Reverse Proxying in IIS server with WebLogic Server 8.1

Similar Messages

• Setting up a Reverse proxy on lion server

  Can someone point an osx server newb like me to some documents/how to on setting up a reverse proxy on lion server. It appears apples docs online are still for SL
  Many thanks
  Stephen

  Lion server is so frustrating. Good grief.
  It broke my setup. So I tried to re-follow the instructions at http://www.bensoftware.com/securityspy/helpssl.html to setup a reverse proxy to wrap an otherwise insecure connection into an SSL connection.
  I can get the SSL part working (connections to https://127.0.0.1 work) but it's not proxying. Per the instructions, I put the following two lines near the bottom of the httpd-ssl.conf file:
  RewriteEngine On
  RewriteRule ^/(.*) http://127.0.0.1:8000/$1 [P]
  Just above </VirtualHost>
  Instead of getting the proxy, I get the same regular SSL connection page displayed ("Hello world"). In other words, after getting the SSL stuff setup, adding these two lines didn't do anything. Any idea what I'm doing wrong?

• How to configure IIS webserver with weblogic so that I can invoke servlets without the .wlforward extension

  How to configure IIS webserver with weblogic so that I can
  invoke servlets without the .wlforward extension
  As per the documentation iisforward.dll is registered as a filter and .wlforward
  has also been
  included as a special file type. However this requires me to key-in ".wlforward"
  after my servlet name.
  What I want is something like this
  http://iis/MyServlet
  Please help me find a solution to this
  Thanks,
  Rishi

  I am able to invoke the servlet without the wlforward extension now.
  However, now I am required to add /weblogic before the servlet
  name otherwise it does not execute the pathtrim property.
  I have tried with the pathprepend thing also.
  Can we get rid of the /weblogic part also. I just want to execute
  my servlet as http://iis/myServlet.
  Your help in this regard is greatly appreciated...
  Thanks..
  "Rishi" <[email protected]> wrote:
  >
  Thanks for the reply Kumar.
  I did follow the instructions as given in the Weblogic documentation
  The documentation said to add iisforward.dll as a filter service
  and register .wlforward as a special
  file type to be handled by iisproxy.dll. For this,
  while configuring the IIS server in the Home Directory tab
  I added an extension ".wlforward" and the executable as
  iisproxy.dll. Is this the way it should have been done...
  I also modified the iisproxy.ini file as per the documentation.
  I have added the WLForwardPath property and set it to /weblogic.
  My server works fine when I give the url as
  http://iis/myServlet.wlforward
  but it does not work for
  http://iis/myServlet and this is the way i'd want it to work.
  Please tell me if I am missing something on the configuration part
  and if there is something special that needs to be done. I shall
  be grateful to you.
  Kumar Allamraju <[email protected]> wrote:
  http://e-docs.bea.com/wls/docs61/adminguide/isapi.html#101184
  Rishi wrote:
  How to configure IIS webserver with weblogic so that I can
  invoke servlets without the .wlforward extension
  As per the documentation iisforward.dll is registered as a filter
  and
  .wlforward
  has also been
  included as a special file type. However this requires me to key-in".wlforward"
  after my servlet name.
  What I want is something like this
  http://iis/MyServlet
  Please help me find a solution to this
  Thanks,
  Rishi

• Lync 2013 Edge and Reverse proxy on same server with SNI

  Hello
  I cannot find information if it is possible to create a single Lync 2013 Edge server with a Reverse proxy on the same server?
  Would it not be possible to share port 443 with SNI support? That way we could use only one public IP?
  Thanks!

  Sorry, it doesn't work.  Remember that 443 isn't HTTPS for the Edge.  If you went with the single IP model for the edge, 443 would be used for the A/V role which would be STUN/TURN. 
  The edge will always want to listen on 443, it just doesn't work to collocate a reverse proxy.
  Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question please click "Mark As Answer".
  SWC Unified Communications
  This forum post is based upon my personal experience and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.

• Sun Web server 6.1 SP9 Reverse proxy - Changing Web Server Context

  I am trying to configure a Reverse Proxy such that it can change the context of the requested URL.
  My SOWS reverse proxy plug-in is running on server server1.sample.com and the destination server is running on server2.sample.com. The use case, the incoming URL is [|http://server1.sample.com/dummy1/]...... and I need to map this to {color:#0000ff}http://server2.sample.com/*dummy2*/.....;{color} It looks like the reverse proxy only maps to a server level but disregards the context. The reason I say that, in the server 2 logs I see - .... trying to GET /dummy1....; I needed the call to look for dummy2 context. Can this be done?

  well, web server uri processing does not understand web application level context (in terms of java web applications). however, if you would like to map all uri's ending with /dummy1 to go to /dummy2, then you can easily do this with web server 7 regular express processing
  http://blogs.sun.com/elving/entry/mass_virtual_hosting_in_7
  http://docs.sun.com/app/docs/doc/820-6599/gdaer?a=view
  besides web server 7 includes a very tightly integrated reverse proxy unlike 6.1 where you need reverse proxy as a separate plugin. so, you might want to check out if ws7 can serve your needs
  - sriram

• Reverse proxy on forms server

  Hello.
  I have the following situation:
  - serverA is an Http Server configured as a reverse proxy on ssl (the default port:443).
  - serverB is the Infrastructure server
  - serverC is a forms server. The default http port is 7777, but the http also listens on 7778
  I want to be able to configure the forms server with the reverse proxy, and being able to call:
  https://serverA/forms/frmservlet/...
  The problem is that Forms are using SSO authentication, so I get redirected to the single sign-on page, and the proxy reverse is done on the original serverC on the webcache port (7777).
  Please help.
  Best regards.
  Cristina.

  Hi Christina,
  You can solve this by changing the the following in httpd.conf of the forms server.
  Add the LoadModule certheaders_module directive for the appropriate platform.
  UNIX:
  LoadModule certheaders_module libexec/mod_certheaders.so
  Windows:
  LoadModule certheaders_module modules/ApacheModuleCertHeaders.dll
  Port 443
  RewriteEngine On
  RewriteOptions inherit
  SimulateHttps on
  Search for SimulateHttps in on http://download-uk.oracle.com/docs/cd/B14099_19/index.htm , you will find several examples.
  Greetings
  Jaap

• Reverse proxy - to altrenate server environment in same server.

  Hello,
  I'm having some problems setting up a reverse proxy, but the conditions are a bit special.
  I'm using a protocol-management application (crushFtp - controls/manages users for stp, ssh, sftp, webdav, etc) and web interface that works within the application folder. I won't get into the details of why I set it up like this, but I set it to listen on port 8080, and I set Leopard Server to forward all calls (to a certain url) to port 80 there. I did this through the instructions of the application developer - adding two lines:
  ProxyPass / http://127.0.0.1:8080/
  ProxyPassReverse / http://127.0.0.1:8080/
  ...to the www.mywebsite.conf file in the /etc/apache2/sites/, and it works, but I'm sure this is not at all the correct way to do it.
  To enable reverse proxy one needs to enter a balancing server into the corresponding field, but what would one enter if there is no balancing server and the redirect is purely internal? Is it as simple as adding 'http://127.0.0.1:8080/' there?
  Thank you very much for any advice.

  Yes, it was as simple as that. I wanted to ask first (as the server is already online), but I took the dive and tried it. I hope this helps someone else in a similar situation.

• IIS configuration with Weblogic 10gR3

  Hi All,
  We are using IIS 6.0 as the proxy server in our portal application. The portal server is Weblogic 10gR3. I have followed some documents to configure it. (http://download-llnw.oracle.com/docs/cd/E13222_01/wls/docs103
  /plugins/isapi.html). But I am not able to configure that. Can any body help me in configuring IIS server as a proxy server.
  Thanks & Regrads
  Abani R. Behera

  Configure IIS Plug-in with Weblogic Server
  1. Make a directory on the IIS box for the plug-in.
  For instance: c:\Inetpub\WLS_IIS_Plugin\
  2. Copy iisforward.dll and iisproxy.dll to this new directory.
  These files are located at:
  10.0: \wlserver_10.0\server\plugin\win\32
  10.3: \wlserver_10.3\server\plugin\win\32
  3. To install iisforward.dll as an ISAPI filter, do the following:
  Go to Start->Administrative Tools->Internet Information Services
  (IIS) Manager
  In the left pane, drill down to the active website
  (like "Default Web Site")
  Right-click the active website and select Properties
  Select the ISAPI Filters tab and press the Add button
  Filter name: WLS IIS Plugin
  Or whatever you want
  Executable: C:\Inetpub\WLS_IIS_Plugin\iisforward.dll
  Or whatever path you created
  Press OK twice
  IIS6 does not allow the iisforward.dll ISAPI Extension to run by default.
  To enable:
  In the left pane of the Internet Information Services (IIS) Manager,
  click on Web Service Extension (located under the computer name)
  In the right pane, highlight All Unknown ISAPI Extensions and press
  the Allow button
  4. To map .wlforward to use iisproxy.dll, do the following:
  a. In the left pane, drill down to the active website (like
  "Default Web Site")
  b. Right-click the active website and select Properties
  c. Select Home Directory tab
  d. Click the Configuration... button.
  e. In the Application Mapping tab, click the Add... button.
  a. Executable: C:\Inetpub\WLS_IIS_Plugin\iisproxy.dll
  b. Extension: .wlforward
  f. Uncheck Verify that file exists
  g. IMPORTANT: Ensure .wlforward is not mapped to iisforward.dll.
  While this seems intuitive, it is wrong. .wlforward maps to
  iisproxy.dll.
  h. Press OK three times
  i. Exit the IIS Manager MMC console.
  5. Create a text file named iisproxy.ini and place it in the plug-in
  directory (e.g. c:\Inetpub\WLS_IIS_Plugin\iisproxy.ini)
  iisproxy.ini
  WebLogicCluster=localhost:7001,localhost:7003
  WlForwardPath=/
  Debug=ALL
  DebugConfigInfo=ON
  WLLogFile=c:/temp/iisproxy.log
  6. Restart IIS using the following CLI statement: iisreset /restart
  7. Use a browser to access IIS. This will 'turn on' the IIS->WLS
  ISAPI filter.
  8. Relaunch the IIS Manager and check the ISAPI filter tab to ensure
  the iisforward.dll is now 'turned on', as evidenced by a green arrow.

• IIS authentication with weblogic

  I am trying to use IIS authentication with my ADF application deployed on weblogic. Is there any documentation for this?
  I want to use windows authentication with IIS. So users should not get any prompt for username / password to the application after they loggen in their windows machine.
  It should be like intranet ADF application.
  Thanks

  I am trying to use IIS authentication with my ADF application deployed on weblogic. Is there any documentation for this?
  I want to use windows authentication with IIS. So users should not get any prompt for username / password to the application after they loggen in their windows machine.
  It should be like intranet ADF application.
  Thanks

• UrlRewrite for reverse proxy on IIS

  Hi,
  I have a situation where I need to host node server behind IIS on the same machine. I wanted to create an application under the Default Web Site in IIS running on ports 80. I want the application to reroute the urls to the node server listening on port say
  3000. I tried using the Urlrewrite to create a reverseproxy rule to send all the requests to the node server. I am facing problems trying to load the static files. I tried different Urlrewrite pattern matches but could not get this to work. Can someone suggest
  me what would be the best way to configure the urlrewrites so that have the routes sent to the node server while the static files loaded from where my IIS application is pointed to?
  Example: http://mysite.com/webapp -> load static files
  http://mysite.com/webapp -> reroute the routes to http://mysite.com:3000

  Hello Victor1124,
  This forum is for Microsoft Small Basic program language.  You should better to ask your question in http://forums.iis.net/ .
  Thanks.
  Nonki Takahashi

• Issues using IIS 8.5 with ARR 3.0 as Reverse Proxy for Lync 2013

  Dear reader, after searching for a day without finding a solution to my problem I end up here ;-)
  Working Lync 2013 environment (gradually adding functionality) consisting of 2 FE servers, Persistent Chat Server, Web Apps server, Edge Server, Reverse Proxy Server (IIS 8.5/ARR 3.0), SQL Server.
  Set up a fresh Windows 2012 R2 with IIS 8.5, installed ARR 3.0 and followed along this
  TechNet article.
  So far so good, external clients (incl. mobile phone apps) can all connect.
  Now trying to add Web Apps to the reverse proxy, which is slightly different from the others by not forwarding 80/8080 and 443/4443, but just 80 and 443 to internal Web Apps server.
  After creating the server farm/URL rewrite, browsing to the webapps.FQDN/hosting/discovery ends up with a 404 error (instead of XML, which is shown when try from the LAN).
  After moving this rewrite rule to the top, it started working, but now my lyncdiscover.FQDN stops working.
  Ofcourse moving the webapps rule down restores the lyncdiscover.
  Any ideas? (everything setup as described in above mentioned TechNet article, so using wildcards. Tried fiddling around with webext.* and lyncdiscover.* and so, but no luck. (I'm completely new to ARR)
  Thanks,
  Barry

  Can you confirm that for each URL Rewrite Rule, you have an {http_host} record that matches something like webext.* as you referenced above and as seen in step 15 here:
  http://blogs.technet.com/b/nexthop/archive/2013/02/19/using-iis-arr-as-a-reverse-proxy-for-lync-server-2013.aspx
  It might help if you posted a screenshot of your URL rewrite rules.
  Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question please click "Mark As Answer".
  SWC Unified Communications

• Reverse Proxy FTP server

  Now that TMG is end of life, I am setting up a new Web Application Proxy server to handle all of our reverse proxy duties. This has been fine except that it doesn't seem to be able to publish FTP. So I ask the Microsoft community, how am I supposed to
  reverse proxy an FTP server that's using FTPs? IIS ARR is not the solution. Thanks.

  Hi,
  Sorry to say that I only found that TMG/ISA or the IIS with ARR can be used as a reverse proxy for applications. Maybe some third-party reverse proxy server can
  achieve that.
  Best regards,
  Susie

• Reverse Proxy installatio on Web Server

  Hi,
  Can anyone help me to install a reverse proxy on a Web Server and configure it. Is there any documentation and where and how I can download the reverse proxy for Web Server.
  Thanks in Advance.

  Reverse proxy functionality is inbuit in Sun Java System Web Server 7.0.
  Official WS 7.0 docs are at :
  http://docs.sun.com/app/docs/coll/1308.3
  Some blogs
  http://blogs.sun.com/meena/entry/configuring_reverse_proxy_in_sun
  http://blogs.sun.com/meena/entry/configuring_reverse_proxy_in_web

• Using IIS AAR as a reverse proxy for Exchange 2010 & Lync 2013

  hi
  i am planning to use IIS AAR as reverse proxy solution for both Exchange 2010 & Lync 2013 . need clarifications on the below.
  Is it production ready proof solution of using IIS AAR as a reverse proxy solution , if yes what is the sizing considerations for the same.
  Can we have exchange reverse proxy and lync reverse proxy on the same IIS ARR server.
  Is there any special consideration(license/certificates/cal licenses) needs to be taken care while using this solution
    4.  Deployment Guide available?

  hi steve.. thanks for reply..
  1 have gone through that.. however having both exchange & lync reverse proxy on single server is unanswered and the reason for having this in exchange forum is to have consideration from exchange prospective as well ... 
  I am also wondering this.  Can both exist on the same set of proxy servers?  I also plan to have a load balanced solution.  Has anyone had any luck with doing that?

• Problem with Mobile clients - Reverse proxy

  Hi Guys,
  I have an issue that is driving me batty. I've set up a reverse proxy and am putting my mobile clients through it. I've used the Lync connectivity analyzer which is telling me that everything is good. However I am getting an error in my mobile clients to
  the effect "Please check your account info and try again"
  It looks like my IIS logs are showing 401 errors on the webticketservice.svc
  2014-05-30 00:48:01 192.168.0.58 GET / sipuri=sip:[email protected]&X-ARR-CACHE-HIT=0&X-ARR-LOG-ID=0b8473bc-76f4-48e6-b29d-1028dad0dc2f 443 - 24.114.103.233 ACOMO - 200 0 0 93
  2014-05-30 00:48:01 192.168.0.58 GET / - 80 - 24.114.103.233 ACOMO - 406 0 0 62
  2014-05-30 00:48:01 192.168.0.58 GET /autodiscover/autodiscoverservice.svc/root/user originaldomain=openjive.com&X-ARR-LOG-ID=624d5656-03de-4d23-b7be-ef1d86f986ea 443 OPENJIVE\bryan 24.114.103.233 ACOMO - 401 0 0 72
  2014-05-30 00:48:01 192.168.0.58 GET /autodiscover/autodiscoverservice.svc/root/user originaldomain=openjive.com&X-ARR-LOG-ID=989d376d-f93d-4a61-a2e8-75e44a2f630e 443 OPENJIVE\bryan 24.114.103.233 ACOMO - 401 0 0 62
  2014-05-30 00:48:01 192.168.0.58 POST /webticket/webticketservice.svc/mex X-ARR-LOG-ID=96ab4698-b8bc-4ff6-829f-60bdd7e9d64e 443 OPENJIVE\bryan 24.114.103.233 ACOMO - 200 0 0 209
  2014-05-30 00:48:01 192.168.0.58 POST /webticket/webticketservice.svc X-ARR-LOG-ID=6884e7ec-01fa-4014-96ec-1e891fbb1c7e 443 OPENJIVE\bryan 24.114.103.233 ACOMO - 401 0 0 116
  2014-05-30 00:48:03 192.168.0.58 POST /webticket/webticketservice.svc X-ARR-LOG-ID=c4f2790c-983a-4d4f-b647-dc0c30d2335d 443 OPENJIVE\bryan 24.114.103.233 ACOMO - 401 0 0 84
  Any ideas would be appreciated. I am running windows 2012 R2 across the board. The reverse proxy is IIS 8.5 with ARR 3.

  Here is the connectivity analyzer results.
  Sending HTTP request to
  https://lyncdiscover.openjive.com/[email protected]
  Logging test parameters:
  SIP Uri: [email protected]
  User Name: openjive\bryan
  Discovery Type: Automatic Discovery
  Network access: NetworkAccessExternal
  Selected client: ApplicationLyncMobile2013
  Starting Lync server autodiscovery
  Please wait; this test may take several minutes to complete...
  Starting automatic discovery for secure (HTTPS) internal channel
  lyncdiscoverinternal.openjive.com can't be resolved by the DNS server. Skipping internal discovery.
  Starting automatic discovery for secure (HTTPS) external channel
  Cookie  found in autodiscover response: StatusCode: 200, ReasonPhrase: 'OK', Version: 1.1, Content: System.Net.Http.StreamContent, Headers:
    Pragma: no-cache
    X-MS-Server-Fqdn: banff.openjive.local
    X-Content-Type-Options: nosniff
    Cache-Control: no-cache
    Server: Microsoft-IIS/8.5
    X-AspNet-Version: 4.0.30319
    X-Powered-By: ASP.NET
    X-Powered-By: ARR/2.5
    X-Powered-By: ASP.NET
    Date: Fri, 30 May 2014 00:49:45 GMT
    Content-Length: 1049
    Content-Type: application/vnd.microsoft.rtc.autodiscover+xml; v=1
    Expires: -1
  Parsing the response for URL
  https://lyncdiscover.openjive.com/[email protected].  Full response: <?xml version="1.0" encoding="utf-8"?><AutodiscoverResponse xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  AccessLocation="External"><Root><Link token="Domain" href="https://lyncweb.openjive.com/Autodiscover/AutodiscoverService.svc/root/domain?originalDomain=openjive.com"
  /><Link token="User" href="https://lyncweb.openjive.com/Autodiscover/AutodiscoverService.svc/root/user?originalDomain=openjive.com"
  /><Link token="Self" href="https://lyncweb.openjive.com/Autodiscover/AutodiscoverService.svc/root?originalDomain=openjive.com" /><Link
  token="OAuth" href="https://lyncweb.openjive.com/Autodiscover/AutodiscoverService.svc/root/oauth/user?originalDomain=openjive.com" /><Link
  token="External/XFrame" href="https://lyncweb.openjive.com/Autodiscover/XFrame/XFrame.html" /><Link token="Internal/XFrame" href="https://banff.openjive.local/Autodiscover/XFrame/XFrame.html"
  /><Link token="XFrame" href="https://lyncweb.openjive.com/Autodiscover/XFrame/XFrame.html" /></Root></AutodiscoverResponse>
  Autodiscover URL
  https://lyncdiscover.openjive.com/[email protected] redirected to
  https://lyncweb.openjive.com/Autodiscover/AutodiscoverService.svc/root/user?originalDomain=openjive.com
  Sending HTTP request to
  https://lyncweb.openjive.com/Autodiscover/AutodiscoverService.svc/root/[email protected]
  Cookie  found in autodiscover response: StatusCode: 401, ReasonPhrase: 'Unauthorized', Version: 1.1, Content: System.Net.Http.StreamContent, Headers:
    X-MS-WebTicketURL:
  https://lyncweb.openjive.com/WebTicket/WebTicketService.svc
    X-MS-WebTicketSupported: cwt,saml
    X-MS-Server-Fqdn: banff.openjive.local
    X-Content-Type-Options: nosniff
    Cache-Control: no-cache
    Server: Microsoft-IIS/8.5
    X-Powered-By: ASP.NET
    X-Powered-By: ARR/2.5
    X-Powered-By: ASP.NET
    WWW-Authenticate: Negotiate
    WWW-Authenticate: NTLM
    Date: Fri, 30 May 2014 00:49:45 GMT
    Content-Length: 1293
    Content-Type: text/html
  Authorization required for
  https://lyncweb.openjive.com/Autodiscover/AutodiscoverService.svc/root/[email protected]
  Obtaining WebTicket from
  https://lyncweb.openjive.com/WebTicket/WebTicketService.svc
  On-premises WebTicket server:
  https://lyncweb.openjive.com/WebTicket/WebTicketService.svc/Auth
  AcquireTicketAsync succeeded for
  https://lyncweb.openjive.com/WebTicket/WebTicketService.svc/Auth
  WebTicket: <saml:Assertion MajorVersion="1" MinorVersion="1" AssertionID="SamlSecurityToken-bf1eeeeb-c7b5-4d50-87df-929bf90bd370" Issuer="https://banff.openjive.local:4443/f0ca8325-b055-5552-be4f-fb4088f97387"
  IssueInstant="2014-05-30T00:52:05.151Z" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"><saml:Conditions NotBefore="2014-05-30T00:52:05.151Z" NotOnOrAfter="2014-05-30T08:49:30.151Z"><saml:AudienceRestrictionCondition><saml:Audience>https://lyncweb.openjive.com/</saml:Audience></saml:AudienceRestrictionCondition></saml:Conditions><saml:AuthenticationStatement
  AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:unspecified" AuthenticationInstant="2014-05-30T00:52:05.151Z"><saml:Subject><saml:NameIdentifier Format="sip:[email protected]</saml:NameIdentifier><saml:SubjectConfirmation><saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:holder-of-key</saml:ConfirmationMethod><KeyInfo">http://schemas.xmlsoap.org/ws/2005/05/identity/claims/uri">sip:[email protected]</saml:NameIdentifier><saml:SubjectConfirmation><saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:holder-of-key</saml:ConfirmationMethod><KeyInfo
  xmlns="<e:EncryptedKey">http://www.w3.org/2000/09/xmldsig#"><e:EncryptedKey xmlns:e="<e:EncryptionMethod">http://www.w3.org/2001/04/xmlenc#"><e:EncryptionMethod
  Algorithm="</e:EncryptionMethod><KeyInfo><KeyName>f0ca8325-b055-5552-be4f-fb4088f97387:8d149b659ca1d29</KeyName></KeyInfo><e:CipherData><e:CipherValue>kE4cKJAJbZL3GFCEx3/XxiBO/nhVPZJ15xEIQk96DjkxRNgzgxlh+w==</e:CipherValue></e:CipherData></e:EncryptedKey></KeyInfo></saml:SubjectConfirmation></saml:Subject></saml:AuthenticationStatement><Signature">http://www.w3.org/2001/04/xmlenc#kw-aes256"></e:EncryptionMethod><KeyInfo><KeyName>f0ca8325-b055-5552-be4f-fb4088f97387:8d149b659ca1d29</KeyName></KeyInfo><e:CipherData><e:CipherValue>kE4cKJAJbZL3GFCEx3/XxiBO/nhVPZJ15xEIQk96DjkxRNgzgxlh+w==</e:CipherValue></e:CipherData></e:EncryptedKey></KeyInfo></saml:SubjectConfirmation></saml:Subject></saml:AuthenticationStatement><Signature
  xmlns="<SignedInfo><CanonicalizationMethod">http://www.w3.org/2000/09/xmldsig#"><SignedInfo><CanonicalizationMethod Algorithm="</CanonicalizationMethod><SignatureMethod">http://www.w3.org/2001/10/xml-exc-c14n#"></CanonicalizationMethod><SignatureMethod
  Algorithm="</SignatureMethod><Reference">http://www.w3.org/2000/09/xmldsig#rsa-sha1"></SignatureMethod><Reference URI="#SamlSecurityToken-bf1eeeeb-c7b5-4d50-87df-929bf90bd370"><Transforms><Transform
  Algorithm="</Transform><Transform">http://www.w3.org/2000/09/xmldsig#enveloped-signature"></Transform><Transform Algorithm="</Transform></Transforms><DigestMethod">http://www.w3.org/2001/10/xml-exc-c14n#"></Transform></Transforms><DigestMethod
  Algorithm="</DigestMethod><DigestValue>krqtSvw6JUlsbBsxdbXSsHyIgFzUD1G7DOKZ635AC4Q=</DigestValue></Reference></SignedInfo><SignatureValue>qo+GkTNnjyl250pQVkSSTCI707At83dn2zu1ZOSLoSlPF74FuzRgCysD5UPrgMvY5SYi+pi2igwEV7zt7ALtWFuAJWPU3e0mNT701xyO86+f11YtHXC/NhQDudJvq7DO3uWRGgZGdBodt82OyZlXKifplMgEE352y0+S4jy0GmKCpvHTbytUthInMSxSAp7UWcU+6ourkAj4NpLbSywgm4su6byHEZmZyJ1/6eZ6/xO3a395dxhlBoMbIs+Gk9zcQ75KL/VAy7WTcBq+kJ/16yfd9q73VzYO5NBSEgrOHW/xZuRUYusLyhSZ0AJTVaUUJuBi6XdG44kaP0Nsz9UTrw==</SignatureValue><KeyInfo><o:SecurityTokenReference">http://www.w3.org/2001/04/xmlenc#sha256"></DigestMethod><DigestValue>krqtSvw6JUlsbBsxdbXSsHyIgFzUD1G7DOKZ635AC4Q=</DigestValue></Reference></SignedInfo><SignatureValue>qo+GkTNnjyl250pQVkSSTCI707At83dn2zu1ZOSLoSlPF74FuzRgCysD5UPrgMvY5SYi+pi2igwEV7zt7ALtWFuAJWPU3e0mNT701xyO86+f11YtHXC/NhQDudJvq7DO3uWRGgZGdBodt82OyZlXKifplMgEE352y0+S4jy0GmKCpvHTbytUthInMSxSAp7UWcU+6ourkAj4NpLbSywgm4su6byHEZmZyJ1/6eZ6/xO3a395dxhlBoMbIs+Gk9zcQ75KL/VAy7WTcBq+kJ/16yfd9q73VzYO5NBSEgrOHW/xZuRUYusLyhSZ0AJTVaUUJuBi6XdG44kaP0Nsz9UTrw==</SignatureValue><KeyInfo><o:SecurityTokenReference
  xmlns:o="<o:KeyIdentifier">http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><o:KeyIdentifier ValueType="AhJJ0tEVWf4IRNbKNKfDMD1Qyvg=</o:KeyIdentifier></o:SecurityTokenReference></KeyInfo></Signature></saml:Assertion">http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#ThumbprintSHA1">AhJJ0tEVWf4IRNbKNKfDMD1Qyvg=</o:KeyIdentifier></o:SecurityTokenReference></KeyInfo></Signature></saml:Assertion>
  Sending HTTP request to
  https://lyncweb.openjive.com/Autodiscover/AutodiscoverService.svc/root/[email protected]
  Cookie  found in autodiscover response: StatusCode: 200, ReasonPhrase: 'OK', Version: 1.1, Content: System.Net.Http.StreamContent, Headers:
    Pragma: no-cache
    X-MS-Server-Fqdn: banff.openjive.local
    X-Content-Type-Options: nosniff
    Cache-Control: no-cache
    Server: Microsoft-IIS/8.5
    X-AspNet-Version: 4.0.30319
    X-Powered-By: ASP.NET
    X-Powered-By: ARR/2.5
    X-Powered-By: ASP.NET
    Date: Fri, 30 May 2014 00:49:45 GMT
    Content-Length: 2111
    Content-Type: application/vnd.microsoft.rtc.autodiscover+xml; v=1
    Expires: -1
  Parsing the response for URL
  https://lyncweb.openjive.com/Autodiscover/AutodiscoverService.svc/root/[email protected].  Full response: <?xml version="1.0" encoding="utf-8"?><AutodiscoverResponse xmlns:xsd="http://www.w3.org/2001/XMLSchema"
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" AccessLocation="External"><User><SipServerInternalAccess fqdn="banff.openjive.local" port="5061" /><SipClientInternalAccess fqdn="banff.openjive.local"
  port="5061" /><SipServerExternalAccess fqdn="lyncedge.openjive.com" port="5061" /><SipClientExternalAccess fqdn="lyncedge.openjive.com" port="5061" /><Link token="Internal/Autodiscover" href="https://banff.openjive.local/Autodiscover/AutodiscoverService.svc/root"
  /><Link token="Internal/AuthBroker" href="https://banff.openjive.local/Reach/sip.svc" /><Link token="Internal/WebScheduler" href="https://banff.openjive.local/Scheduler"
  /><Link token="Internal/CertProvisioning" href="https://banff.openjive.local/CertProv/CertProvisioningService.svc" /><Link token="External/Autodiscover" href="https://lyncweb.openjive.com/Autodiscover/AutodiscoverService.svc/root"
  /><Link token="External/AuthBroker" href="https://lyncweb.openjive.com/Reach/sip.svc" /><Link token="External/WebScheduler" href="https://lyncweb.openjive.com/Scheduler"
  /><Link token="External/CertProvisioning" href="https://lyncweb.openjive.com/CertProv/CertProvisioningService.svc" /><Link token="Internal/Mcx" href="https://lyncweb.openjive.com/Mcx/McxService.svc"
  /><Link token="External/Mcx" href="https://lyncweb.openjive.com/Mcx/McxService.svc" /><Link token="Ucwa" href="https://lyncweb.openjive.com/ucwa/v1/applications"
  /><Link token="Internal/Ucwa" href="https://banff.openjive.local/ucwa/v1/applications" /><Link token="External/Ucwa" href="https://lyncweb.openjive.com/ucwa/v1/applications"
  /><Link token="External/XFrame" href="https://lyncweb.openjive.com/Autodiscover/XFrame/XFrame.html" /><Link token="Internal/XFrame" href="https://banff.openjive.local/Autodiscover/XFrame/XFrame.html"
  /><Link token="XFrame" href="https://lyncweb.openjive.com/Autodiscover/XFrame/XFrame.html" /><Link token="Self" href="https://lyncweb.openjive.com/Autodiscover/AutodiscoverService.svc/root/user"
  /></User></AutodiscoverResponse>
  Server discovery has completed for https://lyncdiscover.openjive.com/.
  Autodiscover full response for URL https://lyncdiscover.openjive.com/ is <?xml version="1.0" encoding="utf-8"?><AutodiscoverResponse xmlns:xsd="http://www.w3.org/2001/XMLSchema"
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" AccessLocation="External"><User><SipServerInternalAccess fqdn="banff.openjive.local" port="5061" /><SipClientInternalAccess fqdn="banff.openjive.local"
  port="5061" /><SipServerExternalAccess fqdn="lyncedge.openjive.com" port="5061" /><SipClientExternalAccess fqdn="lyncedge.openjive.com" port="5061" /><Link token="Internal/Autodiscover" href="https://banff.openjive.local/Autodiscover/AutodiscoverService.svc/root"
  /><Link token="Internal/AuthBroker" href="https://banff.openjive.local/Reach/sip.svc" /><Link token="Internal/WebScheduler" href="https://banff.openjive.local/Scheduler"
  /><Link token="Internal/CertProvisioning" href="https://banff.openjive.local/CertProv/CertProvisioningService.svc" /><Link token="External/Autodiscover" href="https://lyncweb.openjive.com/Autodiscover/AutodiscoverService.svc/root"
  /><Link token="External/AuthBroker" href="https://lyncweb.openjive.com/Reach/sip.svc" /><Link token="External/WebScheduler" href="https://lyncweb.openjive.com/Scheduler"
  /><Link token="External/CertProvisioning" href="https://lyncweb.openjive.com/CertProv/CertProvisioningService.svc" /><Link token="Internal/Mcx" href="https://lyncweb.openjive.com/Mcx/McxService.svc"
  /><Link token="External/Mcx" href="https://lyncweb.openjive.com/Mcx/McxService.svc" /><Link token="Ucwa" href="https://lyncweb.openjive.com/ucwa/v1/applications"
  /><Link token="Internal/Ucwa" href="https://banff.openjive.local/ucwa/v1/applications" /><Link token="External/Ucwa" href="https://lyncweb.openjive.com/ucwa/v1/applications"
  /><Link token="External/XFrame" href="https://lyncweb.openjive.com/Autodiscover/XFrame/XFrame.html" /><Link token="Internal/XFrame" href="https://banff.openjive.local/Autodiscover/XFrame/XFrame.html"
  /><Link token="XFrame" href="https://lyncweb.openjive.com/Autodiscover/XFrame/XFrame.html" /><Link token="Self" href="https://lyncweb.openjive.com/Autodiscover/AutodiscoverService.svc/root/user"
  /></User></AutodiscoverResponse>
  SendRequest failed for
  https://lyncweb.openjive.com/Autodiscover/AutodiscoverService.svc/root/[email protected]
  Automatic discovery results for https://lyncdiscover.openjive.com/
  Access Location                          : External
  SIP Server Internal Access               : banff.openjive.local
  SIP Server External Access               : lyncedge.openjive.com
  SIP Client Internal Access               : banff.openjive.local
  SIP Client External Access               : lyncedge.openjive.com
  Internal Auth broker service             :
  https://banff.openjive.local/Reach/sip.svc
  External Auth broker service             :
  https://lyncweb.openjive.com/Reach/sip.svc
  Internal Auto discover service           :
  https://banff.openjive.local/Autodiscover/AutodiscoverService.svc/root
  External Auto discover service           :
  https://lyncweb.openjive.com/Autodiscover/AutodiscoverService.svc/root
  Internal MCX service                     :
  https://lyncweb.openjive.com/Mcx/McxService.svc
  External MCX service                     :
  https://lyncweb.openjive.com/Mcx/McxService.svc
  Internal UCWA service                    :
  https://banff.openjive.local/ucwa/v1/applications
  External UCWA service                    :
  https://lyncweb.openjive.com/ucwa/v1/applications
  Internal Webscheduler service            :
  https://banff.openjive.local/Scheduler
  External Webscheduler service            :
  https://lyncweb.openjive.com/Scheduler
  Total server discovery time: 1.1 seconds
  Server discovery succeeded for secure (HTTPS) external channel against URL
  https://lyncdiscover.openjive.com/
  Starting automatic discovery for unsecure (HTTP) external channel
  Sending HTTP request to
  http://lyncdiscover.openjive.com/[email protected]
  Cookie  found in autodiscover response: StatusCode: 406, ReasonPhrase: 'Not Acceptable', Version: 1.1, Content: System.Net.Http.StreamContent, Headers:
    Date: Fri, 30 May 2014 00:49:45 GMT
    Server: Microsoft-IIS/8.5
    X-Powered-By: ASP.NET
    Content-Length: 1346
    Content-Type: text/html
  Autodiscover: SendRequest(): the URL
  http://lyncdiscover.openjive.com/[email protected] couldn't be connected.  Complete HTTP headers:\r\n Date: Fri, 30 May 2014 00:49:45 GMT
  Server: Microsoft-IIS/8.5
  X-Powered-By: ASP.NET
  Couldn't connect to URL
  http://lyncdiscover.openjive.com/[email protected] (HTTP status code NotAcceptable)
  System.Exception: Couldn't connect to URL
  http://lyncdiscover.openjive.com/[email protected] (HTTP status code NotAcceptable)
     at Microsoft.LyncServer.WebServices.AutoDiscoverManager.TerminateAD(String mesg)
     at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<SendRequest>d__d.MoveNext()
  --- End of stack trace from previous location where exception was thrown ---
     at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
     at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
     at System.Runtime.CompilerServices.TaskAwaiter`1.GetResult()
     at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<TryNextUrl>d__3.MoveNext()
  --- End of stack trace from previous location where exception was thrown ---
     at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
     at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
     at Microsoft.LyncServer.WebServices.AutoDiscoverManager.<StartDiscoveryJourney>d__0.MoveNext()
  --- End of stack trace from previous location where exception was thrown ---
     at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
     at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
     at LyncConnectivityAnalyzerCore.Utilities.<RetrieveUserLocation>d__3e.MoveNext()
  Server discovery failed for unsecured external channel against
  http://lyncdiscover.openjive.com/
  None, AutoInternalDNSFail, AutoInternalSecureD, AutoInternalUnsecureD, AutoExternalUnsecureD, ManualDNSFail, ManualSecureD, ManualUnsecureD, AuthBrokerInternalLMXCheckGET, AuthBrokerInternalLMXCheckPOST, AuthBrokerExternalLMXCheckGET, AuthBrokerExternalLMXCheckPOST,
  MobilityMCXInternalLMXCheckGET, MobilityMCXInternalLMXCheckPOST, MobilityMCXExternalLMXCheckGET, MobilityMCXExternalLMXCheckPOST, LMXSIPServerInternalDNS, LMXSIPServerExternalDNS, MobilityUCWAInternalCheckPOST, MobilityUCWAExternalCheckPOST
  Starting the requirement tests for Lync Mobile 2013 App
  Please wait; this test may take several minutes to complete...
  Testing the app requirements using the following discovery response:
  Access Location                          : External
  SIP Server Internal Access               : banff.openjive.local
  SIP Server External Access               : lyncedge.openjive.com
  SIP Client Internal Access               : banff.openjive.local
  SIP Client External Access               : lyncedge.openjive.com
  Internal Auth broker service             :
  https://banff.openjive.local/Reach/sip.svc
  External Auth broker service             :
  https://lyncweb.openjive.com/Reach/sip.svc
  Internal Auto discover service           :
  https://banff.openjive.local/Autodiscover/AutodiscoverService.svc/root
  External Auto discover service           :
  https://lyncweb.openjive.com/Autodiscover/AutodiscoverService.svc/root
  Internal MCX service                     :
  https://lyncweb.openjive.com/Mcx/McxService.svc
  External MCX service                     :
  https://lyncweb.openjive.com/Mcx/McxService.svc
  Internal UCWA service                    :
  https://banff.openjive.local/ucwa/v1/applications
  External UCWA service                    :
  https://lyncweb.openjive.com/ucwa/v1/applications
  Internal Webscheduler service            :
  https://banff.openjive.local/Scheduler
  External Webscheduler service            :
  https://lyncweb.openjive.com/Scheduler
  Starting tests for Mobility (UCWA) service
  UCWA user agent string: <input xmlns="<property">http://schemas.microsoft.com/rtc/2012/03/ucwa"><property name="culture">en-US</property><property name="endpointId">44:D8:84:3C:68:68</property><property
  name="type">Phone</property><property name="userAgent">LyncConnectivityAnalyzer/5.0.8308.582 (Windows OS 6.0)</property></input>
  Verifying external Ucwa service:
  https://lyncweb.openjive.com/ucwa/v1/applications
  On-premises WebTicket server:
  https://lyncweb.openjive.com/WebTicket/WebTicketService.svc/Auth
  AcquireTicketAsync succeeded for
  https://lyncweb.openjive.com/WebTicket/WebTicketService.svc/Auth
  WebTicket: <saml:Assertion MajorVersion="1" MinorVersion="1" AssertionID="SamlSecurityToken-cda8f5c3-dc31-46d1-b9ba-51fa49cffcd3" Issuer="https://banff.openjive.local:4443/f0ca8325-b055-5552-be4f-fb4088f97387"
  IssueInstant="2014-05-30T00:52:06.062Z" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"><saml:Conditions NotBefore="2014-05-30T00:52:06.062Z" NotOnOrAfter="2014-05-30T08:44:42.062Z"><saml:AudienceRestrictionCondition><saml:Audience>https://lyncweb.openjive.com/</saml:Audience></saml:AudienceRestrictionCondition></saml:Conditions><saml:AuthenticationStatement
  AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:unspecified" AuthenticationInstant="2014-05-30T00:52:06.062Z"><saml:Subject><saml:NameIdentifier Format="sip:[email protected]</saml:NameIdentifier><saml:SubjectConfirmation><saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:holder-of-key</saml:ConfirmationMethod><KeyInfo">http://schemas.xmlsoap.org/ws/2005/05/identity/claims/uri">sip:[email protected]</saml:NameIdentifier><saml:SubjectConfirmation><saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:holder-of-key</saml:ConfirmationMethod><KeyInfo
  xmlns="<e:EncryptedKey">http://www.w3.org/2000/09/xmldsig#"><e:EncryptedKey xmlns:e="<e:EncryptionMethod">http://www.w3.org/2001/04/xmlenc#"><e:EncryptionMethod
  Algorithm="</e:EncryptionMethod><KeyInfo><KeyName>f0ca8325-b055-5552-be4f-fb4088f97387:8d149b659ca1d29</KeyName></KeyInfo><e:CipherData><e:CipherValue>HiaWvrXQLacT+brihMO3w2xV0JCWsOj2hQNAkbGkl1yuavEW5U2+yA==</e:CipherValue></e:CipherData></e:EncryptedKey></KeyInfo></saml:SubjectConfirmation></saml:Subject></saml:AuthenticationStatement><Signature">http://www.w3.org/2001/04/xmlenc#kw-aes256"></e:EncryptionMethod><KeyInfo><KeyName>f0ca8325-b055-5552-be4f-fb4088f97387:8d149b659ca1d29</KeyName></KeyInfo><e:CipherData><e:CipherValue>HiaWvrXQLacT+brihMO3w2xV0JCWsOj2hQNAkbGkl1yuavEW5U2+yA==</e:CipherValue></e:CipherData></e:EncryptedKey></KeyInfo></saml:SubjectConfirmation></saml:Subject></saml:AuthenticationStatement><Signature
  xmlns="<SignedInfo><CanonicalizationMethod">http://www.w3.org/2000/09/xmldsig#"><SignedInfo><CanonicalizationMethod Algorithm="</CanonicalizationMethod><SignatureMethod">http://www.w3.org/2001/10/xml-exc-c14n#"></CanonicalizationMethod><SignatureMethod
  Algorithm="</SignatureMethod><Reference">http://www.w3.org/2000/09/xmldsig#rsa-sha1"></SignatureMethod><Reference URI="#SamlSecurityToken-cda8f5c3-dc31-46d1-b9ba-51fa49cffcd3"><Transforms><Transform
  Algorithm="</Transform><Transform">http://www.w3.org/2000/09/xmldsig#enveloped-signature"></Transform><Transform Algorithm="</Transform></Transforms><DigestMethod">http://www.w3.org/2001/10/xml-exc-c14n#"></Transform></Transforms><DigestMethod
  Algorithm="</DigestMethod><DigestValue>9aGUpr6tQkHD1fj+o1gDZSFMpPp1HwnNjO9BmmGjA+Y=</DigestValue></Reference></SignedInfo><SignatureValue>jfleXw8Do6pavetwKPAGEEIezTJlJhF2UlnuNh04dK4FlCJMRowZbxHUyqUjTsCbjIdvVMhljsPrufsPwPd4v1ksvf8apfeVJ2zZZSyIqLLCjKW3Vus7X6DlBqZ+YB8rP1dGKleuH5E7kuk4asAc5XpzjoB3xvLf5cXp2hVvKuhwlDhqQp3dCIFnNCGPQLbqY+hek55uNcmyspJno13YbQ/fje/1CJxfwiN3M0o2dPskIMvOt1oqHlxn1zIeWm1lWkKd/ZDjchoWzmqiO67cbXuJpe7IrqwCx4WT7vHMkyHZznXB6D55pgPen94+h0Vwq75mWZeYBMIeXOM3t+7HnA==</SignatureValue><KeyInfo><o:SecurityTokenReference">http://www.w3.org/2001/04/xmlenc#sha256"></DigestMethod><DigestValue>9aGUpr6tQkHD1fj+o1gDZSFMpPp1HwnNjO9BmmGjA+Y=</DigestValue></Reference></SignedInfo><SignatureValue>jfleXw8Do6pavetwKPAGEEIezTJlJhF2UlnuNh04dK4FlCJMRowZbxHUyqUjTsCbjIdvVMhljsPrufsPwPd4v1ksvf8apfeVJ2zZZSyIqLLCjKW3Vus7X6DlBqZ+YB8rP1dGKleuH5E7kuk4asAc5XpzjoB3xvLf5cXp2hVvKuhwlDhqQp3dCIFnNCGPQLbqY+hek55uNcmyspJno13YbQ/fje/1CJxfwiN3M0o2dPskIMvOt1oqHlxn1zIeWm1lWkKd/ZDjchoWzmqiO67cbXuJpe7IrqwCx4WT7vHMkyHZznXB6D55pgPen94+h0Vwq75mWZeYBMIeXOM3t+7HnA==</SignatureValue><KeyInfo><o:SecurityTokenReference
  xmlns:o="<o:KeyIdentifier">http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><o:KeyIdentifier ValueType="AhJJ0tEVWf4IRNbKNKfDMD1Qyvg=</o:KeyIdentifier></o:SecurityTokenReference></KeyInfo></Signature></saml:Assertion">http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#ThumbprintSHA1">AhJJ0tEVWf4IRNbKNKfDMD1Qyvg=</o:KeyIdentifier></o:SecurityTokenReference></KeyInfo></Signature></saml:Assertion>
  Successfully created the UCWA service
  Completed tests for Mobility (UCWA) service
  None, AutoInternalDNSFail, AutoInternalSecureD, AutoInternalUnsecureD, AutoExternalUnsecureD, ManualDNSFail, ManualSecureD, ManualUnsecureD, AuthBrokerInternalLMXCheckGET, AuthBrokerInternalLMXCheckPOST, AuthBrokerExternalLMXCheckGET, AuthBrokerExternalLMXCheckPOST,
  MobilityMCXInternalLMXCheckGET, MobilityMCXInternalLMXCheckPOST, MobilityMCXExternalLMXCheckGET, MobilityMCXExternalLMXCheckPOST, LMXSIPServerInternalDNS, LMXSIPServerExternalDNS, MobilityUCWAInternalCheckPOST
  Your deployment meets the minimum requirements for Lync Mobile 2013 App.