How to distribute certificates to the Lync Clients

Similar Messages

• Provide steps to send Root CA certificate to the Lync client, getting error" There was a problem verifying certificate from the server"

  Hi,
    I Build an Lync 2013 set up with FEpool, Director pool and Exchange server is integrated. I have windows 8 client machine, with Lync client installed. When I try to login to the lync client, I am getting error like"There was a problem verifying
  certificate from the server".
  When I installed ROOT CA cert  manually on client machine I am able to login to the lync client. similarly if I add my client machine in my domain, I am able to login to the Lync client.
  Now is there any other way to send the certificate automatically to the client machine (Which are NOT part of the DOMAIN) from the server, instead of manual installation process.
  Please help me troubleshoot this problem

  Agree with S Guna, there is no easy way to push a certificate automatically to a client that you don't control other than building an installer package and asking them to run it.  In this situation, if there are a lot of non-domain joined machines
  a third party certificate is the way you need to go.
  Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question please click "Mark As Answer".
  SWC Unified Communications

• How to force the Lync Client to a specific server in the pool

  I am troubleshooting an issue and need my client to connect to a specific server in my enterprise pool.
  I have tried a host fie, I have deleted the EndpointConfiguration.CACHE file and I still cannot get my client to connect to the specific front end.
  Can anyone tell me how to do this?

  Using a host file should definitely work and I do this all the time for testing. 
  Are you using manual or automatic configuration? If it's manual then make sure that the name you specified resolves to the correct IP address by using PING.
  If you are using automatic, use NSLOOKUP to determine what hostname it's trying to connect to and repeat the above.
  This could either be sip.domain.com (as Edwin mentioned) or it could be the name of your Front End pool, depending on how it's configured.
  The other thing you might want to try if everything looks correct and if you modified your HOSTS file while Lync was open, is just to Exit and re-open the Lync client.
  If this helped you please click "Vote As Helpful" if it answered your question please click "Mark As Answer"
  Georg Thomas | Lync MVP
  Blog www.lynced.com.au | Twitter
  @georgathomas
  Lync Edge Port Check (Beta)
  This forum post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.

• Join Online Meeting link launches the Web App even though the Lync Client is installed.

  Hello,
       I have this problem on a few computers.  When I click on the "Join online meeting" button or link (https://meet.###.com/###/1wnj6l1n) the web page launches the
  webapp instead of a session in the full Lync client that I have installed (v. 4.0.7577.0).   There is not  a ?SL= at the end of the weblink.
  I searched online to see if there was a registry setting that auto-bypasses the client check, but there isn't.  I have tried a repair on the Lync client, but still no luck.
  Has anyone else run into this problem?
  Thanks.

  I found the answer.  The Https:\\meet.domain.com was opening in the internet zone with Protected mode on.  I added the URL to my trusted sites and it was no longer an issue.  I didn't test it but turning off protected mode may work as well.

• DNS configuration erro on the Lync Client

  Hithere,
  I am facing with this problem on my Lync Server. I have installed LyncServer on a different server from AD, and i have configured all the necessary as requested. I also added users, but when i am trying to login from the clients it shows me the below error.
  Any suggestions please,
  Thank you
  B.

  Basically the Lync Client is set to automatically discover the Lync Front End Server\Pool using lyncdiscoverinternal.domain.com internally. Please see this
  blog
  for more detail on the discovery process and use of the sign-in logs to determine whats not working.
  Alternatively, you could change the automatic discovery to Manual configuration (Tools - Options - Personal - Advanced) pointing to the FQDN of the Lync Front End Server\Pool
  Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question, please click "Mark As Answer"
  Lync Sorted blog

• CX300 Polycom Phone using the Lync Client, not relinquishing computer audio.

  Hello,   
  I am lead technician for a university library, and we have just recently upgraded our phones in our building to CX300s and CX600s Polycom VoIP phones.  
  First I would like to say that I have posted this issue on the Polycom Community site and they suggested that I post this in the Microsoft Endpoint forum.  I could not find that section, and since Lync is apart of office now, I posted it here.  
  We have a recurring issue with the CX300 phone with several of our faculty.  The phone is taking control of the audio on the computer and it will not relinquish it.  We tried using speakers, headphones of all platforms,  (USB, 3 1/4 jack,
  etc...), reinstalling the sound driver, looking at the settings in BIOS, but the sound always is comes from the phone.  There were instances where we could get headphones to work, and sometimes a sound bar / traditional desktop speakers, but there is
  one faculty member where everything that we have tried has failed.   All of these users are on Dell Optiplex 760s or higher, and we are using the onboard sound (front and back ports in some cases).  They are all connecting the phones through the
  Lync client.  All of these computers are also running a Windows 7 Service Pack 1 build.  Any insight to this would be much appreciated.   
  Thanks!

  Hi,
  Do you mean the speaker is the speaker of cx300 and phone is the telephone receiver of cx300?
  There is a speaker button on the cx300 to switch the voice coming out from telephone receiver to speaker.
  Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
  Sean Xiao
  TechNet Community Support

• Calls not ending on the Lync Client

  When Making a call through the Lync Client , you can talk as normal on the desk phone but when hanging up the lync client still shows the call window and after a short pause it says <person you tried to call> did not answer (an option
  to retry appears).
  We are using Lync Server with a Mitel based phone system. When hanging up on Lync the call hangs up on the Mitel phone.
  Please let me know if you need any more information.
  Thanks

  Hi,
  Did the issue also happen between two Lync desktop clients or just happen between one Lync desktop client and one Mitel phone?
  If the issue just happen between Lync client and Mitel phones, it may be an inbound route issue.
  Please also try to update to the latest version for Lync Server and then test again.
  Best Regards,
  Eason Huang
  Eason Huang
  TechNet Community Support

• Certificate error when Lync client login through VPN connection

  Hello,
  I am using the certificates from internal cert authority on Lync 2013 frontend servers and on edge server internal network. Edge external is using a third part certificate.
  The users always use MS VPN connection when work remotely. We have multiple subnets in the company so "use default gateway on remote network" is enabled for routing.
  When the users try to log in Lync client from non-domain joined computers while on VPN, they can't log in and get certificate error. It is hard to import the internal certificate on the computers.
  What change do I need to do to the Lync certificates? Thanks

  You have a few options:
  1) You could attempt to hardcode the client so that it always connects through the edge.  This can be done through tools->options->personal->advanced->manual configuration (but you may have to hardcode the FQDN in your hosts file so it doesn't
  attempt to resolve via internal DNS).  This may not work since your firewall may not be too happy with "internal" traffic leaving and coming back through the edge.
  2) Write a script that helps automate the certificate installation and try to walk users through it.
  3) Bite the bullet and use a third party certificate on the internal servers.
  Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question please click "Mark As Answer".
  SWC Unified Communications

• How to get rid of the message Client submission probe stuck in the Exchange Server Queue?

  We have Exchange 2013 in Hybrid with Office 365.
  How to get rid of the message in the Exchange Server Queue?
  Mounting the database fixed it.
  Thanks!!!

  Mounting the database fixed it.

• How to download certificate for the first time programmatically?

  Hi, I'm accessing a https server which has a self signed certificate for the first time. I was trying to download the certificate using like
  cert = sslsession.getPeerCertificates()[0]
  However I got the following exception: SSLPeerUnverifiedException
  If I have the certificate on disk and I installed it using keytool to the keystore, I could see the keychain using this method. But is there a way in java to download the certificate for the first time?
  Many thanks.
  minji

  hi ejp, thanks a lot for the link, it really helps a lot.
  Now I'm having another problem. I could now download the certificate and store in my keystore. but if I immediately reconnect to the https web page, I still got the exception telling me the certificate was not found:
  javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
  This should not happen as I have already had this certificate in my keystore. If I rerun the program, there's no problem, indicating the certificate was really there. I first guessed I might have to again call System.setProperty("javax.net.ssl.trustStore", "mycacerts") but that does not help.
  anybody with an idea?

• How to distribute a % of the total amount to a partner in a contract?

  Is there any way to distribute a % of the total amount to a partner, say a forwarding agent in a contract?
  Thanks & regards,
  Gokul.

  Play the video with Quicktime Player where the controls do not show when you use the space bar to stop the playing.  The forward and back keys will advance/retreat the video till you get the exact frame to make the screenshot of. 
  OT

• How to Create Certificate at the ECC 6.0 ( Trusting System ) in STRUSTSSO2

  Hi Experts,
  We are in the process of setting up Log On Ticket Based SSO Back End Connectivity from Portal to ECC 6.0 .
  But, in STRUSSO2 when I try to Export the Certificate it has text file cert. And this cert is not
  being accepted by Portal side i.e. at keystore Page while I try to import this Cert there , it say that
  invalid Cert . Beside this, .der and .pse ..which one we need to use ?
  So, I need to create first the Cert at the ECC side so that I can export and then import at the Portal.
  How do I create Cert in STRUSSO2 at the ECC Side  ?
  Also, do I need to create the RFC JCo destination at the Portal side ? Or Just the User Mapping at the Portal side is enough .
  Any / ALL Help is most welcome and would sure, be rewarded with appropriate point in addition to the
  sincere appreciation of  your time and help in the matter.
  Thanks,
  Regards,
  - Ishan

  Hello. You need to export sertificate in "binary" mode, from MENU --> Certificate --> export. Read for example http://help.sap.com/saphelp_nw70/helpdata/EN/fa/741a403233dd5fe10000000a155106/frameset.htm
  I'ts about BW but the same sense. 
  P.S. you say "SSO Back End Connectivity from Portal to ECC 6.0" ,you need to create iViews in portal and see the ECC pages? For this you need to export Certificate from "Portal" and import in ECC ,and add in ACL in required client. Export from portal : System Configuration --> system administration  --> keystore administration --> export verify.der
  Read :
  http://help.sap.com/saphelp_nw70/helpdata/EN/0a/a354426fdeb430e10000000a155106/frameset.htm
  http://help.sap.com/saphelp_nw70/helpdata/EN/78/f1a8490e7011d6999500508b6b8a93/frameset.htm
  Regards.
  Edited by: Sergo Beradze on Jul 13, 2008 2:41 PM

• How to append work numbers to lync clients

  could anyone explain me how to set this up:
  I have 2 users in a test environment
  the standard for danish tel number seems to be eg. +45 12345678
  i want to append 20304050 to user1 and 20304051 to user 2, with extension 9000 & 9001
  what is the exact tel uri i need to use, and how do i set up nomalization for these to be able to call eachother, i have looked at various guides and examples, but i simply dont get the system behind. my goal is to be able to call out via enterprise voice.
  any help would be greatly aprecciated.
  my setup includes:
  doman lynclab1.local
  lync fe on 10.10.21.2
  ad on 10.10.21.1
  user1 on 10.10.21.3
  user2 on 10.10.21.4
  mediation with 2nics 10.10.21.5 & 192.168.1.8 for external access.
  at this time i havent set up the pstn gateway, is this crucial for my users to call eachother by number internally, at this time im only able to call by username.

  I would think:
  tel:+4520304050;ext=9000
  and
  tel:+4520304051;ext=9001
  Create a normalization rule like this:
  Description: Extensions
  Starting digits: 900
  Length: Exactly 4
  Digits to remove: 3
  Digits to add: +452030405
  With this, the users could call each other by dialing the extension, and outbound enterprise voice calls would look like the E.164 +45xxxxxxxx number.
  Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question please click "Mark As Answer".
  SWC Unified Communications
  i have set up these parameters, but i am still not able to call between 2 internal users by using extensions. i havve also tried pushing the address book, without any result.

• Can't find how and where to downaload the Oracle Client 8i and Developer 6i

  All,
  I am looking for downloads at OTN for the following.
  1. Oracle Client 8i
  2. Oracle Forms and Reports 6i
  I had them installed on my m/c but lately I have been getting SQL*Net connection failures. I have been suggested to install the whole developer tools again.
  Any help in this regard is appreciated.
  Regards,
  Susheel K Raina.

  Here is the link - I just verify prior to posting it here.
  http://otn.oracle.com/software/products/forms/content.html
  For the Oracle 8i client, download the 8i database server and do a custom installation - client installation is one of the options.
  hope this proves useful
  regards

• [SOLVED] How to make sense of the Forms Client SOD Matrix ?

  Hi,
  We have installed 10.1.2.3 app server and are using Jinitiator version 1.3.1.28 on Windows under IE 7.
  Before we did this I read the matrix, saw that IE 7 was certified with 10.1.2.2 and Jinit 1.3.1.28.
  I also noted the line stating "When a client platform is certified with a specific patch release it is implicitly certified with all subsequent patch releases.".
  I (and I presume thousands of others) read this to mean that because it works fine with 10.1.2.2., if we patch to 10.1.2.3 then it will be implicitly certified.
  Not so according to Oracle Support ! X-( They tell me I am running an uncertified combination and must use the Sun plug-in (which we have found issues with). Can anyone from Oracle confirm that the combination i am using is OK please ?
  i have replied to my TAR with support pointing out this line I have quoted above and also asking why when you patch to 10.1.2.3 and run a test form does it run Jinitiator 1.2.1.26 if it is not supposed to be supported ....
  Ho hum ....:(
  ** Yes it is supported. I was going insane ....
  Edited by: Dom on Jan 29, 2009 1:17 PM

  donniezazen wrote:https://bugs.archlinux.org/task/29850#comment95791The thread that I started.
  Thank you. It wasn't quite what I was looking for, but may solve why I've set up such monitoring in the first place. Installing linux-ice now to test.
  @Pres
  Thank you so much. That helps clear some things up, and means I can remove the load averages from my monitoring (they aren't measuring what I want to measure).
  I still need to figure out the disparity between per process CPU usage and overall CPU usage, but those two were closer together anyway, so less of a worry.
  I'm going to mark this thread solved.