Lync 2013 Mobility Issue
Hello,
I have a Lync 2013 server installed with CU1.
I can connect to it perfectly with the windows client and the mobile Lync 2010 client. However when i try to login to the server with the Lync 2013 mobile client, i get : "An error occured in Lync. Please retry. If the problem persists, contact your
support team."
Hi Barry,
i have fixed the certificate issue, now i get an xml file when going to the web address.
This XML file does not appear to have any style information associated with it. The document tree is shown below.
<resource xmlns="http://schemas.microsoft.com/rtc/2012/03/ucwa" rel="root" href="https://lync.'domain'.local/Autodiscover/AutodiscoverService.svc/root?originalDomain='domain'.com.au">
<link rel="user" href="https://lync.'domain'.com.au/Autodiscover/AutodiscoverService.svc/root/oauth/user?originalDomain='domain'.com.au"/>
<link rel="xframe" href="https://lync.'domain'.com.au/Autodiscover/XFrame/XFrame.html"/>
</resource>
Similar Messages
-
Lync 2013 mobile client can't see all fields in contact card
We have deployed Lync 2013 infra in our organization, now we observed, mobile Lync client users are not able to see other users mobile number on contact card rest all information is visible.
Is there any workaround or fix to resolve this issue. Appreciate quick help.That's effectively by design (but a popular complaint). The workaround is to put the users who's mobile numbers you need in your Outlook contact list. There's another workaround related to setting the privacy relationship, but you have to coordinate
it with many people which is not too feasible.
Here are others upset about it:
http://ammarhasayen.com/2013/09/25/lync-2013-mobile-contact-card-not-showing-mobile-number/
Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question please click "Mark As Answer".
SWC Unified Communications -
Lync 2013 Mobile unable to login from wifi
Dear All,
Many thanks in advance.
My Lync 2013 mobile client is unable to login via internal network.
I have tried to provide external web directory and lyncdiscover by giving way through internal leg of reverseproxy(TMG).
I think I'm missing something from the basic. Will appreciate your reply. :)You are not missing something basic, this is a real issue with using Lync mobile while on internal corpnet. A known feature (issue) with Lync mobile is that has to connect to the external web services. So when internal it will hairpin out your FW and connect
to the web services:
http://technet.microsoft.com/en-us/library/hh690030.aspx
Some more info:
http://blog.schertz.name/2013/07/understanding-lync-2013-mobility/
A lot of Firewalls do not allow this sort of "hairpinning".
Thom Foreman, MCSE, MCSA, MCTS -
Hi,
Im currently upgrading Lync 2010 to 2013.
Is it possible to coexist Lync 2010 Mobility Users with Lync 2013 Mobility users?
I realise that the 2010 users will still need to use the 2010 client and the 2013 users use the 2013 client. Is it true mobility does not actually use edge and just uses the Reverse Proxy?
Any help greatly appreciated.Each Lync Front End pool has it's own unique Lync external web services url. You can point Lyncdiscover.domain.com to either 2010 or 2013, but the response will redirect the mobile client to the correct external web services FQDN for their homed pool.
Please mark posts as answers/helpful if it answers your question.
Blog
Lync Validator - Used to assist in the validation and documentation of Lync Server 2013. -
Lync 2013 Mobility Client - Video Call Issue (Everything Else works).
Hey Technet’ies,
I have been struggling for a couple of weeks now to resolve one of the final issues with a Migration/Upgrade Project on Lync Server 2013.
I have nearly every Lync Client Scenario working well except the Mobility Client (outside of the domain) which cannot successfully complete a Video
Call to a Windows Desktop Client (inside the domain) – the toast pops up, but when we click accept - it just times out after 15 seconds
K
The strange thing is every other Video Call scenario works;
Mobility Client (Outside Domain)
àWindows Desktop Client (Inside Domain)
= Unsuccessful
Mobility Client (Inside Domain)
à Windows Desktop Client (Inside Domain) = Successful
Mobility Client (Inside Domain)
à Windows Desktop Client (Outside Domain) = Successful
Mobility Client (Outside Domain)
à Windows Desktop Client (Outside Domain) = Successful
Mobility Client (Inside Domain)
à Mac Desktop Client (Inside Domain) = Successful
Mobility Client (Inside Domain)
à Mac Desktop Client (Outside Domain) = Successful
Mobility Client (Outside Domain)
à Mac Desktop Client (Outside Domain) = Successful
Mobility Client (Outside Domain)
à Mac Desktop Client (Inside Domain) = Successful
Mobility Client (All Scenarios)
à Mobility Client (All Scenarios) = Successful
Our setup is pretty standard;
All OS servers are Win Server 2012 R2
Lync 2013 Standard FE Server
Lync 2013 Edge Server
Reverse Proxy IIS AAR (Also Win Server 20012 R2)
Lync 2013 Desktop Clients, Lync 2011 Mac Clients, IOS and Android Mobility Clients – all latest versions.
External NAT (via Cisco Routers ACL’s)
Internal Windows Firewall Currently off on all Servers
All Certs / DNS Configured as per Technet Recommendation
I have reviewed / analysed a number of log/trace files – looking for some/any information on the problem;
Mobility Client (cmlogX.log)
Windows Desktop Client (*.etl) / Microsoft Message Analyzer
Lync 2013 Server (CSController)
With all my looking I could not make out an error except a timeout (15 seconds) on the Mobility Client log (which I currently can’t find).
Clearly we are missing something and I have gone up and down our implementation a number of times, the only semi-unknown is our old 2010 Pool / Central Management Server (which is currently pretty much redundant but the majority of users still on).
I would really appreciate any feedback anyone can provide or any insight anyone may have on this challenge.
Thanks in advance, Alex.
AlexHi Andrew,
Thanks for the quick contact!!
Sorry - typo in my post, I have now corrected it;
Mobility
Client (Outside Domain) àWindows
Desktop Client (Inside Domain) = Unsuccessful
So I completely missed that blog post of yours (out of the 100's I have read) and you are the first person to clearly say (in simple terms) to point the lyncweb.contso.com to the public IP address on my internal DNS, I have just made that change and see
if it will correct the issue - will wait for replication.
Also I am running IIS / AAR as Reverse Proxy (not ISA) and had the Internal DNS Host A of lyncweb.contso.com and lyncdiscover.contso.com point back to my Reverse Proxy Internal NIC (i.e. 10.1.1.32) as the External NIC is isolated on in the Perimeter Network,
is this correct?
So it now goes like this
*Inside Domain*
lyncdiscover.contson.com --> 10.1.1.32 (Reverse Proxy Internal Nic) --> 10.1.1.26 (Front End Server)
lyncweb.contson.com --> 201.183.0.1 (Reverse Proxy External Nic - Public IP) --> 10.1.2.16 (Reverse Proxy External Nic) --> 10.1.1.26 (Front End Server)
Does this make any sense, I know ISA and IIS/AAR are pretty much interchangeable.
Thanks again Andrew and look forward to any feedback,
Alex.
Alex -
Voice problems with Lync 2013 Mobile
Hi
I have a situation where Lync 2013 on both iPhone & Android has started giving problems with making and receiving voice calls. There are no problems with Windows, Mac or Phone Edition clients that I'm aware of. I have not tested anything over the VPN,
but this should not be a factor.
For receiving calls - If the user is connected to the LAN via Wi-Fi AND the call is from an internal user, all works fine. If the call is from an external user OR the user is connected via 3G, then the call just shows "Connecting" indefinitely.
This includes transferred calls.
For making calls - If the user is connected to the LAN via Wi-FI and calls either an internal or external users, all works fine. If the user is connected via 3G and calls either an internal or external user, the phone rings, but when it's answered it shows
call ended.
I have ran RUCT on a computer outside the network, with the following findings:
DNS:
Record
Type
Hostname
IP Address
Port
Weight
Priority
_sip._tls.domain.com
SRV
sip.domain.com
Edge External IP
443
100
0
sip.domain.com
A
sip.domain.com
Edge External IP
sipexternal.domain.com
A
sipexternal.domain.com
Edge External IP
meet.domain.com
A
meet.domain.com
<null>
_ntp._udp.domain.com
SRV
pool.ntp.org
NTP Server IP
123
100
0
_sipfederationtls._tcp.domain.com
SRV
sip.domain.com
Edge External IP
5061
100
0
lyncdiscover.domain.com
A
sip.domain.com
Edge External IP
lyncdiscover.domain.com
CNAME
sip.domain.com
I have ran Test Port on each entry where there is a port with successful results. Ping works on all entries.
If I query Certificate Information on sip.domain.com with port 5061 or 444, it succeeds and returns the certificate with subject sip.domain.com. If I query 443, it fails with error "An error occurred while retrieving the certificate. Unable to read
data from the transport connection: An existing connection was forcibly closed by the remote host."
On Microsoft Remote Connectivity Analyzer, all tests pass except for the certificate test:
The Microsoft Connectivity Analyzer is attempting to obtain the SSL certificate from remote server sip.domain.com on port 443
The Microsoft Connectivity Analyzer wasn't able to obtain the remote SSL certificate.
Running netstat on Lync Edge gives me the following with regards to port 443:
TCP <Internal IP>:443 Lync2:0 LISTENING
TCP <External IP>:443 Lync2:0 LISTENING
Firewall allows connections on port 443 and I've tried disabling the firewall as well. Trying to open https://sip.domain.com in the browser on the Lync Edge fails also, telnet succeeds, but no data is returned.
I've restarted the AV service and also rebooted the Lync Edge server, no change. In the topology builder, I can see that AV is configured to listen on port 443.
Any ideas would be most welcome.
Regards
Lionel
MCP Windows Server MCTS .NETI have ran a large amount of additional tests. On my latest round of testing, I have obtained the following results:
Call received via PSTN gateway on user DID, answered by desktop client inside LAN - works.
Call received via PSTN gateway on response group, answered by desktop client inside LAN - works.
Call received via PSTN gateway on user DID, answered by desktop client outside LAN (behind NAT, DSL router) - works.
Call received via PSTN gateway on response group, answered by desktop client outside LAN (behind NAT, DSL router) - works.
Call received via PSTN gateway on user DID, answered by mobile client inside LAN - does not work.
Call received via PSTN gateway on response group, answered by mobile client inside LAN - does not work.
Call received via PSTN gateway on user DID, answered by mobile client outside LAN (behind NAT, DSL router) - works.
Call received via PSTN gateway on response group, answered by mobile client outside LAN (behind NAT, DSL router) - works.
Call received via PSTN gateway on user DID, answered by mobile client outside LAN (3G) - does not work.
Call received via PSTN gateway on response group, answered by mobile client outside LAN (3G) - does not work.
Call received via PSTN gateway on user DID, answered by desktop client inside LAN and transferred to mobile client inside LAN - does not work.
Call received via PSTN gateway on response group, answered by desktop client inside LAN and transferred to mobile client inside LAN - does not work.
Call received via PSTN gateway on user DID, answered by desktop client inside LAN and transferred to mobile client outside LAN (behind NAT, DSL router) - works.
Call received via PSTN gateway on response group, answered by desktop client inside LAN and transferred to mobile client outside LAN (behind NAT, DSL router) - works.
Call received via PSTN gateway on user DID, answered by desktop client inside LAN and transferred to mobile client outside LAN (3G) - does not work.
Call received via PSTN gateway on response group, answered by desktop client inside LAN and transferred to mobile client outside LAN (3G) - does not work.
Call made through PSTN gateway from desktop client inside LAN - works.
Call made through PSTN gateway from desktop client outside LAN (behind NAT, DSL router) - works.
Call made through PSTN gateway from mobile client inside LAN - does not work.
Call made through PSTN gateway from mobile client outside LAN (behind NAT, DSL router) - works.
Call made through PSTN gateway from mobile client outside LAN (3G) - does not work.
Call from desktop client inside LAN to desktop or mobile client (regardless of location) - works.
Call from desktop or mobile client (regardless of location) to desktop client inside LAN - works.
Call from desktop or mobile client (regardless of location) to desktop or mobile client (regardless of location) - works.
There is no difference in behaviour between normal calls and conference calls. Reproducing the problem seems to require the following:
1. PSTN gateway needs to be involved
2. One party needs to be on mobile client
3. The mobile client needs to be inside the LAN or on a 3G connection, but not behind NAT on a DSL connection
The only conclusion I can make is that somehow NAT makes the problem go away, but it does not affect desktop clients (on the LAN or Wi-Fi at least, I do not have a way to test them on 3G).
The PSTN gateway (Cisco UCM) could also be the problem, but it works fine in all other cases. It has 4 trunks and makes all kinds of routing decisions, but once a call is routed to/from Lync, it should not make a difference on what type of device it is answered.
I'm really baffled by this one. Perhaps the 3G thing is a service provider issue and the issue on the LAN has something to do with the internal DNS combined with the behaviour of the mobile client. Just not sure exactly what.
MCP Windows Server MCTS .NET -
Lync 2013 Mobility continues to not work
Having issues getting mobility to work.
Simple environment:
Single server Edge pool
Single server EE pool
SQL clustered backend
All Lync 2013 CU1 at this point in time.
Potentially required reading:
Deploying Mobility (Technet)
Lync Mobility Deep dive
(based on 2010, but nearly the same in 2013)
http://masteringlync.com/2011/08/13/using-fiddler-to-troubleshoot-address-book-download-issues/
http://blogs.technet.com/b/nexthop/archive/2012/11/09/understanding-lync-server-autodiscover-to-support-the-lync-windows-store-app.aspx
Windows RT app uses the same method as IOS, and is more wiresharkable/tracable, so I am using that.
Client end errors:
Windows RT app (15.0.4481.1503) - this client version cannot log in.
iOS - Can't sign in. Please check your account information and try again.
I don't have a windows phone or android, so working with the clients I have. (I understand these also do not work)
Fiddler trace of Windows RT app session:
From the W3svc logs:
2013-03-20 03:53:17 1.2.3.4 GET /Autodiscover/AutodiscoverService.svc/root/user [email protected] 4443 - 75.122.79.199
LyncImm/15.0.4481.1503+(Microsoft+Lync) 401 0 0 35
LyncImm is
NOT a user agent listed in the CSCP - google "user agent" +lyncIMM turned up nothing. Dead lead?
Lync connectivity analyzer shows it repeats the same webticket 401 over and over with:
Cookie found in autodiscover response: StatusCode: 401, ReasonPhrase: 'Unauthorized', Version: 1.1, Content: System.Net.Http.StreamContent, Headers:
X-Ms-diagnostics: 28032;source="LyncFE.company.local";reason="The web ticket is invalid.";faultcode="wsse:InvalidSecurityToken"
X-MS-WebTicketURL:
https://lyncweb.company.com/WebTicket/WebTicketService.svc
X-MS-WebTicketSupported: cwt,saml
X-MS-Server-Fqdn: LyncFE.company.local
X-Content-Type-Options: nosniff
Cache-Control: no-cache
Date: Wed, 20 Mar 2013 04:12:20 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Content-Length: 1293
Content-Type: text/html
LCA: from inside, choosing Windows App - success!
LCA: from inside, choosing Lync Mobile Apps- fail:
Failed to obtain the WS-Metadata Exchange (MEX) document using GET for
https://lyncweb.company.com/Mcx/McxService.svc/mex.
The service did not require authorization.
LCA, from outside, choosing Windows App - hangs repeatedly on the HTTPS external channel. (repeating 401's on webticket service)
LCA, from outside, choosing Choosing Lync Mobile apps - failed, same as from inside #2
Here's what the LCA failure looked like:
2013-03-20 04:59:12
1.2.3.4 POST /WebTicket/WebTicketService.svc/mex - 4443 - 75.122.79.199 - 200 0
0 134
2013-03-20 04:59:12
1.2.3.4 POST /WebTicket/WebTicketService.svc/Auth - 4443 - 75.122.79.199 - 200
0 0 155
2013-03-20 04:59:12
1.2.3.4 GET /Autodiscover/AutodiscoverService.svc/root/user
[email protected] 4443 - 75.122.79.199 -
401 0 0 35
2013-03-20 04:59:13
1.2.3.4 POST /WebTicket/WebTicketService.svc/mex - 4443 - 75.122.79.199 - 200 0
0 126
2013-03-20 04:59:13
1.2.3.4 POST /WebTicket/WebTicketService.svc/Auth - 4443 - 75.122.79.199 - 200
0 0 158
2013-03-20 04:59:13
1.2.3.4 GET /Autodiscover/AutodiscoverService.svc/root/user
[email protected] 4443 - 75.122.79.199 -
401 0 0 31
2013-03-20 04:59:13
1.2.3.4 POST /WebTicket/WebTicketService.svc/mex - 4443 - 75.122.79.199 - 200 0
0 126
2013-03-20 04:59:13
1.2.3.4 POST /WebTicket/WebTicketService.svc/Auth - 4443 - 75.122.79.199 - 200
0 0 148
2013-03-20 04:59:13
1.2.3.4 GET /Autodiscover/AutodiscoverService.svc/root/user
[email protected] 4443 - 75.122.79.199 -
401 0 0 33
2013-03-20 04:59:13
1.2.3.4 POST /WebTicket/WebTicketService.svc/mex - 4443 - 75.122.79.199 - 200 0
0 121
2013-03-20 04:59:13
1.2.3.4 POST /WebTicket/WebTicketService.svc/Auth - 4443 - 75.122.79.199 - 200
0 0 155
2013-03-20 04:59:13
1.2.3.4 GET /Autodiscover/AutodiscoverService.svc/root/user
[email protected] 4443 - 75.122.79.199 -
401 0 0 31
2013-03-20 04:59:15
1.2.3.4 POST /WebTicket/WebTicketService.svc/mex - 4443 - 75.122.79.199 - 200 0
0 125
2013-03-20 04:59:15
1.2.3.4 POST /WebTicket/WebTicketService.svc/Auth - 4443 - 75.122.79.199 - 200
0 0 147
2013-03-20 04:59:15
1.2.3.4 GET /Autodiscover/AutodiscoverService.svc/root/user
[email protected] 4443 - 75.122.79.199 -
401 0 0 32
2013-03-20 04:59:15
1.2.3.4 POST /WebTicket/WebTicketService.svc/mex - 4443 - 75.122.79.199 - 200 0
0 120
2013-03-20 04:59:15
1.2.3.4 POST /WebTicket/WebTicketService.svc/Auth - 4443 - 75.122.79.199 - 200
0 0 151
Similar thread:
http://social.technet.microsoft.com/Forums/en-US/ocsmobility/thread/96c3fc3a-2f80-435a-8368-1a83dcd56e55/
http://msdn.microsoft.com/en-us/library/ff595929%28v=office.12%29.aspx
IOS attempt at sign on (version 4.3.8000.0000)
IIS log files:
2013-03-20 04:26:08
1.2.3.4 GET / sipuri=sip:[email protected] 4443 - 166.137.151.211
Lync%202010/1.6+CFNetwork/609.1.4+Darwin/13.0.0 200 0 0 1382013-03-20 04:26:08
1.2.3.4 POST /webticket/webticketservice.svc - 4443 - 166.137.151.211
Lync%202010/1.6+CFNetwork/609.1.4+Darwin/13.0.0 401 0 0 802013-03-20 04:26:08
1.2.3.4 POST /webticket/webticketservice.svc - 4443 - 166.137.151.211
Lync%202010/1.6+CFNetwork/609.1.4+Darwin/13.0.0 401 1 2148074254 1292013-03-20 04:26:08
1.2.3.4 POST /webticket/webticketservice.svc - 4443 - 166.137.151.211
Lync%202010/1.6+CFNetwork/609.1.4+Darwin/13.0.0 401 1 2148074252 882013-03-20 04:26:08
1.2.3.4 POST /webticket/webticketservice.svc - 4443 - 166.137.151.211
Lync%202010/1.6+CFNetwork/609.1.4+Darwin/13.0.0 401 1 2148074254 782013-03-20 04:26:08
1.2.3.4 POST /webticket/webticketservice.svc - 4443 - 166.137.151.211
Lync%202010/1.6+CFNetwork/609.1.4+Darwin/13.0.0 401 1 2148074252 882013-03-20 04:26:09
1.2.3.4 POST /webticket/webticketservice.svc - 4443 - 166.137.151.211
Lync%202010/1.6+CFNetwork/609.1.4+Darwin/13.0.0 401 1 2148074254 782013-03-20 04:26:09
1.2.3.4 POST /webticket/webticketservice.svc - 4443 - 166.137.151.211
Lync%202010/1.6+CFNetwork/609.1.4+Darwin/13.0.0 401 1 2148074252 84
IOS log file was too large to post in message.
Running test-cmdlets:
$passwd1 = ConvertTo-SecureString "supersecure" -AsPlainText -Force $passwd2 = ConvertTo-SecureString "notontheinternet" -AsPlainText -Force $tuc1 = New-Object Management.Automation.PSCredential("domain\user1",
$passwd1) $tuc2 = New-Object Management.Automation.PSCredential("domain\user2", $passwd2) Test-CsMcxP2PIM -TargetFqdn lyncfe.company.local -Authentication Negotiate -SenderSipAddress sip:[email protected] -SenderCredential $tuc1 -ReceiverSipAddress
sip:[email protected] -ReceiverCredential $tuc2 -v
From <http://technet.microsoft.com/en-us/library/hh690024.aspx>
Results:
Target Fqdn : lyncfe.company.com
Target Uri :
https://lyncfe.company.com:443/mcx
Result : Failure
Latency : 00:00:00
Error Message : No response received for Web-Ticket service.
Inner Exception:The HTTP request is unauthorized with client
authentication scheme 'Ntlm'. The authentication header
received from the server was 'Negotiate,NTLM'.
Inner Exception:The remote server returned an error: (401)
Unauthorized.
Diagnosis :
Inner Diagnosis:X-MS-Server-Fqdn : lyncfe.company.com
Cache-Control : private
Content-Type : text/html; charset=utf-8
Server : Microsoft-IIS/7.5
WWW-Authenticate : Negotiate,NTLM
X-Powered-By : ASP.NET
X-Content-Type-Options : nosniff
Date : Wed, 20 Mar 2013 04:39:44 GMT
Content-Length : 6639
Verbose comments on it:
Trying to get web ticket.
Web Service Url :
https://lyncfe.company.com:443/WebTicket/WebTicketService.svc
Using NTLM\Kerberos authentication.
Could not get a web ticket
CHECK:
- Web service Url is valid and the web services are functional
- If using Phone Number\PIN to authenticate, make sure they match the user uri
- If using NTLM\Kerberos authentication, make sure you provided valid
credentials
URLs and ports all look OK, all services started.
Not using phone/PIN
I provided valid creds - the virtual directories show anon/NTLM for the Webticket vdir.
Any help is welcome - really want this issue put to bed!I know this is an old thread, but I was struggling with the same error for mobility, and I hope this may help others in the same situation.
On my scenario the issue was caused because the customer didn't use any reverse-proxy solution, instead the FE external website was directly published using a FortiGate box.
Given that scenario, there were 2 different certs installed on the FE server, 1 (internal RootCA) certificate was applied to the internal website, and another one issued by Godaddy was assigned to the external website manually from IIS console.
---I know this is far from a supported solution, but I was able to get it working after some investigation---
To solve the issue I use this article:
http://technet.microsoft.com/en-us/library/jj205253.aspx it explains how to check and assign the certificates for oAuth and I used these cmdlets to specify the Godaddy cert to the "WebServiceExternal" & "OAuthTokenIssuer" websites.
After that the mobility access for internal and external users started to work as expected, I've validated it with "Lync Connectivity Analyzer" and with different mobile clients on Android, IOS and Windows Store.
Hope this information may be useful.
Performance, Security & Design -
Lync 2013 Mobility in coexistense with Lync 2010
Hi
I am facing Issue when connecting my internal mobile client with Lync Server 2013. The Mobile Client doesn't sign in to Lync Server 2013.
Currently we are in co-existence phase with Lync 2010.
There was no mobility service configured or installed in Lync 2010 environment before when we deployed Lync Server 2013 Enterprise pool with only one front end server.
The SRV record _sipinternalts is currently pointing to Lync server 2010 pool and the lyncdiscoverinternal.domain.com is point to the IP of Lync Front End Server.
Is it necessary to configure and deploy mobility service on Lync 2010 front end server in order to allow Lync Server 2013 users to connect using mobile client??Hi Abdullah Salam,
For WP8 root certificates need to have HTTP URLs in the CRL (Certificate Revocation List). If root certs doesn’t contain these CRL attributes than the certificate won’t be accepted by WP8
and sign-in would fail.
Same cases for your reference.
https://social.technet.microsoft.com/Forums/en-US/cd6c1558-02e4-4ad8-86af-c6aee82a4ff0/passive-authentication-redirection-fails-for-wp81?forum=lyncint
https://social.technet.microsoft.com/Forums/en-US/70932e7d-4df5-4f48-8f33-b0e19e2a02f9/unable-to-sign-with-windows-phone-lumia-925-windows-81-to-lync-2013?forum=lyncprofile
Best regards,
Eric<o:p></o:p> -
Lync 2013 mobile sign in error
I try sign in to Lync in my Windows Phone, and get error - Check my password. My password correct. For diagnose I enable "Failed Request Tracing Rules" on IIS on Lync 2013 Server and view only one warning from DirectoryListingModule - HttpStatus
403 Forbidden. I try reinstall web components on Server but no relult. How I can fix this?
If I create file "C:\Program Files\Microsoft Lync Server 2013\Web Components\External Website\default.aspx", I view blank page for
https://lyncdiscover.mydomain.com
If I enable Directory Browsing for Lync Server External Web Site, I view folder content for
https://lyncdiscover.mydomain.com and in "Failed Request Tracing Logs" I see OCSAuthModule - HttpStatus 401 UnauthorizedHi,
The error message indicate the client is having an issue authenticating with Lync Server 2013. Please double check that Authentication Delegation is verified on the reverse proxy publishing rule configuration.
Client may authenticate directly. If the reverse proxy publishing rules are set to No delegate and client cannot authenticate directly, it fails to sign-in when it reaches the step to provide credentials to request a token after MEX retrieval.
More details you can refer to the link below, it is for Lync server 2010 but similar for Lync server 2013:
http://blogs.technet.com/b/nexthop/archive/2012/02/21/troubleshooting-external-lync-mobility-connectivity-issues-step-by-step.aspx
Best Regards,
Eason Huang
Eason Huang
TechNet Community Support -
Lync 2013 Mobile client on Windows phone
Hello All,
I am configuring Lync 2013 client and lync 2013 server.
When i try to sign in on Windows Mobile, it does not sign in. Log file also empty.
I uses IIS ARR as RP. Is there any way to see logs on IIS ARR ?
regardsHi,
Did the issue happen only for you or for multiple users?
You can login manually in your Windows Lync client:
https://<ExtPoolFQDN>/Autodiscover/autodiscoverservice.svc/Root for external access
https://<IntPoolFQDN>/AutoDiscover/AutoDiscover.svc/Root for internal access
You can check Reverse Proxy (IIS ARR) with the help of the link below:
http://blogs.technet.com/b/nexthop/archive/2013/02/19/using-iis-arr-as-a-reverse-proxy-for-lync-server-2013.aspx
Best Regards,
Eason Huang
Eason Huang
TechNet Community Support -
Lync 2013 Mobility not working in MultiSite Topology
Dear All,
I have Lync 2013 Server running in my environment. Below are the details,
1) We have one Lync FrontEnd server as well as one Lync Edge Server installed in Egypt Site & one Lync FrontEnd server as well as one Lync Edge Server installed in Dubai Site in a Single domain.
Users who are in Egypt site pool are able to login through Lync Mobility but unfortunately users in Dubai Site pool are unable to login through Lync mobility.
External webservices are published on both Sites. Furthermore Dubai Site Pool users are able to login through Lync Client from external but they are unable to login through Lync Mobille Client.
Anyone help would be highly appreciated.
Thanks & Regards,
ZBIs lws.abc.com external web url for Egypt site?
How about lyncaepool.abc.com and communication.abc.com?
I would like to confirm if you pasted two URLs in IE directly. Here are some tips for troubleshooting the issue.
For multiple pools, the Autodiscover traffic can be routed to a single Front End pool as long as both pools have their external Web services published. Once a client connects to the Autodiscover service it will be returned the external web service FQDN for
either pool, depending on which pool the user account belongs to.
Thus, you must have external Lyncdiscover record pointed to Egypt site. Once Dubai external user connects to Egypt Autodiscover service, it will be returned the external web service for Dubai Site Pool and user connects to Dubai Site Autodiscover service(https://<Dubai
ExtPoolFQDN>/Autodiscover/autodiscoverservice.svc/Root) and UCWA. We can check if mobile client is able to resolve Autodiscover service URL of Dubai Site by typing the URL into manual configuration of Lync mobile client.
Here is a great blog about Lync mobility Autodiscover process.
http://blogs.technet.com/b/nexthop/archive/2012/04/25/lync-server-2010-mobility-deep-dive-autodiscover-service.aspx
If the issue persists, please paste the result of Lync Connectivity Analyzer for further troubleshooting.
Kent Huang
TechNet Community Support -
have a test Lync 2013 onprem installation, everything works fine both from inside and outside, however the Lync Client for iphone does not function as supposed. I checked debug logs on all servers and see nothing that could cause the behaviour. The strange
thing is that for example IM is actually working, the problem is that it disconnects on every action.
So, the test scenario is as following
- User 1 is logged on Lync Client on Windows 7 - LAN
- User 2 is logged on on Lync Mobile on Iphone - public internet
User 1 sees presence of User 2
User 1 sends IM message to User 2 - no errors
User 2 successfully recieves the message - gets an error "Failed to process the server respons" and appears offline
User 2 signs out of Lync Mobile and signs back In- no errors
User 2 sends IM message back to User 1 - gets an error "Failed to process the server respons" and appears offline
User 1 recieves the IM message - no error
Any glues anyone? Where to look? I used debugging tools (S4 and SIPStack) both on Edge and FE and found nothing strange
Thanks in advance
EminHi,
Which kind of Reverse Proxy did you use (TMG or IIS ARR)?
Did the issue only happen to you or for multiple users?
Did the issue only happen for IPhone or for all kind of mobile clients (IOS, Android, Windows Phone)?
If the issue happen only for you, please try to use another mobile and test the issue again.
If the issue happen for multiple users, and only happen for IOS client, try to update to the latest version for Lync IOS client and test again.
If the issue happen for multiple users, and happen for all kind of mobile platforms, double check the configuration of Reverse Proxy ( certificate, port).
For WP8 root certificates need to have HTTP URLs in the CRL (Certificate Revocation List). If root certs doesn’t contain these CRL attributes than the certificate won’t be accepted by WP8 and sign in would fail.
Best Regards,
Eason Huang
Eason Huang
TechNet Community Support -
LYNC 2013 mobility clients disconnect and AAR bad response time
Good day,
I'm new to this, but have to implement LYNC 2013 for our company.
I have implemented Lync 2013 by following various instructions and all seems fine... apart from all mobile clients (internal/external - Andoid/IOS). They get disconnected after a few minutes. On Android the error is "unknown error" (very useful)
and on IOPS it's "unhandeled alert type 302 E_Badgateway (E2-3-35).
What I have noticed is that on AAR, on the LYNCWEB server farm (under " Monitoring and Management") the response time is huge (10000 + ms) and when the errors come up on the clients I get a "failed request".
I can not think what may be wrong but all is pointing to AAR?
AAR is version 3 running on 2021 R2
any ideas? been stuck for a week on this now.
Many thanks
DDHi,
From your description above, it seems to be the issue with IIS ARR.
You can check with the following steps:
Check if DNS records and certificate were appropriate.
Check if ExposedWebURL set to External.
Try to increase the time out value from 200 to 1800
More details:
http://blogs.technet.com/b/nexthop/archive/2013/02/19/using-iis-arr-as-a-reverse-proxy-for-lync-server-2013.aspx
Best Regards,
Eason Huang
Eason Huang
TechNet Community Support -
Differences & Similarities between Lync 2013 desktop & Lync 2013 mobile
We've got Lync 2013 installed on our desktops. We now want to introduce Lync 2013 for both iPhone's and Android's.
Is there anywhere I can get a list of what functionality the desktop & mobile versions share, as well as what they don't.
If this is in the wrong place, apologies.
DuncanSorry, just found the information.
Guess I didn't look very well in the first place. :( -
Lync 2013 Mobility - Works for Android, not iOS
Here's the situation I am facing right now.
I have installed Lync 2013 for a client and have everything working finally but have hit a roadblock that I just can't seem to overcome.
The environment is this:
1 Lync 2013 Standard Edition Server (Front End)
1 Lync 2013 Persistent Chat Server
1 Lync 2013 Edge Server
1 Reverse Proxy Server
Like I said everything looks like it's working, save one thing. Clients using iPhones can't connect to the service but Android devices can. That's the only thing.
Here is a log snippet from my test device:
POST https://lync.mydomain.org/webticket/webticketservice.svc
Request Id: 0x70b5f68
HttpHeader:Content-Length 1293
HttpHeader:Content-Type text/html
HttpHeader:Date Wed, 18 Dec 2013 17:40:32 GMT
HttpHeader:Server Microsoft-IIS/7.5
HttpHeader:StatusCode 401
HttpHeader:Www-Authenticate Negotiate, NTLM, Basic realm="lync.mydomain.org"
HttpHeader:X-Powered-By ASP.NET
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
<title>401 - Unauthorized: Access is denied due to invalid credentials.</title>
<style type="text/css">
<!--
body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;}
fieldset{padding:0 15px 10px 15px;}
h1{font-size:2.4em;margin:0;color:#FFF;}
h2{font-size:1.7em;margin:0;color:#CC0000;}
h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;}
#header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF;
background-color:#555555;}
#content{margin:0 0 0 2%;;}
.content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;;}
-->
</style>
</head>
<body>
<div id="header"><h1>Server Error</h1></div>
<div id="content">
<div class="content-container"><fieldset>
<h2>401 - Unauthorized: Access is denied due to invalid credentials.</h2>
<h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3>
</fieldset></div>
</div>
</body>
</html>
</ReceivedResponse>
Everything looks like it's going good until it gets there and then at the bottom of the log I see this:
2013-12-18 11:40:47.602 Lync[7237:907] is not a valid email address.
This user has no problems signing on to his computer or Lync there. Also, I can sign on to an Android device with his account.
If anyone has an idea on this I welcome it. Please help.Hi Okrobpr,
Did you solved the issue with the help of Michael provided?
Basically the IOS clients do not support the basic NTLM Authentication method while Windows Phone and Android clients do. So you can check the UseWindowsAuth option is true running the command in Lync Server Management Shell:
Get-CsWebServiceConfiguration
If it shows NTLM you can run the command:
Set-CsWebServiceConfiguration –UseWindowsAuth Negotiate
Get-CsWebServiceConfiguration to make it to be Negotiate.
Please also make sure you have updated to the latest version for Lync Server and clients.
You can check if there are any errors in event viewer of FE server.
Best Regards,
Eason Huang
Eason Huang
TechNet Community Support
Maybe you are looking for
-
Error while deploying the project to ESB and deleting the services in ESB
Hi, I am tiring to deploy a project to ESB, but I am getting this exception. error code: 0 : 10 summary: An unhandled exception has been thrown in the ESB system. The exception reported is: "javax.transaction.RollbackException: Timed out at com.everm
-
I have things that came with my macbook that I dont' use nor will I ever, such as the .mac mail account, ichat, etc... I want to get rid of these. What is a safe way to do so without doing something funky. I just don't want to mess up my computer som
-
Aspect ratio when exporting to DVD
Newbie - forgive me but have been struggling with this one for days. Have a project - 5 min film - in FCP X and really struggling to export it to DVD using the share command - it will copy fine but the original is in 1920 x 1080 and the DVD share opt
-
Motorola S10 Bluetooth headset is not working with iPhone 5
I have used Motorola S10 with my iPhone 4 with iOS6 before I upgraded to iPhone 5. But my new iPhone 5 is not able to pair with it. I reset the headset and tried to connect it but none of my efforts has not been successful. Any thought?
-
Hello Friends, I have a small issue . I am using the function module SD_ORDER_CREATE to create a sales order . Now for the sold-to if I have a partner no it gets the correct address for the sold-to . If my ship-to and sold-to are MISC then the sold-t