Lync 2013 - Address Book Synchronization Issues for External Users

Similar Messages

• Lync 2013 Address Book

  Hi,
  I am having a little bit of trouble with the way contacts are displayed on the Lync 2013 Client, for me to add a user I have to pick from an outside organization. And enter the sip address manually. Is there something I need to change at AD level or on the
  Lync FE? All enabled users are within the same domain.
  Thanks!

  Hi,
  Would you please elaborate your issue?
  To update address book information on Lync Server, Execute Update-CsAddressBook
  to trigger the Lync Server to synchronize current Active Directory information in the SQL database into the downloadable client and device address book files.
  More details:
  http://blog.schertz.name/2010/09/updating-the-lync-2010-address-book/
  Note: Microsoft is providing this information as a convenience to you. The sites are not controlled by Microsoft. Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there.
  Please make sure that you completely understand the risk before retrieving any suggestions from the above link.
  Best Regards,
  Eason Huang
  Eason Huang
  TechNet Community Support

• Lync 2013 Address Book and Group Expansion

  Hello Everyone,
  We have just recently published our Lync 2013 through reverse proxy (TMG).
  The following links dialin.schs.sharjah.ae and meet.schs.sharjah.ae are viewable externally. However when we try to browse
  https://lyncs.schs.sharjah.ae/abs or
  https://lyncs.schs.sharjah.ae/abs/handler and
  https://lyncs.schs.sharjah.ae/GroupExpansion/service.svc I get a 403 Forbidden Access Error
  But when I try to browse the sites internally Group Expansions works and for Abs I get the same error. Is there any way on how to resolve this issue
  Regards,
  Sheldon
  MVI - Most Valuable Indian

  Hi Sheldon,
  I'd say TMG issue here. What you should be getting is a prompt for Authentication (from external)
  There are a few points to consider..
  On the Web Publish Rule - To Tab make sure:-
  - that the rule applies to the external web services FQDN (as in Topology builder)
  - that the internal site name is the Front End Pool FQDN
  - that the "Forward the original host header.." is checked
  - that the "Requests appear to come from the Forefront TMG.." is selected
  on the Public Name tab add:-
  - the meet URL
  - the Dialin URL
  - the External Web Services URL
  - the Lyncdiscover URL
  On the Authentication Delegation tab make sure that you select "No Delegation, but client may authenticate directly"
  and on the Bridging tab make sure of the port redirects 80 to 8080 and 443 to 4443
  On the Listener check the following:-
  - Authentication tab set to "No Authentication"
  One final comment about TMG is that often even after publishing a rule you may find that it hasn't synced. Once you apply a rule in TMG ALWAYS go to the
  Monitoring option and check the status. Don't even bother testing your rule until it says "Synced"
  http://lyncsorted.blogspot.co.nz/search/label/TMG
  If this helped you please click "Vote As Helpful" if it answered your question please click
  "Mark As Answer" | Blog lyncsorted.blogspot.com

• Enterprise Portal Log off Issue for External User

  Hello
  We are facing a Enterprise Portal log off issue for one of our external users.
  User is logged in and clicks on the "Log Off" link .
  User is prompted as seen below:
  Are you sure you want to logg off?
  Choose Yes or No
  Click on Yes and popup window goes away and nothing else happens.
  These problems logg off issue problem happening on Internet Explorer 6 but from from firefox browser, its working.
  Also  popups are not blocked on IE.
  EP version with SP level is EP 7.00 SP12.
  Even though from Internet explorer 6, i can log in and log off with internal user.
  Please advise for the log off problem .

  Hello
  I added the value ume.logoff.redirect.url =https://poqwas.synenco.com/irj/portal
  on Config Tool Global Paramter settings.
  Then restart the server.
  But I am getting the same problem.when I login with external user ID, then make log off. Nothin Happen...
  Please advise

• Manager Address Book Synchronizer 5.0 crash

  Everytime I run the synchronizer in crash on Windows 7.  I disable the firewall.  Why does it crash?

  Hi Tho Vo,
  Unfortunately Address Book Synchronizer doesn't work for Win7 only WinXP.
  Some month ago I opened a case to Cisco TAC about this issue, the answer was that for Win7 is not supported. I asked when will be able a new version but they told me at that moment they weren't developing a new version for Win7 .
  Please remember to rate useful posts clicking on the stars below.
  Favor calificar todos las respuestas útiles.
  LinkedIn Profile: do.linkedin.com/in/leosalcie

• How lync 2013 addressed the new public certification standards

  Dear All,
  My AD domain name is "domain.local" .
  I’m planning to implement lync 2013 and I need to know how lync 2013 addressed the new certificates standard regarding the non-registered domain name like my domain “Domain.local” ?
  So can I generate the certificate for lync services without “.local” domain or my certificate should include my lync servers internal names ?
  Or should I consider changing my domain name to domain.com cuz lync certificate should have internal domain names?
  BR, Mohamed Wahab "Egypt Cyber Center"

  Hi mohamed.wahab,
  For non-domain joined PCs, you need to install the internal root certificate on them.
  For mobile phone and tablets, you do not have to install the internal root certificate, because they always connect to the Lync server through Reverse Proxy, regardless of where the origination
  point is—internal or external.
  Best regards,
  Eric

• Address book sync issues

  Hi,
  I just added a new group within my MAC (10.4.10) Address Book (4.0.5)
  and when trying to sync it with my iPhone (1.0.2) , iTunes (7.3.2) always
  shows only the old groups - not the new one.
  Here is what I did so far to try to make it work:
  - Reset Sync History in iSync
  - Deleted all the groups in Address Book and created new ones (different names)
  - Power-off iPhone and MAC and rebooted both
  - Plug-in iPhone, but iTunes still got the 'old' groups
  Any idea how to fix this issue - meaning 're-initialize' iTunes on what to sync?
  Rather than doing a factory reset of my iPhone just to see that iTunes still does
  not check my Address book for changes etc. I thought I give this forum a try.
  Not sure if I screwed anything up when I removed all the files in my ~/Library/
  Application Support/SyncServices/Local/clientdata/... folders that contained a
  clientname.txt file with "Markspace" in it to finally clean up my "Missing Sync"
  removal.
  Thanks in advance for any help!
  Joerg

  OK,
  just got back after talking to a 'guru' ay my local Apple store.
  He also 'factory reset' my iPhone and it then perfectly synced with his
  AddressBook, so we know the phone is fine - what a surprise
  His assumption was that I have a corrupted AddressBook preference
  file and recommended to erase it, reboot my system and everything
  should be OK.
  Well, it isn't. I did what he told me and also used the DiskRepair Utility
  to fix my disk permissions (that had 'ton's of errors with something
  Address Book related issues, but still no solution. The thing just will
  not sync. As soon as I plug in my iPhone, iTunes shows my old Contact
  groups that I removed yesterday.
  Anybody any idea???? I am thinking about completely removing my
  Address Book , but how do I re-install it from the original CD without
  having to do a complete system re-install?
  Thanks for any help!

• How do I sync from ical and address book to office for mac 2011

  How do I sync from ical and address book to office for mac 2011 in outlook?  icloud is turned on, sync is turned on in outlook and in itunes.  Email working fine in outlook, but no contact or calendar information.  Microsoft said it is an Apple issue.  They said icloud is not compatible with Outlook.  I have OS Lion if you need to know that. 

  See Here
  https://discussions.apple.com/message/16982951#16982951

• How can i sync mac address book w/ outlook for mac 2011

  Is it possible to have the address book in Outlook for Mac 2011 sync w/ the Mac address book?  I cleaned up my contacts in the Mac address book expecting the changes to show up in my outlook address book.  Made over 200 changes that did not show up on the Outlook address book.  Seems like there should be a way to make this work.  If I add contacts from within Outlook, I'd like them to show up on all my devices.  MacBook Pro, iPhone, and iPad.  Any help would be greatly appreciated.  I'm new to this platform as I was a PC guy for the last 30 years. 

  I've got Outlook up and running just fine.  Still have the problem with getting duplicate emails but I'm waiting on MS to get a fix for that in an update.  Apparently that has been an ongoing issue.  I've been in contact w/ a senior MS Outlook tech on that.  I guess I'll just have to make sure that all contact adds/edits are done in Outlook.  Then I can sync my phone or iPad and get the cloud to update the other Apple devices off that sync.  Either that or figure out how to export from the Mac address book to the Outlook address book once in a while. 

• Excel Services Connectivity on Sharepoint 2013 for external user

  Currently , external user is able to refresh the data on sharepoint site through browser. the data connection is pointing the one of the external data source. But how can an external user (Internet user which accessing sharepoint through internet) download
  a copy of excel in sharepoint library and open the excel workbook with data refresh ability at client machine ?
  Do we need client machine to be able to access / ping the external data source? 
  Thanks.

  Thanks for the response.
  They want to perform data analysis and design their own report with own template , for example : to remove subtotal from the powerpivot tables which we cannot change the formatting at the excel services at browser level.
  So if i understand correctly, we need to get the client machine to be able to access to the database server directly to get the access to the cube for data analysis although we had this odc file connection setup, am i right?
  For internal user, network team should open port / access for them to access database server directly.
  For external user, either to open public access to the database server directly or setup a VPN connection for the external user to access the database server in their secure network.
  Let me know if i understand this correctly.
  Thanks.

• Lyncdiscover reports HTTP 500 Internal Server Error for external users

  Hello,
  I have a problem providing lyncdiscover information for external Lync users. The same address works internal (prompts for file download) so I believe the problem is UAG/TMG providing the site which is not my cup of tea. I have a working external lyncdiscover
  for other domain in the same Lync + UAG/TMG server environment. I have also checked the public DNS records few times and everything should be fine. Firewall also shouldn't be an issue since it reports the internal server error, right? Any suggestions what
  should I check?

  more information based on Lync Autodiscover Web Service Remote Connectivity Test.
  Testing HTTP authentication methods for URL https://lyncdiscover.domain1.com/Autodiscover/AutodiscoverService.svc/root/user.
  HTTP authentication methods successful.
  Additional Details
  Testing HTTP content for URL https://lyncdiscover.domain1.comi/?sipuri=[email protected] has
  token="User".
  HTTP content isn't verified.
   <label for="testSelectWizard_ctl12_ctl06_ctl00_ctl04_tmmArrow">Tell
  me more about this issue and how to resolve it</label>
  Additional Details
  HTTP 200 status received from server, but no token="User".
  Elapsed Time: 203 ms.
  The same result goes for the other domain that provides the lyncdiscover information correctly for external users. It doesn't seem to solve the root cause but might help to understand
  the problem.

• Outlook Anywhere proxy changed from Basic to NTLM for external users

  I have a Exchange 2013 environment that is also running Exchange 2010 coexistence (migrating). What is happening is autodiscover is handing out NTLM for the proxy settings and not basic. However when it is using NTLM we seem to get the password prompt over
  and over. If I manually changed it to Basic then it works fine, but when autodiscover goes again it changes back to NTLM and prompts that the Administrator made a change and you need to restart Outlook.
  I checked Outlook Anywhere and all my servers have Basic set for external users and NTLM set for internal.
  I only have a few mailboxes on 2013 and 2010 mailboxes seem not to have a problem.
  Here is an output for Outlook Anywhere on all six servers:
  Identity                           : CAS01\Rpc (Default Web Site)
  ExchangeVersion                    : 0.10 (14.0.100.0)
  ExternalClientAuthenticationMethod : Basic
  InternalClientAuthenticationMethod : Ntlm
  IISAuthenticationMethods           : {Basic, Ntlm}
  Identity                           : CAS02\Rpc (Default Web Site)
  ExchangeVersion                    : 0.10 (14.0.100.0)
  ExternalClientAuthenticationMethod : Basic
  InternalClientAuthenticationMethod : Ntlm
  IISAuthenticationMethods           : {Basic, Ntlm}
  Identity                           : CAS03\Rpc (Default Web Site)
  ExchangeVersion                    : 0.10 (14.0.100.0)
  ExternalClientAuthenticationMethod : Basic
  InternalClientAuthenticationMethod : Ntlm
  IISAuthenticationMethods           : {Basic, Ntlm}
  Identity                           : EXCH2K13-01\Rpc (Default Web Site)
  ExchangeVersion                    : 0.20 (15.0.0.0)
  ExternalClientAuthenticationMethod : Basic
  InternalClientAuthenticationMethod : Ntlm
  IISAuthenticationMethods           : {Basic, Ntlm, Negotiate}
  Identity                           : EXCH2K13-02\Rpc (Default Web Site)
  ExchangeVersion                    : 0.20 (15.0.0.0)
  ExternalClientAuthenticationMethod : Basic
  InternalClientAuthenticationMethod : Ntlm
  IISAuthenticationMethods           : {Basic, Ntlm, Negotiate}
  Identity                           : EXCH2K13-03\Rpc (Default Web Site)
  ExchangeVersion                    : 0.20 (15.0.0.0)
  ExternalClientAuthenticationMethod : Basic
  InternalClientAuthenticationMethod : Ntlm
  IISAuthenticationMethods           : {Basic, Ntlm, Negotiate}

  Hi,
  Please refer to the following KB to set the Outlook Anywhere settings on Exchange Server 2013 Client Access servers:
  http://support.microsoft.com/en-us/kb/2834139
  If it doesn’t work with the resolution above, please do the following checking in ADSI Edit:
  1. In Adsiedit, expand Configuration-->CN=Services -> CN=Microsoft Exchange -> CN=domain -> CN=Administrative Groups -> CN=Exchange Administrative Group -> CN=Databases.
  2. Right-click the listed database > Properties.
  3. Check whether the msExchHomePublicMDB value is set to an available value. Please change the value to <not set>.
  4. Click OK.
  Then check whether the issue persists.
  Regards,
  Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact [email protected]
  Winnie Liang
  TechNet Community Support

• Access to my Office 365 third-party app for external user : "a User account is not registered for the account"

  In my third-party web application of Office 365, I want to have access to the contacts, events and emails of all the users from the organizations who installed my app. The thing is I don't want that all these users have to grant me access, I just want one
  admin of the org to grant access for my app and then be able to retrieve the data I need for all the users.
  To test for one organization, I logged in as the admin and proceed to the Oauth2 authentication to retrieve the access token and in the first request (the GET one to retrieve an authorization code) i add the parameter
  prompt=admin_consent.
  With this access token, I can access the data (emails, contact, event) of the admin
  for instance for the contacts
  uri: https://outlook.office365.com/ews/odata/Users(adminemail)/Contacts
  but not the data of the other users of this org with this uri
  uri: https://outlook.office365.com/ews/odata/Users(useremail)/Contacts
  The only thing I can do is retrieve an access token for each user but it supposed that each user has to authorize the access to the app but it's very cumbersome. So, i don't see what enables the parameter prompt=admin_consent and how to use it. Does anybody
  know what it does?
  And my question is: how can I do to access the data of all the users of one organization when the access has been granted by one admin?
  Thank you!

      
  This was answered on StackOverflow by Dushyant Gill.  http://stackoverflow.com/questions/25316175/access-to-my-office-365-third-party-app-for-external-user-a-user-account-is-n/25316678#25316678
  You are sending the OAuth request to a tenant specific endpoint of Azure AD. Note the {key_provided} part of your Url - that part represents the tenantid or a registered domain name of an Azure AD tenant. Azure AD throws this error is the user signing in
  is not a user in that tenant.
  Multi-tenant applications like yours have two options:
  Perform home realm discovery yourself and send the SSO request to the correct tenant-specific endpoint of Azure AD: when a new Azure AD organization signs-up for your application, record its tenant ID, and registered domain names. On your login page, ask
  the user for their email and try to discover what Org they belong to using the suffix the email.
  Use the common endpoint of Azure AD. Instead of the {key_provided} part of the URL, use 'common'. In this case Azure AD will determine the user's tenant and sign-in the user. The token that your application will receive will still be from the user's tenant
  (iss claim).
  2 is more convenient for apps. However #1 has an advantage when the user's Organization has customized their sign-in page with the company logo etc - in the case of #1 the user will directly be taken to the customized and familiar sign-in page.
  I recommend a combination of the two: try determining the user's organization and sending them to the tenant specific SSO endpoint. If you're not able to - send them to the common endpoint.

• Exchange 2007 - The server don't send dsn message for external users

  Hello,
  Our exchange 2007doesn't send dsn message for external users but for internals it is ok, I check my configuration but all seems to be ok
  Have you any idea please?
  Thx

  Hi,
  To narrow down the cause, let's firstly try to check the following configuration:
  Get-TransportConfig |fl
  Get-RemoteDomain | select identity, NDREnabled
  Get-SystemMessage
  Thanks,
  Angela Shi
  TechNet Community Support

• How to secure BSP applications for external users on the internet?

  I posted this question under Enterprise Portal forum but got no response. I am hoping some of you experts in this area can help.
  We have developed BSP applications and set them up as iViews in Enterprise Portal 6. Our portal implementation will be used by external users.
  We have security concerns that the access to the BSPs  allows external users direct access to the R/3 system. We were told that we should use ITS application instead of BSP application for external users.
  Do any of you have any insight into how we could work around the security problem with BSP applications, or BSP applications in EP6? Your help will be greatly appreciated.

  In sense they are correct as to whether it is more secure or not would have to be a call by people who are more of an expert than myself.
  But I can see there point the BSP runs directly on the system and uses the system security where as the ITS is basically just an RFC call. However for us we use a 620 server with BSP's and make RFC calls to our R/3 systems thus keeping people of the R/3 directly - however we are not opened to the Internet.
  If your message is answered please remember to mark it solved so others searching in the future can find the solved ones quicker - just click on the yellow star.