Lync 2013 Edge replication not working
hi, I have a Lync 2013 Edge replication issue - it is simply not working.
UpToDate : False
ReplicaFqdn : LyncEdge.contoso.com
I have already checked the following:
1) telnet from FEP servers to the Edge sever on port 4443 is working
2) Certificates are installed correctly - Lync Federation, Voice/Video to Skype, Lync Mobile is all working fine.
3) Replication traffic checking showing the following error in XDS logs:
(000000000126DB35)[FileTransferTask(11, 9/03/2015 2:44:24 PM): {TASK_NOT_STARTED, fromReplica, [lyncedge.contoso.com, HttpsWebService, 4443], 0}] Failed to copy files from replica. Exception: [System.ServiceModel.Security.MessageSecurityException: The HTTP
request was forbidden with client authentication scheme 'Anonymous'. ---> System.Net.WebException: The remote server returned an error: (403) Forbidden.
at System.Net.HttpWebRequest.GetResponse()
at System.ServiceModel.Channels.HttpChannelFactory.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout)
--- End of inner exception stack trace ---
Server stack trace:
at System.ServiceModel.Channels.HttpChannelUtilities.ValidateAuthentication(HttpWebRequest request, HttpWebResponse response, WebException responseException, HttpChannelFactory factory)
at System.ServiceModel.Channels.HttpChannelUtilities.ValidateRequestReplyResponse(HttpWebRequest request, HttpWebResponse response, HttpChannelFactory factory, WebException responseException, ChannelBinding channelBinding)
at System.ServiceModel.Channels.HttpChannelFactory.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout)
at System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout)
at System.ServiceModel.Dispatcher.RequestChannelBinder.Request(Message message, TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
Exception rethrown at [0]:
at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
at Microsoft.Rtc.Xds.Replication.Common.IReplicationWebService.DownloadFiles(String senderFqdn, String sourceDirPath, String tempDirPath)
at Microsoft.Rtc.Xds.Replication.FileTransfer.FileTransferTask.CopyFilesFromReplicaUsingWcf(String fromDir, String tmpDir, String toDir)]
I have checked certificate stores: there are only 34 certificates in the Root folder and the SendTrustedIssuerList reg. key has been configured, which did not solve the issue.
Any idea how to troubleshoot this or possible root causes?
Try Test-CsComputer on the Frontend Servers and the Edge Servers. This should check Windows Firewall exceptions are correct. Then check permissions on your Lync fileshare. You can also try to reinstall CMS Database with the following command (user must be
memeber of CsAdministrator group and sysadmin group of SQL Server)
Install-CsDatabase -CentralManagementDatabase -SqlServerFqdn CMS.FQDN
-SqlInstanceName DBInstance -Verbose
Similar Messages
-
Lync 2013 External Mobility Not Working
Hello,
The issue I seem to be having is in regards to the external mobility access.
So far everything else in our environment seems to be functioning properly.
The Lync desktop client works both internally as well as externally.
The Lync internal mobility also works. The only issue seems to be with the external mobility part.
I tried going to the external autodiscover address for our system, https://lyncdiscover.mydomain.com but it doesn’t return anything either.
I think the issue lies somewhere with DNS or my reverse proxy, however I’m having a hard time being able to just start changing settings seeing as how I don’t want to break everything that is currently working for our users.
I’ve been through a lot of the post here but I still can’t seem to find the settings to fix the issue I’m having.
Here is a breakdown of my settings I feel are in question:
1 – Lync 2013 FE Server (LYNC01)
1 – Lync Edge Server (EDGE01)
1 – Reverse Proxy Server (RPROXY01)
Public DNS:
A Records
SIP.mydomain.com
205.XXX.XXX.91 (Access Service on EDGE01)
AccessEdge.mydomain.com
205.XXX.XXX.91 (Access Service on EDGE01)
WebConfEdge.mydomain.com 205.XXX.XXX.92 (WebConf Service on EDGE01)
AVEdge.mydomain.com
205.XXX.XXX.93 (A/VEdge Service on EDGE01)
meet.mydomain.com
205.XXX.XXX.94 (Reverse Proxy Server)
dialin.mydomain.com
205.XXX.XXX.94 (Reverse Proxy Server)
lync.mydomain.com
205.XXX.XXX.94 (Reverse Proxy Server)
lyncdiscover.mydomain.com 205.XXX.XXX.94 (Reverse Proxy
Server)
SRV
_sip._tls.mydomain.com:443
AccessEdge.mydomain.com
_sipfederationtls._tcp.mydomain.com:5061
AccessEdge.mydomain.com
_xmpp-server._tcp.mydomain.com
AccessEdge.mydomain.com
Private DNS:
A Records
LYNC01
172.XXX.XXX.65 (LYNC01 FE Server)
Admin
172.XXX.XXX.65 (LYNC01 FE Server)
Dialin
172.XXX.XXX.65 (LYNC01 FE Server)
LyncDiscoverInternal
172.XXX.XXX.65 (LYNC01 FE Server)
Meet
172.XXX.XXX.65 (LYNC01 FE Server)
Sip
172.XXX.XXX.65 (LYNC01 FE Server)
EDGE01
172.XXX.XXX.66 (EDGE01 Server)
RPROXY01
172.XXX.XXX.70 (Reverse Proxy Server)
Lync
205.XXX.XXX.94 (Reverse Proxy Server)
LyncDiscover
(CNAME)
lync.gmsd.k12.pa.us
SRV
_xmpp-server._tcp.mydomain.com
Sip.mydomain.com
_sipinternaltls._tcp.mydomain.com:5061
LYNC01.mydomain.com
Lync Server Services Addresses
Lync FE Server: \\
LYNC01.mydomain.com (172.XXX.XXX.65)
File Store: \\
LYNC01.mydomain.com\Share
Office Web Apps Server:
\\lyncowa.mydomain.com
External Web Services:
\\lync.mydomain.com
Edge Server Services Addresses
Edge Server:
\\ EDGE01.mydomain.com (172.XXX.XXX.66)
Access Edge Service:
\\AccessEdge.mydomain.com (172.XXX.XXX.67, 205.XXX.XXX.91)
Web Conference Service: \\WebConfEdge.mydomain.com (172.XXX.XXX.68, 205.XXX.XXX.92)
A/V Edge Service: \\WebConfEdge.mydomain.com
(172.XXX.XXX.69, 205.XXX.XXX.93)
Reverse Proxy Server Addresses
Reverse Proxy Server:
RPROXY01.mydomain.com (172.XXX.XXX.70, 205.XXX.XXX.94)
Server Farms:
Dialin.mydomain.com:
Dialin.mydomain.com (LYNC01)
Meet.mydomain.com:
Meet.mydomain.com (LYNC01)
LyncDiscover.mydomain.com:
LYNC01.mydomain.com (LYNC01)
Lync.mydomain.com:
LYNC01.mydomain.com (LYNC01)
Edge External Cert
AccessEdge.mydomain.com
Sip.mydomain.com
WebConfEdge.mydomain.com
Reverse Proxy Cert
lync.mydomain.com
meet.mydomain.com
dialin.mydomain.com
lyncdiscover.mydomain.com
lyncowa.mydomain.com
With everything else working as it should, this external mobility part is just not really making sense to me. I have also verified that the correct ports are being using on the reverse proxy as well for the server farms,
8080 and 4443. Any help would be greatly appreciated. Thank you.I'm also attaching the log file from running Lync Connectivity Analyzer if it helps.
[6/10/2014 7:30:18 AM] [DEBUG] Logging test parameters:
[6/10/2014 7:30:18 AM] [DEBUG] SIP Uri: [email protected]
[6/10/2014 7:30:18 AM] [DEBUG] User Name:
[6/10/2014 7:30:18 AM] [DEBUG] Discovery Type: Automatic Discovery
[6/10/2014 7:30:18 AM] [DEBUG] Network access: NetworkAccessExternal
[6/10/2014 7:30:18 AM] [DEBUG] Selected client: ApplicationLyncMobile2010
[6/10/2014 7:30:18 AM] [SUBHEADING] Starting Lync server autodiscovery
[6/10/2014 7:30:18 AM] [INFO] Please wait; this test may take several minutes to complete...
[6/10/2014 7:30:18 AM] [SUBHEADING] Starting automatic discovery for secure (HTTPS) internal channel
[6/10/2014 7:30:18 AM] [DEBUG] Sending HTTP request to https://lyncdiscoverinternal.mydomain.com/[email protected]
[6/10/2014 7:30:18 AM] [DEBUG] Cookie found in autodiscover response: StatusCode: 200, ReasonPhrase: 'OK', Version: 1.1, Content: System.Net.Http.StreamContent, Headers:
Pragma: no-cache
X-MS-Server-Fqdn: LYNC01.mydomain.com
X-Content-Type-Options: nosniff
Cache-Control: no-cache
Date: Tue, 10 Jun 2014 11:30:18 GMT
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Length: 670
Content-Type: application/vnd.microsoft.rtc.autodiscover+xml; v=1
Expires: -1
[6/10/2014 7:30:18 AM] [DEBUG] Parsing the response for URL https://lyncdiscoverinternal.mydomain.com/[email protected]. Full response: <?xml version="1.0" encoding="utf-8"?><AutodiscoverResponse xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" AccessLocation="Internal"><Root><Link token="Domain" href="https://lync01.mydomain.com/Autodiscover/AutodiscoverService.svc/root/domain" /><Link token="User" href="https://lync01.mydomain.com/Autodiscover/AutodiscoverService.svc/root/user"
/><Link token="OAuth" href="https://lync01.mydomain.com/Autodiscover/AutodiscoverService.svc/root/oauth/user" /><Link token="Self" href="https://lync01.mydomain.com/Autodiscover/AutodiscoverService.svc/root" /></Root></AutodiscoverResponse>
[6/10/2014 7:30:18 AM] [DEBUG] Autodiscover URL https://lyncdiscoverinternal.mydomain.com/[email protected] redirected to https://lync01.mydomain.com/Autodiscover/AutodiscoverService.svc/root/user
[6/10/2014 7:30:18 AM] [DEBUG] Sending HTTP request to https://lync01.mydomain.com/Autodiscover/AutodiscoverService.svc/root/[email protected]
[6/10/2014 7:30:18 AM] [DEBUG] Cookie found in autodiscover response: StatusCode: 401, ReasonPhrase: 'Unauthorized', Version: 1.1, Content: System.Net.Http.StreamContent, Headers:
X-MS-WebTicketURL: https://lync01.mydomain.com/WebTicket/WebTicketService.svc
X-MS-WebTicketSupported: cwt,saml
X-MS-Server-Fqdn: LYNC01.mydomain.com
X-Content-Type-Options: nosniff
Date: Tue, 10 Jun 2014 11:30:18 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Content-Length: 1293
Content-Type: text/html
[6/10/2014 7:30:18 AM] [DEBUG] Authorization required for https://lync01.mydomain.com/Autodiscover/AutodiscoverService.svc/root/[email protected]
[6/10/2014 7:30:18 AM] [DEBUG] Obtaining WebTicket from https://lync01.mydomain.com/WebTicket/WebTicketService.svc
[6/10/2014 7:30:18 AM] [DEBUG] On-premises WebTicket server: https://lync01.mydomain.com/WebTicket/WebTicketService.svc/Auth
[6/10/2014 7:30:18 AM] [DEBUG] AcquireTicketAsync succeeded for https://lync01.mydomain.com/WebTicket/WebTicketService.svc/Auth
[6/10/2014 7:30:18 AM] [DEBUG] WebTicket: <saml:Assertion MajorVersion="1" MinorVersion="1" AssertionID="SamlSecurityToken-4e51bf2a-2849-4779-a595-a5040c22ff1b" Issuer="https://lync01.mydomain.com/63b16135-930c-5e0b-998c-7ed6bc68b6f8" IssueInstant="2014-06-10T11:30:18.173Z"
xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"><saml:Conditions NotBefore="2014-06-10T11:30:18.173Z" NotOnOrAfter="2014-06-10T19:23:01.173Z"><saml:AudienceRestrictionCondition><saml:Audience>https://lync01.mydomain.com/</saml:Audience></saml:AudienceRestrictionCondition></saml:Conditions><saml:AuthenticationStatement
AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:unspecified" AuthenticationInstant="2014-06-10T11:30:18.173Z"><saml:Subject><saml:NameIdentifier Format="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/uri">sip:[email protected]</saml:NameIdentifier><saml:SubjectConfirmation><saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:holder-of-key</saml:ConfirmationMethod><KeyInfo
xmlns="http://www.w3.org/2000/09/xmldsig#"><e:EncryptedKey xmlns:e="http://www.w3.org/2001/04/xmlenc#"><e:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#kw-aes256"></e:EncryptionMethod><KeyInfo><KeyName>63b16135-930c-5e0b-998c-7ed6bc68b6f8:8d152b04ce7ddbf</KeyName></KeyInfo><e:CipherData><e:CipherValue>7M3R6naVg1ifGvuQKTMS+4EjHlJrdZeQqsqobNZUhMxHE9y7klUmXw==</e:CipherValue></e:CipherData></e:EncryptedKey></KeyInfo></saml:SubjectConfirmation></saml:Subject></saml:AuthenticationStatement><Signature
xmlns="http://www.w3.org/2000/09/xmldsig#"><SignedInfo><CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></CanonicalizationMethod><SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></SignatureMethod><Reference
URI="#SamlSecurityToken-4e51bf2a-2849-4779-a595-a5040c22ff1b"><Transforms><Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"></Transform><Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></Transform></Transforms><DigestMethod
Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></DigestMethod><DigestValue>otvulmCO6kY0HQdwfqQXUZT/pdmKSdVZJTU0f/MS0N8=</DigestValue></Reference></SignedInfo><SignatureValue>WUGQOtUzu6RtuSKdHHCQZWxiOFVf8HT181U6tS8IVifyyAzA046lm0SBKbFpLzwMEAXsf3ZmkHQkzK/AfS6WJ92WkAz3LLEsqSqGBGQoxe5WPXMlfA9J4+1lnT6Zsfq7fb9aLqZch2oSga3yj0CeQgsbcmppQhQO86zJ468YskVyAk4Y/oIOyThKg/+Ce8V4tFw575+zYatuSzKvUtgHq+DKJRO7T2M8r0aoCx65ZgfCxJpA+bqalDz3BesqOzMKfWTn33fwArVh8JMF1ohNkliwOegTeEEq4aH2Sg04N7ZfLrhoFlWeXuZWn1AzWppyl+FBfwlbLOVbQgP6/3NdMQ==</SignatureValue><KeyInfo><o:SecurityTokenReference
xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><o:KeyIdentifier ValueType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#ThumbprintSHA1">/YVCIdf+YFyKopRflv61uWov2vs=</o:KeyIdentifier></o:SecurityTokenReference></KeyInfo></Signature></saml:Assertion>
[6/10/2014 7:30:18 AM] [DEBUG] Sending HTTP request to https://lync01.mydomain.com/Autodiscover/AutodiscoverService.svc/root/[email protected]
[6/10/2014 7:30:18 AM] [DEBUG] Cookie found in autodiscover response: StatusCode: 200, ReasonPhrase: 'OK', Version: 1.1, Content: System.Net.Http.StreamContent, Headers:
Pragma: no-cache
X-MS-Server-Fqdn: LYNC01.mydomain.com
X-Content-Type-Options: nosniff
Cache-Control: no-cache
Date: Tue, 10 Jun 2014 11:30:18 GMT
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Length: 1646
Content-Type: application/vnd.microsoft.rtc.autodiscover+xml; v=1
Expires: -1
[6/10/2014 7:30:18 AM] [DEBUG] Parsing the response for URL https://lync01.mydomain.com/Autodiscover/AutodiscoverService.svc/root/[email protected]. Full response: <?xml version="1.0" encoding="utf-8"?><AutodiscoverResponse xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" AccessLocation="Internal"><User><SipServerInternalAccess fqdn="LYNC01.mydomain.com" port="5061" /><SipClientInternalAccess fqdn="LYNC01.mydomain.com" port="5061" /><SipServerExternalAccess
fqdn="AccessEdge.mydomain.com" port="5061" /><SipClientExternalAccess fqdn="AccessEdge.mydomain.com" port="443" /><Link token="Internal/Autodiscover" href="https://lync01.mydomain.com/Autodiscover/AutodiscoverService.svc/root" /><Link token="Internal/AuthBroker"
href="https://lync01.mydomain.com/Reach/sip.svc" /><Link token="Internal/WebScheduler" href="https://lync01.mydomain.com/Scheduler" /><Link token="External/Autodiscover" href="https://lync.mydomain.com/Autodiscover/AutodiscoverService.svc/root"
/><Link token="External/AuthBroker" href="https://lync.mydomain.com/Reach/sip.svc" /><Link token="External/WebScheduler" href="https://lync.mydomain.com/Scheduler" /><Link token="Internal/Mcx" href="https://lync01.mydomain.com/Mcx/McxService.svc"
/><Link token="External/Mcx" href="https://lync01.mydomain.com/Mcx/McxService.svc" /><Link token="Ucwa" href="https://lync.mydomain.com/ucwa/v0/applications" /><Link token="Internal/Ucwa" href="https://lync01.mydomain.com/ucwa/v0/applications"
/><Link token="External/Ucwa" href="https://lync.mydomain.com/ucwa/v0/applications" /><Link token="Self" href="https://lync01.mydomain.com/Autodiscover/AutodiscoverService.svc/root/user" /></User></AutodiscoverResponse>
[6/10/2014 7:30:18 AM] [INFO] Server discovery has completed for https://lyncdiscoverinternal.mydomain.com/.
[6/10/2014 7:30:18 AM] [DEBUG] Autodiscover full response for URL https://lyncdiscoverinternal.mydomain.com/ is <?xml version="1.0" encoding="utf-8"?><AutodiscoverResponse xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
AccessLocation="Internal"><User><SipServerInternalAccess fqdn="LYNC01.mydomain.com" port="5061" /><SipClientInternalAccess fqdn="LYNC01.mydomain.com" port="5061" /><SipServerExternalAccess fqdn="AccessEdge.mydomain.com" port="5061"
/><SipClientExternalAccess fqdn="AccessEdge.mydomain.com" port="443" /><Link token="Internal/Autodiscover" href="https://lync01.mydomain.com/Autodiscover/AutodiscoverService.svc/root" /><Link token="Internal/AuthBroker" href="https://lync01.mydomain.com/Reach/sip.svc"
/><Link token="Internal/WebScheduler" href="https://lync01.mydomain.com/Scheduler" /><Link token="External/Autodiscover" href="https://lync.mydomain.com/Autodiscover/AutodiscoverService.svc/root" /><Link token="External/AuthBroker" href="https://lync.mydomain.com/Reach/sip.svc"
/><Link token="External/WebScheduler" href="https://lync.mydomain.com/Scheduler" /><Link token="Internal/Mcx" href="https://lync01.mydomain.com/Mcx/McxService.svc" /><Link token="External/Mcx" href="https://lync01.mydomain.com/Mcx/McxService.svc"
/><Link token="Ucwa" href="https://lync.mydomain.com/ucwa/v0/applications" /><Link token="Internal/Ucwa" href="https://lync01.mydomain.com/ucwa/v0/applications" /><Link token="External/Ucwa" href="https://lync.mydomain.com/ucwa/v0/applications"
/><Link token="Self" href="https://lync01.mydomain.com/Autodiscover/AutodiscoverService.svc/root/user" /></User></AutodiscoverResponse>
[6/10/2014 7:30:18 AM] [DEBUG] SendRequest failed for https://lync01.mydomain.com/Autodiscover/AutodiscoverService.svc/root/[email protected]
[6/10/2014 7:30:18 AM] [INFO] Automatic discovery results for https://lyncdiscoverinternal.mydomain.com/
[6/10/2014 7:30:18 AM] [INFO] Access Location : Internal
[6/10/2014 7:30:18 AM] [INFO] SIP Server Internal Access : LYNC01.mydomain.com
[6/10/2014 7:30:18 AM] [INFO] SIP Server External Access : AccessEdge.mydomain.com
[6/10/2014 7:30:18 AM] [INFO] SIP Client Internal Access : LYNC01.mydomain.com
[6/10/2014 7:30:18 AM] [INFO] SIP Client External Access : AccessEdge.mydomain.com
[6/10/2014 7:30:18 AM] [INFO] Internal Auth broker service : https://lync01.mydomain.com/Reach/sip.svc
[6/10/2014 7:30:18 AM] [INFO] External Auth broker service : https://lync.mydomain.com/Reach/sip.svc
[6/10/2014 7:30:18 AM] [INFO] Internal Auto discover service : https://lync01.mydomain.com/Autodiscover/AutodiscoverService.svc/root
[6/10/2014 7:30:18 AM] [INFO] External Auto discover service : https://lync.mydomain.com/Autodiscover/AutodiscoverService.svc/root
[6/10/2014 7:30:18 AM] [INFO] Internal MCX service : https://lync01.mydomain.com/Mcx/McxService.svc
[6/10/2014 7:30:18 AM] [INFO] External MCX service : https://lync01.mydomain.com/Mcx/McxService.svc
[6/10/2014 7:30:18 AM] [INFO] Internal UCWA service : https://lync01.mydomain.com/ucwa/v0/applications
[6/10/2014 7:30:18 AM] [INFO] External UCWA service : https://lync.mydomain.com/ucwa/v0/applications
[6/10/2014 7:30:18 AM] [INFO] Internal Webscheduler service : https://lync01.mydomain.com/Scheduler
[6/10/2014 7:30:18 AM] [INFO] External Webscheduler service : https://lync.mydomain.com/Scheduler
[6/10/2014 7:30:18 AM] [INFO] Total server discovery time: 0.1 seconds
[6/10/2014 7:30:18 AM] [SUMMARY_SUCCESS] Server discovery succeeded for secure (HTTPS) internal channel against URL https://lyncdiscoverinternal.mydomain.com/
[6/10/2014 7:30:18 AM] [SUBHEADING] Starting automatic discovery for unsecure (HTTP) internal channel
[6/10/2014 7:30:18 AM] [DEBUG] Sending HTTP request to http://lyncdiscoverinternal.mydomain.com/[email protected]
[6/10/2014 7:30:18 AM] [DEBUG] Cookie found in autodiscover response: StatusCode: 200, ReasonPhrase: 'OK', Version: 1.1, Content: System.Net.Http.StreamContent, Headers:
Pragma: no-cache
X-MS-Server-Fqdn: LYNC01.mydomain.com
X-Content-Type-Options: nosniff
Cache-Control: no-cache
Date: Tue, 10 Jun 2014 11:30:18 GMT
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Length: 670
Content-Type: application/vnd.microsoft.rtc.autodiscover+xml; v=1
Expires: -1
[6/10/2014 7:30:18 AM] [DEBUG] Parsing the response for URL http://lyncdiscoverinternal.mydomain.com/[email protected]. Full response: <?xml version="1.0" encoding="utf-8"?><AutodiscoverResponse xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" AccessLocation="Internal"><Root><Link token="Domain" href="https://lync01.mydomain.com/Autodiscover/AutodiscoverService.svc/root/domain" /><Link token="User" href="https://lync01.mydomain.com/Autodiscover/AutodiscoverService.svc/root/user"
/><Link token="OAuth" href="https://lync01.mydomain.com/Autodiscover/AutodiscoverService.svc/root/oauth/user" /><Link token="Self" href="https://lync01.mydomain.com/Autodiscover/AutodiscoverService.svc/root" /></Root></AutodiscoverResponse>
[6/10/2014 7:30:18 AM] [DEBUG] Autodiscover URL http://lyncdiscoverinternal.mydomain.com/[email protected] redirected to https://lync01.mydomain.com/Autodiscover/AutodiscoverService.svc/root/user
[6/10/2014 7:30:18 AM] [DEBUG] Sending HTTP request to https://lync01.mydomain.com/Autodiscover/AutodiscoverService.svc/root/[email protected]
[6/10/2014 7:30:18 AM] [DEBUG] Cookie found in autodiscover response: StatusCode: 401, ReasonPhrase: 'Unauthorized', Version: 1.1, Content: System.Net.Http.StreamContent, Headers:
X-MS-WebTicketURL: https://lync01.mydomain.com/WebTicket/WebTicketService.svc
X-MS-WebTicketSupported: cwt,saml
X-MS-Server-Fqdn: LYNC01.mydomain.com
X-Content-Type-Options: nosniff
Date: Tue, 10 Jun 2014 11:30:18 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Content-Length: 1293
Content-Type: text/html
[6/10/2014 7:30:18 AM] [DEBUG] Authorization required for https://lync01.mydomain.com/Autodiscover/AutodiscoverService.svc/root/[email protected]
[6/10/2014 7:30:18 AM] [DEBUG] Obtaining WebTicket from https://lync01.mydomain.com/WebTicket/WebTicketService.svc
[6/10/2014 7:30:18 AM] [DEBUG] On-premises WebTicket server: https://lync01.mydomain.com/WebTicket/WebTicketService.svc/Auth
[6/10/2014 7:30:18 AM] [DEBUG] AcquireTicketAsync succeeded for https://lync01.mydomain.com/WebTicket/WebTicketService.svc/Auth
[6/10/2014 7:30:18 AM] [DEBUG] WebTicket: <saml:Assertion MajorVersion="1" MinorVersion="1" AssertionID="SamlSecurityToken-1b6331e1-4be5-4749-869a-21feb4b7198a" Issuer="https://lync01.mydomain.com/63b16135-930c-5e0b-998c-7ed6bc68b6f8" IssueInstant="2014-06-10T11:30:18.238Z"
xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"><saml:Conditions NotBefore="2014-06-10T11:30:18.238Z" NotOnOrAfter="2014-06-10T19:20:24.238Z"><saml:AudienceRestrictionCondition><saml:Audience>https://lync01.mydomain.com/</saml:Audience></saml:AudienceRestrictionCondition></saml:Conditions><saml:AuthenticationStatement
AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:unspecified" AuthenticationInstant="2014-06-10T11:30:18.238Z"><saml:Subject><saml:NameIdentifier Format="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/uri">sip:[email protected]</saml:NameIdentifier><saml:SubjectConfirmation><saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:holder-of-key</saml:ConfirmationMethod><KeyInfo
xmlns="http://www.w3.org/2000/09/xmldsig#"><e:EncryptedKey xmlns:e="http://www.w3.org/2001/04/xmlenc#"><e:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#kw-aes256"></e:EncryptionMethod><KeyInfo><KeyName>63b16135-930c-5e0b-998c-7ed6bc68b6f8:8d152b04ce7ddbf</KeyName></KeyInfo><e:CipherData><e:CipherValue>NrQOUA0JAXMmR/4ACrZ8LyVN79jUZbR6Fz+sGlbAdWXgQF/u24DLlw==</e:CipherValue></e:CipherData></e:EncryptedKey></KeyInfo></saml:SubjectConfirmation></saml:Subject></saml:AuthenticationStatement><Signature
xmlns="http://www.w3.org/2000/09/xmldsig#"><SignedInfo><CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></CanonicalizationMethod><SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></SignatureMethod><Reference
URI="#SamlSecurityToken-1b6331e1-4be5-4749-869a-21feb4b7198a"><Transforms><Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"></Transform><Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></Transform></Transforms><DigestMethod
Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></DigestMethod><DigestValue>WnZZN/Vbfrget92urYd1+HmyXX/vYQ6CjHN4lLEXxK0=</DigestValue></Reference></SignedInfo><SignatureValue>BiFjeIuG7TW/DqIdklMNdaqRJLgbenphBcb51HGGH4WCdThgj2Oizkvfa6NRAwsE74qmyVLcfJIO2TK+if1yelHzUEde8ZvLwcruIFYWecK3OXDSDiGpYa3WdPwNUZrSRySSiCyb+fyYgz8BvZq3JjQRulOXnFhz4X3wXzoS6xMovmmVsOrdVTMjvT7l7ydEo1ucnEl5zjEnKih7WjCoElYENwEeG2HGf4Xqi43piaWXa9k7GY9k1idyrfJ7too+u7O7fhnhJ9OR0GR1KydbAPdSi5hmpZcziLn6xKCVW64w2bGCsT4N2vr+f5AhknSmjDa+9Wnyiar2uuLk+7eLmQ==</SignatureValue><KeyInfo><o:SecurityTokenReference
xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><o:KeyIdentifier ValueType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#ThumbprintSHA1">/YVCIdf+YFyKopRflv61uWov2vs=</o:KeyIdentifier></o:SecurityTokenReference></KeyInfo></Signature></saml:Assertion>
[6/10/2014 7:30:18 AM] [DEBUG] Sending HTTP request to https://lync01.mydomain.com/Autodiscover/AutodiscoverService.svc/root/[email protected]
[6/10/2014 7:30:18 AM] [DEBUG] Cookie found in autodiscover response: StatusCode: 200, ReasonPhrase: 'OK', Version: 1.1, Content: System.Net.Http.StreamContent, Headers:
Pragma: no-cache
X-MS-Server-Fqdn: LYNC01.mydomain.com
X-Content-Type-Options: nosniff
Cache-Control: no-cache
Date: Tue, 10 Jun 2014 11:30:18 GMT
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Length: 1646
Content-Type: application/vnd.microsoft.rtc.autodiscover+xml; v=1
Expires: -1
[6/10/2014 7:30:18 AM] [DEBUG] Parsing the response for URL https://lync01.mydomain.com/Autodiscover/AutodiscoverService.svc/root/[email protected]. Full response: <?xml version="1.0" encoding="utf-8"?><AutodiscoverResponse xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" AccessLocation="Internal"><User><SipServerInternalAccess fqdn="LYNC01.mydomain.com" port="5061" /><SipClientInternalAccess fqdn="LYNC01.mydomain.com" port="5061" /><SipServerExternalAccess
fqdn="AccessEdge.mydomain.com" port="5061" /><SipClientExternalAccess fqdn="AccessEdge.mydomain.com" port="443" /><Link token="Internal/Autodiscover" href="https://lync01.mydomain.com/Autodiscover/AutodiscoverService.svc/root" /><Link token="Internal/AuthBroker"
href="https://lync01.mydomain.com/Reach/sip.svc" /><Link token="Internal/WebScheduler" href="https://lync01.mydomain.com/Scheduler" /><Link token="External/Autodiscover" href="https://lync.mydomain.com/Autodiscover/AutodiscoverService.svc/root"
/><Link token="External/AuthBroker" href="https://lync.mydomain.com/Reach/sip.svc" /><Link token="External/WebScheduler" href="https://lync.mydomain.com/Scheduler" /><Link token="Internal/Mcx" href="https://lync01.mydomain.com/Mcx/McxService.svc"
/><Link token="External/Mcx" href="https://lync01.mydomain.com/Mcx/McxService.svc" /><Link token="Ucwa" href="https://lync.mydomain.com/ucwa/v0/applications" /><Link token="Internal/Ucwa" href="https://lync01.mydomain.com/ucwa/v0/applications"
/><Link token="External/Ucwa" href="https://lync.mydomain.com/ucwa/v0/applications" /><Link token="Self" href="https://lync01.mydomain.com/Autodiscover/AutodiscoverService.svc/root/user" /></User></AutodiscoverResponse>
[6/10/2014 7:30:18 AM] [INFO] Server discovery has completed for http://lyncdiscoverinternal.mydomain.com/.
[6/10/2014 7:30:18 AM] [DEBUG] Autodiscover full response for URL http://lyncdiscoverinternal.mydomain.com/ is <?xml version="1.0" encoding="utf-8"?><AutodiscoverResponse xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
AccessLocation="Internal"><User><SipServerInternalAccess fqdn="LYNC01.mydomain.com" port="5061" /><SipClientInternalAccess fqdn="LYNC01.mydomain.com" port="5061" /><SipServerExternalAccess fqdn="AccessEdge.mydomain.com" port="5061"
/><SipClientExternalAccess fqdn="AccessEdge.mydomain.com" port="443" /><Link token="Internal/Autodiscover" href="https://lync01.mydomain.com/Autodiscover/AutodiscoverService.svc/root" /><Link token="Internal/AuthBroker" href="https://lync01.mydomain.com/Reach/sip.svc"
/><Link token="Internal/WebScheduler" href="https://lync01.mydomain.com/Scheduler" /><Link token="External/Autodiscover" href="https://lync.mydomain.com/Autodiscover/AutodiscoverService.svc/root" /><Link token="External/AuthBroker" href="https://lync.mydomain.com/Reach/sip.svc"
/><Link token="External/WebScheduler" href="https://lync.mydomain.com/Scheduler" /><Link token="Internal/Mcx" href="https://lync01.mydomain.com/Mcx/McxService.svc" /><Link token="External/Mcx" href="https://lync01.mydomain.com/Mcx/McxService.svc"
/><Link token="Ucwa" href="https://lync.mydomain.com/ucwa/v0/applications" /><Link token="Internal/Ucwa" href="https://lync01.mydomain.com/ucwa/v0/applications" /><Link token="External/Ucwa" href="https://lync.mydomain.com/ucwa/v0/applications"
/><Link token="Self" href="https://lync01.mydomain.com/Autodiscover/AutodiscoverService.svc/root/user" /></User></AutodiscoverResponse>
[6/10/2014 7:30:18 AM] [DEBUG] SendRequest failed for https://lync01.mydomain.com/Autodiscover/AutodiscoverService.svc/root/[email protected]
[6/10/2014 7:30:18 AM] [INFO] Automatic discovery results for http://lyncdiscoverinternal.mydomain.com/
[6/10/2014 7:30:18 AM] [INFO] Access Location : Internal
[6/10/2014 7:30:18 AM] [INFO] SIP Server Internal Access : LYNC01.mydomain.com
[6/10/2014 7:30:18 AM] [INFO] SIP Server External Access : AccessEdge.mydomain.com
[6/10/2014 7:30:18 AM] [INFO] SIP Client Internal Access : LYNC01.mydomain.com
[6/10/2014 7:30:18 AM] [INFO] SIP Client External Access : AccessEdge.mydomain.com
[6/10/2014 7:30:18 AM] [INFO] Internal Auth broker service : https://lync01.mydomain.com/Reach/sip.svc
[6/10/2014 7:30:18 AM] [INFO] External Auth broker service : https://lync.mydomain.com/Reach/sip.svc
[6/10/2014 7:30:18 AM] [INFO] Internal Auto discover service : https://lync01.mydomain.com/Autodiscover/AutodiscoverService.svc/root
[6/10/2014 7:30:18 AM] [INFO] External Auto discover service : https://lync.mydomain.com/Autodiscover/AutodiscoverService.svc/root
[6/10/2014 7:30:18 AM] [INFO] Internal MCX service : https://lync01.mydomain.com/Mcx/McxService.svc
[6/10/2014 7:30:18 AM] [INFO] External MCX service : https://lync01.mydomain.com/Mcx/McxService.svc
[6/10/2014 7:30:18 AM] [INFO] Internal UCWA service : https://lync01.mydomain.com/ucwa/v0/applications
[6/10/2014 7:30:18 AM] [INFO] External UCWA service : https://lync.mydomain.com/ucwa/v0/applications
[6/10/2014 7:30:18 AM] [INFO] Internal Webscheduler service : https://lync01.mydomain.com/Scheduler
[6/10/2014 7:30:18 AM] [INFO] External Webscheduler service : https://lync.mydomain.com/Scheduler
[6/10/2014 7:30:18 AM] [INFO] Total server discovery time: 0.1 seconds
[6/10/2014 7:30:18 AM] [SUMMARY_SUCCESS] Server discovery succeeded for unsecure (HTTP) internal channel against URL http://lyncdiscoverinternal.mydomain.com/
[6/10/2014 7:30:18 AM] [SUBHEADING] Starting automatic discovery for secure (HTTPS) external channel
[6/10/2014 7:30:18 AM] [DEBUG] Sending HTTP request to https://lyncdiscover.mydomain.com/[email protected]
[6/10/2014 7:30:39 AM] [DEBUG] Exception encountered while sending an HTTP request to https://lyncdiscover.mydomain.com/[email protected]: An error occurred while sending the request.. Complete Exception: \r\nSystem.Net.Http.HttpRequestException:
An error occurred while sending the request. ---> System.Net.WebException: Unable to connect to the remote server ---> System.Net.Sockets.SocketException: A connection attempt failed because the connected party did not properly respond after a period
of time, or established connection failed because connected host has failed to respond 205.XXX.XXX.94:443
at System.Net.Sockets.Socket.EndConnect(IAsyncResult asyncResult)
at System.Net.ServicePoint.ConnectSocketInternal(Boolean connectFailure, Socket s4, Socket s6, Socket& socket, IPAddress& address, ConnectSocketState state, IAsyncResult asyncResult, Exception& exception)
--- End of inner exception stack trace ---
at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
at System.Net.Http.HttpClientHandler.GetResponseCallback(IAsyncResult ar)
--- End of inner exception stack trace ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<SendHttpRequest>d__9.MoveNext()
[6/10/2014 7:30:39 AM] [ERROR] An error occurred while sending the request.
Unable to connect to the remote server
A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond 205.XXX.XXX.94:443
[6/10/2014 7:30:39 AM] [INFO] For troubleshooting, try using a browser to open the server discovery URL https://lyncdiscover.mydomain.com/[email protected]
[6/10/2014 7:30:39 AM] [DEBUG] System.Net.Http.HttpRequestException: An error occurred while sending the request. ---> System.Net.WebException: Unable to connect to the remote server ---> System.Net.Sockets.SocketException: A connection attempt failed
because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond 205.XXX.XXX.94:443
at System.Net.Sockets.Socket.EndConnect(IAsyncResult asyncResult)
at System.Net.ServicePoint.ConnectSocketInternal(Boolean connectFailure, Socket s4, Socket s6, Socket& socket, IPAddress& address, ConnectSocketState state, IAsyncResult asyncResult, Exception& exception)
--- End of inner exception stack trace ---
at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
at System.Net.Http.HttpClientHandler.GetResponseCallback(IAsyncResult ar)
--- End of inner exception stack trace ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<SendHttpRequest>d__9.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.TaskAwaiter`1.GetResult()
at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<SendRequest>d__d.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.TaskAwaiter`1.GetResult()
at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<TryNextUrl>d__3.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<StartDiscoveryJourney>d__0.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at LyncConnectivityAnalyzerCore.Utilities.<RetrieveUserLocation>d__3e.MoveNext()
[6/10/2014 7:30:39 AM] [SUMMARY_ERROR] Server discovery failed for secured external channel against https://lyncdiscover.mydomain.com/
[6/10/2014 7:30:39 AM] [SUBHEADING] Starting automatic discovery for unsecure (HTTP) external channel
[6/10/2014 7:30:39 AM] [DEBUG] Sending HTTP request to http://lyncdiscover.mydomain.com/[email protected]
[6/10/2014 7:31:00 AM] [DEBUG] Exception encountered while sending an HTTP request to http://lyncdiscover.mydomain.com/[email protected]: An error occurred while sending the request.. Complete Exception: \r\nSystem.Net.Http.HttpRequestException:
An error occurred while sending the request. ---> System.Net.WebException: Unable to connect to the remote server ---> System.Net.Sockets.SocketException: A connection attempt failed because the connected party did not properly respond after a period
of time, or established connection failed because connected host has failed to respond 205.XXX.XXX.94:80
at System.Net.Sockets.Socket.EndConnect(IAsyncResult asyncResult)
at System.Net.ServicePoint.ConnectSocketInternal(Boolean connectFailure, Socket s4, Socket s6, Socket& socket, IPAddress& address, ConnectSocketState state, IAsyncResult asyncResult, Exception& exception)
--- End of inner exception stack trace ---
at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
at System.Net.Http.HttpClientHandler.GetResponseCallback(IAsyncResult ar)
--- End of inner exception stack trace ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<SendHttpRequest>d__9.MoveNext()
[6/10/2014 7:31:00 AM] [ERROR] An error occurred while sending the request.
Unable to connect to the remote server
A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond 205.XXX.XXX.94:80
[6/10/2014 7:31:00 AM] [INFO] For troubleshooting, try using a browser to open the server discovery URL http://lyncdiscover.mydomain.com/[email protected]
[6/10/2014 7:31:00 AM] [DEBUG] System.Net.Http.HttpRequestException: An error occurred while sending the request. ---> System.Net.WebException: Unable to connect to the remote server ---> System.Net.Sockets.SocketException: A connection attempt failed
because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond 205.XXX.XXX.94:80
at System.Net.Sockets.Socket.EndConnect(IAsyncResult asyncResult)
at System.Net.ServicePoint.ConnectSocketInternal(Boolean connectFailure, Socket s4, Socket s6, Socket& socket, IPAddress& address, ConnectSocketState state, IAsyncResult asyncResult, Exception& exception)
--- End of inner exception stack trace ---
at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
at System.Net.Http.HttpClientHandler.GetResponseCallback(IAsyncResult ar)
--- End of inner exception stack trace ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<SendHttpRequest>d__9.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.TaskAwaiter`1.GetResult()
at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<SendRequest>d__d.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.TaskAwaiter`1.GetResult()
at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<TryNextUrl>d__3.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<StartDiscoveryJourney>d__0.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at LyncConnectivityAnalyzerCore.Utilities.<RetrieveUserLocation>d__3e.MoveNext()
[6/10/2014 7:31:00 AM] [SUMMARY_ERROR] Server discovery failed for unsecured external channel against http://lyncdiscover.mydomain.com/
[6/10/2014 7:31:00 AM] [DEBUG] None, AutoExternalSecureD, AutoExternalUnsecureD, ManualDNSFail, ManualSecureD, ManualUnsecureD, AuthBrokerInternalLMXCheckGET, AuthBrokerInternalLMXCheckPOST, AuthBrokerExternalLMXCheckGET, AuthBrokerExternalLMXCheckPOST, MobilityMCXInternalLMXCheckGET,
MobilityMCXInternalLMXCheckPOST, MobilityMCXExternalLMXCheckGET, MobilityMCXExternalLMXCheckPOST, LMXSIPServerInternalDNS, LMXSIPServerExternalDNS, MobilityUCWAInternalCheckPOST, MobilityUCWAExternalCheckPOST
[6/10/2014 7:31:00 AM] [SUMMARY]
[6/10/2014 7:31:00 AM] [SUMMARY_ERROR] Automatic discovery meant for external network access failed. Please verify the server requirements at http://go.microsoft.com/fwlink/?LinkId=278998 .
[6/10/2014 7:31:00 AM] [SUMMARY] Automatic discovery meant for internal network access succeeded from an external network which could be a potential security concern.
[6/10/2014 7:31:00 AM] [MAINHEADING] Starting the requirement tests for Lync Mobile 2010 App
[6/10/2014 7:31:00 AM] [INFO] Please wait; this test may take several minutes to complete...
[6/10/2014 7:31:00 AM] [INFO] Testing the app requirements using the following discovery response:
[6/10/2014 7:31:00 AM] [INFO] Access Location : Internal
[6/10/2014 7:31:00 AM] [INFO] SIP Server Internal Access : LYNC01.mydomain.com
[6/10/2014 7:31:00 AM] [INFO] SIP Server External Access : AccessEdge.mydomain.com
[6/10/2014 7:31:00 AM] [INFO] SIP Client Internal Access : LYNC01.mydomain.com
[6/10/2014 7:31:00 AM] [INFO] SIP Client External Access : AccessEdge.mydomain.com
[6/10/2014 7:31:00 AM] [INFO] Internal Auth broker service : https://lync01.mydomain.com/Reach/sip.svc
[6/10/2014 7:31:00 AM] [INFO] External Auth broker service : https://lync.mydomain.com/Reach/sip.svc
[6/10/2014 7:31:00 AM] [INFO] Internal Auto discover service : https://lync01.mydomain.com/Autodiscover/AutodiscoverService.svc/root
[6/10/2014 7:31:00 AM] [INFO] External Auto discover service : https://lync.mydomain.com/Autodiscover/AutodiscoverService.svc/root
[6/10/2014 7:31:00 AM] [INFO] Internal MCX service : https://lync01.mydomain.com/Mcx/McxService.svc
[6/10/2014 7:31:00 AM] [INFO] External MCX service : https://lync01.mydomain.com/Mcx/McxService.svc
[6/10/2014 7:31:00 AM] [INFO] Internal UCWA service : https://lync01.mydomain.com/ucwa/v0/applications
[6/10/2014 7:31:00 AM] [INFO] External UCWA service : https://lync.mydomain.com/ucwa/v0/applications
[6/10/2014 7:31:00 AM] [INFO] Internal Webscheduler service : https://lync01.mydomain.com/Scheduler
[6/10/2014 7:31:00 AM] [INFO] External Webscheduler service : https://lync.mydomain.com/Scheduler
[6/10/2014 7:31:00 AM] [SUBHEADING] Starting tests for Mobility (MCX) service
[6/10/2014 7:31:00 AM] [INFO] Verifying internal Mobility (MCX) service: https://lync01.mydomain.com/Mcx/McxService.svc
[6/10/2014 7:31:00 AM] [INFO] Successfully obtained the WS-Metadata Exchange (MEX) document using GET. The service did not require authorization.
[6/10/2014 7:31:00 AM] [INFO] Verifying external Mobility (MCX) service: https://lync01.mydomain.com/Mcx/McxService.svc
[6/10/2014 7:31:00 AM] [INFO] Successfully obtained the WS-Metadata Exchange (MEX) document using GET. The service did not require authorization.
[6/10/2014 7:31:00 AM] [INFO] Verifying internal Mobility (MCX) service: https://lync01.mydomain.com/Mcx/McxService.svc
[6/10/2014 7:31:00 AM] [WARNING] Failed to obtain the WS-Metadata Exchange (MEX) document using POST for https://lync01.mydomain.com/Mcx/McxService.svc/mex. The service did not require authorization.
[6/10/2014 7:31:00 AM] [INFO] Verifying external Mobility (MCX) service: https://lync01.mydomain.com/Mcx/McxService.svc
[6/10/2014 7:31:00 AM] [WARNING] Failed to obtain the WS-Metadata Exchange (MEX) document using POST for https://lync01.mydomain.com/Mcx/McxService.svc/mex. The service did not require authorization.
[6/10/2014 7:31:00 AM] [SUMMARY] Completed tests for Mobility (MCX) service
[6/10/2014 7:31:00 AM] [DEBUG] None, AutoExternalSecureD, AutoExternalUnsecureD, ManualDNSFail, ManualSecureD, ManualUnsecureD, AuthBrokerInternalLMXCheckGET, AuthBrokerInternalLMXCheckPOST, AuthBrokerExternalLMXCheckGET, AuthBrokerExternalLMXCheckPOST, MobilityMCXInternalLMXCheckPOST,
MobilityMCXExternalLMXCheckPOST, LMXSIPServerInternalDNS, LMXSIPServerExternalDNS, MobilityUCWAInternalCheckPOST, MobilityUCWAExternalCheckPOST
[6/10/2014 7:31:00 AM] [SUMMARY]
[6/10/2014 7:31:00 AM] [SUMMARY_SUCCESS]
Your deployment meets the minimum requirements for Lync Mobile 2010 App. -
Lync 2013 A/V not working federated partner
Hi,
I have an interesting problem. I cant make video calls / desktop sharing via only federated
domain. But IM working properly. There is a problem only A/V call.
in my lync organization :
1 front-end
1 edge
1 reverse proxy
From
To
Type
Result
My Lync User ( Inside )
My Lync User ( Outside )
IM & A/V & Desktop Sharing
Success
My Lync User ( Inside or Outside ) from PC
Federated Lync domain
IM
Success
My Lync User ( Inside or Outside ) from PC
Federated Lync domain
A/V & Desktop Sharing
Fail due network isses
My Lync User ( Inside or Outside ) from Lync Mobile to Federated Lync domain, type: Audio / Video call. result:
success
If you sign in from Lync mobile client and start video call to federated domain worked successfully. But if you sign in from PC Lync 2013 client and start video call, to federated domain,
fail. Video invitation is reached federated domain and connection established but after a few seconds, A/V failed due network issues or audio video device not configured.
During issue, i collected log using OcsLogger on the Edge Server. I examined the collected log but I could not find a error line.
please help
thanksHi,
From your description above, there is something wrong during the deployment of Edge Server.
To avoid routing issues, make sure there are at least two network adapters in your Edge Servers and that the default gateway is set only on the network adapter associated with the external interface.
You can configure two network adapters in your Edge Server as follows:
Network adapter 1 (Internal Interface)
For example: Internal interface with 172.25.33.10 assigned.
No default gateway is defined.
Ensure that there is a route from the network containing the Edge internal interface to any networks that contain servers running Lync Server 2013 or Lync Server 2013 clients.
Network adapter 2 (External Interface)
Three private IP addresses are assigned to this network adapter, for example 10.45.16.10 for Access Edge, 10.45.16.20 for Web Conferencing Edge, 10.45.16.30 for AV Edge.
More details:
http://technet.microsoft.com/en-us/library/gg412787.aspx
Best Regards,
Eason Huang
Eason Huang
TechNet Community Support -
Lync 2013 Group Chat not working
We have a 2010 server and when I move people over to 2013 group chat does not work. I can select the people I want to talk to, but they don't see any of the conversations. When I move the back to the 2010 it works again.
We are running office 2013, lync 2013 and exchange 2010.
Any suggestions?Have you installed Persistent Chat in Lync 2013? You'll need to migrate the group chat data to the Persistent Chat pool and setup a Persistent Chat Endpoint for the legacy 2010 group chat clients, see: http://technet.microsoft.com/en-us/library/jj204901.aspx
Please mark posts as answers/helpful if it answers your question.
Blog
Lync Validator - Used to assist in the validation and documentation of Lync Server 2013. -
Lync 2013 PSTN calling not working with Sonus SBC 1000 over TLS and SRTP
Dear All,
We have recently installed Lync 2013 Enterprise Edition with a Pool of 3 FE Servers (MEDIATION COLLOCATED).
We need to implement TLS and SRTP with Sonus SBC 1000. However calls are not routing b/w SBC and Lync.
We are using wild card certificate with multiple SIP Domains as SAN(s), for internal FE servers as well SBC.
Also i would like to mentioned here that inbound and outbound calls are routing properly when we tested it over TCP.
When I move to TLS Only calls from Lync to SBC (outgoing) are working without encryption.
Here are the OCS Logger traces for incoming calls which are not landing on lync:
TL_INFO(TF_PROTOCOL) [1]2C5C.0D30::04/30/2014-14:35:18.020.00026518.020.00026518.020.00026518.020.00026518.020.00026518.020.00026518.020.00026518.020.000265d2
(S4,SipMessage.DataLoggingHelper:sipmessage.cs(774))[3491463749]
>>>>>>>>>>>>Outgoing SipMessage c=[<SipTlsConnection_AE0419>], 10.10.0.11:5067->10.10.7.50:25678
SIP/2.0 400 Bad Request
FROM: "3158222726"<sip:[email protected]>;tag=ac3201ce-4d7
TO: <sip:[email protected]:5067>;epid=D2091CF753;tag=f373543c
CSEQ: 2 INVITE
CALL-ID: [email protected]
VIA: SIP/2.0/TLS 10.10.7.50:5067;branch=z9hG4bK-UX-ac32-01ce-0b14
CONTENT-LENGTH: 0
SERVER: RTCC/5.0.0.0 MediationServer
------------EndOfOutgoing SipMessage
TL_INFO(TF_PROTOCOL) [1]2C5C.0D30::04/30/2014-14:35:18.027.00026518.027.00026518.027.00026518.027.00026518.027.00026518.027.00026518.027.00026518.027.000265d7
(S4,SipMessage.DataLoggingHelper:sipmessage.cs(774))[2666394843]
>>>>>>>>>>>>Outgoing SipMessage c=[<SipTlsConnection_370F030>], 10.10.0.11:58059->10.10.0.13:5061
SERVICE sip:2138797082;[email protected];user=phone SIP/2.0
FROM: <sip:2138797082;[email protected];user=phone>;epid=DCFDB95F4C;tag=17d286a93
TO: <sip:2138797082;[email protected];user=phone>
CSEQ: 3 SERVICE
CALL-ID: de750f98bdd94e908be5f2f975228ff7
MAX-FORWARDS: 70
VIA: SIP/2.0/TLS 10.10.0.11:58059;branch=z9hG4bKd47f1d3c
CONTACT: <sip:[email protected];gruu;opaque=srvr:MediationServer:CiGdW3iH5FiI3Qvr3PIKGQAA>
CONTENT-LENGTH: 630
SUPPORTED: gruu-10
USER-AGENT: RTCC/5.0.0.0 MediationServer
CONTENT-TYPE: application/msrtc-reporterror+xml
<?xml version="1.0" encoding="us-ascii"?>
<reportError xmlns="http://schemas.microsoft.com/2006/09/sip/error-reporting">
<error callId="[email protected]" fromUri="sip:3158222726;[email protected];user=phone" toUri="sip:2138797082;[email protected];user=phone" fromTag="ac3201ce-4d7"
toTag="" requestType="INVITE" contentType="application/sdp;call-type=audio" responseCode="400"><diagHeader>10013;reason="Gateway peer in inbound call is not found in topology document or does not depend
on this Mediation Server"</diagHeader><progressReports /></error></reportError>------------EndOfOutgoing SipMessage
Call
Send SMS
Add to Skype
You'll need Skype CreditFree via Skype@Paul, Thanks for you response.
All ports / IP Add / DNS are defined properly. Telenet on listening port is working.
We are using Public Certificate for 3 Domains (wild card) and same is loaded and verified in SBC
I've not reviewed the OCS logs properly posted above.
What i've found or seems to me is that in a TLS Calls:
After receiving SIP Invite from SBC, mediation server started TLS Negotiation Process b/w Lync 2013 Server Pool and it fails.
SIP Domains:
contoso.com (default)
fabrikam.com
Lync FE Pool (lync.contoso.com
Here are the some more logs.
TL_INFO(TF_PROTOCOL) [0]2DF8.2930::05/01/2014-11:50:31.612.00025e49 (S4,SipMessage.DataLoggingHelper:sipmessage.cs(774))[2716989131]
<<<<<<<<<<<<Incoming SipMessage c=[<SipTlsConnection_103DFE0>], 10.10.0.11:5067<-10.10.7.50:24591
INVITE sip:[email protected]:5067 SIP/2.0
FROM: "3158222726" <sip:[email protected]>;tag=ac3201ce-ae
TO: <sip:[email protected]:5067>
CSEQ: 2 INVITE
CALL-ID: [email protected]
MAX-FORWARDS: 70
VIA: SIP/2.0/TLS 10.10.7.50:5067;branch=z9hG4bK-UX-ac32-01ce-010c
CONTACT: <sip:[email protected]:5067;transport=TLS>
CONTENT-LENGTH: 406
SUPPORTED: replaces,update,100rel
USER-AGENT: SONUS SBC1000 3.1.2v293 Sonus SBC
CONTENT-TYPE: application/sdp
ALLOW: INVITE, ACK, CANCEL, BYE, NOTIFY, OPTIONS, REFER, REGISTER, UPDATE, PRACK
P-ASSERTED-IDENTITY: "3158222726" <sip:[email protected]>
v=0
o=SBC 9 1001 IN IP4 10.10.7.50
s=VoipCall
c=IN IP4 10.10.7.50
t=0 0
m=audio 16418 RTP/AVP 8 0 101 13
c=IN IP4 10.10.7.50
a=rtpmap:8 PCMA/8000/1
a=rtpmap:0 PCMU/8000/1
a=rtpmap:101 telephone-event/8000
a=fmtp:101 0-15
a=rtpmap:13 CN/8000
a=ptime:20
a=tcap:1 RTP/SAVP
a=pcfg:1 t=1
a=crypto:1 AES_CM_128_HMAC_SHA1_80 inline:pqL6Tke8pVmXPuplJ1G3+Sr9jM97H8R7iBagWzzh|2^31|1:1
a=sendrecv
------------EndOfIncoming SipMessage
TL_INFO(TF_PROTOCOL) [1]2DF8.0E04::05/01/2014-11:50:31.665.00025e8e (S4,SipMessage.DataLoggingHelper:sipmessage.cs(774))[2716989131]
>>>>>>>>>>>>Outgoing SipMessage c=[<SipTlsConnection_103DFE0>], 10.10.0.11:5067->10.10.7.50:24591
SIP/2.0 100 Trying
FROM: "3158222726"<sip:[email protected]>;tag=ac3201ce-ae
TO: <sip:[email protected]:5067>
CSEQ: 2 INVITE
CALL-ID: [email protected]
VIA: SIP/2.0/TLS 10.10.7.50:5067;branch=z9hG4bK-UX-ac32-01ce-010c
CONTENT-LENGTH: 0
------------EndOfOutgoing SipMessage
TL_INFO(TF_CONNECTION) [1]184C.0EFC::05/01/2014-11:50:32.652.00025f32 (SIPStack,SIPAdminLog::WriteConnectionEvent:SIPAdminLog.cpp(454))[946832530] $$begin_record
Severity: information
Text: TLS negotiation started
Local-IP: 10.10.0.11:5061
Peer-IP: 10.10.0.11:52529
Connection-ID: 0x10BE00
Transport: TLS
$$end_record
TL_INFO(TF_PROTOCOL) [1]184C.0EFC::05/01/2014-11:50:32.669.00026236 (SIPStack,SIPAdminLog::ProtocolRecord::Flush:ProtocolRecord.cpp(265))[1853494582] $$begin_record
Trace-Correlation-Id: 1853494582
Instance-Id: 425D
Direction: incoming
Peer: 10.10.0.11:52529
Message-Type: request
Start-Line: NEGOTIATE sip:127.0.0.1:5061 SIP/2.0
FROM: <sip:contoso.com>;ms-fe=LYNCFE1.fabrikam.com
TO: <sip:contoso.com>
CALL-ID: aa53739ef9b34b93ba9c97d3ee56cb99
CSEQ: 1 NEGOTIATE
VIA: SIP/2.0/TLS 10.10.0.11:52529
MAX-FORWARDS: 0
CONTENT-LENGTH: 0
SUPPORTED: NewNegotiate
SUPPORTED: ECC
REQUIRE: ms-feature-info
SERVER: RTC/5.0
$$end_record
TL_INFO(TF_CONNECTION) [1]184C.0EFC::05/01/2014-11:50:32.669.0002636e (SIPStack,SIPAdminLog::WriteConnectionEvent:SIPAdminLog.cpp(383))[946832530] $$begin_record
Severity: information
Text: Connection established
Peer-IP: 10.10.0.11:52529
Peer: lync.contoso.com:52529;ms-fe=LYNCFE1.fabrikam.com
Peer-Cert: contoso.com(LYNCFE1.fabrikam.com)
Transport: M-TLS
Data: alertable="yes"
$$end_record
TL_WARN(TF_CONNECTION) [1]184C.0EFC::05/01/2014-11:50:32.669.00026387 (SIPStack,SIPAdminLog::WriteConnectionEvent:SIPAdminLog.cpp(386))[946832530] $$begin_record
Severity: warning
Text: The pool FQDN provided by the peer in its NEGOTIATE feature information does not match the pool configured in CMS for the server FQDN that it provided
Peer-IP: 10.10.0.11:52529
Peer: lync.contoso.com:52529;ms-fe=LYNCFE1.fabrikam.com
Peer-Cert: contoso.com(LYNCFE1.fabrikam.com)
Transport: M-TLS
Data: fqdn="LYNCFE1.fabrikam.com";pool="contoso.com";expected-fqdn="lync.contoso.com";info="Possible server configuration issue"
$$end_record
TL_INFO(TF_DIAG) [1]184C.0EFC::05/01/2014-11:50:32.670.000265be (SIPStack,SIPAdminLog::WriteDiagnosticEvent:SIPAdminLog.cpp(802))[1853494582] $$begin_record
Severity: information
Text: Routed a locally generated response
SIP-Start-Line: SIP/2.0 200 OK
SIP-Call-ID: aa53739ef9b34b93ba9c97d3ee56cb99
SIP-CSeq: 1 NEGOTIATE
Peer: lync.contoso.com:52529;ms-fe=LYNCFE1.fabrikam.com
$$end_record
TL_INFO(TF_PROTOCOL) [1]184C.0EFC::05/01/2014-11:50:32.670.00026615 (SIPStack,SIPAdminLog::ProtocolRecord::Flush:ProtocolRecord.cpp(265))[1853494582] $$begin_record
Trace-Correlation-Id: 1853494582
Instance-Id: 425E
Direction: outgoing;source="local"
Peer: lync.contoso.com:52529;ms-fe=LYNCFE1.fabrikam.com
Message-Type: response
Start-Line: SIP/2.0 200 OK
FROM: <sip:contoso.com>;ms-fe=LYNCFE1.fabrikam.com
To: <sip:contoso.com>;tag=C3A751556F332F7265E9BA2517C878D4
CALL-ID: aa53739ef9b34b93ba9c97d3ee56cb99
CSEQ: 1 NEGOTIATE
Via: SIP/2.0/TLS 10.10.0.11:52529;ms-received-port=52529;ms-received-cid=10BE00
Content-Length: 0
Require: ms-feature-info
Supported: NewNegotiate,OCSNative,ECC,IPv6,TlsRecordSplit
Server: RTC/5.0
$$end_record
TL_INFO(TF_PROTOCOL) [1]2DF8.1078::05/01/2014-11:50:32.671.000266da (S4,SipMessage.DataLoggingHelper:sipmessage.cs(774))[720988281]
>>>>>>>>>>>>Outgoing SipMessage c=[<SipTlsConnection_F8A09B>], 10.10.0.11:52529->10.10.0.11:5061
SERVICE sip:2138797082;[email protected];user=phone SIP/2.0
FROM: <sip:2138797082;[email protected];user=phone>;epid=16FEE4A02E;tag=22fd877f3a
TO: <sip:2138797082;[email protected];user=phone>
CSEQ: 3 SERVICE
CALL-ID: ac0f7bc4cdc94c1dbd0bb51c7c02c890
MAX-FORWARDS: 70
VIA: SIP/2.0/TLS 10.10.0.11:52529;branch=z9hG4bK67a4c9d1
CONTACT: <sip:[email protected];gruu;opaque=srvr:MediationServer:CiGdW3iH5FiI3Qvr3PIKGQAA>
CONTENT-LENGTH: 628
SUPPORTED: gruu-10
USER-AGENT: RTCC/5.0.0.0 MediationServer
CONTENT-TYPE: application/msrtc-reporterror+xml
- <reportError xmlns="http://schemas.microsoft.com/2006/09/sip/error-reporting">
- <error callId="[email protected]"
fromUri="sip:3158222726;[email protected];user=phone"
toUri="sip:2138797082;[email protected];user=phone"
fromTag="ac3201ce-ae"
toTag=""
requestType="INVITE"
contentType="application/sdp;call-type=audio"
responseCode="400">
<diagHeader>10013;reason="Gateway peer in inbound call is not found in topology document or does not depend on this Mediation Server"</diagHeader>
<progressReports/>
- </error>
------------EndOfOutgoing SipMessage -
Lync 2013 Desktop SHaring Not working from Internet
Hi,
I am facing one issue, my Desktop Sharing is not working for Internet Clients, error message comes is "we could not connect to the presentation because of network issues" Internally it is working fine even I from Edge Server.
I am using single Public IP Configuration on Edge Server with Port 5061,444,443,3478.
Any suggestions, on I can check are welcome.
Best Regards, Ranjit SinghHello Ranjit,
Application Sharing/Desktop Sharing happens through SRTP through the A/V edge Server hence checking the Port Range is very important
Following Port reachability to be checked first
Public --> Edge server:
TCP/443
UDP/3478
TCP/50,000-59,999 (Outbound only)
From the Front End pool to the internal Edge:
TCP/5062
TCP/443
UDP/3478
From the internal Edge to the Front End Pool:
TCP/5065
TCP/49152-65335 (Inbound/Outbound)
More Detailed info can be seen here
http://blogs.technet.com/b/nexthop/archive/2012/11/05/lyncmd-troubleshooting-lync-server-2010-application-sharing-internal-and-remote-scenarios.aspx -
Lync 2013 domain discovery not working, but Lync 2010 works flawlessly
We are using Lync 2013 and Lync 2010 in our company. Upon installation Lync 2010 can connect absolutely fine with for example [email protected], but when we use Lync 2013 we receive a DNS error saying it cannot resolve the domain when using the same
method. I have to manually enter the internal and external servers on each deployment of Lync 2013 to sipdir.online.lync.com:443 in order for successfully login to Lync 2013. We are upgrading all users to Lync 2013 and I want to avoid having to do this
on every deployment. This has always been an issue and not something that recently became an issue.
I have double checked my CNAME and SRV from my host provider and everything is as it should be. Contacting MS support they made me change my preferred DNS to 8.8.8.8 on the network adapter for the PC, but that breaks everything you connect to internally and
is not a solution to this issue.
Any ideas?Hi,
The forum you posted is for Lync Server On Premise only. The issue is more related to Lync online, you can also post a question on Office365 forum for assistance. Thank you for your understanding.
http://community.office365.com/en-us/f/166.aspx
Best Regards,
Eason Huang
Eason Huang
TechNet Community Support -
Lync 2013 EDGE replication is not working
Hi,
I need help, I think the problem accrued when I installed updates.
From Lync FE server I can access edge:4443/replicationwebservice, certificate is trusted.
I added registry keys to: HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL,
but it not made any sense.
Lync logging tools detected:
TL_WARN(TF_COMPONENT) [1]32CC.3050::01/31/2014-07:27:31.194.00000669 (XDS_File_Transfer_Agent,FileTransferTask.CopyFilesToReplicaUsingWcf:filetransfertask.cs(631))
(00000000030B7F44)Failed to copy files from temp directory. Exception: [System.ServiceModel.Security.MessageSecurityException: The HTTP request was forbidden with client authentication scheme
'Anonymous'. ---> System.Net.WebException: The remote server returned an error: (403)
Forbidden.
TL_WARN(TF_COMPONENT) [1]32CC.3050::01/31/2014-07:27:31.194.0000066a (XDS_File_Transfer_Agent,FileTransferTask.IsUnhandledException:filetransfertask.cs(853))
(00000000030B7F44)Exception occured. Task execution will be retried. Exception: [System.ServiceModel.Security.MessageSecurityException: The HTTP request was forbidden with client authentication scheme
'Anonymous'. ---> System.Net.WebException: The remote server returned an error: (403)
Forbidden. at System.Net.HttpWebRequest.GetResponse()
at System.ServiceModel.Channels.HttpChannelFactory`1.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout)
--- End of inner exception stack trace ---Server stack trace:
at System.ServiceModel.Channels.HttpChannelUtilities.ValidateAuthentication(HttpWebRequest request, HttpWebResponse response, WebException responseException, HttpChannelFactory`1 factory)
at System.ServiceModel.Channels.HttpChannelUtilities.ValidateRequestReplyResponse(HttpWebRequest request, HttpWebResponse response, HttpChannelFactory`1 factory, WebException responseException, ChannelBinding channelBinding)
at System.ServiceModel.Channels.HttpChannelFactory`1.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout)
at System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)Exception rethrown at [0]:
at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
at Microsoft.Rtc.Xds.Replication.Common.IReplicationWebService.UploadFiles(String senderFqdn, String path, ReplicaFileCollection files)
at Microsoft.Rtc.Xds.Replication.FileTransfer.FileTransferTask.CopyFilesToReplicaUsingWcf(String fromDir, String toDir)]I regenerated all local SSL, I configured CRL, because I found warning in EDGE server without success...
And why I see different product version? This version from last replication?
UpToDate : True
ReplicaFqdn : lync1.domain.local
LastStatusReport : 2014.02.25 18:00:29
LastUpdateCreation : 2014.02.25 18:00:27
ProductVersion : 5.0.8308.556
UpToDate : False
ReplicaFqdn : lync-edge1.domain.local
LastStatusReport : 2013.11.14 17:00:48
LastUpdateCreation : 2014.02.26 08:01:37
ProductVersion : 5.0.8308.0
UpToDate : True
ReplicaFqdn : lync-chat1.domain.local
LastStatusReport : 2014.02.25 18:00:30
LastUpdateCreation : 2014.02.25 18:00:27
ProductVersion : 5.0.8308.556 -
Problem Lync 2013 File Transfer not working with externally connected users
I've a Single consolidated edge with private IP addresses using NAT in Lync Server 2013 and I'm facing some problem during File Transfer with all users outside my network both federated user or user of my lync infrastructure externally connected.
I drag and drop a file into the conversation, I press enter then the receiver see only the icon without the "save as" optionHi,
Did you receive any error on FE Server or Edge Server when the issue happen?
Make sure all Lync Services started on Edge Server (especially for Lync Server Web conferencing Edge).
Check if CMS status on Edge Server update to the latest status.
Best Regards,
Eason Huang
Eason Huang
TechNet Community Support -
Office Web Apps 2013 - Word app not working on Sharepoint 2013 but Excel does
Hi there!
We had some problems with Office Web Apps 2013 not working with Lync, and the status of OWA was unhealty so we decided to install some updates for OWA.
We have downloaded November 2013 update for OWA.
We found out a guide for putting updates on OWA and done this steps:
* Remove-OfficeWebAppsMachine
* Installed the november update
* Restarted OWA server
* ran: New-OfficeWebAppsFarm -InternalUrl https://owasrv.domain.local -ExternalURL
https://owasrv.domain.local -CertificateName "certname" -AllowHttp -EditingEnabled
* Restart-Service WACSM
- checked in IIS in the bindings if the site useses the correct certificate
Then we went on Sharepoint 2013 and ran some commands:
* Remove-SPWOPIBinding –All:$true
* New-SPWOPIBinding -ServerName owasrv.domain.local
* Set-SPWOPIZone –zone “external-https”
Now here are the funny things:
* Excel word app on Sharepoint 2013 works
* Word APP not working (screenshot)
* Lync 2013 powerpoint still not working (screenshot)
* status of OWA is healthy
bostjancHi,
The Friendly name field must be unique within the Trusted Root Certificate Authorities store. In -CertificateName, enter the friendly name you gave your
certificate earlier.
Validate the configuration by navigating to the discovery URL of the Office Web Apps server. Like
https://xxx/hosting/discovery
Meanwhile, the issue is related to Lync, I recommend to you to post the question on Lync Server for further discussion via the link below.
http://social.technet.microsoft.com/Forums/en-US/home?forum=ocsclients
The reason why we recommend posting appropriately is you will get the most qualified pool of respondents, and other partners who read the forums regularly can either share their knowledge or learn from your interaction
with us. Thank you for your understanding.
Tracy Cai
TechNet Community Support -
Lync 2013 Edge server compatibility with Lyn 2010 Front end Pool
Hi All,
Technet article (http://technet.microsoft.com/en-us/library/jj688121.aspx) says the following:
If your legacy Lync Server 2010 Edge Server is configured to use the same FQDN for the Access Edge service, Web Conferencing Edge service, and the A/V Edge service, the procedures in this section are not supported. If the
legacy Edge services are configured to use the same FQDN, you must first migrate all your users from Lync Server 2010 to Lync Server 2013, then decommission the Lync Server 2010 Edge Server before enabling federation on the Lync Server 2013 Edge Server.
Can you tell me why it is you have to change the External Lync Web services URL during a migration to Lync 2013 from Lync 2010. What purpose does this serve?
Also can you clarify this and explain why this is required, why would you have to migrate all of your users, would a Lync 2013 Edge not talk to a Lync 2010 front-end?
Any help would be much appreciated. MANY THANKS.Thank you very much for all your inputs.
We still have few questions:
Questions:
Can you tell me if Lync 2010 users will be able to login using mobility if we repoint the reverse proxy (TMG) web services publishing rule to the Lync 2013 server? Remember both systems Lync 2010 and 2013 are using the same web
services URL so they will both end up at the Lync 2013 server. Alternatively if not we will migrate all users to 2013, this is not a problem
In addition to this I cannot find anything that states how Exchange UM will operate when you are running from a backup pool and the exchange UM contacts are not available because they are homed on the server that is down. This
configuration is 2 x standard edition servers pool paired. How can we make sure Exchange voice mail works during a pool failover?
Call Park is not clear to me I read the following:
Lync Server 2013 provides new disaster recovery mechanisms in the form of failover and failback processes. These failover and failback processes support recovery of Call Park functionality by allowing
users who are homed in the primary pool to leverage the Call Park application of the backup pool when an outage occurs in the primary pool. Support for disaster recovery of the Call Park application is enabled as part of the configuration and deployment of
paired Front End pools.
Is this saying we need to deploy Call Park in the DR pool and use a different range of orbit numbers, or can we use the same range in the DR pool?
Further, I can see that Common Area Phones will be fine as they will log into the DR pool automatically. Response Groups need to be exported and imported to the DR pool. Incidentally these did not migrate well at all and have
caused us a big headache!
Any inputs will be greatly appreciated. Thanks again for all of your time. -
Forgive me if this question sounds rather "entry level", I have never worked with Lync and this project was handed to me by my boss, who hasn't worked with Lync either.
I have been reading various posts and forum messages until I went cross eyed about setting up Lync 2013 Edge server correctly. I am still running into some questions and issues with the Access, Web, and A/V services starting. Here is my main
question, and below is my setup.
Question:
Is there a need for both an external and internal nic card IF all three external IP's for the external services are programmed at the firewall and router to go directly to 1 internal IP address?
Setup:
Currently I have 1 FE-Standard server that also acts as the Mediation Server, and 1 Edge Server both of which are virtual and running Server 2012. Originally I did have 2 network cards setup, as all other documentation suggested, 1 external and 1 internal.
However my boss, who setup the DNS/Firewall entries stated to remove the External Card since the external address that was setup for the 3 services was routed to 1 internal address. The Access Services, Web Services, and A/V services are all running on three
separate ports with their own unique FQDN- 443, 444, and 445. The cert that was deployed is a wild card cert from GoDaddy, this has been used by other servers that point inside and outside without issues.
Issues and Errors Messages:
I have run into a few different issues and error messages from the Event Viewer:
System
Provider
[ Name]
LS Protocol Stack
EventID
14352
[ Qualifiers]
50153
Level
2
Task
1001
Keywords
0x80000000000000
TimeCreated
[ SystemTime]
2013-09-09T15:44:51.000000000Z
EventRecordID
2885
Channel
Lync Server
Computer
edgesvr01
Security
EventData
0xC3E93C0A
SIP_E_STACK_TRANSPORT_FAILED
System
Provider
[ Name]
LS Server
EventID
12303
[ Qualifiers]
50152
Level
2
Task
1000
Keywords
0x80000000000000
TimeCreated
[ SystemTime]
2013-09-09T15:44:51.000000000Z
EventRecordID
2884
Channel
Lync Server
Computer
edgesvr01
Security
EventData
80072741
The requested address is not valid in its context.
System
Provider
[ Name]
LS Protocol Stack
EventID
14336
[ Qualifiers]
50153
Level
2
Task
1001
Keywords
0x80000000000000
TimeCreated
[ SystemTime]
2013-09-09T15:44:51.000000000Z
EventRecordID
2883
Channel
Lync Server
Computer
edgesvr01
Security
EventData
TLS
external IP address that is now used now
5061
Please help, I am at a loss as to where to go from here.Thanks for the quick responses.
I have re-enabled the external NIC. All services are running now. When I ran the Remote Connectivity tester this was the outcome.
Testing remote connectivity for user: username@domain... to the Microsoft Lync server.
Specified remote connectivity test(s) to Microsoft Lync server failed. See details below for specific failure reasons.
Test Steps
Attempting to resolve the host name lync.metisconnect.com in DNS.
The host name resolved successfully.
Additional Details
IP addresses returned: xxx.xxx.xxx.xxx (external address)
Testing TCP port 443 on host: host fqdn to ensure it's listening and open.
The port was opened successfully.
Testing the SSL certificate to make sure it's valid.
The certificate passed all validation requirements.
Test Steps
The Microsoft Connectivity Analyzer is attempting to obtain the SSL certificate from remote server host fqdn on port 443.
The Microsoft Connectivity Analyzer successfully obtained the remote SSL certificate.
Additional Details
Remote Certificate Subject: CN=*.ourdomain.com, OU=Domain Control Validated, Issuer: SERIALNUMBER=######, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona,
C=US.
Validating the certificate name.
The certificate name was validated successfully.
Additional Details
The host name that was found, lync.metisconnect.com, is a wildcard certificate match for common name *.ourdomain.com.
Certificate trust is being validated.
The certificate is trusted and all certificates are present in the chain.
Test Steps
The Microsoft Connectivity Analyzer is attempting to build certificate chains for certificate CN=*.ourdomain.com, OU=Domain Control Validated.
One or more certificate chains were constructed successfully.
Additional Details
A total of 1 chains were built. The highest quality chain ends in root certificate OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US.
Analyzing the certificate chains for compatibility problems with versions of Windows.
Potential compatibility problems were identified with some versions of Windows.
Additional Details
The Microsoft Connectivity Analyzer can only validate the certificate chain using the Root Certificate Update functionality from Windows Update. Your certificate may not be trusted on Windows if the "Update Root Certificates" feature isn't enabled.
Testing the certificate date to confirm the certificate is valid.
Date validation passed. The certificate hasn't expired.
Additional Details
The certificate is valid. NotBefore = 7/31/2013 4:02:03 PM, NotAfter = 7/31/2014 4:02:03 PM
Testing remote connectivity for user username@domain to the Microsoft Lync server.
Specified remote connectivity test(s) to Microsoft Lync server failed. See details below for specific failure reasons.
Tell me more about this issue and how to resolve it
Additional Details
Couldn't sign in. Error: Error Message: Operation failed because the network connection was not available..
Error Type: ConnectionFailureException.
External calls from a 3g/4g data connection are not connecting when using the Lync call feature to an internal users Lync Client. Outcome is: Connecting Call and No Audio. Then call ends. -
I have a few questions on setting up a Lync 2013 Edge Server. Let me give a little background into what is going on. My comapny currently still has the old Communicator server(1 user left to migrate to Lync!) and a Lync 2013 that is all setup
and functional. Our current Lync environment is only internal, since we do not have a Edge Server setup. That is what I am task to work on now. I have read alot of guides on how to build this server, where it needs to be placed in the DMZ,
and what is needed for it.
First question - Is there a hardware spec needed for this server?
Second question - I read that 3 public ip are needed. What are they needed for? So I can explain to our network guys why I need this.
Third question - Does it matter if the Edge server is on the domain or not? I read it shouldnt be. I dont think it will be an issue either way for me, but its easier to manage if on the domain.
Fourth question - Should I finish my Communicator server decom before worrying about the Edge server?
Final question - is there a guide on how to get rid of the Communicator Server Connections to our Lync Server?
Thanks in advance.First question - Is there a hardware spec needed for this server?
Second question - I read that 3 public ip are needed. What are they needed for? So I can explain to our network guys why I need this.
Third question - Does it matter if the Edge server is on the domain or not? I read it shouldnt be. I dont think it will be an issue either way for me, but its easier to manage if on the domain.
Fourth question - Should I finish my Communicator server decom before worrying about the Edge server?
Final question - is there a guide on how to get rid of the Communicator Server Connections to our Lync Server?
First question- HW spec https://technet.microsoft.com/en-us/library/gg398835.aspx
For your reference, my edge servers happen to have 40 GB ram and 2x'E5-2690 2.9GHz' ... they don't have to be physical ... can be virtual however.
Second - 3 IP's are recommended ... it makes it easier because you can use standard ports as opposed to straying from 443 etc. ... and it makes troubleshooting easier. All three of the edge services include a 443 requirement - and, with SSL you can't
just share that socket on a single IP - so, lucky service gets 443. Also, you can segregate the traffic and see exactly what is happening. If you only had 1 IP - many scenarios in Lync would not work (e.g., I'm at a hotel and yoru AV port is not
allowed through the firewall).
Here is a wonderful reference - https://blogs.perficient.com/microsoft/2012/12/lync-scaled-consolidated-edge-public-ip-addresses/
Third - it is recommened that it is NOT domain joined - however, it's ok that it is. Mine IS domain joined because I have a domain in my DMZ and it assists with management (etc.) and may be required for yoru security. Your call. IMO, if
you have a domain , join it. Why not?
RE: OCS - there is a migration path from OCS 2007 R2 to Lync 2013 as per https://technet.microsoft.com/en-us/library/gg425764.aspx and several documents on the Internet that show the process for those who need to do so. It's not trivial.
Another interesting link: http://blogs.technet.com/b/saleesh_nv/archive/2014/04/24/lync-2013-tri-co-existance.aspx -
We are planning to deploy 2 lync 2013 edge servers with F5 HLB. Can we deploy internal Certificates on LYNC 2013 Edge servers ( SIP, WebConf, and AV) and deploy external wild card certificate (Public CA) on F5 external interface, so the external users
can be validated on F5 with public certificate and F5 can trust Edge servers in DMZ?
Is this solution works or do we need only public certificates on Edge servers?
Tek-NerdHi Tek-Nerd,
Agree with others.
I’m afraid that if you use wild card certificate on F5, the external users might not be able to access the Lync Server.
From
https://technet.microsoft.com/en-us/library/gg398692.aspx
“Microsoft Lync Server 2013 uses certificates to mutually authenticate other servers and to encrypt data from server
to server and server to client. Certificates require name matching of the domain name system (DNS) records associated with the servers and the subject name (SN) and subject alternative name (SAN) on the certificate. To successfully map servers, DNS records
and certificate entries, you must carefully plan your intended server fully qualified domain names as registered in DNS and the SN and SAN entries on the certificate.”
Best regards,
Eric
Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact [email protected] -
Lync 2013 Edge and Reverse proxy on same server with SNI
Hello
I cannot find information if it is possible to create a single Lync 2013 Edge server with a Reverse proxy on the same server?
Would it not be possible to share port 443 with SNI support? That way we could use only one public IP?
Thanks!Sorry, it doesn't work. Remember that 443 isn't HTTPS for the Edge. If you went with the single IP model for the edge, 443 would be used for the A/V role which would be STUN/TURN.
The edge will always want to listen on 443, it just doesn't work to collocate a reverse proxy.
Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question please click "Mark As Answer".
SWC Unified Communications
This forum post is based upon my personal experience and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.
Maybe you are looking for
-
Re: Email account hacked
Hi everyone, I'm new on here but I got the heads up on your discussion via a colleauge. I seem to have been having similar difficulties and have sent the following to the BT complaints department. Thought it might be of interest? On Tuesday of this w
-
My ipod touch was stolen and i got it back.on the screen saver it now says,"ipod is disabled,connect to itunes" what do i have to do to get my ipod touch working again?
-
Adobe Reader 10 Web Application Problem
Hello, I am currently troubleshooting issues with Adobe Reader 10, while opening PDF files in a web application using IE, Acro32.exe opens in the background and does not open the page. Any attempt to end the process fails, if the user closes IE and a
-
How do i get my iPhone off of recovery mode so i won't have to restore it
It is saying i have to restore my phone but i don't want to lose all my memory what do i do
-
Database link between 8i and 7.3.2.3 servers
Hi all, 1 server HP9000 : ORACLE 8i 8.1.5.0 O.S : hp unix 2 server HP B132+ : ORACLE WG 7.3.2.3 O.S : hp unix when i am trying to connect to the remote data base from server 1 i am getting this error i.e ORA-12505:listener could not resolve SID given