none
Multi Tenant Deployment

    Question

  • I've followed the MS Deployment guide, but only the front end, edge and director roles have been deployed. All servers are in the same subnet having static WAN addresses. No firewalls between them.

    The problem is, that my test account's client request doesn't even show up in the Front End server. And that is why the client gets "Cannot sign in because the server is temporarily unavailable...". External DNS records are pointing to the Director and replication status is ok.

    When tracing the SIPstack on the Director, I can see that the user's request is successfully routed to the Front End, but nothing seen from the Front End's traces:

    First one:

    $$begin_record
    LogType: diagnostic
    Severity: information
    Text: Response successfully routed
    SIP-Start-Line: SIP/2.0 301 Redirect request to Home Server
    SIP-Call-ID: acdedf07c1a042ba82ff84bf04fe26a8
    SIP-CSeq: 3 REGISTER
    Peer: *******:60394
    Data: destination="Unknown"
    $$end_record

    And the second one:

    $$begin_record
    Trace-Correlation-Id: 3029108433
    Instance-Id: 00000060
    Direction: outgoing;source="local"
    Peer: ******:60394
    Message-Type: response
    Start-Line: SIP/2.0 301 Redirect request to Home Server
    From: <sip:user.name@tenantdomain.com>;tag=9046febe92;epid=f08d03df19
    To: <sip:user.name@tenantdomain>;tag=5D17EEE54CD8C0E4F8C77F73166962DE
    CSeq: 3 REGISTER
    Call-ID: acdedf07c1a042ba82ff84bf04fe26a8
    ms-user-logon-data: RemoteUser
    Authentication-Info: NTLM qop="auth", opaque="21BF21C3", srand="4FB1409D", snum="1", rspauth="0100000000000000bb09ba3d4d415a53", targetname="LYNCDIR01.hosting.local", realm="SIP Communications Service", version=4
    Via: SIP/2.0/TLS 188.117.32.218:60394;ms-received-port=60394;ms-received-cid=D00
    Contact: <sip:fepool01.hosting.local:5061;transport=TLS>
    Expires: 2592000
    Content-Length: 0
    Message-Body: –
    $$end_record

    Thursday, February 09, 2012 11:45 AM

All replies

  • Do all of your clients and servers have the root ca, and maybe sub_ca installed??

    http://lync2010tips.blogspot.com - ucottonk@hotmail.com - If this post has been useful please click the green arrow to the left or click 'Propose as answer'

    Friday, February 10, 2012 10:18 AM
  • Hi,tkomulai,

    How did you configure director assicatied to FE server? Because the Director pool/serves as the first point of contact for Lync Server clients, each Lync Server must have interfaces with public, IP addresses that do not use NAT. So you should configure Director server to the public IP addresses of FrontEnd server/pools instead of the private IP addresses of FE servers, it requires making the internal FQDN of the FE pool resolve to it's external IP addresses.

    As such, you should follow the standard guidance in “Deploying Edge Servers” in the TechNet Library at http://go.microsoft.com/fwlink/?LinkId=205567 unless otherwise directed below:
    • When you follow the steps in “Configure DNS Records for Edge Support” in the TechNet Library at http://go.microsoft.com/fwlink/?LinkId=230843, you must configure the DNS records for the initial test SIP domain. Configure the SRV record to point to the Director pool, not the Edge Server pool. In addition, create one external DNS record for the FQDN of the Front End pool for each external IP address of the Front End Servers. This results in client automatic configuration requests to go to the Director pool, which will then refer the requests to the Front End pool.
    • When you perform the steps in “Configure the DNS Suffix for Edge Servers” in the TechNet Library at http://go.microsoft.com/fwlink/?LinkId=230844, set the DNS suffix to the value to the name of the external domain used by the Lync Server deployment.

    Details you can check the 6.4-6.7 parts in the Multi-tenant deployment guide.

    Regards,

    Sharon


    Sharon Shen

    TechNet Community Support

    ******************************************************************************************************************************************************* Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community memb

    Monday, February 13, 2012 5:56 AM
    Moderator
  • Hi,tkomulai,

    How did you configure director assicatied to FE server? Because the Director pool/serves as the first point of contact for Lync Server clients, each Lync Server must have interfaces with public, IP addresses that do not use NAT. So you should configure Director server to the public IP addresses of FrontEnd server/pools instead of the private IP addresses of FE servers, it requires making the internal FQDN of the FE pool resolve to it's external IP addresses.

    As such, you should follow the standard guidance in “Deploying Edge Servers” in the TechNet Library at http://go.microsoft.com/fwlink/?LinkId=205567 unless otherwise directed below:
    • When you follow the steps in “Configure DNS Records for Edge Support” in the TechNet Library at http://go.microsoft.com/fwlink/?LinkId=230843, you must configure the DNS records for the initial test SIP domain. Configure the SRV record to point to the Director pool, not the Edge Server pool. In addition, create one external DNS record for the FQDN of the Front End pool for each external IP address of the Front End Servers. This results in client automatic configuration requests to go to the Director pool, which will then refer the requests to the Front End pool.
    • When you perform the steps in “Configure the DNS Suffix for Edge Servers” in the TechNet Library at http://go.microsoft.com/fwlink/?LinkId=230844, set the DNS suffix to the value to the name of the external domain used by the Lync Server deployment.

    Details you can check the 6.4-6.7 parts in the Multi-tenant deployment guide.

    Regards,

    Sharon


    Sharon Shen

    TechNet Community Support

    ******************************************************************************************************************************************************* Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community memb

    Hi Sharon,

    this is a lab environment so all addresses are public without NAT. Referring to the deployment guide the Edge pool is only needed for federation, am I right? I've deployed it, but I think it isn't necessary at this point.

    SRV records point straight to the Director pool's public address.

    Monday, February 13, 2012 8:28 AM
  • Hi,there,

    Yes,Edge is for federation,what I mentioned above is the way for deploying Director with the method of deplying Edge in an on-premise deployment because Director Pool servers as the first point of contact for Lync Server clients, each Lync Server must have interfaces with public, IP addresses that do not use NAT.These are not same as deploy Director in an on-premise deployment of standard guide.

    Hope this make sense.

    Regards,

    Sharon


    Sharon Shen

    TechNet Community Support

    ***************************************************************************************************************************************************************************** Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial t

    Tuesday, February 21, 2012 10:17 AM
    Moderator