w3.org/1999/xhtml">
     <head>
     <title>IIS 8.5 Detailed Error - 500.0 - Internal Server
     Error</title>
     <style type="text/css">
     <!--
     body{margin:0;font-size:.7em;font-family:Verdana,Arial,
     a,sans-serif;}
     code{margin:0;color:#006600;font-size:1.1em;font-weight
     .config_source code{font-size:.8em;color:#000000;}
     pre{margin:0;font-size:1.4em;word-wrap:break-word;}
     ul,ol{margin:10px 0 10px 5px;}
     ul.first,ol.first{margin-top:5px;}
     fieldset{padding:0 15px 10px 15px;word-break:break-all;
     .summary-container
     fieldset{padding-bottom:5px;margin-top:4px;}
     legend.no-expand-all{padding:2px 15px 4px 10px;margin:0
     -12px;}
     legend{color:#333333;;margin:4px 0 8px -12px;_margin-to
     font-weight:bold;font-size:1em;}
     a:link,a:visited{color:#007EFF;font-weight:bold;}
     a:hover{text-decoration:none;}
     h1{font-size:2.4em;margin:0;color:#FFF;}
     h2{font-size:1.7em;margin:0;'.
     Inner Exception:The remote server returned an error: (5
     Internal Server Error.

    Let ensure the mobile client can connect fine
    http://blogs.technet.com/b/nexthop/archive/2012/02/21/troubleshooting-external-lync-mobility-connectivity-issues-step-by-step.aspx
    Also we can use the Lync connection analyzer tool for Mobile scenario and test
    http://blogs.technet.com/b/nexthop/archive/2013/02/08/the-new-lync-connectivity-analyzer.aspx
    Please remember, if you see a post that helped you please click ;Vote As Helpful" and if it answered your question please click "Mark As Answer" Regards Edwin Anthony Joseph
    Great follow up thanks!.
    Seems i am near to solution. 
    I used web site url https://testconnectivity.microsoft.com it pass all test,
    When i use to test using tool it goes to my local fqdn and says unable to resolve. 
    An error occurred while sending the request.
    The remote name could not be resolved: 'lync1.hosting.mydomain.local'
    When i open this url  lyncdiscover_contoso.com it give both internal and extral url. 
    Which is this {"_links":{"self":{"href":"https://lync1.hosting.mydomain.local/Autodiscover/AutodiscoverService.svc/root?originalDomain=haxxess.com"},"user":{"href":"https://lync01.externaldomain.com/Autodiscover/AutodiscoverService.svc/root/oauth/user?originalDomain=external.com"},"xframe":{"href":"https://lync01.externaldomain.com/Autodiscover/XFrame/XFrame.html"}}}
    I am using lync 2013, with no tmg for publishing, internal web servie name is empty overrite and extranal is lync01.externaldomain.com 
    So as article says if i see internal url If the internal web services URL is identified, the web publishing rule is incorrect and is bridging the connection to port 443
    instead of port 4443 for the Lync external web services.
    Where do i have to change this in topology under web service. can you please guide this last phase. 

  • Lync 2013 client is showing EWS not deployed.

    Hi,
    I am facing issue with lync 2013 client in the configuration information. it is showing EWS not deployed .
    UCS Connectivity State;      Exchange connection Down;           --;
    MAPI Information;              Status OK;MAPI Status OK;
    EWS Information;;             EWS not deployed;
    I am facing this issue both internally and externally.
    I am using Lync 2010 server and exchange 2010.
    Lync  2010 client is showing all EWS information correct. No issue with lync 2010 client.
    Thanks 

    Had the same issue.  Couple of things you can try:
    1.  Verify EWS virtual directory is configured properly on your Exchange CAS or Front-End servers (Get-WebServicesVirtualDirectory)
    But the thing that fixed it for me was:
    2.  Create SRV records for (_autodiscover, _TCP, 443) pointing to your CAS or Front-End server/array.  This has to be done for the forward zone of your public domain name (i.e. contoso.com, not contoso.local).  I did them both just
    to be on the safe side, but was the public domain that did it.

Maybe you are looking for

  • Custom font [OCR A Extended] not working in Crystal Reports 2008

    We created a report that prints numbers using a font that makes the numbers look the numbers on the bottom of a check book (i.e. a check font). The font used was OCR A Extended. On the development machine the font worked well. It printed the numbers

  • Problem with saving pdf files to Mac

    Hi All I'm having a problem with pdf files.  When I get sent a pdf fielder email I can open it with no problems but I cannot seem to save it successfully to my Mac. I've tried opening file and doing a 'save as', copy and pasting and dragging and drop

  • Problem with sync

    I synced my PC and my tablet Galaxy NOTE 10.1. But now the only way to chek out the open tabs on the tablet from my PC is by typing "about:sync-tabs". But I can't find out how I can check the tablet's history from my PC. Please help.

  • Installing Leopard without DVD drive?

    I have an older MacBook that I have replaced with the Air, but now want to use the older one as a music and photo server (given the size of the Air's disk). I want to install Leopard on it, but the DVD drive on the old machine is scrogged. I can thin

  • How can I transfer iMovie Events and Projects ?

    Hey, I wondered how I could transfer a single Imovie Event with all the unedited Clips inside, and the Project, which is in Work Process right now to another Mac, so that it opens in Imovie on the new mac and I can continue workingon it Thanks thomas