Lync front end connectivity test fails (SSL certificate / URL problem)

Similar Messages

• Lync front end - Lost Connection to all Web Conferencing Edge Services

  I keep getting the error Lost Connection to all Web Conferencing Edge Services  on my lync front end server 2010
  The lync edge services are all starte the certs are fine and I disable ipv6
  Anything else  I can try

  Hi,
  Did you solve the issue with the help of the people above provided?
  Which type of certificate did you use for Edge server (both internal and external interface)?
  Please double check Edge server certificate with the help of the link below:
  http://www.technotesblog.com/2011/07/06/lync-server-2010-error-lost-connection-to-all-web-conferencing-edge-services/
  Note: Microsoft is providing this information as a convenience to you. The sites are not controlled by Microsoft. Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there. Please make
  sure that you completely understand the risk before retrieving any suggestions from the above link.
  Please try to restart Edge server and test again.
  Please also check the part of certificate configuration of Edge server with the help of the link below of “Useful Tips for Testing Your Lync Server 2010 Edge Server”:
  http://blogs.technet.com/b/nexthop/archive/2011/12/07/useful-tips-for-testing-your-lync-edge-server.aspx
  Best Regards,
  Eason Huang
  Eason Huang
  TechNet Community Support

• Front-End Loopback Test on Catalyst 2955 causes connected hardware to "die"

  I have recently purchased a Cisco Catalyst model WS-2955C-12 switch. During POST (boot), the console reports that the switch undergoes what is known as a "FRONT-END LOOPBACK TEST". During this test the 14 port lights on the device light up amber for a moment, connectivity is lost, and after a second or two the lights go off and connectivity returns. We've found that the moment the lights go off at the end of this test, if we have a specific device (with a specific ethernet chip) directly connected to the switch the ethernet chip is adversely affected by this test - the device "goes dark" and is not capable of communicating with anything (including other switches, routers, etc...) until it is power-cycled. What exactly does this FRONT-END LOOPBACK TEST do, and what does it send across the wire that could be causing my ethernet chip onboard the device to go bonkers?
  Thanks!
  -Danny

  Cisco IOS Release 12.1(22)EA1 runs on Catalyst 2955, Catalyst 2950, and Catalyst 2940 switches.
  Review the new software features, open caveats, and resolved caveats sections for information specific to your switch. The information in this document refers to all the switches, unless otherwise noted.
  These release notes include important information about this release and any limitations, restrictions, and caveats that apply to it. To verify that these are the correct release notes for your switch:
  If you are installing a new switch, refer to the Cisco IOS release label on the rear panel of your switch.
  If your switch is running, you can use the show version user EXEC command. See the "Finding the Software Version and Feature Set" section.
  If you are upgrading to a new release, refer to the software upgrade filename for the Cisco IOS version.
  http://www.cisco.com/univercd/cc/td/doc/product/lan/cat2950/12122ea1/ol554602.htm

• Connectivity Test Failed

  Hi, I recently installed Lync 2013 with Edge server in DMZ. I have rather annoying problem. I bought godaddy UCC cert. installed it on edge server (external cert). 
  The problem is that when I try to test connectivity (https://testconnectivity.microsoft.com/) for one user it passes and for the other 2 fails with error . So I don't change configuration at all, just user that is defined in AD (Users exist)
  Testing remote connectivity to Microsoft Lync server through the Lync Access Edge server sip.domain.com on port 5061 to verify user [email protected] can connect remotely.
  Specified remote connectivity test(s) to Microsoft Lync server failed. See details below for specific failure reasons.
   <label for="testSelectWizard_ctl12_ctl06_ctl03_tmmArrow">Tell
  me more about this issue and how to resolve it</label>
  Additional Details
  Couldn't sign in. Error: Error Message: The endpoint was unable to register. See the ErrorCode for specific reason..
  Error Type: RegisterException.
  Deregister Reason: None.
  Response Code: 404.
  Response Text: Not Found.
  Elapsed Time: 948 ms.

  Just one question I saw that Lync Access Edge Port can be changed. I can access via 5061 but via 443 I have a problem. It is probably ARR I have configured, but in general what I wanted to ask is will autodiscover will use 443?  So I can basically close
  5061 is that right ?
  Testing connectivity to the Lync Autodiscover Web Service server for a secure connection on port 443 to obtain the root token.
  Connectivity to the Lync Autodiscover Web Service test failed.
  Additional Details
  Elapsed Time: 1314 ms.
  Test Steps
  Attempting to test Autodiscover Web Service URL https://lyncdiscover.domain.com/Autodiscover/AutodiscoverService.svc/root.
  Autodiscover Web Service URL can't be contacted due to failure of the following tests:
  Additional Details
  Test Steps
  Attempting to resolve the host name lyncdiscover.domain.com in DNS.
  The host name resolved successfully.
  Additional Details
  Testing TCP port 443 on host lyncdiscover.domain.com to ensure it's listening and open.
  The port was opened successfully.
  Additional Details
  Testing the SSL certificate to make sure it's valid.
  The SSL certificate failed one or more certificate validation checks.
  Additional Details
  Test Steps
  The Microsoft Connectivity Analyzer is attempting to obtain the SSL certificate from remote server lyncdiscover.domain.com on port 443.
  The Microsoft Connectivity Analyzer wasn't able to obtain the remote SSL certificate.
  Additional Details
  The certificate couldn't be validated because SSL negotiation wasn't successful. This could have occurred as a result of a network error or because of a problem with the certificate installation.
  Elapsed Time: 262 ms.

• Lync Front-end service won't start

  Hello everybody
  I have this error when a I try to start Lync front-end service:
  Failed starting a worker process.
  Process: 'C:\Program Files\Microsoft Lync Server 2013\Server\Core\RtcHost.exe'  Exit Code: C3E8302D!_HRX! (The worker process failed to initialize itself in the maximum allowable time.!_HRM!).
  Cause: This could happen due to low resource conditions or insufficient privileges.
  Resolution:
  Try restarting the server. If the problem persists contact Product Support Services.
  event id: 12330 source LS Server
  and 
  An exception caused the process to stop.
  Exception Details. System.ApplicationException: Failed to start Fabric Pool Manager.
     at Microsoft.Rtc.AppDomainHost.Launcher.Initialize(String[] args)
     at Microsoft.Rtc.AppDomainHost.Launcher.Main(String[] args)
  Cause: Check the eventlog description.
  Resolution:
  Examine prior event log entries to find and resolve the problem. If the problem persists contact product support.
  event ID 500006 Source LS AppDomain Host Process
  When I try this powershell command  Reset-CsPoolRegistrarState -ResetType QuorumLossRecovery -poolfqdn poolfqdn
  I have this message
  Reset-CsPoolRegistrarState : Could not connect to any server in Pool lync2013servername during Phase 1.
  At line:1 char:1
  + Reset-CsPoolRegistrarState -ResetType QuorumLossRecovery
  + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      + CategoryInfo          : InvalidOperation: (:) [Reset-CsPoolRegistrarState], Exception
      + FullyQualifiedErrorId : Error resetting fabric state. For details, see inner exception.,Microsoft.Rtc.Management.Hadr.ResetPoolFabric 
     StateCmdlet
  Can you help me please

  Have you check your Sql database? Maybe a problem with correct accessing the SQL Database.
  How looks you Lync pool? Enterprise, Standard, how much FE server?
  regards Holger Technical Specialist UC

• INTEGRATION_DIRECTORY_HMI Connection test fails

  Hi ,
  I am trying to configure INTEGRATION_DIRECTORY_HMI but the connection test fails as user cannot be authenticated. I found out that I need to put user XIISUSER in the logon tab. Now problem for me is that I do not know the password for XIISUSER.
  Then I tried to search the user XIISUSER in SU01. For my surprise it was not there.
  Can anyone tell me the steps to create XIISUSER and what roles I need to assign and where I have to register this user.
  Thanks.
  Regards,
  Rahul

  Hi,
  Try to use PIISUSER instead.Its default password is the master password that you can be given from the basis.
  Regards
  Yu Ming

• Workflow configuration error - System Account connection test failed

  Hi,
  Has anybody faced a problem with Workflow configuration? The version we are using is 2.6.2 on Oracle database 9.2.0.5 on AIX5L. The workflow installation from 9.2.0.1 installation CDs goes through without any problem. But when the workflow configuration tool comes up it fails with the following error.
  "SYSTEM account connection test failed".
  The system and sys accounts are fine as verified by sqlplus. Any help is greatly appreciated.
  The log file is shown below.
  Workflow Configuration Assistant-AIX
  WorkflowCA:
  WorkflowCA: Workflow Configuration in progress...
  WorkflowCA:
  WorkflowCA: Screen width -2304-, screen height -1024-
  WorkflowCA: Graphics User Interface mode
  WorkflowCA:
  WorkflowCA: Language - US
  WorkflowCA:
  WorkflowCA: Start testing connection, which takes less than 3 minutes.
  WorkflowCA:
  WorkflowCA: Account connection test for SYSTEM
  WorkflowCA: SQL Thread: Thread[TstSQL,5,main]
  WorkflowCA: chkSQL: true
  WorkflowCA: cmdLine: /app/oracle/product/9.2.0/bin/sqlplus system/<Masked Password> @/app/oracle/product/9.2.0/wf/sql/wftstcon.sql
  WorkflowCA: envVar[0]: -ORACLE_SID=rsdb-
  WorkflowCA: envVar[1]: -ORACLE_HOME=/app/oracle/product/9.2.0-
  WorkflowCA: envVar[2]: -WF_RESOURCES=/app/oracle/product/9.2.0/wf/res/wfus.res-
  WorkflowCA: envVar[3]: -TZ=EST5EDT-
  WorkflowCA: envVar[4]: -WF_NLS_LANG=AMERICAN_AMERICA.WE8ISO8859P1-
  WorkflowCA: envVar[5]: -PATH=/app/oracle/product/9.2.0/bin:/app/oracle/product/9.2.0/lib:$PATH-
  WorkflowCA: envVar[6]: -LD_LIBRARY_PATH=/app/oracle/product/9.2.0/lib-
  WorkflowCA: envVar[7]: -WF_TNS_ADMIN=/app/oracle/product/9.2.0/network/admin-
  WorkflowCA: envVar[8]: -WF_SHLIB_PATH=/app/oracle/product/9.2.0/lib-
  WorkflowCA: Exit Val : 126
  WorkflowCA: chkSQL is alive after 1 seconds: false
  WorkflowCA: SYSTEM account connection test failed.
  WorkflowCA: Terminating...
  Thanks,
  Chethan

  We had this problem on 2 machines.
  On the 1st machine, we tried the local install option after a few days (Local option with no connect string) and it worked with no problems!
  On the 2nd machine, we could never get it to work even after opening a tar with Oracle. Finally we did a remote install from the 1st machine into the database on the 2nd machine. During the remote install while running wfinstall on the 1st machine, we just had to choose the remote option and the database service name for the connect string.
  Thanks,
  Chethan

• CPA Cache Connectivity test fails

  Hi All,
  We are facing the following issues that have to do with the Adapter Engine:
  1) In RWB, the Adapter Engine is in error/red status with the following details: Adapter Engine, message: fatal DeleteJob (Default Delete Job) failed.
  2) In RWB, the Cache Connectivity Test fails with the following error: Communication with JMS server failed.
  3) The CPA Cache refresh gives erros.
  Any ideas? There are no Service users locked, SLDCHECK works fine etc.

  Hi,
  It seems to like problem with your JMS Connector.
  For this, login into Visual admin -->cluster >services>JMS connector-->runtime (tab)->check the factories / destinations.  Please contact with your basis team, they will might be helpful to you. After that restart your server, it will solve your issue. 
  Regards,
  P.Rajesh
  Edited by: Rajesh_1113 on Jun 5, 2011 9:01 AM

• Cache connectivity test failing

  Hi XI Experts,
  The cache connectivity test fails in our XI system. The error appears as:
  Cache notification from Integration Repository failedError when accessing the Integration Directory.
  This happens almost daily at the same hour of the day. Can you tell me what items I can check within the system?
  Thanks in advance.
  Regards,
  Regina

  Hi,
  did you have a look at this doc:
  https://websmp204.sap-ag.de/~sapdownload/011000358700003163902004E/HowTo_handle_XI_30_Caches.pdf
  Regards,
  michal

• Network ports between Lync front end pools

  Dear All,
  One of my client have two lync front end pools, at present all the ports are opened between these two pools, now we want to restrict the network ports between the pool servers.
  please help me to, which are the ports need to open between different lync front end pools.

  There's a bunch of them, take a look at the resources below:
  Ports and protocols for internal servers in Lync Server 2013 https://technet.microsoft.com/en-us/library/gg398833(v=ocs.15).aspx
  Lync Firewall Rules Viewer http://blogs.technet.com/b/nexthop/archive/2012/07/03/lync-firewall-rules-viewer.aspx
  If this helped you please click "Vote As Helpful" if it answered your question please click "Mark As Answer"
  Georg Thomas | MVP (Skype for Business)
  Blog skype4bexpert.com | Twitter
  @georgathomas
  Lync/Skype for Business Edge Port Check (Beta)
  This forum post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.

• Proxy connect test failed

  Hello all,
  Proxy connect test failed because proxy server answers with 403 - Forbidden for tested domain: www.internic.net.
  The check itself was correct as the proxy answers with used user login crendentials but the testing routines itself does not respect that.
  Regards
  Alex

  Hi vshiller,
  Could you share us more detailed information about this issue? For example, which kind of test type you were running? How did you run it in your side, local or remote?
  >>Failed to initialize client proxy: could not connect to test process vstest.discoveryengine.x86.exe.
  If you run your VS as the admin, how about the result?
  Like this connect report here:
  https://connect.microsoft.com/VisualStudio/feedback/details/807771/visual-studio-2013-test-explorer-only-works-if-run-as-administrator
  You'd better check that whether it is related to the third party software. 
  Best Regards,
  Jack
  We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
  Click
  HERE to participate the survey.

• ERROR 14614 on Front End when testing with Remote Connectivity Analyzer

  Hello forum
  Does the Lync Remote Connectivity Analyzer not support 128 encryption?
  Reason im asking is the following:
  When I test my Lync edge server. I get the following error on the RCA result page:  RegisterException.
  After this error on the RCA, the event 14614 is logged on my Standard Edition Front end server.
  INFO:
  User authentication with NTLM protocol failed with error SEC_E_UNSUPPORTED_FUNCTION. This indicates a potential mismatch between security policy settings on the client and server computers.
  Cause: This error can occur if the settings in "Network security: Minimum session security for NTLM SSP based (including secure RPC) clients" policy on the client computer are not the same as the settings in the "Network security: Minimum
  session security for NTLM SSP based (including secure RPC) servers" policy on this server.  By default, the "Require 128-bit encryption" setting is disabled for computers running Windows Server 2008, Windows Vista, Windows Server 2003,
  Windows 2000 Server, or Windows XP. For computers running Windows 7 or Windows Server 2008 R2, this setting enabled by default.
  Resolution:
  Ensure that the "Network security: Minimum session security for NTLM SSP based (including secure RPC) clients" policy settings on the computers from which users log on are the same as "Network security: Minimum session security for NTLM SSP based
  (including secure RPC) servers" policy settings on this server.
  All of our Lync servers are running on Windows 2012 R2. So why this error from the RCA?

  Please check your settings on the client and on the server.
  I know, this is a old blog info, but it discribed the problem.
  http://blogs.technet.com/b/rogulati/archive/2011/04/30/lync-2010-ntlm-sec-policy-mismatch-error-cannot-sign-from-xp-clients.aspx
  http://blog.ucomsgeek.com/2011/01/lync-2010-ntlm-client-authentication.html
  regards Holger Technical Specialist UC
  Thanks for the answer, but in this case the "Client" is the Remote Connectivity Analyzer. So my question was, why is it not working with that? Does the RCA not support 128 bit?

• Lync Front End and VMware CPU Ready %

  We are running an Enterprise Lync 2013 environment with Voice. It's running in on ESX with 3 front end boxes and 2 edge servers. Every now and then we get users complaining of poor audio quality on conference calls. Although there can be many reasons for
  this that are not "Technology" related we have been digging into it. We noticed that our CPU ready % was kind of high on the Front End boxes. It was pushing 10%... after some ongoing back and forth with our VMWare engineers we got them to isolate
  our boxes for a few weeks to see if that helped. It seemed to have done the trick but our VMware engineers don't like wasting resources so they put Lync back in with general population. Now CPU ready % is hovering more around 5% so it's better than it was
  before. My questions is what % CPU ready are you guys calling "Too High" in your environments?

  Thanks for your response Ben. We have gone through the white paper with our ESX engineer. Unfortunately they don't think it applies to ESX because it focuses on HyperV. Although much of it is applicable. My hope in this post is just to get a community benchmark
  on what people are finding in their environments that "work well" for them. The main topic we have been pushing is this part of the Virtualization White Paper.
  8.1.11 Resource Over-Allocation
  Lync Server 2013 guests should not be provisioned on hypervisor hosts which are configured for CPU over allocation. For example, if the physical host has 24 cores, no more than 24 cores total should
  be allocated to all of the guests on the system.
  Lync Server includes several real-time workloads (such as audio/video and conferencing) that require real-time access to components such as processor, memory, network, and storage. If these components
  are shared among other guests and Lync does not have access to these as required, the result can be a negative user experience including dropped calls, dropped audio, choppy audio, inability to join a conference, paused video, and other user-noticeable results.
  These can be difficult to troubleshoot, as an analysis of the physical servers and virtual guests at a later point in time may show all is fine, with the issues surfacing only during periods of high utilization from other guests.

• Lync Front End and Edge on same host

  Hey guys can anyone confirm if having a front end and edge on single host is supported, providing of course the ram and cpu requirements are met.
  Thank you.

  The Front End and Edge must be on separate computers and can't be collocated. Both servers can coexist on the same Virtual Host if using VMware or Hyper-V.
  See: http://technet.microsoft.com/en-us/library/gg398131.aspx
  Please mark posts as answers/helpful if it answers your question.
  Blog
  Lync Validator - Used to assist in the validation and documentation of Lync Server 2013.

• JCO Connection test fails taking wrong IP Address

  Hi All,
    We are configuring JCO Destinations(MODEL & METADATA) for ECC 6.0 system. Our portal is on EP7.0 SP8.  Our server i.e.ECC and Portal are in two different networks.
  The problem here is, for our ECC system we have two IP Addresses.
  1. Internal IP Address (130...*) -- on which our ECC system is configured
  2. External IP Address (10...*) -- to access the ECC from outside network.
  We are able to connect to ECC system with external IP address from Portal server using SAP GUI. We have configured hosts file entries referring ECC system for external IP.
  We have configured the ECC system in SLD and configured the JCO destinations for the same. But, Connection tests to the JCO system are failing (partner not reached) as it is referring to internal IP even though we have configured ECC system for external IP address in portal server.
  We are getting the follwoing error for JCO Connection test:
  com.sap.mw.jco.JCO$Exception: (102) RFC_ERROR_COMMUNICATION: Connect to SAP gateway failed Connect_PM  TYPE=B MSHOST=sapsys GROUP=ESS R3NAME=SYS MSSERV=sapmsSYS PCS=1 LOCATION    CPIC (TCP/IP) on local host with Unicode ERROR       partner '130.7.8.88:sapgw00' not reached TIME        Thu Dec 21 10:25:24 2006 RELEASE     700 COMPONENT   NI (network interface) VERSION     38 RC          -10 MODULE      nixxi.cpp LINE        2764 DETAIL      NiPConnect2 SYSTEM CALL connect ERRNO       10061 ERRNO TEXT  WSAECONNREFUSED: Connection refused COUNTER     1
  <b>Why JCO destinations are trying to connect ECC system using the internal IP address even though we didn't mention it anywhere in our portal server configurations?</b>
  Please Suggest
  Thanks much in advance.
  Cheers...
  S..S

  Hi
  Please try this:
  First remove the configured ECC from SLD.
  Logon the SAP R/3 (ECC).
  Run rz70 (T-code).
  Enter the serverIP:port of the EP server in the host.
  Enter the “sapgw” in the service.
  Check the option SLDRFC for test and activate the current configuration
  Then again add the ECC in your SLD.
  And please check the entry in the host file also and try to ping the ECC server from the EP server.
  Hope this will help you.
  Thanks & regards
  Arun Singh